• +1 703 698-8282
  • sales@itgonline.com
ITG Consulting Services - CMMI Consulting Services
Contact

Service Management System (SMS) Overview

Establish and improve the SMS

The service provider shall define and include the scope of the SMS in the service management plan. The scope shall be defined by the name of the organizational unit providing the services, and the services to be delivered. The service provider shall also take into consideration other factors affecting the services to be delivered including:

  1. geographical location(s) from which the service provider delivers the services.
  2. the customer and their location(s).
  3. technology used to provide the services.
    1. Monitor, measure and analyze the business processes,
    2. Apply management controls,
    3. Document applicable measurable objectives,
    4. Manage document and records control, and
    5. Ensure the availability of resources and information necessary to support the operation, control and monitoring of the business processes.

Plan the SMS (Plan)

The service provider shall create, implement, and maintain a service management plan. Planning shall take into consideration the service management policy, service requirements and requirements in this part of ISO/IEC 20000. The service management plan shall contain or include a reference to at least the following:

  1. service management objectives that are to be achieved by the service provider.
  2. service requirements.
  3. known limitations which can impact the SMS.
  4. policies, standards, statutory and regulatory requirements, and contractual obligations.
  5. framework of authorities, responsibilities, and process roles.
  6. authorities and responsibilities for plans, service management processes and services.
  7. human, technical, information and financial resources necessary to achieve the service management objectives.
  8. approach to be taken for working with other parties involved in the design and transition of new or changed services process.
  9. approach to be taken for the interfaces between service management processes and their integration with the other components of the SMS.
  10. approach to be taken for the management of risks and the criteria for accepting risks.
  11. technology used to support the SMS.
  12. how the effectiveness of the SMS and the services will be measured, audited, reported, and improved.

Implement and operate the SMS (Do)

The service provider shall implement and operate the SMS for the design, transition, delivery, and improvement of services according to the service management plan, through activities including at least:

  1. allocation and management of funds and budgets;
  2. assignment of authorities, responsibilities, and process roles.
    1. Managerial roles and responsibilities are defined in the Organizational and corporate workflow charts referenced throughout this document. As well, the Company has instituted Departmental and job descriptions that articulate roles and responsibilities
  3. management of human, technical and information resources.
    1. The Company has implemented a Labor Resources department, responsible for recruiting and staff development.
    2. Continuity is accomplished by cross-training of staff and retention of team members is high. Certifications are either mandated or encouraged and are recorded in staff personnel records
  4. identification, assessment, and management of risks to the services.
  5. management of service management processes.
    1. Coordination of processes is defined in applicable Quality Work Instructions. Overall coordination of service process workflow is represented pictorially in the Corporate Workflow Flowchart
  6. monitoring and reporting on performance of service management activities
    1. Progress against the plans is reported in regularly scheduled management meetings

Monitor and review the SMS (Check)

The service provider shall use suitable methods for monitoring and measuring the SMS and the services. These methods shall include internal audits and management reviews.

The objectives of all internal audits and management reviews shall be documented. The internal audits and management reviews shall demonstrate the ability of the SMS and the services to achieve service management objectives and fulfill service requirements. Nonconformities shall be identified against the requirements in this part of ISO/IEC 20000, the SMS requirements identified by the service provider or the service requirements. The results of internal audits and management reviews, including nonconformities, concerns and actions identified, shall be recorded. The results and actions shall be communicated to interested parties.

Internal audit

The service provider shall conduct internal audits, at planned intervals, to determine whether the SMS and the services:

  1. fulfill the requirements in this part of ISO/IEC 20000.
  2. fulfill the service requirements and the SMS requirements identified by the service provider;
  3. are effectively implemented and maintained.

There shall be a documented procedure including the authorities and responsibilities for planning and conducting audits, reporting results, and maintaining audit records. The Audit Program Manager is responsible for preparing the audit program, schedule, initiating audits, assigning audit teams to particular areas and managing the overall audit program, and reporting audit results to Best Practices Management Review Board. Department Managers are responsible for informing their staff about scheduled audits and cooperating with the auditors to the best of their ability.  They are also responsible for determining and implementing effective corrective action after an audit takes place, if necessary. Internal Auditors are responsible for initiating contact with managers of areas to be audited, preparing for the audit by reviewing related documents and records, generating an appropriate checklist, conducting audits, reporting results, and following up with managers, as necessary.  Auditors engage in ad-hoc follow up audits to verify proper implementation of Requests for Change

An audit program shall be planned. This shall take into consideration the status and importance of the processes and areas to be audited, as well as the results of previous audits. The audit criteria, scope, frequency, and methods shall be documented.

Management review

Top management shall review the SMS and the services at planned intervals to ensure their continued suitability and effectiveness. This review shall include assessing opportunities for improvement and the need for changes to the SMS, including the policy and objectives for service management.

The Company utilizes a wide variety of staff resources, processes, and automated tools to establish compliance with contract requirements, internal procedures and achieve quality goals.

Following internal and external audits the Company conducts a meeting of the Executive Management Review Board where results are evaluated, and actions are established as required.  All audit and review materials are recorded, and all stakeholders are informed accordingly.

The input to management reviews shall include at least information on:

  1. customer feedback.
    1. The Quality Assurance department monitors process compliance and conducts customer satisfaction surveys. The Lead Technical Account Managers ensure compliance with contractual SLA. Business Development Managers enforce budget discipline. The Infrastructure Management Review Board establishes and plans SMS reviews
  2. service and process performance and conformity.
    1. Audit and SMS review programs are planned, taking into consideration the status and importance of the processes and areas to be audited, as well as the results of previous audits. The selection of auditors and conduct of audits is established by the Manager of Best Practices and ensures objectivity and impartiality of the audit process.
  3. current and forecast human, technical, information and financial resource levels.
    1. The company aims at maintaining a leadership position in competitive market space and ensuring efficiency of operation.  To accomplish this, it established the following long-term goals, which are reconfirmed with its annual Business Plan:
      1. Improve corporate profitability by creating organizational consistency of practices and an integrated adaptive portfolio of efficient services.
      2. Improve customer satisfaction and contract compliance.
    2. The company has identified six “smart objectives” in connection with its continual improvement plan most of which are statistically managed and analyzed.
      1. Increase Customer Satisfaction
      2. Improve Cost
      3. Improve Call and Cost
      4. Reduce Subcontractor Labor Cost
      5. Increase Service Level Agreement (SLA) Compliance; and
      6. Increase Profit Margins.
  4. current and forecast human and technical capabilities.
    1. The Company has defined “Risk” as any event that represents potential harm to the Company’s interests/goals. Risk Management Objectives are the goals that are accomplished when such events do not occur. The goals are:
      1. Corporate Stability and Safety
      2. Corporate Business Continuity
      3. Corporate Compliance with Relevant Legal Frameworks
      4. Financial Viability
      5. Financial Fidelity
      6. Contract Profitability
      7. Effective Contract Performance
      8. High Employee Retention
      9. High level of information security
      10. Confidence in Business Continuity Plan
        1. The Company has in-place processes to identify, evaluate, and mitigate risk. The totality of these processes constitutes the ITG comprehensive Risk Management Plan. For the purpose of the Company Business Quality Manual, the manifestation of risk represents a non-conformity.  Risk mitigation is defined as follows:
          1. As a preventive action when actions are taken to prevent the occurrence of a non-conformity/risk manifestation,
          2. As an anticipated/planned corrective action if non-conformity/risk manifestation occurs,
          3. As a corrective action taken to mitigate an unforeseen non-conformity/risk manifestation
        2. Risk is evaluated and identified in the following areas:
          1. Corporate
          2. Financial
          3. Contract
          4. Health
          5. Information Security
  5. results and follow-up actions from audits.
    1. Following internal and external audits the Company conducts a meeting of the Executive Management Review Board where results are evaluated, and actions are established as required.  All audit and review materials are recorded, and all stakeholders are informed accordingly.
  6. results and follow-up actions from previous management reviews.
    1. The results of the internal audits are documented and brought to the attention of the personnel having responsibility for the area being audited.  Management personnel responsible for the area take timely corrective action on the findings uncovered during the audit to eliminate nonconformities and their root causes. Follow up activities verify and record the effective implementation of corrective action, report the verification results, and close out the finding.  Subsequent audits verify the continued effectiveness of the corrective action(s) taken.
  7. status of preventive and corrective actions.
    1. All suggested improvements are recorded and stored in ERP using the following modules:
      1. Change Management Module
      2. SW Requirements module
      3. Meeting Management module (Action items)

Corrective Action

ITG takes corrective action to eliminate the cause of nonconformity to prevent recurrence.  Corrective actions are appropriate to the impact of problems encountered. Corrective Action defines requirements for:

  • Identifying nonconformities, including customer complaints,
  • Determining the causes of nonconformity,
  • Evaluating the need for actions to ensure that nonconformities do not recur,
  • Determining and implementing corrective actions needed,
  • Recording results of action taken, and
  • Reviewing and evaluating action taken to assess its effectiveness.

Preventive Action

ITG identifies preventive action to eliminate the causes of potential nonconformities to preclude occurrence.  Appropriate sources of information such as processes and work operations which affect product quality, concessions, audit results, records, service reports and customer complaints are analyzed to detect preventive action possibilities.  Preventive actions taken are appropriate to the impact of the potential problems.

Preventive Action, defines actions for:

  • Identifying the standards for prevention of potential nonconformities and their causes,
  • Evaluating the need for actions to prevent occurrence of nonconformities,
  • Determining and implementing action needed,
  • Recording results of action taken, and
  • Reviewing and evaluating action taken to assess its effectiveness.

As well, suggested service improvements are assessed, authorized, and prioritized by the pertinent Management Review Boards.

 

How can we help you?
Contact

Contact us for a Pre-Discovery Session

+1 703 698-8282

Mail Us

sales@itgonline.com

About ITG

Number

+1 703 698-8282

Follow us
Linkedin X-twitter Facebook
Solutions

office

3180 Fairview Park Drive
Suite 175
Falls Church, VA 22042

email

sales@itgonline.com

Services
Group Sites
News & Feeds
April 2, 2025
Strengthening Development Foundations Using CMMI Process Development
C-SCRM Best Practices
March 26, 2025
C-SCRM Best Practices
ITG Best Practices Standards
March 26, 2025
Best Practices Standards: Quality Policy, Standards & Vocabulary

©Copyright 2024. All Rights Reserved | Sitemap.

  • Privacy Policy
  • Terms of use