Prévia do material em texto
© IT Process Maps GbR, 2013
Introduction
ISO 20000 and the
ITIL® - ISO 20000 Bridge
© IT Process Maps GbR, 2013
© IT Process Maps GbR, 2013
Content
What is ISO 20000? ........................................................................................ 1
Introduction to ISO 20000 ............................................................................................................... 1
The new Edition ISO/IEC 20000:2011 ............................................................................................. 2
Benefits of an ISO 20000 Certificate ............................................................................................... 3
ISO 20000 and ITIL® ......................................................................................................................... 4
How to go about ISO 20000 Certification ........................................................ 7
What exactly do we have to achieve to become ISO 20000 compliant? ........................................ 7
How does an Auditor verify that our IT Organization is ISO 20000 compliant? ............................. 8
What are the typical Steps leading to Certification? ...................................................................... 8
What are the typical Pitfalls? ........................................................................................................ 10
Should we seek external Support? ................................................................................................ 10
How much does it cost? ................................................................................................................ 10
How the ITIL® - ISO 20000 Bridge supports Certification Initiatives ............... 12
Contents of the ITIL® - ISO 20000 Bridge ...................................................................................... 12
Tasks within an ISO 20000 Initiative supported by the ITIL® - ISO 20000 Bridge ......................... 12
Legend: Diagram Components of the ITIL® - ISO 20000 Bridge ....................... 15
© IT Process Maps GbR, 2013 - 1 -
What is ISO 20000?
Introduction to ISO 20000
ITIL®1 provides guidance on what should be done in order to offer
users adequate IT Services to support their business processes. ITIL®
qualifications are available for individuals but until recently there was
no way for an IT organization to prove that it is working along the
ITIL® recommendations.
The ISO/IEC 20000:2011 standard (abbreviated to ISO 20000 in this
document) was conceived to fill this gap. Initiated by the two
organizations itSMF and BSI (British Standards Institution), it is
modeled upon the principles of ITIL® and allows IT organizations to
have their IT Service Management certified.
Organizations seeking to become certified against ISO 20000 must
fulfill certain requirements, as outlined in ISO/IEC 20000:2011, Part 1:
Service Management System Requirements – these are the
mandatory requirements which must be fulfilled by organizations in
order to be compliant with the standard.
ISO 20000 promotes the “adoption of an integrated process
approach to effectively deliver managed services to meet the
business and customer requirements”.
Although there is no formal relationship between ISO 20000 and
ITIL®, ISO 20000 clearly draws on ITIL® principles. The first version of
the standard (ISO/IEC 20000:2005), published in 2005, was designed
to be aligned with ITIL® version 2 (the then current version of ITIL®).
ITIL® v3, in turn, was published in 2007; part of the motivation behind
creating ITIL® v3 was to achieve even better alignment with ISO
20000.
Accordingly, although this is not explicitly stated in the standard,
preparing an IT organization for ISO 20000 certification typically
involves introducing ITIL® principles.
Furthermore, ISO 20000 has some of its roots in the ISO
management standard ISO 9001:2000, a generic standard for quality
1
ITIL® is a Registered Trade Mark of the Cabinet Office in the United
Kingdom and other countries
© IT Process Maps GbR, 2013 - 2 -
management systems. So organizations which are already certified
against ISO 9001 will find it easier to achieve certification against ISO
20000.
Additional parts of the standard provide guidelines which are not
strictly mandatory:
— ISO/IEC 20000:2012, Part 2: Guidance on the application of service
management systems (SMS) contains examples and suggestions
for the design of IT Service Management processes.
— ISO/IEC TR 20000:2005, Part 3: Guidance on scope definition and
applicability of ISO/IEC 20000-1 provides guidance on scope
definition, applicability and demonstration of conformity.
— ISO/IEC TR 20000:2010, Part 4: Process reference model.
— ISO/IEC TR 20000:2010, Part 5: Exemplar implementation plan for
ISO/IEC 20000-1.
The new Edition ISO/IEC 20000:2011
A new version of ISO/IEC 20000 Part 1: Service Management
System Requirements (abbreviated to ISO/IEC 20000-1:2011) was
published in April 2011.
The authors of the new version describe the main differences to
the earlier edition (ISO/IEC 20000-1:2005) as follows:
— Closer alignment to both ISO 9001 and ISO/IEC 27001
— Clarification of existing definitions and addition of new definitions
— Introduction of the term "Service Management System" (SMS)
and aligning the standard with the concept of a SMS
— Clarification of the requirements for the governance of processes
operated by other parties
— Addition of requirements for the design and transition of new or
changed services
The new version contains considerably more text than the
previous one, but it does not provide detailed indications of what
was added or changed. Overall, our impression is that many
clarifications have found their way into the new edition, and that it
has not necessarily become more difficult to achieve ISO 20000
certification.
© IT Process Maps GbR, 2013 - 3 -
Transition arrangements for ISO/IEC 20000-1:2005 to 2011
Under certain circumstances, the 2005 version of the ISO 20000
standard can still be used for a transitional period, so that
organizations and trained individuals can adapt to the new edition.
The APM Group, which owns and operates the ISO/IEC 20000
certification and qualification scheme formerly owned by itSMF UK2,
states that
— If your organization has been certified to ISO 20000 before 1st
June 2011, audits and re-certifications will be permitted using
ISO/IEC 20000-1:2005 until 31st May 2013, while ISO/IEC 20000-
1:2011 will be mandatory from 1st June 2013.
— If your organization submits a new application to become certified
to ISO 20000 after 1st June 2011, ISO/IEC 20000-1:2011 will be
applicable.
Benefits of an ISO 20000 Certificate
An ISO 20000 certificate is proof that your IT organization has
demonstrated its ability to
— Be aware of customer needs and respond to these needs
— Deliver services which meet defined quality levels
— Make use of resources in an economical way.
As such, the certificate and the corresponding logo are increasingly
a competitive advantage in the market. Some clients even demand
ISO 20000 compliance as a condition for awarding contracts to IT
service providers.
Of course, working along ISO 20000 (and ITIL®) principles also
offers internal benefits for the IT organization, because the standard
is all about supporting the business side with adequate IT services,
while providing those services as efficiently as possible.
The decision to go for an ISO 20000 certificate sets a specific target
for your IT organization and helps to concentrate minds. It is, in other
2
The scheme operated by APMG is one of several available schemes,
typically handled by local standardizationbodies. Not all schemes are
recognized by all national accreditation bodies.
© IT Process Maps GbR, 2013 - 4 -
words, a good way to kick-start the adoption of IT Best Practice and
to make sure motivation stays high.
ISO 20000 and ITIL®
ISO 20000 does not offer specific advice on how to design your
processes. It is rather a set of requirements which must be met in
order to qualify for certification.
This is where ITIL® is important: ITIL® (especially the new version 3)
is strongly aligned with ISO 20000 and it offers a rather detailed
collection of best practices – which are a good basis for designing ISO
20000 compliant processes.
Introducing ITIL® is therefore the best way to prepare an organiza-
tion for ISO 20000 certification.
The table on the following page summarizes in broad terms how
the main ISO 20000 processes correspond to ITIL® processes (the
“ITIL® - ISO 20000 Bridge” presents those relationships in much
greater detail, for every single ISO 20000 requirement).
ISO/IEC 20000:2011 Sections and related ITIL® Processes
ISO 20000 Sections Related ITIL® Processes
4 Service management system general
requirements3
4.1 Management responsibility Strategy Management for IT Services and
various processes from Continual Service
Improvement
4.2 Governance of processes operated by
other parties
Supplier Management and Service Level
Management
4.3 Documentation management Various Service Strategy, Service Design and
Service Transition processes
3
Note: ITIL focuses on the life cycle of services, but offers less guidance
on establishing and operating the SMS itself. As a consequence, it is at times
not straightforward to map the ITIL guidance and (especially) sections 4 and
5 of ISO 20000, but various ITIL processes together can typically be used to
fulfill the requirements.
© IT Process Maps GbR, 2013 - 5 -
ISO/IEC 20000:2011 Sections and related ITIL® Processes
ISO 20000 Sections Related ITIL® Processes
4.4 Resource management Strategy Management for IT Services and
various processes from Service Design, Service
Operation and Continual Service Improvement
4.5 Establish and improve the SMS Various processes from Service Strategy, Service
Design and Continual Service Improvement
5 Design and transition of new or
changed services4
5.1 General Design Coordination and various Service
Transition processes
5.2 Plan new or changed services Various Service Strategy, Service Design and
Service Transition processes
5.3 Design and development of new or
changed services
Various Service Design and Service Transition
processes
5.4 Transition of new or changed Services Various Service Transition processes
6 Service delivery processes
6.1 Service level management Service Level Management
6.2 Service reporting Service Level Management
6.3 Service continuity and availability
management
IT Service Continuity Management, Availability
Management
6.4 Budgeting and accounting for services Financial Management for IT Services
6.5 Capacity management Capacity Management, Demand Management
6.6 Information security management Information Security Management
7 Relationship processes
7.1 Business relationship management Business Relationship Management
7.2 Supplier management Supplier Management
4
Note: ITIL focuses on the life cycle of services, but offers less guidance
on establishing and operating the SMS itself. As a consequence, it is at times
not straightforward to map the ITIL guidance and (especially) section 4 of
ISO 20000, but various ITIL processes together can typically be used to fulfill
the requirements.
© IT Process Maps GbR, 2013 - 6 -
ISO/IEC 20000:2011 Sections and related ITIL® Processes
ISO 20000 Sections Related ITIL® Processes
8 Resolution processes
8.1 Incident and service request
management
Incident Management, Service Request
Fulfilment
8.2 Problem management Problem Management
9 Control processes
9.1 Configuration management Service Asset and Configuration Management
9.2 Change management Change Management
9.3 Release and deployment management Release and Deployment Management
© IT Process Maps GbR, 2013 - 7 -
How to go about ISO 20000
Certification
What exactly do we have to achieve to
become ISO 20000 compliant?
The most important thing at the start of a big project – such as an
ISO 20000 initiative - is to know what exactly must be achieved
("where do we want to be?")
Unfortunately, the standard itself only sets out a number of
requirements which must be fulfilled. ISO 20000 tells you to design
and implement a set of processes which meet certain requirements,
but it does not describe how this should be done. So there is no short
answer to the question "what exactly must be achieved?".
As a result, there is often a problem at the start of an ISO 20000
initiative: It is not clear what the working habits of your IT organiza-
tion should be like in order to be ISO 20000 compliant, making it hard
to determine what you should aim for and how much change is
needed.
However, since ITIL® and ISO 20000 are aligned, it is possible to
turn to ITIL® for advice.
ITIL® knowledge is available in the form of books, but the ITIL®
Process Map together with the ITIL® - ISO 20000 Bridge provides you
with a better alternative: Our ITIL® process model contains a com-
plete set of ISO 20000 compliant process diagrams and checklists.
Starting from a list of the standard’s requirements, you can jump
right into process diagrams and document templates to see specific
suggestions on how those requirements can be fulfilled - the ideal
way to quickly understand what exactly it means for your IT
organization to become ISO 20000 compliant.
We do not mean to say, however, that you must implement all
processes contained in the ITIL® Process Map to the letter. Our
processes should be seen as one possible approach to implementing
ISO 20000, and it is acceptable to use the original processes as a
starting point and adapt them to your own organization's needs - as
long as you stay in line with the ISO 20000 requirements.
© IT Process Maps GbR, 2013 - 8 -
How does an Auditor verify that our IT
Organization is ISO 20000 compliant?
The aim of the certification audit is to check if your organization
fulfils the ISO 20000 requirements. This is done primarily by
― Examining the process documentation
– Are all the processes documented?
– Are the processes linked by consistent information flows?
– Do the processes fulfill the ISO 20000 requirements?
― Conducting interviews with IT staff
– Do members of IT staff know and adhere to the documented
processes?
― Looking at evidence in the form of documents and records (if
the processes are executed correctly, there are traces in the
form of documents and records; e.g. the Incident Management
process is producing Incident Records if executed correctly)
– Do the expected documents and records exist?
– Are they adequate to achieve their purposes?
What are the typical Steps leading to
Certification?
Create awareness
Communicate the goals and benefits of the ISO 20000 certification
and the approach for achieving ISO 20000 compliance; this step
should include giving everyone in your IT organization at least a basic
understanding of ITIL®.
Determine the certification scope
Decide what parts of the organization, what services and/ or what
locations shall be covered by the certificate.
Conduct an initial assessment
Determine gaps between today’s situation and the standard's
requirements; this can be done by an external advisor, but there is
© IT Process Maps GbR, 2013 - 9 -
also an IT Service Management Self Assessment Workbook published
by BSI.
The resultof this step is a detailed list of the ISO 20000 require-
ments where compliant and non-compliant areas are identified. For
non-compliant areas the list includes the findings on what exactly the
shortcomings are and how they can be addressed.
Set up the project
Establish a project board; choose a project manager and project
staff.
Determine the necessary resources, prepare a project plan and
assign tasks.
Choose an auditor and experienced external advisor.
Prepare for the certification audit
Close the gaps identified during the initial assessment – usually the
most time-consuming part of an ISO 20000 initiative, because
(depending on the level of compliance found during the initial assess-
ment) a considerable number of processes may need to be modified
or introduced.
During preparation for the audit, an inventory of requirements,
documents and records helps to keep track of what requirements are
already fulfilled and what related evidence (documents and records)
is in place.
To help you with this task, the ITIL® - ISO 20000 Bridge contains a
pre-configured inventory which you can use to monitor your progress
towards ISO 20000 compliance.
Conduct the certification audit
Perform the actual certification audit (to be carried out by an
external auditor).
Retain certification
After the initial certification, a renewal of the certificate is due
every three years, with intermittent assessments every 6 to 12
months.
Make sure that you continue to adhere to the standard and put a
strong emphasis on continual service and process improvement.
© IT Process Maps GbR, 2013 - 10 -
What are the typical Pitfalls?
Too little management support
Management should understand and communicate why the
service provider is seeking certification, and visibly endorse the
initiative.
Too little support for the initiative among IT staff
The advantages of Best Practice should be made clear to everyone
in your IT organization, and it should be explained to IT staff where
their places will be after the reorganization.
Insufficient resources
Management commitment must be backed up by the provision of
sufficient resources for the certification program. This includes
making sure that staff assigned to the project are freed from some of
their day-to-day tasks.
Should we seek external Support?
External support will be necessary at least for the certification
audit, as the audit can only be performed by a Registered Certifi-
cation Body.
In most cases it is also advisable to seek the help of an experienced
consultant, who will know what typically attracts the attention of
auditors. So while we would not recommend attempting an ISO
200000 certification without external expertise, the point here is to
keep consulting expenditures as low as possible.
The ITIL® Process Map was designed with this in mind, as it enables
you to acquire a large amount of ITIL® and ISO 20000 knowledge
before deciding where external help is needed.
How much does it cost?
Unfortunately, this question is hard to answer.
The formal ISO 20000 audit itself is usually a very small proportion
of the total cost that your organization will incur. In most cases,
© IT Process Maps GbR, 2013 - 11 -
closing the gaps to become ISO 20000 compliant is by far the biggest
part of a certification project.
As a result, the total cost heavily depends on
— The number of ITIL® processes that are already implemented
— Existing certificates, like e.g. ISO 9000
— The size of your IT organization
— The complexity of your services
— The scope of the service management system to be certified.
Once the certificate is awarded it will be valid for an initial period
of three years. This means that regular re-certification audits and
intermittent assessments are required, so there are also ongoing
costs to be considered.
© IT Process Maps GbR, 2013 - 12 -
How the ITIL® - ISO 20000 Bridge
supports Certification Initiatives
Contents of the ITIL® - ISO 20000 Bridge
The ITIL® - ISO 20000 Bridge is designed to be used in combination
with the ITIL® Process Map. For every requirement you will find
specific suggestions on how those requirements can be fulfilled - the
ideal way to quickly understand what exactly it means for your IT
organization to become ISO 20000 compliant.
A set of diagrams relates the standard’s 147 single requirements
(Part 1: Service Management System Requirements - these are the
mandatory requirements) to the ITIL® processes and documents/
records. You are thus able to start from the ISO 20000 requirements,
and to open compliant process models and checklists with a mouse-
click.
In addition, the ITIL® - ISO 20000 Bridge contains the original ISO
20000 document (Part 1: Service Management System Require-
ments).
Tasks within an ISO 20000 Initiative supported
by the ITIL® - ISO 20000 Bridge
Because of its unique combination of ISO 20000 requirements,
process models and document templates, the ITIL® - ISO 20000
Bridge supports the following tasks during a typical ISO 20000
initiative:
Understand what exactly it means to be ISO 20000 compliant
Our ISO 20000 compliant process model presents processes and
their interactions in an easily understood, graphical way, and it allows
you to drill down to a significant level of detail. This makes it possible
for you to quickly understand what you have to achieve in order to
become ISO 20000 compliant, and to make those requirements
visible to everyone in your organization.
© IT Process Maps GbR, 2013 - 13 -
Design ISO 20000 compliant processes for your organization
The ITIL® Process Map, together with the "ITIL® - ISO 20000
Bridge" add-on, provides you with a detailed list of all the ISO 20000
requirements and how they are fulfilled by the various ITIL®
processes.
Next to the 147 requirements are links to process diagrams, so for
every single requirement you can instantly see a specific suggestion
for a compliant process. You can start with our suggestions and
modify the process diagrams until they match the needs of your orga-
nization.
Design ISO 20000 compliant documents and records
The set more than 100 checklists (document templates) included
in the ITIL® Process Map are the perfect starting point for designing
ISO 20000 compliant documents and records. Your auditor will look
at those documents to verify if the processes are adhered to (e.g. he
will look at your Service Level Agreements to check if the Service
Management process is actually alive).
Create high-quality process documentation
Typically your auditor will start by assessing your process docu-
mentation, which is not only required to document your processes in
full, but also to be coherent and to show information flows between
the processes. Our process templates were designed with this in
mind, and if you stick to our way of visualizing the processes you are
sure to create high-quality process documentation that is able to
stand up to your auditor’s scrutiny.
At the same time you will save a lot of time and effort during
process documentation, as modifying existing process templates is a
lot faster than starting with a blank page.
Make sure all IT staff have a basic understanding of the
processes
Your auditor will check if IT staff are familiar with the documented
processes. Once again, the graphical representation of the processes
helps to make sure that IT staff do not only know their immediate
responsibilities, but also understand how their activities fit into the
bigger Service Management picture.
© IT Process Maps GbR, 2013 - 14 -
Keep track of progress during the certification program
The detailed list of requirements can also be used as a project
dash-board - a tick-list where all complaint and non-compliant
requirements are marked. You are ready for the certification auditwhen no non-compliant requirements are left.
© IT Process Maps GbR, 2013 - 15 -
Legend: Diagram Components of
the ITIL® - ISO 20000 Bridge
Mandatory ISO/IEC 20000:2011
Requirements
Processes which fulfill
the Requirements
Related Evidence
(Documents and Records)
Comments on the State
of Compliance
The success or failure of releases shall be monitored and analysed.
Measurements shall include incidents related to a release in the period
following deployment of a release. Analysis shall include assessment of the
impact of the release on the customer. The results and conclusions drawn from
the analysis shall be recorded and reviewed to identify opportunities for
improvement.
+
Change Management
Information about the success or failure of releases and future release dates
shall be provided to the change management process, and incident and service
request management process.
The circles next to the require-
ments can be used for color-coding:
Green circles might, for example,
indicate the requirements which
are already fulfilled.
You are ready for the certification
audit once all circles are green.
The "Requirements" column
contains all 147 ISO 20000:2011
requirements as an exact copy of
the original standard (Part 1:
Service Management System
Requirements).
The "Processes" column states for
each requirement which
process(es) from the ITIL® Process
Map - when implemented - fulfill
the ISO 20000 requirement.
A mouse-click takes you right into
the process diagrams of the ITIL®
Process Map where you can see
what an ISO-20000-compatible
process should be like:
The "Documents and Records"
column states which information
items (typically, documents or
records) can be used to demon-
strate compliance with a require-
ment. Your certifier will look for
those documents and records as
evidence that a certain process is
actually in use.
The shapes are linked with
checklists – documents which
explain in more detail what your
documents and records should be
like.
The checklists of the ITIL® Process
Map can be opened with a mouse-
click:
The "Comments" column contains
notes on how the ITIL® processes
and information objects relate to a
requirement. You can also use it to
insert your own comments – for
example further explanations on
how a specific requirement is
fulfilled.
Resource
Resource
Process Owner Superior Processes
Process Details: Change Assessment by the CAB
+
Change Assessment by
the CAB
Process Objective:
To authorize or reject a proposed
Change as well as to ensure a
preliminary scheduling and
incorporation into the Change
Schedule.
+
RFC Classification
+
Change Scheduling
»
Change Record
+
Change Management
Support
+
Service Design »
Service Catalogue
+
Service Asset and
Configuration
Management
»
Request for Change
(RFC)
»
CMS/ CMDB
Regular CAB
meeting due.
Determine
required CAB
members
Schedule CAB
meeting
»
Change
Authorization
Hierarchy
»
Change Schedule
»
Service Design
Package (SDP)
Depending on Changes
to be assessed by the
CAB.
Circulate agenda
and documents
for preparation
Assess risks
associated with
the proposed
Change
Assess urgency of
the proposed
Change
Assess
consequences if
Change is not
implemented
State reasons and
document
rejection
RFC must be
rejected
Notify RFC
initiator of
rejection
RFC
rejected.
Create Change
Record from RFC
Document
Change
authorization
RFC may be
authorized
RFC
authorized.
Provide CAB members in
advance with information,
e.g. RFCs and any
supporting documents.
Assess risks related to
· Business processes on
the client side
· Services
· Important parts of the
infrastructure
If required, consult with
technical experts.
Consider level of
damage if the
implementation
is delayed.
Assess the
proposed
schedule for
implementation
Check if there are any
reasons to object to
the proposed
implementation date.
Determine any
required
modifications to
the proposed
Change
Determine if RFC
must be escalated
to the next higher
level of authority
Decide if
proposed Change
may be
authorized
If required, consult
also with the RFC
initiator.
Escalation of RFC
not required
Back to Front Page
Change Manager
Change Manager
Change Advisory
Board (CAB)
+
Change Management
+
Service Transition
+
IT Service Management
Get approval from
higher level of
authority
RFC must be escalated to
higher level of authority
(e.g. IT Management)
If the assessment leads to
the conclusion that a
higher level of authority is
required to authorize the
proposed Change (e.g. RFC
must be authorized by IT
Management or the
Business Executive Board).
»
Enterprise
Architecture (EA)
RFC to be
assessed by the
CAB.
+
»
RFC Assessment
Guideline
»
CAB Agenda
Template
»
Risk Management
Policy
+
Release and
Deployment
Management
»
Change Evaluation
Report
»
Release Record
»
Incident Record
»
Incident
Management Report
(Comments)
+
Change Management
+
Release and
Deployment
Management
»
Release Record
»
Change Schedule
+
Release and
Deployment
Management »
Release Record
Release Management passes Release
Records back to Change
Management, containing the details
of successfully deployed or failed
Releases. Incident Management and
Service Request Fulfilment obtain
information about ongoing or
planned Releases indirectly, via the
Change Schedule maintained by the
Change Management process.
© IT Process Maps GbR, 2013 - 16 -
IT Process Maps GbR
Dipl.-Ing. Stefan Kempter & Dr. Andrea Kempter
Am Hörnle 7
87459 Pfronten
Germany
Tel. + 49-8363-927396
Fax + 49-8363-927703
info@it-processmaps.com
www.IT-ProcessMaps.com
Member of itSMF
© IT Process Maps GbR, 2013
ITIL® is a Registered Trade Mark of the Cabinet Office in the United Kingdom and other countries.
All processes and methods in our products were compiled with the greatest of diligence. Despite
this fact, errors may not be ruled-out. IT Process Maps GbR therefore makes no guarantee nor
accepts any type of liability for consequences, which may be associated with incorrect statements.
Each user must decide in his own particular case, whether the illustrated procedures are
respectively applicable to his own person or his business.
Introduction
ISO 20000 and the ITIL® - ISO 20000 Bridge
What is ISO 20000?
Introduction to ISO 20000
The new Edition ISO/IEC 20000:2011
Benefits of an ISO 20000 Certificate
ISO 20000 and ITIL®
How to go about ISO 20000 Certification
What exactly do we have to achieve to become ISO 20000 compliant?
How does an Auditor verify that our IT Organization is ISO 20000 compliant?
What are the typical Steps leading to Certification?
What are the typical Pitfalls?
Should we seek external Support?
How much does it cost?
How the ITIL® - ISO 20000 Bridge supports Certification Initiatives
Contents of the ITIL® - ISO 20000 Bridge
Tasks within an ISO 20000 Initiative supported by the ITIL® - ISO 20000 Bridge
Legend: Diagram Components of the ITIL® - ISO 20000 BridgeMais conteúdos dessa disciplina
Comparativo Gemini, OpenAI e Hugging Face- image-9205598797979363052
- FAQ CONSUMIDOR.GOV PARA EMPRESAS BETS
- 02729
- LGPD: Proteção de Dados
- Slides de Aula II Estudos Disciplinares XIII unidade II
- Segurança da Informação no RH
- Planejamento Estratégico de TI
- Qual é uma das práticas essenciais para alcançar uma visualização de dados eficaz em Business Intelligence (BI)? Questão 15Escolha uma opção: a. Inclu
- Questão 10/10 - Segurança da Informação (E) Ler em voz alta A norma ABNT NBR ISO/IEC 27002:2013 define informação como sendo um ativo – isto é, bem, p
- As câmeras corporais também contribuem para: a. Reduzir a responsabilização dos gestores. b. Tornar opacas as ações institucionais. c. Ocultar provas
- Os riscos inerentes às transferências internacionais de dados pessoais são mínimos, pois as legislações nacionais, como a LGPD, garantem fiscalizaç...
- Segundo a LGPD, uma transferência internacional de dados pode ocorrer mediante o consentimento do titular, desde que respeitadas outras bases legai...
- A manufatura aditiva vem ganhando destaque na indústria por permitir a produção de peças com geometrias complexas e personalizadas. Qual das alternati
- O que é essencial para o sucesso da Gestão de Recursos Humanos no meio rural? Questão 20Escolha uma opção: a. Aumento da carga horária de trabalh...
- A medida de segurança representa: a) Objetivo de alto nível declarando o que se espera alcançar com a aplicação da medida. d) Ações de segurança que p
- Como o conceito de “Infraestrutura como Código” (IaC) se relaciona com o DevOps e quais são os benefícios de implementar a IaC em ambientes de nuve...
- Como o conceito de “Infraestrutura como Código” (IaC) se relaciona com o DevOps e quais são os benefícios de implementar a IaC em ambientes de nuvem?
- o gerenciamento dos riscos possui uma normatização dada por meio da organização internacional organization for Standardization,mais conhecida como...
- No contexto da proteção de dados de crianças e adolescentes, a LGPD estabelece que o tratamento de dados deve: Opções da pergunta 2: a) Não se apl
- Qual é um potencial benefício de usar uma ferramenta de gerenciamento de serviço de TI para suportar a prática de “gerenciamento de incidente”? Respos
- Gestão de Ameaças e Proteção de Redes Corporativas
- Gestão de Riscos e Conformidade em Cybersegurança
