Transforming,
Empowering,
Sustaining.

Why?

TES understands the importance of protecting customer data and ensuring the lowest possible risk of a data breach for our clients, many of whom in the charity/not-for-profit sector include special category data.

The delivery of project and managed services to clients requires a partner’s team members to have access to client data.

TES made the strategic decision that in addition to maintaining the ISO 27001 accreditation, we would further strengthen our approach to the handling of information and data with the Cyber Essentials Plus certification.

The Cyber Essentials scheme is a UK government-backed framework supported by the NCSC (National Cyber Security Centre). It sets out five basic security controls that can protect organisations against 80% of common cyber-attacks.

How?

The Cyber Essentials Plus scheme is designed to help organisations of any size demonstrate their commitment to cyber security, while keeping the approach simple. The certification process is managed by the IASME Consortium (IASME), which licenses certification bodies to carry out Cyber Essentials and Cyber Essentials Plus certifications.

Cyber Essentials Plus helps prevent around 80% of cyber-attacks.

By correctly implementing the five basic security controls, the Cyber Essentials scheme helps TES reduce the impact of such threats as:

• Phishing attacks
• Malware
• Ransomware
• Password-guessing attacks
• Network attacks

One of the four TES strategic board objectives is to deliver a world class service which aligns with the TES shareholders’ common values, including always delivering on our customer commitments.

In many areas of the IT sector, providers adopt custom/individual approaches to service delivery and quality, which don’t always represent best practice.

At TES, we wanted to ensure that we were adopting best practices that were externally audited for quality management. We made the strategic decision to adopt the Gold Standard for Quality Management Systems ISO 9001.

ISO 9001 is the internationally recognised Quality Management System (QMS) standard that can benefit any size of organization. Designed to be a powerful business improvement tool, ISO 9001 Quality Management certification helps TES to continually improve, streamline operations, and reduce costs.

The ISO 9001 standard is structured as follows:

Clauses 0 to 3:

Introduction, Scope, References, Terms and Definitions

Clause 0 mentions the benefits of implementing a QMS and the quality management principles, and presents the process approach, the Plan-Do-Check-Act cycle, and risk-based thinking. People often overlook this clause, but they shouldn’t, as it frames much of the information that comes next, especially about how the various clauses relate to each other.

Clauses 1 through 3 include no requirements, but instead deal with the scope of the standard, references to better understand the standard, and terms and definitions.

Clause 4: 

Context of the organisation

An organisation is not a closed system, isolated from the outside; it is inserted in a particular context and cannot be independent of what customers are looking for, or what regulators define.

So, this section deals with the internal and external issues that can influence an organisation in setting and meeting its objectives, as well as the interested parties that interact with the QMS. It also includes the requirements about the scope of the QMS and the process mapping and characterisation.

Clause 5:

Leadership and commitment

The section on leadership outlines the requirements concerning top management, which are: promoting a customer focus all over the organisation, developing and standing by a Quality Policy that sets direction and alignment, and determining responsibilities and authorities all over the QMS, to make clear who has the power to make decisions, and what is expected from every function working in the system.

Clause 6:

Planning for the QMS

This section presents the requirements for determining and working with risks and opportunities, as well as those for setting quality objectives, aligned with the Quality Policy, and plans to meet them.

Clause 7:

Support & resource management

Clause 7 is a very diverse section that includes requirements for management to provide resources, i.e., human resources, infrastructure (including equipment, hardware and software, and building facilities), work environment (including temperature control, humidity control, dust control, and sterilisation control), the control of any equipment used to monitor or measure the product or service, and the organisational knowledge required to operate the QMS. The importance of competence, awareness, and communication for human resources is emphasised.

Clause 8:

Operational planning and control

This section is the only part of the standard where a company can choose to exclude sections of the requirements (such as excluding the design requirements if your company does not do design work).

The requirements deal with planning for product (or service) and include determining and reviewing the product requirements, design and development, and purchasing, followed by manufacturing of a product or provision of a service and its supply. The final requirements deal with quality control and product or service non-conformities.

Clause 9:

Performance evaluation

The performance evaluation section outlines requirements for assessing customer satisfaction, internal audit, monitoring, analysis, and evaluation of process performance. Also included are the requirements of the management review, including the mandatory inputs and outputs for the review.

Clause 10:

Improvement actions

The last section deals with improving your QMS through corrective actions and continual improvement.

What?

TES has successfully adopted and maintained ISO 9001, which requires regular external audits to ensure we are continuing to adopt best practices in our approach to quality management across the organisation.

Why?

TES wants to demonstrate its broad technical capabilities, while having the level of skills, capabilities, and experience to deliver for its customers. As a Business Applications Solutions Partner, Microsoft recognises that we can help you get the most out of your Dynamics solution, as we have the know-how and the experience.

How?

Our staff has achieved goals spanning across intermediate and advanced certifications, including consultancy, development, and solution architecture certifications.

These will be renewed on a regular basis to ensure that we are consistently meeting the high levels of service expected of our team.