Our experts are standing by to answer them.
Call: +27 (0)11 656 0020
ISO Management System
How well do you know your own organisation? The case for a Context Analysis.
Interruptions, disruptions crises and catastrophic failures usually occur because some policy, procedure or process failed. This is either because there was a flaw in the process or procedure, or it wasn’t followed by those executing it.
Changing it can be difficult. There is the old saying that “We’ve always done it like this and we know it works, so don’t mess with it”.
Things change, but we don’t usually change accordingly.
Organisations that don’t evolve to meet new circumstances will eventually become dysfunctional or extinct.
If you asked today “what parts of my organisation will I grow and which will I downgrade or discontinue?”, would you answer on a hunch or on real information?
A core ISO Management System principle demands ‘evidence-based decision making’. That means being able to trust the evidence you receive regarding the operating effectiveness and efficiency of your systems. It means knowing where the information came from and who interpreted it before informing you.
When implementing a management system based on an ISO standard, the first step is to analyse and document the context of the organisation as required in Clause 4 of most new ISO standards. This step alone generates a wealth of benefit to business. If executed properly it provides a clear picture and high level map of how the elements of the organisation inter-operate and very often reveals unnoticed and unattended dependencies between organisational units, silos, processes and interested parties.
The context here would of course include products, capability and competence of the organisation, services, suppliers, socio-political, geographical and interested parties.
Most importantly, the ISO continuous improvement principle means reviewing the context of the organisation repeated regularly to ensure that management systems remain relevant, efficient and effective.
Practical experience on client engagements has shown context analyses to provide clarity of vision and also reveal surprises about how the organisation really works.
Consider strategic planning and what information gets tabled at strategy sessions. It is usually a summary at a very high level such as sales, financials or the top 10 enterprise risks. Analysing the context gives vital input to a strategy session, and facilitates enlightened decisions that avoid unexpected and adverse impacts on operations.
Here is a simplistic example. A corporation’s Resilience and Continuity strategy is to maintain several locations that are mutually supporting so that the loss of any one does not interrupt operations. A strategic financial analysis of costs reveals a massive saving if real estate assets are sold off. This is adopted and now the recovery strategy is no longer functional, because failover sites have been sold off.
A context analysis if done effectively would have revealed the dilemma and prompted corrective actions before executing the strategy.
That could save a great deal of money and maybe even the company itself.
SOURCE: Brian Henry, Caridon Business Solutions
Read more on our ISO Standards:
ISO 20000 Foundation – IT Service Management
ISO 27002 Foundation – Information Security Controls
NEW ISO Standards:
ISO 27001 Foundation – Information Security Management
ISO 27001 Implementer – Information Security Management
ISO 27001 Auditor – Information Security Management