Insurer loves ISO 20000 and ISO 38500 certification
Financial services organisation LV= is using compliance with IT governance and IT service management standards to give it a commercial edge.
The friendly society formerly known as Liverpool Victoria achieved ISO 20000 and ISO 38500 certification in March and is now working towards ISO 27001 certification by the end of the year.
ISO 20000 is an international standard for IT service management, and sets out processes for the delivery of services to the business and its customers. ISO 38500 sets standards for the effective and efficient use of IT within an organisation, while ISO 27001 is an information security management standard.
Steve Lewis, head of IT governance and security at LV=, said that until three years ago all IT at LV= was outsourced - apart from two employees. But following a rethink of its IT strategy, a number of services have now been brought in-house and there is currently an IT team of 300 people at the company.
Speaking at the CA World conference in Las Vegas this week (the company uses a number of products from IT management software vendor CA Technologies), Lewis told silicon.com that among the reasons for pursuing certification was it was a way of demonstrating the quality of the IT and its processes.
"The reason is to show that we take regulatory compliance seriously by going for the standards that show we have gone for best practice. Internally - with our colleagues - it's a tangible demonstration that we are a maturing IT organisation. It's one thing to say we have adopted Itil, it's more powerful to say we have got the ISO 20000 standard."
Lewis also said the certification gave the organisation an advantage when competing for partnership deals: "For the general insurance and asset management [businesses of LV=], it makes their business-support model more credible."