Management System Services

FPG is here to assist your organization with management system services.

FPG is well versed in many states of organizational maturity, whether your organization is well seasoned in ISO certifications, has had limited exposure or is just entering into the ISO world – FPG is the management systems expert and partner you can trust and depend on.

FPG is committed to value-add collaboration with organizations to proactively drive organizational performance, compliance, conformity, and operational maturity. This value-add collaboration is accomplished through comprehensive, structured IS/IT/ISO Management Systems and Governance advisory, appraisal, assessment, audit, and certification services.

We are a Veteran owned small business that has been providing IS/IT/ISO Advisory, Audit, and Assessment services to organizations competing in the Government Services sector since 2010. Each FPG Audit Associate maintains certification as an external Lead Auditor for ISO Management Systems through BSI Americas.

FPG offers and provides a wide array of Management System Advisory Services custom configured to meet your organization’s circumstances, needs, requirements, and expectations. FPGs core competencies are:

ISO 9001

ISO 20000-1

ISO 27001

ISO 31000

ISO 14001 (limited to IT Service organizations)

Quality Management System (QMS)

IT Service Management System (ITSMS)

Information Security Management System (ISMS)

Risk Management System (RMS)

Environmental Management Systems (EMS)

FPG Management System Service	ISO 9001 QMS	ISO 20000-1 ITSMS	ISO 27001 ISMS	ISO 31000 RMS	ISO 14001 EMS IT Service organizations only
Advisory & Planning	Y	Y	Y	Y	Y
Assessment - Gap Analysis	Y	Y	Y	Y	Y
Outsourced Internal Audit	Y	Y	Y	NA	NO
Outsourced 2nd Party Supplier/Partner Audit	Y	Y	Y	NA	NO
External 3rd Party Audit	Y	Y	Y	NA	Y
External 3rd Party Certification	Y	Y	Y	NA	Y
Implementation	Y	Y	Y	Y	NO

Need a partner who can help your organization with ISO Management Systems services?

Advisory or planning

Appraisals or assessments

Implementation

Integration of QMS, ITSMS, and ISMS

Outsourced internal auditing

Outsourced 2nd Party vendor, supplier, provider, or partner auditing

External 3rd Party auditing and certification

Understanding the Management System Certification Lifecycle

Certification of a Management System is awarded to an organization, by a Certifying Body (in this case FPG), for complying with and conforming to all the requirements specified in the published ISO Management System Standard that is associated with the ISO Management System implemented by the organization. The table below clarifies this criterion for each of the ISO Management Systems for which FPG offers and provides audit and certification services.

Management System	ISO Management System Standard (MSS)	Certification Award Criterion
Quality Management System (QMS)	ISO 9001:2015	Quality Management System (QMS) ISO 9001:2015 Organization complies with and conforms to all requirements specified in the ISO 9001:2015 Management System Standard.
IT Service Management System (ITSMS) / Service Management System (SMS)	ISO 20000-1:2018	Organization complies with and conforms to all requirements specified in the ISO 20000-1:2018 Management System Standard.
Information Security Management System (ISMS)	ISO 27001:2013	Organization complies with and conforms to all requirements specified in the ISO 27001:2013 Management System Standard.
Environmental Management System (EMS)	ISO 14001:2015	Organization complies with and conforms to all requirements specified in the ISO 14001:2015 Management System Standard.

The Management System Certification Lifecycle is a three-year cycle. The first year of the cycle commences upon successfully certified completion of the management system implementation. This is known as the Initial Certification for the management system. Initial Certification is also required when a new version of the Management System Standard (MSS) is released and activated by ISO. ISO typically grants a two (2) – three (3) year transition grace period before they deactivate the prior version and it is deemed non-certifiable. The second and third year of the cycle are known as the Surveillance phase. This is where the certified management system is surveilled for continued compliance, conformity, improvement, and growth in organizational maturity. The year following the completed Surveillance phase, the organization’s implemented Management System must be Re-Certified to begin the next three-year cycle. The diagram below demonstrates the iterative nature of the Management System Certification Lifecycle.

Management Systems Certification Lifecyc

For more detailed information about the ISO Management System Standards associated with FPG core competencies, use the following links.

QMS

One of the most well-known Quality Management Systems in the world with over one million companies worldwide; it has become the globally adopted quality management system

ITSMS

IT Service Management System promotes the adoption of an integrated process approach to effectively deliver managed services to meet business and customer requirements

ISMS

Information Security Management System is a widely acknowledged set of standards that enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties

RMS

Risk Management System is a family of codified standards that promotes a generic approach to risk management, operational continuity, and economic resilience that can be used by any type of organization

EMS

FPG adheres to and complies with the following standards and guidelines for all offered and provided ISO Management System assessment, audit, and certification services.

FOUNDATION for POLICY and GOVERNANCE