ISO/IEC 20000 : INFORMATION TECHNOLOGY SERVICE MANAGEMENT SYSTEM

What is INFORMATION TECHNOLOGY SERVICE MANAGEMENT SYSTEM?

What is INFORMATION TECHNOLOGY SERVICE MANAGEMENT SYSTEM?

ISO/IEC 20000 is an international standard that specifies the requirements for an effective service management system. It helps organizations to deliver quality services that meet the needs and expectations of their customers and stakeholders.

ISO/IEC 20000 is the international standard for IT service management. It was developed in 2005 by ISO/IEC JTC1/SC7 and revised in 2011 and 2018.  It was originally based on the earlier BS 15000 that was developed by BSI Group. ISO/IEC 20000 specifies the requirements for an organization to establish, implement, maintain and improve a service management system (SMS) that delivers value to customers and other parties. It covers the planning, design, transition, delivery and improvement of services, as well as the monitoring, measurement and review of the SMS and the services.

ISO/IEC 20000 can be used by:

– a customer seeking services and requiring assurance regarding the quality of those services;

– a customer requiring a consistent approach to the service lifecycle by all its service providers, including those in a supply chain;

– an organization to demonstrate its capability for the planning, design, transition, delivery and improvement of services;

– an organization to monitor, measure and review its SMS and the services;

– an organization to improve the planning, design, transition, delivery and improvement of services through effective implementation and operation of an SMS;

– an organization or other party performing conformity assessments against the requirements specified in this document;

– a provider of training or advice in service management.

ISO/IEC 20000 consists of several parts:

– ISO/IEC 20000-1: Service management system requirements

– ISO/IEC 20000-2: Guidance on the application of service management systems

– ISO/IEC 20000-3: Guidance on scope definition and applicability of ISO/IEC 20000-1

– ISO/IEC TR 20000-4: Process assessment model (withdrawn)

– ISO/IEC TR 20000-5: Exemplar implementation plan for ISO/IEC 20000-1

– ISO/IEC TR 20000-6: Requirements for bodies providing audit and certification of service management systems

– ISO/IEC TR 20000-9: Guidance on the application of ISO/IEC 20000-1 to cloud services

– ISO/IEC TR 20000-10: Concepts and terminology for service management

– ISO/IEC TR 20000-11: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: ITIL

Why is ISO/IEC 20000 important?

ISO/IEC 20000 is beneficial because it helps organizations to deliver quality services that satisfy their customers and stakeholders. It also helps them to improve their service management capabilities and performance. By adopting ISO/IEC 20000, organizations can gain a competitive edge, increase customer loyalty and satisfaction, reduce costs and risks, and achieve their strategic goals.

ISO/IEC 20000 is important for any organization that provides or consumes services, and it can benefit them in various ways. Some of the benefits of ISO/IEC 20000 are:

  • First, ISO/IEC 20000 helps to establish a common language and framework for service management across different service providers and customers. This facilitates communication, collaboration, integration and alignment of service processes and practices. It also enables benchmarking, comparison and improvement of service performance and quality.
  • Second, ISO/IEC 20000 helps to ensure that the services are delivered in a consistent, reliable and efficient manner. It defines the minimum requirements for planning, designing, implementing, operating, monitoring, reviewing and improving the services. It also provides guidance on how to manage risks, incidents, problems, changes, service levels, continuity and security.
  • Third, ISO/IEC 20000 helps to demonstrate the value and effectiveness of the services to the customers and stakeholders. It provides a basis for measuring and reporting on service outcomes and achievements. It also supports continuous improvement and innovation of the services by identifying gaps, issues and opportunities for enhancement.
Why is ISO/IEC 20000 important?
Benefits of ISO/IEC 20000 IT service management

Benefits of ISO/IEC 20000 IT service management

The benefits that you will gain upon the successful completion of ISO/IEC 20000 certification include the following:

  • Improved credibility
  • Increased client satisfaction
  • Improved brand reputation
  • Development of new capabilities
  • Leveraged ITIL experience
  • Increased comprehension of business objectives
  • Increased ability to plan and control
  • Reducing response time
  • Decreased incidents
  • Creates a culture of continuous improvement
  • Gain competitive advantage
What are the main features of ISO/IEC 20000?

ISO/IEC 20000 consists of two main parts:

  • ISO/IEC 20000-1:2018 specifies the requirements for an SMS, including the planning, design, transition, delivery and improvement of services, as well as the monitoring, measurement and review of the SMS and the services. It also defines the terms and definitions used in the standard.
  • ISO/IEC 20000-2:2019 provides guidance on the application of an SMS based on the requirements in ISO/IEC 20000-1:2018. It covers the principles, concepts, roles, processes and activities of service management. It also provides examples and recommendations for implementing an SMS.

The main features of ISO/IEC 20000 are:

  • It is aligned with other international standards, such as ISO 9001 (quality management), ISO/IEC 27001 (information security management) and ISO 31000 (risk management).
  • It is based on the best practices of IT service management frameworks and approaches, such as ITIL, COBIT and MOF.
  • It is applicable to any organization that provides IT services to internal or external customers, regardless of its size, type or sector.
  • It enables organizations to demonstrate their capability and quality of service delivery to customers and other parties.
  • It helps organizations to improve their service performance, efficiency and effectiveness through continual improvement of their SMS and services.
What are the main features of ISO/IEC 20000?
How can organizations implement & get certified in ISO/IEC 20000?
How can organizations implement & get certified in ISO/IEC 20000?
How can organizations implement & get certified in ISO/IEC 20000?

ISO/IEC 20000 specifies the requirements for an organization to establish, implement, maintain and improve a service management system (SMS) that delivers value to customers and other parties. It covers the planning, design, transition, delivery and improvement of services, as well as the monitoring, measurement and review of the SMS and the services.

To implement ISO/IEC 20000, an organization needs to follow these steps:

  1. Define the scope and objectives of the SMS, taking into account the needs and expectations of the interested parties, such as customers, users, suppliers and regulators.
  2. Conduct a gap analysis to identify the current state of the SMS and the areas for improvement.
  3. Develop a project plan to address the gaps and achieve the objectives of the SMS, including roles, responsibilities, resources, timelines and risks.
  4. Implement the SMS according to the project plan, following the requirements and guidance of ISO/IEC 20000-1:2018 and ISO/IEC 20000-2:2019.
  5. Evaluate the performance and effectiveness of the SMS and the services, using appropriate methods and tools, such as audits, reviews, surveys and metrics.
  6. Identify opportunities for improvement and take corrective and preventive actions to ensure continual improvement of the SMS and the services.

To get certified in ISO/IEC 20000, you need to:

  • Choose a certification body that is accredited by an internationally recognized accreditation body, such as ANSI-ASQ National Accreditation Board (ANAB), United Kingdom Accreditation Service (UKAS), or International Accreditation Forum (IAF).
  • Apply for the certification scheme that suits your role and level of experience, such as ISO/IEC 20000 Foundation, ISO/IEC 20000 Lead Implementer, ISO/IEC 20000 Lead Auditor, or ISO/IEC 20000 Master.
  • Attend a training course that covers the relevant aspects of ISO/IEC 20000 and prepares you for the certification exam.
  • Pass the certification exam that tests your knowledge and skills on ISO/IEC 20000 and its application.
  • Receive your certificate and maintain your certification by fulfilling the continuing professional development (CPD) requirements.

In conclusion, ISO/IEC 20000 is important because it helps organizations to deliver quality services that satisfy their customers and stakeholders. It also helps them to improve their service management capabilities and performance. By adopting ISO/IEC 20000, organizations can gain a competitive edge, increase customer loyalty and satisfaction, reduce costs and risks, and achieve their strategic goals.

If you are interested in implementing ISO/IEC 20000 in your organization, you can contact us for more information. We are a certified ISO/IEC 20000 consultant that can help you design, develop, implement, audit, and improve your information security management systems. We have the expertise, experience, and tools to help you achieve your goals.

×