8/8/2019 ISO20000 Introduction

1/4

ISO20000 An introduction

History

ISO 200001 has a long pedigree being underpinned by ITIL service management bestpractices. The first version was a British Standard, BS15000, published in 2000. Following anearly adopters trial, various recommendations for improvement were made and the standardwas updated in 2002. This was then fast tracked to become an international standard,ISO20000 which was published in 2005.

The first certification scheme for organisations to be certified was launched in November2003 by the ITSMF (IT Service Management Forum) and is entirely in line with the ISO9000certification scheme. External auditors must be approved by ITSMF and are known asRegistered Certification Bodies (RCBs) who are listed on the ISO20000 web site,www.isoiec20000certification.com.

Framework

The framework of service management guidance is represented below. Although theframework shows the most commonly used best practice framework of ITIL, it is notmandatory to implement ITIL best practice in order to satisfy the requirements of thestandard. Use of other frameworks such as eTOM will be equally valid.

Individual qualifications

In addition to corporate certifications, there are several qualifications available for individuals.These are:

1 ISO20000 is the commonly used abbreviation for the International Standard for IT ServiceManagement whose full title is ISO/IEC 20000.

8/8/2019 ISO20000 Introduction

2/4

ITSMF - ISO20000 consultant certificate aimed at those who will consultant, eitherinternally or externally, or manage an ISO20000 programme

ITSMF - ISO20000 auditor qualification is aimed at internal and external auditors whowill be auditing against ISO20000

EXIN Service Quality Management Foundation aimed at individuals working in an

ISO20000 organisation

EXIN Service Quality Management Advanced aimed at consultants or managers

ISEB ISO20000 Essentials course to be released early 2008

Scope of the standard

The standard requires an IT Service provider, either internal or external, to satisfyrequirements forall processes as shown in the process model below. The processes coverthe ITIL processes and bring in additional areas to provide a complete view of IT ServiceManagement. There can be no processes excluded for certification.

The scope does allow for some of the processes to be outsourced as long as managementcontrol can be shown over those outsourced processes.

The standard aligns with ISO9001 in the Management System requirements and the Plan-

Do-Check-Act cycle in Planning and Implementing Service Management. Indeed thosecompanies with ISO9001 certification should already find that they satisfy some of therequirements of ISO20000. ISO20000 can be achieved either in conjunction with ISO9001 orstand alone.

ISO20000 also links with ISO27001. The requirements for information security managementwithin ISO20000 are a sub set of those in ISO27001. Those companies already certified toISO27001 level for the same scope should have already satisfied all the information securityrequirements in ISO20000.

The standard can be attained for varying scopes within a service provider:

All or some IT Services e.g. financial services, supply chain services

All or some Technology e.g. application management, infrastructure management,desktop support

2

8/8/2019 ISO20000 Introduction

3/4

All or some customers e.g. one specified customer or all customers

All or some locations e.g. one location or all locations

Why achieve ISO20000

There are various drivers for wanting to gain ISO20000: An independent certification offers an industry recognised benchmark of quality

The certification proves that the provider can offer best practice in servicemanagement and service delivery

More importantly, the certificate ensures that an organisation gains all the benefits ofutilising best practice in service management. Many companies claim to implementITIL best practice but these are often selective implementations which are notindependently checked. With ISO20000 as with any other standard, the use of bestpractice will be assessed annually ensuring that all the benefits often promised aretruly gained. These benefits will cover improved quality of service, cost savings,reduced risk and continuous improvement

Even if the service provider does not go for formal certification, the 13 pages ofmandatory requirements in the standard provide a focus for what to do to implementbest practice service management. This can then be supplemented with the use ofITIL or other frameworks for the detail of how to implement each process

For many external service providers, the benefits are in demonstrating a competitiveedge or in being able to respond to proposal requests that demand ISO20000certification

Future of the standard

The standard is already being updated by the International Standards Committee responsible

for service management. This committee has representatives from many countries includingSpain. The standard will remain stable for some years which is important in the marketplace.The next update is likely to be published in 2009 or 2010. Updates will cover:

Removal of ambiguity from some wording

Improvement and updating of some requirements based on feedback

Some alignment to ITIL3.

Further Information

There are various publications available to support the standard including:

ISO/IEC 20000 - part 1 and part 2

ISO/IEC 20000 Self assessment workbook - BSI publication (www.bsi-global.com)

A Manager's guide to service management - BSI publication

Achieving ISO/IEC 20000 series - BSI publications

ISO/IEC 20000 pocket guide - ITSMF publication

The web site also points to useful information about auditors and certified companies:

www.isoiec20000certification.com

Lynda Cooper

Co-author of BS15000 and ISO20000Principal UK Expert to the International Standards Committee on Service Managementlynda.cooper@bcs.org

3

http://www.isoiec20000certification.com/http://www.isoiec20000certification.com/

8/8/2019 ISO20000 Introduction

4/4

4