ISO 20000-1:2011 - IT Service Management System

General

Due to the development of IT technologies use, many organizations started focusing on service rendering quality. Availability of IT-services management system in compliance with ISO 20000-1:2011 will help an organization determine main directions for rendering quality services taking into account stakeholders.

Service management system (SMS, ITSMS) – management system used for the determination of service direction and control of service provider activities in respect of service management.

ISO 20000 standard sets requirements for organization rendering any kind of IT-services, regardless of its size, area of activity and geographical location. It is worth noting that this standard can be recommended for high-technology organizations – system integrators, banks, insurance companies, Internet providers, software developers, etc.

Brief history

ISO/IEC 20000 standard was first issued on December 15, 2005, and was based on British BS 15000 standard. British standard determined requirements for management system with application of ISO 9000 approach, but emphasizing controls, necessary to successfully manage IT-services.

ITIL library was the base for the development of the standard. ITIL materials, global interest in their studying and practical application have formed an integrated system in respect of IT-services management; general understanding of required level of IT-services management system maturity, which afterwards resulted in official standardization. It should be noted that during standard development into process model, proposed by ITIL v2, a number of amendments and additions were introduced. The main emphasis was made on creation of integral management system (and not a set of separate processes) and implementation of idea of control and improvement throughout the whole IT-service life cycle based on PDCA (Plan-Do-Check-Act) cycle. Some amendments and additions were taken into account by ITIL v3 authors.

Structure of the standard

International ISO 20000-1:2011 standards determines requirements for service management system in compliance with which ITSMS shall be based on the following key components:

ISO/IEC 20000-1:2011 standard determines requirements for 13 major processes, combined into four key groups:

  1. Service rendering processes include service level management, continuity and availability management, capacity management;
  2. Relationship processes include management of interrelations between service provider, customers and suppliers;
  3. Resolution processes are focused on incidents, which were prevented or successfully resolved;
  4. Control processes include changes, assets and configurations management processes.

ISO/IEC 20000-1 standard requires all processes to be implemented without exception.

The standard determines service management processes, that help organization:

  1. determine that there is an interrelation between processes and that this interrelation depends on application of processes within an organization;
  2. provide that objectives and controls enable an organization to deliver required services;
  3. improve efficiency and provide opportunities for improvement;
  4. ensure IT-services are aligned with business needs and demands;
  5. improve system reliability and availability;
  6. provide a basis for service level agreement;
  7. provide the ability to measure IT-service quality

Integration with the other standards

Information service management system can be integrated with other management systems, e.g. with the quality management system in compliance with ISO 9001, environmental management system in compliance with ISO 14001, information security management system in compliance with ISO 27001, etc.

ISO 20000 series of standards include:

  1. ISO/IEC 20000-1:2011 Section 1. Service management system requirements. ISO/IEC 20000-1:2011 standard specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve service management system. The requirements include the design, transition, delivery and improvement of services to fulfill service requirements.
  2. ISO/IEC 20000-2:2005 – Code of Practice. ISO/IEC 20000-2:2005 offers a summary of practical guidelines to auditors and assistance to service providers in planning service management system improvements or in being audited for compliance to the requirements of ISO/IEC 20000-1. ISO/IEC 20000-2:2005 standard is based on the British BS 15000-2 standard.
  3. ISO/IEC TR 20000-3:2009 – Technical Report Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1. ISO/IEC TR 20000-3:2009 supplements ISO/IEC 20000-2 standard and provides guidance on scope definition, applicability and demonstration of conformity for service providers aiming to meet the requirements of ISO/IEC 20000-1, or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as management tool. It can also help service providers who use ISO/IEC 20000-1 for implementing a service management system and who need advice on whether ISO/IEC 20000-1 requirements are applicable to their organizations and how to define the scope of their management services.
  4. ISO/IEC TR 20000-4:2010 – Technical Report Part 4: Process reference model. The purpose is to facilitate the development of a process assessment model according to ISO/IEC 15504 process assessment principles. ISO/IEC 15504-1 describes the concepts and terminology used for process assessment, ISO/IEC 15504-2 describes the requirements for the conduct of an assessment and a measurement scale for assessing process capability. The process reference model provided in ISO/IEC TR 20000-4:2010 is a logical representation of the elements of the processes within service management system that can be performed at a basic level. Using the reference model in a practical application might require additional elements suited to the environment and circumstances. Process reference model is not an ISO/IEC 20000-1 requirement.
  5. ISO/IEC TR 20000-5:2010 Technical Report Part 5: Exemplar implementation plan for the first part of the standard. ISO/IEC TR 20000-5:2010 includes practical guidance to service providers on the order of improvements planning and implementation. It is recognized that a standard three-phase approach is used to implement a service management system. The approach provides a structured framework to prioritize and manage the implementation activities. ISO/IEC TR 20000-5:2010 is a Guidance

Benefits of implementation and certification

  • enhancement of customer, partner and other stakeholders’ trust;
  • receiving international recognition and promotion of company’s image on internal and external market;
  • increase of efficiency and reliability of IT-services provision;
  • mitigation of risks, effects and damage, caused by IT and IS incidents;
  • reduction of costs for promotion and regular development of information technologies in general; broadening company’s options for participation in government contract

Standards

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
ISO 13485:2016
ISO 16949:2009
ISO 22000:2018
HACCP
ISO 22301:2012
ISO 27001:2018
ISO 28000:2007
ISO 29001:2010
ISO 50001:2011
ISO 55001:2014
SA 8000:2014

Beneifts of "certification" against ISO standards

Why choose 'International Certification Services - Global Program (ICS-GP)'

The certification process

Certification 'Process flow'

Certification Process (Description)

Application

Certification (Terms & conditions)

Let's help you

Through a unique & proven problem solving methodology that will best suit your business needs

Contact Us