Information technology ISO 20000 certification

courtesy : information technology ISO 20000 certification

ISO/IEC 20000 is the international standard for IT service management. It was developed in 2005 by ISO/IEC JTC1/SC7 and revised in 2011 and 2018. It was originally based on the earlier BS 15000 that was developed by BSI Group.

ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL framework, although it equally supports other IT service management frameworks and approaches including Microsoft Operations Framework and components of ISACA’s COBIT framework. The differentiation between ISO/IEC 20000 and BS 15000 has been addressed by Jenny Dugmore.

The standard was first published in December 2005. In June 2011, the ISO/IEC 20000-1:2005 was updated to ISO/IEC 20000-1:2011. In February 2012, ISO/IEC 20000-2:2005 was updated to ISO/IEC 20000-2:2012.

ISO 20000-1 has been revised by ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance. The revision was released in July 2018. From that point certified entities enter a three year transition period to update to the new version of ISO 20000

ISO/IEC 20000-1: Service management

Formally: ISO/IEC 20000-1:2018 (‘part 1’) specifies requirements for “establishing, implementing, maintaining and continually improving a service management system (SMS). An SMS supports the management of the service lifecycle, including the planning, design, transition, delivery and improvement of services, which meet agreed requirements and deliver value for customers, users and the organization delivering the services.”. The 2018 version (ISO/IEC 20000-1:2018) comprises ten sections, following the high-level structure from Annex SL of the Consolidated ISO/IEC Directives, Part 1:

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context of the organization
  5. Leadership
  6. Planning
  7. Support of the Service Management System
  8. Operation of the Service Management System
  9. Performance Evaluation
  10. Improvement

ISO/IEC 20000-2: Guidance on the application of service management systems

ISO/IEC 20000-2:2019 provides guidance on the application of service management systems (SMS) based on the requirements in ISO/IEC 20000-1:2018.

ISO/IEC 20000-3: Guidance on scope definition and applicability of ISO/IEC 20000-1

ISO/IEC 20000-3:2019 provides guidance on scope definition, applicability and demonstration of conformance for service providers aiming to meet the requirements of ISO/IEC 20000-1, or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as a business goal. It supplements the advice in ISO/IEC 20000-2, which provides generic guidelines for implementing an SMS in accordance with ISO/IEC 20000-1.

[Withdrawn] ISO/IEC 20000-4: Process assessment model

ISO/IEC TR 20000-4:2010 has been withdrawn. A set of new documents providing a Process Reference Model (PRM) and a Process Assessment Model (PAM) based on ISO/IEC 20000-1:2018 is being developed by ISO/IEC JTC1/SC7 in the 33000 series of standards.

ISO/IEC 20000-5: Implementation guidance for ISO/IEC 20000-1

ISO/IEC TR 20000-5:2022 provides guidance to service providers on how to implement an SMS based on ISO/IEC 20000-1.

ISO/IEC 20000-6 Requirements for bodies providing audit and certification of service management systems

ISO/IEC 20000-6:2017 provides requirements for auditing bodies for the assessment of conformance to ISO/IEC 20000-1.

[Withdrawn] ISO/IEC 20000-7: Guidance on the Integration and Correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013

ISO/IEC TR 20000-7:2019 provides guidance on the integrated implementation of a Service Management System based on ISO/IEC 20000-1:2018 with a Quality Management System based on ISO 9001:2015 and/or an Information Security Management System based on ISO/IEC 27001:2013.