ISO/IEC 20000

ISO/IEC 20000: An Introduction to the global standard for service management

DAVID CLIFFORD
Copyright Date: 2011
Edition: 2
Published by: IT Governance Publishing
Pages: 70
https://www.jstor.org/stable/j.ctt5hh7w7
  • Cite this Item
  • Book Info
    ISO/IEC 20000
    Book Description:

    This pocket guide is a handy reference to the key information on ISO/IEC 20000. It features an overview of the purpose of the standard and shows how to use it. It explains qualification programmes, certification schemes and the interrelationship of ISO20000 with other standards, such as ISO27001. The overall emphasis of the guide is on ISO20000's customer-driven approach to ensure your IT service management processes align with the needs of your business.

    eISBN: 978-1-84928-315-1
    Subjects: Technology

Table of Contents

  1. Front Matter
    (pp. 2-4)
  2. FOREWORD
    (pp. 5-5)
    Marc Taillefer

    This book brings a fresh look at service management, and a better understanding of it. The author provides valuable clarity on efficient teamwork and on the necessity for predictive management to properly implement an effective and sustainable service management system.

    In today’s world, where many books are published on service management, David offers many years of solid experience, presented in a simple, clear and effective way.

    I will be using this book for my consultancy, training and coaching of managers and service management consultants.

    I hope that this book will give you a holistic view of the essence of ISO/IEC...

  3. PREFACE
    (pp. 6-6)
  4. ABOUT THE AUTHOR
    (pp. 7-7)
  5. ACKNOWLEDGEMENTS
    (pp. 8-8)
  6. Table of Contents
    (pp. 9-10)
  7. INTRODUCTION
    (pp. 11-14)

    History has shown that, when one starts to talk about international standards, the sound of voices and running feet can be heard, disappearing into the distance. One hears cries of ‘more bureaucracy’, ‘another certificate for the wall’, ‘poor management systems can get certified’, and ‘standards are only of benefit when a customer requires its service provider to get certification.’

    Thankfully, we sometimes learn from history and reflect this in our current daily lives, by taking positive steps forward. This is the case with ISO/IEC 20000. It provides a mirror for service providers to compare themselves to.

    It provides a list...

  8. CHAPTER 1: BACKGROUND
    (pp. 15-27)

    The new edition of Part 1 of ISO/IEC 20000 has been released (15thApril 2011). The standard is now titled “Information technology – Service Management – Part 1: Service management system requirements”. It should be noted that a revised edition of Part 2 of the standard is not due for publication until approximately Q2 2012.

    Edition 1 of the standard is now some six years old and quite simply, the world in which we live is continually changing. New thoughts regarding how service management should, or in the case of this part of the standard, how service management shall, operate have been...

  9. CHAPTER 2: KEY STAKEHOLDER BODIES
    (pp. 28-37)

    There are several key stakeholder bodies operating within the arena of the service provider. It is important to ensure that their needs are understood, and that the relationships are clearly defined and actively managed. This chapter highlights the key elements of this philosophy.

    The people who receive the services and use them in order to derive value from a business perspective are the end-users. They provide input to the customers who specify the service requirements and, where applicable, pay for the services.

    The customers and end-users may be internal or external to the service provider’s organisation, or a combination of...

  10. CHAPTER 3: QUALIFICATION PROGRAMMES
    (pp. 38-49)

    A number of examination institutes have recognised the ever-growing importance and position of ISO/IEC 20000 within the market place. As a result, new qualifications aligned to the standard have emerged. This chapter provides an overview of the prime movers in this field.

    EXIN have developed a new ITSM qualification programme, as shown in the figure on the next page.

    They have taken a very different approach when designing their service management qualification programme. They have used ISO/IEC 20000 as a vehicle to define the boundaries of the syllabuses. As discussed earlier, the philosophy of ‘concentrate on what you must do,...

  11. CHAPTER 4: COMPLIANCE AND CERTIFICATION
    (pp. 50-53)

    Compliance is the ability to demonstrate internal conformity and adherence to service provider policies, plans, procedures, regulations, contracts, and the requirements of ISO/IEC 20000. This would be validated via afirst-party audit.

    Due diligence is where a customer performs an assessment of a service provider’s status, prior to engaging them to perform activities on the customer’s behalf. This could include, but may not be limited to:

    financial status

    legal position

    standing in the industry

    stability

    approach to innovation and risk.

    Due diligence can also fall within a generalsecond-party auditstrategy, where the customer’s organisation performs an audit on the...

  12. CHAPTER 5: CERTIFICATION SCHEMES
    (pp. 54-56)

    Certification schemes enable service providers to become certified to the standard. They effectively allow a service management team to be recognised as working well together based upon the requirements of the standard. Certification schemes should not be confused with qualification schemes or programmes. Certification schemes in this context are for service provider entities, while qualification schemes or programmes are for individuals.

    The scheme which APMGI launched operates on a global basis. They register certification bodies so that these Registered Certification Bodies (RCBs) can perform audits to the additional audit rules identified by APMGI. These are documented and freely available at:...

  13. CHAPTER 6: SCOPE OF ASSESSMENT
    (pp. 57-61)

    The most common area for debate and confusion is that of defining an appropriate scope for assessment against ISO/IEC 20000. This is primarily due to the fact that there are many potential options for a service provider.

    Fundamentally, before setting off down a route to compliance and, perhaps, certification to the standard, service providers should understand what they are trying to achieve, and why.

    For some service providers, the definition of scope may be predefined, as their customers have specified that they need to achieve certification for a particular contract.

    For example, BT Global Services were successful with bids for...

  14. CHAPTER 7: RELATIONSHIP WITH OTHER STANDARDS
    (pp. 62-63)

    The ISO/IEC 27000 family of standards is focused on Information Security Management Systems (ISMS). ISO/IEC 27001 specifies the requirements that service providers shall follow. It includes, but is not limited to, the definition and management of risks and controls pertinent to the information security policy. The standard embraces those critical elements identified in Section 6.6 ‘Information Security Management’ of ISO/IEC 20000, but also goes much further in its requirements for information security management systems.

    This standard provides guidance on process assessment, and specific models for particular arenas. It will help to drive out process improvement. Part 8, specific to service...

  15. CHAPTER 8: THE FUTURE OF ISO/IEC 20000
    (pp. 64-65)

    The following section provides a catalogue of the different parts of ISO/IEC 20000 together with predictions of when the various new parts/editions of ISO/IEC 20000 will be released. It is impossible to be specific on this, as there are many key stakeholders in the process of developing standards who have to be consulted before publication.

    Launched 15thApril 2011.

    Provides the specifications (requirements) for IT service management systems.

    Expected publication by end of Q1-2012.

    It is being updated to re-align with Edition 2 of ISO/IEC 20000 Part 1.

    Expected publication to be confirmed.

    Provides guidance on the scope and applicability...

  16. ABBREVIATIONS USED
    (pp. 66-67)
  17. ITG RESOURCES
    (pp. 68-70)