What Is Iso 20000 Bsi

What is ISO/IEC 20000?
An Introduction to the International

Service Management Standard
by Mart Rovers
President
INTERPROM
10/19/2015 InterProm USA Corporation Confidential and Proprietary Information 1

Contents
WHAT IS ISO/IEC 20000?
10/19/2015 InterProm USA Confidential and Proprietary Information 2

Contents
Background Information
The Service Management System
The Service Quality Principles
A Pragmatic Norm
ISO/IEC 20000 Contributions
Benefits of ISO/IEC 20000
The Certification Process
ISO/IEC 20000 Publications
Useful ISO/IEC 20000 Links
About the Presenter
International Standards Organization (ISO)
is the Owner of ISO/IEC 20000

Background Information
HISTORY AND CONTEXT

History Before 2005
ISO/IEC 20000 is the offspring of the
British Standard 15000 (BS 15000), a
standard of the British Standard
Institute which originated in the 1990s.
The BS 15000 standard was
introduced to measure the level of
implementation of ITILs best
practices in an organization or its
adherence to the goals of the ITIL
processes.
ITIL is the acronym for

Information Technology Infrastructure Library.
Both ITIL and the Information Technology
Infrastructure Library are registered trademarks
that are owned by AXELOS Ltd.

History In 2005
The Joint Technical Committee 1 /
Subcommittee 7 of the ISO and IEC
organizations released in 2005:
Part 1: ISO/IEC 20000-1:2005
Specification
The normative part of the standard
The requirements to meet
Part 2: ISO/IEC 20000-2:2005
Code of Practice
The informative part of the standard
The recommendations to meet the
requirements

History In 2011 and 2012
In 2011, a new version of the normative
standard ISO/IEC 20000-1 was released:
ISO/IEC 20000-1:2011
Service Management System Requirements
A list of 256 requirements a service provider
shall adhere to when seeking certification
In 2012, a new version of the informative

standard ISO/IEC 20000-2 was released:
ISO/IEC 20000-2:2012
Guidance on the Application of the Service
Management System
A list of more than 800 recommendations a
service provider should take into consideration
when desiring to meet the 256 requirements

History Since 2005
Since the introduction of the standard the
Subcommittee has released several additional
informative parts of the ISO/IEC 20000 standard
ISO/IEC TR 20000-3
Guidance on the Scope Definition and Applicability of
ISO/IEC 20000-1
ISO/IEC TR 20000-4
Process Reference Model
ISO/IEC TR 20000-5
Exemplar Implementation Plan
ISO/IEC TR 20000-9
Application of ISO/IEC 20000-1 to Cloud Services
ISO/IEC TR 20000-10
Concepts and Terminology TR stands for Technical Report

Context ISO/IEC 20000
is a worldwide standard promotes the adoption of
that describes the an integrated process
implementation of an approach to effectively
integrated process deliver managed services to
approach for the delivery of meet the business and
IT services. customer requirements.
consists of a set of promotes the coordinated
minimum requirements to integration and
audit an organization implementation of the
against effective IT Service service management
Management. processes to provide the
ongoing control, greater
efficiency and opportunities
for continual improvement.

ISO/IEC 20000 Structure
4. Service Management System (SMS)
Management responsibility Establish the SMS
Plan the SMS (Plan)
Governance of processes operated by other parties
Implement and operate the SMS (Do)
Documentation management Monitor and review the SMS (Check)
Resource management Maintain and improve the SMS (Act)
5. Design and Transition of new or changed services
6. Service Delivery Processes

Capacity management Service level management Information security
management
Service reporting
Service continuity & Budgeting &
availability management Accounting for services
9. Control Processes
Configuration management
Change management
Release and deployment
management
8. Resolution Processes 7. Relationship Processes
Incident and service request Business relationship
management management
Problem management Supplier management

The SMS
SERVICE MANAGEMENT
SYSTEM

The SMS
The Service Management System
(SMS) is what will be audited for
certification. 4. Service Management System (SMS)
The SMS is the framework of

Plan the SMS (Plan)
processes, tools and resources

management
Service reporting
(human resources, technology resources,

Change management
management
information resources, and financial

resources) coordinately used to plan,

execute, document and continually
improve service management tasks
in a goal-oriented, customer-
oriented and quality-oriented way.

The SMS Components
Important components of the SMS are:
Management Responsibility
Governance of Processes Operated 4. Service Management System (SMS)
by Other Parties
Plan the SMS (Plan)

Documentation Management
management
Service reporting
Change management
management
Resource Management
A structured approach to establish

and improve the SMS, following the
Deming Cycle
A set of 14 Strategic, Tactical and
Operational processes

The SMS Deming Cycle
ISO/IEC 20000 provides the
requirements of the steps involved to
establish and maintain the SMS. These
steps follow the Quality Circle of
Deming: Plan-Do-Check-Act:
Plan the SMS (Plan)
Implement and Operate the SMS
(Do)
Monitor and Review the SMS
(Check)
Maintain and Improve the SMS (Act)

SMS Triggers
Answers to questions that trigger the
SMS to start functioning are:
1. What are the customer and business requirements, needs and
expectations? 4. Service Management System (SMS)
Plan the SMS (Plan)
2. What are the statutory and legal requirements the service

provider needs to take into account? Capacity management

Service level management Information security
management
3. Are there requirements of other standards the service provider

Service reporting
needs to abide by?

Change management
management
4. Does the service provider have contractual obligations to

adhere to?
5. What are the service requirements, as a result of these
requirements and obligations as listed above?
6. What is the portfolio of services that is needed to meet these
service requirements?
7. What is the service management policy and what is the service
management plan, i.e. the service strategy, to meet these
service requirements?

A Working SMS
The execution of the service Service Delivery Processes:
1. Service Level Management
management plan will be performed 2. Service Reporting
3. Service Continuity and
by the 14 ISO/IEC 20000 processes. Availability Management
4. Budgeting and Accounting for
Services
Strategic Processes 5. Capacity Management
6. Information Security
Relationship Processes Management
Relationship Processes:
Tactical Processes 7. Business Relationship
Management
Design and Transition of New or 8. Supplier Management
Resolution Processes:
Changed Services (process #14) 9. Incident and Service Request
Management
Service Delivery Processes 10. Problem Management
Control Processes:
Operational Processes 11. Configuration Management
12. Change Management
13. Release and Deployment
Control Processes Management
Resolution Processes

The Purpose of the SMS
Ultimately, the SMS serves one major
purpose:
Turning customers with needs,
expectations and requirements into
satisfied customers.
This is why the standard focuses on
effectiveness. Overtime, the focus can
shift towards efficiency by means of
continuous improvements.

Service Quality Principles
PERMANENCY OF SERVICE
QUALITY

ISO/IEC 20000 is Framework-neutral
ISO/IEC 20000 is based on many ISO/IEC 20000 relates to many other
frameworks, such as ITIL and ISO standards such as ISO 9001,
COBIT. This does not imply ISO/IEC 27001 and ISO 31000.
that an organization is ISO/IEC 20000-1 This does not imply that an
required to adopt the organization has to meet
best practices of the requirements of these
these frameworks related standards.
In order to meet These standards
ISO/IEC 20000-2
the standards merely serve as
requirements. additional
guidance.
Service Management Frameworks
(e.g. ITIL, COBIT, Six Sigma, PMBOK, PRINCE2, CMMI)
&
Quality Management and Other Supporting Standards
(e.g. ISO 9000 and ISO 31000, ISO/IEC 27001, ISO/IEC 38500,
ISO22301, ISO 21500, ISO/IEC 15504)

Service Quality Principles
ISO/IEC 20000 incorporates all
of the eight quality management
principles of ISO 9001
Every ISO/IEC 20000-1
requirement supports one or
more of these quality principles.
What does this mean?
Implementing the requirements
of the standard will bring a
cultural and organizational
change.

Importance of Principles
Principles are Guidelines for
Human Conduct that are proven
to have Enduring Permanent
Value
Principles are deep, fundamental
truths
Principles are unarguable
because they are self-evident
Principles have a universal
application

A Pragmatic Norm
COMMON SENSE PREVAILS

Pragmatic Requirements
Representatives of more than 20
countries, working together in
the Joint Technical Committee 1
/ Subcommittee 7 of the ISO/IEC
organizations, have contributed
to the 2011 version of the
standard through a transparent
and democratic voting process
Years of combined practical
experience has resulted in a
collection of logical, pragmatic
and clear requirements

Pragmatic Norms For
Leadership
Business Relationship Managers
Supplier/Vendor Management
Managers
Project Managers
Business Analysts
Human Resource Managers For
Service Owners Any
Service
Process Owners
Provider,
Asset Owners Not just IT
Talent Managers Organizations
And more

ISO/IEC 20000 Contributions
WHEN TO CONSIDER

When to Consider? (1 of 4)
When comparing IT service providers.
ISO/IEC 20000 provides uniform and
common language as well as a norm for
benchmarking
When selecting an IT service provider.
An IT organization can express added
value when offering its services and
distinguish itself from its competition
When an IT department/organization is
looking for ways to better understand
the needs of the customer. ISO/IEC
20000 can be a norm to improve IT
governance

When needing guidance to determine
which best practices to focus on first
when adopting industry best practices
to improve the effectiveness and
efficiency of the IT
department/organization
When seeking increased transparency
of IT service provision costs, risks, IT
budgets and costs
When looking for ways to implement
changes faster and more effective and
when seeking for a norm to improve
efficiency and effectiveness

When attempting to better align the IT
departments/organizations services to
a third partys services, creating a
uniform chain of services in particular
from a process perspective
When looking for an effective method
and uniform guidelines to outsource or
offshore through a well-aligned process
interfaces and common and consistent
nomenclature. A norm which regulates
outsourcing
When seeking a norm for reliable and
available quality IT services

When looking for evidence that ITs
processes are in compliance with
international financial and security
norms, rules and regulations
When going for a broad range of
quality improvements within the IT
department/organization, as well as
boosting ITs professional image
When looking for an independent and
non-biased baseline to weigh service
providers against and use it as a norm

Benefits of ISO/IEC 20000
WHAT TO EXPECT?

What to Expect? (1 of 2)
To qualify for new customers; more and
more companies and organizations
consider ISO/IEC 20000 certification an
essential requirement for conducting
business with a new vendor
To enter global markets; the ISO/IEC 20000
standards are widely recognized
To objectively measure the level of
compliance to industry best practices
To have better information available for
numerous purposes
To better streamline to various process
improvements that may go on
simultaneously in an IT department

What to Expect? (2 of 2)
To provide guidance with prioritizing the
best practices to be implemented in an IT
department
To give a company or organization a
competitive edge
To show a drive for quality services
To objectively assess and benchmark ITs
level of maturity
To increase customer focus and
transparency of value provided to the
business
To establish a mentality of continual
improvement in IT

The Certification Process
STEPS TOWARDS
CERTIFICATION

7 Steps to become Certified
and uphold Certification
1. Complete a Questionnaire of the RCB
2. Apply for an Assessment by the RCB
3. Conduct an optional pre-audit by the RCB
4. Conduct the Initial Audit (Stage 1)
Documentation Review
5. Conduct the Certification Audit (Stage 2)
Onsite Inspection
Interviews
Records Review
6. Conduct Surveillance Audits every 12 months
Spot Checks
7. Conduct the Re-certification Audit every 3 years
Stage 1
Stage 2

ISO/IEC 20000 Publications
READING MATERIAL

ISO/IEC 20000 Publication
ISO/IEC 20000-1:2011 A Pocket Guide
Publisher: Van Haren Publishing
ISBN-13: 978-9087537265
Author: Mart Rovers
Price: USD$25
This Pocket Guide provides a concise

explanation of the nature, content and aim
of ISO/IEC 20000-1: 2011 and a short
summary of ISO/IEC 20000-2:2012.

Useful ISO/IEC 20000 Links
LEARN MORE

ISO/IEC 20000 Links
ISO Organization: http://www.iso.org
ISO Standard:
http://www.iso.org/iso/home/store/catalogue_ics.htm
http://webstore.ansi.org/
ISO/IEC 20000 Certification Training:
http://www.interpromusa.com/training-services/iso-iec-
20000-certification-training/
ISO/IEC 20000 Books:
http://www.interpromusa.com/resources/
ISO/IEC 20000 Certified Firms:
http://www.isoiec20000certification.com/
ISO/IEC 20000 RCBs:
http://www.isoiec20000certification.com/

About the Presenter
MART ROVERS

About Mart Rovers
Mart Rovers is the President of INTEPROM. He has
over 30 years of experience in IT and has been
consulting and training in IT Service Management
(ITSM), Information Security Management (ISM), IT
Governance and Business Continuity Management
since 1992.
He has led numerous organizations towards
becoming ISO/IEC 20000, ISO/IEC 27001, and ISO
22301 certified.
He is a frequent speaker at international events and is
the author of the ISO/IEC 20000 A Pocket Guide
Mart received his MBA degree in Information
Analytics and holds BS degrees in Mathematics,
Statistics and in Marketing.

What Is Iso 20000 Bsi

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

What Is Iso 20000 Bsi

Uploaded by

Copyright:

Available Formats

What is ISO/IEC 20000?

An Introduction to the International

10/19/2015 InterProm USA Corporation Confidential and Proprietary Information 1

10/19/2015 InterProm USA Confidential and Proprietary Information 2

10/19/2015 InterProm USA Confidential and Proprietary Information 3

10/19/2015 InterProm USA Confidential and Proprietary Information 4

ITIL is the acronym for

10/19/2015 InterProm USA Confidential and Proprietary Information 5

10/19/2015 InterProm USA Confidential and Proprietary Information 6

In 2012, a new version of the informative

10/19/2015 InterProm USA Confidential and Proprietary Information 7

10/19/2015 InterProm USA Confidential and Proprietary Information 8

10/19/2015 InterProm USA Confidential and Proprietary Information 9

5. Design and Transition of new or changed services

6. Service Delivery Processes

10/19/2015 InterProm USA Confidential and Proprietary Information 10

10/19/2015 InterProm USA Confidential and Proprietary Information 11

The SMS is the framework of

5. Design and Transition of new or changed services

processes, tools and resources

(human resources, technology resources,

information resources, and financial

resources) coordinately used to plan,

10/19/2015 InterProm USA Confidential and Proprietary Information 12

5. Design and Transition of new or changed services

6. Service Delivery Processes

A structured approach to establish

10/19/2015 InterProm USA Confidential and Proprietary Information 13

10/19/2015 InterProm USA Confidential and Proprietary Information 14

2. What are the statutory and legal requirements the service

5. Design and Transition of new or changed services

provider needs to take into account? Capacity management

3. Are there requirements of other standards the service provider

needs to abide by?

4. Does the service provider have contractual obligations to

10/19/2015 InterProm USA Confidential and Proprietary Information 15

10/19/2015 InterProm USA Confidential and Proprietary Information 16

10/19/2015 InterProm USA Confidential and Proprietary Information 17

10/19/2015 InterProm USA Confidential and Proprietary Information 18

10/19/2015 InterProm USA Confidential and Proprietary Information 19

10/19/2015 InterProm USA Confidential and Proprietary Information 20

10/19/2015 InterProm USA Confidential and Proprietary Information 21

10/19/2015 InterProm USA Confidential and Proprietary Information 22

10/19/2015 InterProm USA Confidential and Proprietary Information 23

10/19/2015 InterProm USA Confidential and Proprietary Information 24

10/19/2015 InterProm USA Confidential and Proprietary Information 25

10/19/2015 InterProm USA Confidential and Proprietary Information 26

10/19/2015 InterProm USA Confidential and Proprietary Information 27

10/19/2015 InterProm USA Confidential and Proprietary Information 28

10/19/2015 InterProm USA Confidential and Proprietary Information 29

10/19/2015 InterProm USA Confidential and Proprietary Information 30

10/19/2015 InterProm USA Confidential and Proprietary Information 31

10/19/2015 InterProm USA Confidential and Proprietary Information 32

10/19/2015 InterProm USA Confidential and Proprietary Information 33

10/19/2015 InterProm USA Confidential and Proprietary Information 34

10/19/2015 InterProm USA Confidential and Proprietary Information 35

This Pocket Guide provides a concise

10/19/2015 InterProm USA Confidential and Proprietary Information 36

10/19/2015 InterProm USA Confidential and Proprietary Information 37

10/19/2015 InterProm USA Confidential and Proprietary Information 38

10/19/2015 InterProm USA Confidential and Proprietary Information 39

10/19/2015 InterProm USA Confidential and Proprietary Information 40

You might also like