What Is ISO/IEC 20000?
ISO/IEC 20000, often referred to simply as ISO 20000, is the international IT service management (ITSM) standard that enables IT organisations (whether in-house, outsourced, or external) to ensure that their ITSM processes are aligned both with the needs of the business and with international best practice.
ISO 20000 helps organisations benchmark how they deliver managed services, measure service levels, and assess their performance.
Benefits of ISO 20000
ISO 20000 can help your organisation benchmark its ITSM, improve its services, demonstrate an ability to meet customer requirements, and create a framework for independent assessment.
Some of the most common benefits of ISO 20000 certification for service providers are that it:
Offers competitive differentiation by demonstrating reliability and high quality of service
Gives access to key markets, as many organisations in the public sector mandate that their IT service providers demonstrate compliance with ISO 20000
Provides assurance to clients that their service requirements will be fulfilled
Enforces a measurable level of effectiveness and a culture of continual improvement by enabling service providers to monitor, measure and review their service management processes and services
Drives down the costs of conformance to a multitude of regulations, including the PCI DSS and Sarbanes-Oxley (SOX)
Helps leverage ITIL practices to optimise resources and processes.
ISO 20000 is the international standard that enables IT organisations to ensure that their IT service management (ITSM) processes are aligned both with the needs of the business and with international best practice.
Before embarking on your ISO 20000 implementation project, it is important to gain an understanding of the Standard and how it can benefit your organisation. Securing management commitment and selecting a suitable implementation approach is essential for successful delivery of the project. The following introductory reading materials will help you address these points:
Plan
Plan the implementation and operation of your service management system
Establish the scope of service management
Define IT service management objectives
Determine the necessary processes
Define roles and responsibilities
Determine resources and timescales
Develop processes for managing risks
Develop methods for managing, auditing and improving service quality
Do
Implement the service management plan
Manage budget and resources
Select, train and motivate staff
Create documentation and monitor plans, policies, and procedures for the various processes – all documents are available in the ISO/IEC 20000 Implementation Toolkit
Treat and mitigate risks
Check
Monitor, measure, and review the achievement of service management objectives
Periodically review the management plan
Determine whether the SMS is compliant with ISO 20000
Create an audit program
Act
Identify actions for continual improvement and increasing the effectiveness of the SMS
Publish a policy that contains a clear definition of roles and responsibilities for the improvement of service activities
Create a service improvement plan
Eliminate non-conformities
ISO 20000 implementation: Critical success factors
Team competence: Service management employees need to have a deep understanding of service quality standards and the service management process
Accountability: Each process has to have an owner
Documented policies and processes: Documentation of all activities is absolutely essential
Communications: Communication between team members and the processes for communicating are of the utmost importance
Audits: Perform regular conformance audits and make improvements.
ISO 20000 parts 1, 2, 3, 4 and 5
ISO 20000 uses a process-based approach for continual improvement and is split into five parts. Parts 1 and 2 outline the requirements for implementing a service management system (SMS) that enables IT service providers to enhance the quality of service they deliver to internal and external customers.
Part 1: Service management system requirements
Part 1 – ISO 20000-1:2011 – provides requirements for ITSM and is relevant to those responsible for initiating, implementing, or maintaining ITSM in their organisation. It provides a specification for an SMS. Organisations can have their SMSs independently certified as conforming to the requirements of ISO 20000-1:2011.
Part 2: Guidance on the application of service management systems
Part 2 – ISO 20000-2:2012 – describes the best practices for service management processes within the scope of part 1.
Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1
Part 3 – ISO 20000-3:2012 – provides vital information on writing a scope for an SMS, as well as providing information on implementing an ISO 20000-1 SMS.
Part 4: Process reference model
Part 4 – ISO 20000-4:2012 – helps you develop a process assessment model according to ISO/IEC 15504 process assessment principles.
Part 5: Exemplar implementation plan for ISO/IEC 20000-1
Part 5 – ISO 20000-5:2012 – provides an implementation plan for an SMS that meets the requirements of ISO 20000-1.
ISO 20000 Documentation
As part of implementing an ISO 20000-compliant SMS, you will be required to produce documentation aligned with the Standard. Although there is no particular approach for how to structure your documentation, you will need to produce documents and records for all processes in the scope of ISO 20000, and the number you produce will vary depending on your company size.
You can use the ISO/IEC 20000 Implementation Toolkit to meet these documentation requirements. Developed by industry experts, the templates, policies and procedures in this toolkit will accelerate your project, helping you implement and execute your own SMS with minimal stress.