Thursday, April 20, 2023Provided by Purdianta 1

Introduction to Information Technology Service Management( Based on ISO 20000 Framework)

Purdianta

purdianta@purdianta.com

Thursday, April 20, 2023Provided by Purdianta 2

Outline

What is IT Service Management? ISO 20000 history What is ISO 20000 Benefit and Cost Implemantation and Certification Process

Thursday, April 20, 2023Provided by Purdianta 3

What is IT Service Management ?

IT Service Management is a top-down, business driven approach to the management of IT that specifically addresses the

strategic business value generated by the IT organisation and the need to deliver a high quality IT service.

IT Service Management is designed to focus on the people, processes and technology issues that IT organisations face.

Thursday, April 20, 2023Provided by Purdianta 4

Why is Service Management required ?

• Organisations are increasingly dependent on IT service provision

• Higher visibility• More exacting user demands• Increased complexity of the infrastructure• Charging for IT services• Competition for customers

Thursday, April 20, 2023Provided by Purdianta 5

Philosophy of Service Management System

CustomerIT ProviderSupplier

Customer Requirement(+regulation and other requirement)

ProcessInput Output

ResourceHR, infrastructure,

and work

environment

Process Approach

Conformity

Quality

Customer StatisfactionPerformance Evalution

#1

#2

#3

#n…

Process Sequence

Business Process Mapping

Managing ? ManagementPlan-Do-Check-Action

#1

#2

#n

…

Activity Sequence To ensure QUALITY SERVICE,STANDARDIZATION required!

Work referenceWritten!

Done!Do writt

en!

Evidence of Activitywritten

Write done!

SystemContinual

Improvement!

Thursday, April 20, 2023Provided by Purdianta 6

What is ISO 20000

A standard to promote the adoption of an integrated process approach for the effective delivery of managed services to meet business and customer requirements

A set of “controls” against which an organisation can be assessed for effective IT Service Management processes

The ISO 20000 standard defines the requirements for an organisation to deliver managed services of an acceptable quality for its customers

Thursday, April 20, 2023Provided by Purdianta 7

ISO 20000 history

ITIL was starting point Early 1990s – DISC PD 0005 Nopember 2000 – BS 150000 (originated from DISC

PD 0005, A Code of Practice for IT Service Management) 15 Dec 2005 – ISO 20000

Thursday, April 20, 2023Provided by Purdianta 8

ISO 20000 series• Part 1 revised – 2011

• Closer alignment to ISO 9001• Closer alignment to ITIL version 3• Design of services introduced• Other improvements from user feedback

• Part 2 revised – 2012• Intent• Concept• Explanation of requirements• Documents and records• Authorities and responsibilities• Interfaces

• Part 3 – applicability and scope – 2009• Replaces ITSMF guidelines on scoping• To be built into certification scheme

• Part 5 - Exemplar implementation plan – 2010• Maturity model

• PRM - Part 4 and PAM - Part 8 – 2011

Thursday, April 20, 2023Provided by Purdianta 9

ISO 20000 Goals & Specification

Target/goals Customer focused Integrated processes End-to-End Service Management Continual Service Improvement

Specification Part 1 – Specification Part 2 – Code of Practice

Thursday, April 20, 2023Provided by Purdianta 10

ISO 20000 Accreditation & Certification

Best practices for IT service Providers, International organizationfocused certificate for ITSM

Need a formal audit and certification by RCB (Registered Certification Bodies)

RCB are assessed and approved (accredited) by an accreditation organization in any country of their choice, in accordance with ISO/IEC 17021:2009

The RCB will audit IT Service Provider Only valid for 3 years Surveillance audits every six months Re-certification audits every 3 years

It’s common for IT Service Provider to have an assessment before an audit (a self-assessment or by an external party)

170 ‘shalls’ (ISO 9001: 135 shalls)

Thursday, April 20, 2023Provided by Purdianta 11

IT Service Management Framework

Thursday, April 20, 2023Provided by Purdianta 12

What is ITIL ?

• Information Technology Infrastructure Library (ITIL) is a framework for delivering (and improving and managing) IT services.• Not a mandatory set of rules.

• Established and standardized in 1988 in the UK – now on v3.• Although we have chosen to implement v2.

• Focus on managing services to customers, not technology to users.

• Services must be defined, controlled, measured and managed in order to be improved.

Thursday, April 20, 2023Provided by Purdianta 13

What is ITIL ?

Thursday, April 20, 2023Provided by Purdianta 14

What is ITIL ?

• ITIL consists of eleven processes in two IT service management areas, plus a function:• IT Service Support: Incident, Problem, Configuration, Change,

Release Management• IT Service Delivery: Service Level, Financial, Capacity, Service

Continuity, Availability• Service Desk

• These processes relate to and support one another.• Resource: Service Support and Service Delivery

• For more details, become ITIL Foundation certified!

Thursday, April 20, 2023Provided by Purdianta 15

ITIL Process and Function

Thursday, April 20, 2023Provided by Purdianta 16

ISO 20000 Scope

Business may use it to Tender for services Monitor if all service providers in

a supply chain follow a consistent approach

Manage risk Evaluate (the value of) services

Service providers can use it to: Reduce the cost of their services Monitor and improve their

service. Benchmark their IT management

Service Management activities Serve as the basis for an

independent assessment Demonstrate the ability to

provide services that meet customer requirements

Improve service delivery through the effective application of processes to monitor and improve service quality

Thursday, April 20, 2023Provided by Purdianta 17

ISO 20000 Process Model

Service Delivery Processes

Resolution Processes

RelationshipProcesses

ACTContinual

Improvement

PLANPlan

DOImplement and

Operate

CHECKMonitor,

Measure and Review

Planning and Implementing New or Changed Services

Service Management System

Capacity Management

Service Continuity and

Availability Management

Service Level Management

Service Reporting

Information Security

Management

Budgeting and Accounting for IT

Services

Incident Management

Problem Management

Business Relationship Management

Supplier Management

ReleaseProcess

ReleaseManagement

Control Processes

Configuration ManagementChange Management

Thursday, April 20, 2023Provided by Purdianta 18

Revised Process Model

Resolution processes Relationship processes

Service Management System

SMS general requirements

Design, development and transition of new or changed services

Act

Check

Do

Plan

Control processes

Service delivery processes

Incident management & request fulfilment

Problem management

Business relationship management

Supplier management

Configuration managementChange managementRelease and deploymentmanagement

Capacity management

Service continuity &availability management

Service level management

Service reporting

Information security management

Budgeting & accounting for services

Management responsibility

Plan, operate, monitor and improveservice management

Governance of processesoperated by other parties

Documentation management

Resource management

Requirements

Customers(and otherInterestedparties )

Services

Customers(and otherInterestedparties )

Thursday, April 20, 2023Provided by Purdianta 19

Service Level Management

Budgeting & Accounting forfor IT services

Capacity Management

Information Security Management

Service Continuity & Availability

Management

IncidentManagement

Problem ManagementChange

Management

Release Management

ITInfrastructure

ITInfrastructure

Service Reporting

Business RelationshipManagement

Supplier Management

Thursday, April 20, 2023Provided by Purdianta 20

ISO 2000 Requirements

• ISO 20000 looks at:• Requirements for a management system;• Planning and implementing service management;• Planning and implementing new or changed services;• Service delivery process;• Relationship processes;• Resolution processes;• Control processes;• Release processes.

Thursday, April 20, 2023Provided by Purdianta 21

Requirement & Objectives:

Requirements for a management system

Thursday, April 20, 2023Provided by Purdianta 22

Thursday, April 20, 2023Provided by Purdianta 23

Requirement & Objectives:

Planning and Implementing New or Changed Services

Thursday, April 20, 2023Provided by Purdianta 24

Requirement & Objectives:

Planning & Implement Service Management

Manage Services

Plan Service Management

Do Implement Service Management

Check Monitor , measure and review

Act Continuous Improvement

PLAN

AC

T

CHECK

DO

Management Responsibility

Business requirements

Customerrequirements

Request for new /changed service

Other processese.g. business , supplier ,

customer

Service Desk

Other Teams e .g.Security

IT operations

Business results

Customersatisfaction

New or changed service

Other processese.g. business , supplier ,

customer

Team and peoplesatisfaction

Thursday, April 20, 2023Provided by Purdianta 25

Requirement & Objectives:

Service Level Management

Thursday, April 20, 2023Provided by Purdianta 26

Requirement & Objectives:

Service Level Management

Thursday, April 20, 2023Provided by Purdianta 27

Requirement & Objectives:

Service Reporting

Thursday, April 20, 2023Provided by Purdianta 28

Requirement & Objectives:

Service Continuity and Availability Management

Thursday, April 20, 2023Provided by Purdianta 29

Requirement & Objectives:

Budgeting and Accounting for IT Services

Thursday, April 20, 2023Provided by Purdianta 30

Requirement & Objectives:

Capacity Management

Thursday, April 20, 2023Provided by Purdianta 31

Thursday, April 20, 2023Provided by Purdianta 32

Thursday, April 20, 2023Provided by Purdianta 33

Thursday, April 20, 2023Provided by Purdianta 34

Thursday, April 20, 2023Provided by Purdianta 35

Requirement & Objectives:

Incident Management

Thursday, April 20, 2023Provided by Purdianta 36

Thursday, April 20, 2023Provided by Purdianta 37

Requirement & Objectives:

Problem Management

Thursday, April 20, 2023Provided by Purdianta 38

Incident and Problem Management [Example]

Thursday, April 20, 2023Provided by Purdianta 39

Thursday, April 20, 2023Provided by Purdianta 40

Thursday, April 20, 2023Provided by Purdianta 41

Thursday, April 20, 2023Provided by Purdianta 42

Applying ITSM to business services

Functional Governance Framework

Service Management Framework

Delivery:Business processesIT processes

Thursday, April 20, 2023Provided by Purdianta 43

Relationship to other standard

ISO 20000 ISO 27001

ISO 9001:2000ISO 9001:2000

ISO20000 can be achieved with ISO9000 or stand alone.

Doing the management and generic processes right

Doing the right processes right

Thursday, April 20, 2023Provided by Purdianta 44

ISO20000The Journey To Certification

Thursday, April 20, 2023Provided by Purdianta 45

Preparing for ISO 20000

1AwarenessVision and ScopingAssessmentHigh level Plan

2Business CaseSponsor

3Programme PlanProgramme Management

4Process Establish Management SystemDefine Policies, Plans and SLAsDevelop Processes and ProceduresRoll out, Monitor Continual improvement

5People Define and Allocate RolesMeasure CompetenciesI dentify Culture Change NeedsProduce and I mplement Development planCommunication Strategy

7CertificationSelect External AuditorAgree Scope, ToR with auditorPre-audit reviewCertification AuditAddress Observations

6TechnologyReview existing tool setDefine technology requirementsEvaluate optionsImplement tool set

8Measure BenefitsMaintain ComplianceExtend Scope

Thursday, April 20, 2023Provided by Purdianta 46

Appliability and Scope

Scope of ISO 20000

Customer

SupplierA

Service Provider

Supplier B(Lead Supplier)

Supplier Supplier

• Scope can be determined by:• Service• Location• Customer• Technology• Organisational unit

• Service provider must have management control of all processes – even if some activities are outsourced

Thursday, April 20, 2023Provided by Purdianta 47

How long will it take ?

• For a company who has not yet implemented ITIL• Approx. 2 years

• For a company who has implemented ITIL well• Approx. 9 months

• Remember that once the processes are designed and documented, they need to be rolled out and run for about 3 months before being audited to prove compliance

Thursday, April 20, 2023Provided by Purdianta 48

The Benefits of ISO 20000 Certification• Improved quality of service• Increased business and

customer confidence• Improved reputation,

consistency and interoperability

• Continuous improvement assured

• Optimised and controlled costs

• Management and staff understand their business, roles and processes better

• Demonstrate superiority over competitors

• Ability to meet requirements for bids

• Easier to justify or combat outsourcing

• Enforces move from “should” to “shall”

• Impartial and external audit• Certification recognised

internationally

Thursday, April 20, 2023Provided by Purdianta 49

Realisation of Benefits

Thursday, April 20, 2023Provided by Purdianta 50

Current ISO 20000 Market

• ITSMF scheme – launched 2003• 484 certified organisations• China 83, Japan 71, UK 45, India 44, China 41, South Korea 32,

Germany 29, USA 24 and many others from every continent• Slovakia 2• Czech Republic 16• Austria 10

• Other schemes??

Thursday, April 20, 2023Provided by Purdianta 51

Thank you………