ISO20000 Document
-
Upload
vijayalakshmis76 -
Category
Documents
-
view
129 -
download
5
Transcript of ISO20000 Document
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 1
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
Understanding ISO/IEC 20000-1:2011 IT - Service Management
Copyright © 2012 BSI. All rights reserved. 2
Welcome!
• Safety - be aware of emergency exits
• Restroom and Telephones - nearest locations
• Contact Number - for urgent messages
• Personal Property - keep possessions secure
• Phones and Pagers - please avoid interruptions
• Recording Devices - not allowed in class
• Lunch and Breaks - please return on time
• Smoking - not permitted in the classroom
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 2
Copyright © 2012 BSI. All rights reserved. 3
Student Introductions
• Student Name
• Company and Product/Service
• Job Position
• Knowledge of ISO/IEC 20000 (scale of 1-10)
• Course Expectations
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
Fundamentals of IT Service Management and the ISO/IEC 20000 Series
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 3
Copyright © 2012 BSI. All rights reserved. 5
Learning Objectives
• Explain the management system framework • Understand the purpose of ISO/IEC 20000-1:2011 • Understand the role of service management processes • Understand the primary requirements of ISO/IEC 20000-
1:2011 and how they apply to IT service management systems
Copyright © 2012 BSI. All rights reserved. 6
Service Management
Service management is defined as the:
Set of capabilities and processes to direct and control the service provider’s activities and resources for the design, transition, delivery and improvement of services to fulfill
service requirements
3.30, ISO/IEC 20000-1:2011
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 4
Copyright © 2012 BSI. All rights reserved. 7
ISO/IEC 20000 Series of Standards
ISO/IEC 20000-1:2011 Service management system requirements
ISO/IEC 20000-2:2012 Guidance on the Application of Service
Management Systems
ISO/IEC 20000-3:2012 Guidance on scope definitions and applicability of ISO/IEC 20000-1
ISO/IEC TR 20000-4:2010
Process reference model
ISO/IEC TR 20000-5:2010
Exemplar implementation plan for ISO/IEC 20000-1
Copyright © 2012 BSI. All rights reserved. 8
Objectives of ISO/IEC 20000-1:2011
To improve the overall delivery of your business by improving the delivery of IT services
To promote the adoption of an integrated process approach to deliver managed services to meet the business and customer requirements
To help coordinate integration and implementation of the service management processes . Provides ongoing control, greater efficiency and opportunities for continual improvement
To enable the organization generate revenue or be cost effective via professional service management
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 5
Copyright © 2012 BSI. All rights reserved. 9
The Overall Purpose
• Move from investing in technology to develop services to managing the quality of these systems and services
• Ensure cost effective service delivery
• Offer internationally accepted guidance, best practices, and standards
• Transform IT departments from reacting to business requirements to become an integral and proactive part of the business
Copyright © 2012 BSI. All rights reserved. 10
Outcomes
• Provides control, greater efficiency and opportunities for improvement
• Turn technology focused departments into ones with a service focus
• Ensure IT services are aligned with and satisfy business needs
• Improve system reliability and availability
• Provide a basis to agree levels of service and the ability to measure IT service quality
• Help establish the true cost of IT
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 6
Copyright © 2012 BSI. All rights reserved. 11
SMS Documents
Process definition
Certification ISO/IEC 20000-1 Specification for Service Management
ISO/IEC 20000-2 Guidance on the Application of Service Management Systems
BIP 0005 Management Guidance Booklet and PD 0015 IT Service Management Self-assessment workbook
All based on foundation of the IT Infrastructure Library. The only
comprehensive documentation of best practice for Service Management
FOUNDATION
Copyright © 2012 BSI. All rights reserved. 12
Standard’s Fit
ISO/IEC 20000:2011
ISO 9001:2008
ISO/IEC 27001:2005 & ISO/IEC 27002:2005
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 7
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
ISO/IEC 20000-1:2011 and ITIL
Copyright © 2012 BSI. All rights reserved. 14
ISO/IEC 20000:2011 and ITIL
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 8
Copyright © 2012 BSI. All rights reserved. 15
ISO/IEC 20000 and ITIL Relationship
• ITIL and ISO/IEC 20000 serve different purposes:
• ISO/IEC 20000 provides a management system suitable for independent certification by an organization
• ITIL provides best practices in IT Service Management and provides certification to individuals.
It is not a requirement to adopt ITIL to achieve compliance with ISO/IEC 20000, but it will make it much easier and more robust.
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
Overview of ISO/IEC 20000-1:2011
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 9
Copyright © 2012 BSI. All rights reserved. 17
Introduction
• ISO/IEC 20000-1 requires an integrated process approach when planning, establishing, implementing, operating, monitoring, reviewing, maintaining and improving a SMS
• Plan – Do – Check – Act to be applied to all parts of the SMS and its services
Copyright © 2012 BSI. All rights reserved. 18
Process Approach
A process is a set of interrelated or interacting activities that uses resources to transform inputs into outputs
The process approach systematically identifies and manages the linkage, combination, and interaction of a system of processes within an organization
ISO/IEC 20000-1 is based on a process approach to service management
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 10
Copyright © 2012 BSI. All rights reserved. 19
Process Approach
The process approach emphasizes the importance of:
• Understanding and meeting service requirements
• Establishing policy and objectives for service management
• Design and deliver services that add value to the customer
• Obtaining results of SMS and service performance
• Continual improvement of SMS and services
Copyright © 2012 BSI. All rights reserved. 20
PDCA Model
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 11
Copyright © 2012 BSI. All rights reserved. 21
Policy and Objectives
• Policy and objectives are established to:
• Give focus to direct the organization
• Determine the desired results
• Assist in applying the resources
• Policy is the framework for the objectives
• Objectives are measureable targets
Meeting the objectives has a positive impact on service quality and customer satisfaction
Copyright © 2012 BSI. All rights reserved. 22
Service management system
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 12
Copyright © 2012 BSI. All rights reserved. 23
Management System Evaluation
• System processes need to be evaluated, are the:
• Processes appropriately defined?
• Authorities and responsibilities assigned?
• Processes implemented and maintained?
• Processes achieving desired results?
• System evaluations include:
• Audits
• Management reviews
Copyright © 2012 BSI. All rights reserved. 24
Continual Improvement
• Set targets for improvements
• Implement approved improvements
• Revise service management documentation
• Measure implemented improvement against targets
• Where targets not achieved, take action
• Report on implemented improvements
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 13
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
Requirements
ISO/IEC 20000-1:2011
Copyright © 2012 BSI. All rights reserved. 26
1. Scope
ISO/IEC 20000-1 may be used by:
• Businesses that tender their services
• Businesses that require a consistent approach by all service providers in a chain
• Service providers as a benchmarking tool
• Organizations requiring independent assessment of IT service management
• Organizations the need to demonstrate the ability to provide services that meet customer requirements
• Organizations that aim to improve service
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 14
Copyright © 2012 BSI. All rights reserved. 27
1.2 Application
• Requirements are generic – applies to any organization
• Exclusion of any requirement in clauses 4-9 not acceptable
• Requirements of clause 4 must be met by the service provider – not by other parties
• Clauses 5-9 can be fulfilled by other parties
Copyright © 2012 BSI. All rights reserved. 28
2. Normative references
• None currently cited
• Clause is included for upcoming release of ISO/IEC 20000-2;
• Guidance on the application of service management systems.
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 15
Copyright © 2012 BSI. All rights reserved. 29
3. Terms and Definitions
Availability
Ability of a component or service to perform its required function at a stated instant or over a stated period of time
Configuration Item (CI)
Element that needs to be controlled in order to deliver a service or services
Document Information and its supporting medium
Copyright © 2012 BSI. All rights reserved. 30
3. Terms and Definitions
Incident Unplanned interruption to a service, a reduction in the quality of a service or an event that has not yet impacted the service to the customer
Problem Root cause of one or more incidents
Record Document stating results achieved or providing evidence of activities performed
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 16
Copyright © 2012 BSI. All rights reserved. 31
3. Terms and Definitions
Release Collection of one or more new and/or changed configuration items deployed into the live environment as a result of one or more changes
Request for Change
Proposal for a change to be made to a service, service component or the service management system
Service Level Agreement (SLA)
Documented agreement between the service provider and customer that identifies the services and service targets
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
4. Service Management System General Requirements
Note: SMS = Service Management System
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 17
Copyright © 2012 BSI. All rights reserved. 33
Requirements
Please note:
Requirements stated in the following slides are paraphrased and are not all-inclusive
The slides contain high level requirements in order to provide an understanding of the standard
Please consult the standard directly for definitive requirements
Copyright © 2012 BSI. All rights reserved. 34
4.1 Service Management System General Requirements
4.1 Management responsibility
4.2 Governance of processes operated by other parties
4.3 Documentation management
4.4 Resource management
4.5 Establish and improve the SMS
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 18
Copyright © 2012 BSI. All rights reserved. 35
4.1.1 Management commitment
• Establish scope, policy and objectives
• Create the service management plan
• Communicate importance of meeting service requirements
• Communicate importance of meeting legal requirements
• Ensure provision of resources
• Conduct management reviews at planned intervals
• Ensure risks to services is assessed and managed
Copyright © 2012 BSI. All rights reserved. 36
4.1.2 Service management policy
• Appropriate to the organization
• Commitment to meet service requirements
• Continually improve the SMS and services
• Establish a framework for SM objectives
• Be communicated and understood by SM personnel
• Be reviewed for continuing suitability
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 19
Copyright © 2012 BSI. All rights reserved. 37
4.1.3 Authority, responsibility and communication
• SM authorities and responsibilities are defined and maintained
• Documented procedures for communication are established
Copyright © 2012 BSI. All rights reserved. 38
4.1.4 Management representative
Member of management who shall:
• Ensure activities are performed to identify, document and fulfill requirements
• Assign authorities and responsibilities
• Ensure service management processes are integrated
• Ensuring assets used to deliver services are managed
• Report performance and improvements to top management
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 20
Copyright © 2012 BSI. All rights reserved. 39
4.2 Governance of processes operated by other parties
• Must identify processes or parts operated by other parties
• Can be internal groups, customer or supplier
• Governance demonstrated by
• Showing accountability for the process
• Controlling the process definition
• Determining process performance
• Controlling the planning of improvements
• Suppliers managed through supplier management
• Internal groups/customers controlled through service level management
Copyright © 2012 BSI. All rights reserved. 40
4.3.1 Establish and maintain documents
• Must maintain documents and records to include:
• Policy and objectives
• Service management plan
• Policies and procedures specified in this standard
• Service catalog
• SLAs
• Service management processes
• Procedures and records required by this standard
• Documents determined by the service provider as necessary to ensure control of the SMS and delivery of services
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 21
Copyright © 2012 BSI. All rights reserved. 41
4.3.2 Control of documents
Documents needed by the SMS must be controlled. A documented procedure will define controls to:
• Create and approve documents
• Review and maintain documents
• Ensure current revisions are identified
• Ensure relevant versions are available at point of use
• Prevent unintended use of obsolete documents
Copyright © 2012 BSI. All rights reserved. 42
4.3.3 Control of records
Records are kept as evidence of conformity to requirements
A documented procedure will define controls needed for:
• Identification
• Storage
• Protection
• Retrieval
• Retention
• Disposal
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 22
Copyright © 2012 BSI. All rights reserved. 43
4.4.1 Provision of resources
Service provider must determine and provide human, technical, information and financial resources to:
• Establish, implement and maintain the SMS and services
• Enhance customer satisfaction
Copyright © 2012 BSI. All rights reserved. 44
4.4.2 Human resources
Personnel performing work affecting conformity to service requirements must be competent. The service provider shall:
• Determine competencies
• Where applicable, provide training to achieve competence
• Evaluate effectiveness of actions taken
• Ensure personnel are aware of importance of their contribution to achieving SM objectives
• Maintain records of education, training, skills and experience
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 23
Copyright © 2012 BSI. All rights reserved. 45
4.5.1 Define scope
• Define and include scope in the service management plan.
• Defined by name of organizational unit providing services and services delivered
Copyright © 2012 BSI. All rights reserved. 46
4.5.2 Plan the SMS (Plan)
SM plans must contain or reference:
• Scope of SM
• Objectives to be achieved and requirements to be met
• Approach taken for management of risks and criteria for accepting risk
• Framework of management roles and responsibilities
• Interfaces between SM processes
• How effectiveness of the SMS will be measured, audited, reported and improved
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 24
Copyright © 2012 BSI. All rights reserved. 47
4.5.3 Implement and operate the SMS (Do)
• Allocating funds and budgets
• Allocating authorities, responsibilities and process roles
• Management of human, technical and information resources
• Identifying, assessing and managing risks to the service
• Management of service management processes
• Managing and reporting on performance
Copyright © 2012 BSI. All rights reserved. 48
4.5.4 Monitor and review the SMS (Check)
• Objectives of internal audits and management reviews must be documented. Results of internal audits and management reviews must be recorded.
• Internal audits conducted at planned intervals.
• Documented procedure for internal audits
• Management reviews conducted at planned intervals must be recorded and cover:
• Customer feedback
• Risks
• Results and follow-up from previous management reviews
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 25
Copyright © 2012 BSI. All rights reserved. 49
4.5.5 Maintain and improve the SMS (Act)
• Documented policy on continual improvement
• Documented procedure for approving, managing and measuring improvements
• Opportunities for improvement must be documented
• Causes of nonconformities must be corrected
• Corrective actions performed to prevent recurrence
• Preventive actions performed to prevent occurrence
• Set targets for improvements
• Ensure improvements achieve desired results
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
5. Design and transition of new or changed services
Note: SMS = Service Management System
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 26
Copyright © 2012 BSI. All rights reserved. 51
5. Design and transition of new or changed services
5.1 General
5.2 Plan new or changed services
5.3 Design and development of new or changed services
5.4 Transition of new or changed services
Copyright © 2012 BSI. All rights reserved. 52
5.1 General
• This process used where new/changed services have the potential to have a major impact on services or customer
• Changes determined by change management policy
• Assessment, approval and scheduling through change management process
• Cis affected by new/changed service controlled through configuration management process
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 27
Copyright © 2012 BSI. All rights reserved. 53
5.2 Plan new or changed services
• New/changed services must be planned to fulfill service requirements
• Planning must be agreed with the customer
• Planning shall contain or reference:
• Authorities and responsibilities for design, development and transition
• Human, technical, information and financial resources
• Identification, assessment and management of risk
• Testing required
• Expected outcomes in measureable terms
Copyright © 2012 BSI. All rights reserved. 54
5.3 Design and development of new or changed services
• New/changed services must be documented to include:
• Authorities and responsibilities for delivery of new service
• Activities performed by service provider, customer or others
• New/changed technology to support the service
• New/changed plans and policies
• New/changed SLAs
• Updates to the service catalog
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 28
Copyright © 2012 BSI. All rights reserved. 55
5.4 Transition of new or changed services
• New/changed services must be tested
• Verified against acceptance criteria agreed between the service provider and interested parties
• Release and deployment process used to deploy the change
• Following transition, service provider must report on outcome achieved against expected outcomes
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
6. Service delivery processes
Note: SMS = Service Management System
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 29
Copyright © 2012 BSI. All rights reserved. 57
6. Service delivery processes
6.1 Service level management
6.2 Service reporting
6.3 Service continuity and availability management
6.4 Budgeting and accounting for services
6.5 Capacity management
6.6 Information security management
Copyright © 2012 BSI. All rights reserved. 58
6.1 Service level management
• Service catalog must be documented and agreed with customer
• Each service provided, SLAs shall be agreed with the customer and documented
• Services and SLAs must be reviewed with customer at planned intervals
• Changes to SLAs, catalog or requirements are controlled through change management
• For service components provided by an internal group, the service provider must maintain a documented agreement
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 30
Copyright © 2012 BSI. All rights reserved. 59
6.2 Service reporting
• The description, purpose, audience frequency and data sources for reports must be agreed by interested parties
• Produce service reports for the delivery of services and the SMS including:
• Performance against targets
• Information on major incidents, deployments and invocation of the service continuity plan
• Detected nonconformities
• Trend information
• Customer satisfaction
Copyright © 2012 BSI. All rights reserved. 60
6.3.1 Service continuity and availability requirements
• Must assess and document risks to service continuity and availability of services
• Continuity and availability requirements must be agreed with the customer and interested parties. These shall include at least:
• Access rights to services
• Service response times
• End to end availability of services
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 31
Copyright © 2012 BSI. All rights reserved. 61
6.3.2 Service continuity and availability plans
• Service continuity and availability plans must be created, implemented and maintained
• Changes to plans controlled through change management
• Service continuity plans, contact lists and the CMDB must be accessible when access to normal locations is prevented
• Availability plans must include availability requirements and targets
• Requests for change must be assessed for impact on service continuity and availability plans
Copyright © 2012 BSI. All rights reserved. 62
6.3.3 Service continuity and availability monitoring and testing
• Availability must be monitored and results recorded
• Unplanned non-availability must be investigated and actions taken
• Service continuity and availability plans must be tested against requirements
• Plans must be re-tested after major changes to environment
• Results of tests must be recorded
• Reviews must be conducted after each test and action taken where deficiencies are found
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 32
Copyright © 2012 BSI. All rights reserved. 63
6.4 Budgeting and accounting for services
Organization must have documented policies and procedures for:
• Budgeting and accounting for service components
• Apportioning indirect costs / allocating direct costs to provide an overall cost for each service
• Effective financial control and authorization
• Monitor and report costs against budget
• Provide information to change management for costing requests for change
Copyright © 2012 BSI. All rights reserved. 64
6.5 Capacity management
• Identify and agree capacity and performance requirements with the customer and interested parties
• Create and maintain a capacity plan
• Changes to plan controlled through change management
• Plan to include at least:
• Current and forecast demand for services
• Timescales, thresholds and costs for upgrades
• Potential impact of legal changes
• Potential impact of new technologies or techniques
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 33
Copyright © 2012 BSI. All rights reserved. 65
6.6.1 Information security policy
• Management with proper authority must approve an information security policy. Management shall:
• Communicate policy to all relevant personnel , customers and suppliers
• Ensure information security objectives are established
• Define approach for managing security risks and criteria for accepting risks
• Ensure information security risk assessments are conducted at planned intervals
• Ensure internal information security audits are conducted
• Ensure audit results are reviewed and acted upon.
Copyright © 2012 BSI. All rights reserved. 66
6.6.2 Information security controls
• Information security controls must be documented and include the risks to which the controls relate
• Review the effectiveness of controls
• Identify external organizations with a need to access, use or manage the service provider’s information or services
• Controls for external organizations must be agreed and documented
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 34
Copyright © 2012 BSI. All rights reserved. 67
6.6.3 Information security changes and incidents
• Requests for change must be assessed to:
• Identify new or changed information security risks
• Identify potential impact on existing policy and controls
• Incidents are managed according to a procedure
• Service provider shall analyze types, volumes and impacts of information security incidents
• Information security incidents shall be reported and reviewed
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
7. Relationship Processes
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 35
Copyright © 2012 BSI. All rights reserved. 69
7. Relationship Processes
7.1 Business relationship management
7.2 Supplier relationship
Copyright © 2012 BSI. All rights reserved. 70
7.1 Business relationship management
• Service provider must:
• Identify and document customers, users and interested parties of the services
• Provide an individual for each customer to manage the relationship
• Review performance of services with customer at planned intervals
• Agree with customer on definition of a formal service complaint
• Document a procedure for managing complaints
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 36
Copyright © 2012 BSI. All rights reserved. 71
7.2 Supplier management
• Service provider may use suppliers to implement and operate some parts of the service management processes
• Each supplier shall have a designated supplier manager
• The service provider and supplier shall agree to and document a contract and controlled by change management
• Roles and relationships between lead and sub-contracted suppliers must be documented
• Service provider shall monitor supplier performance at planned intervals and record results
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
8. Resolution Processes
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 37
Copyright © 2012 BSI. All rights reserved. 73
8. Resolution processes
8.1 Incident and service management request management
8.2 Problem management
Copyright © 2012 BSI. All rights reserved. 74
8.1 Incident and service request management
• Documented procedure for all incidents to define recording, priority, classification, update, escalation, resolution and closure
• Documented procedure for service requests
• Personnel in incident and service request management must have access to relevant information
• Document and agree with customer on definition of a major incident
• Top management must be informed of all major incidents
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 38
Copyright © 2012 BSI. All rights reserved. 75
8.2 Problem management
• Documented procedure to identify problems and minimize or avoid impact of incidents
• Analyze data and trends of incidents and problems
• Problems requiring changes to a CI must be controlled by raising a request for change
• Known errors shall be recorded
• The effectiveness of problem resolutions shall be monitored, reviewed and reported
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
9. Control Processes
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 39
Copyright © 2012 BSI. All rights reserved. 77
9. Control processes
9.1 Configuration management
9.2 Change management
9.3 Release and deployment management
Copyright © 2012 BSI. All rights reserved. 78
9.1 Configuration management
• Document a procedure for each type of CI
• Cis must be uniquely identified and recorded in the CMDB
• Document a procedure to record, control and track Cis
• CMDB records shall be audited at planned intervals
• Information from the CMDB shall be provided to the change management process
• A configuration baseline shall be taken prior to deployment
• Master copies of Cis must be stored in secure libraries and include documentation and license information
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 40
Copyright © 2012 BSI. All rights reserved. 79
9.2 Change management
• Document a change management policy
• Document a procedure to record, classify, assess and approve requests for change
• Document and agree with the customer a definition for an emergency change
• Document an emergency change procedure
• All changes to a service or service component must be raised using a request for change
• The CMDB shall be updated following successful deployment
Copyright © 2012 BSI. All rights reserved. 80
9.3 Release and deployment management
• Establish and agree with customer a release policy
• Plan new/changed service deployment with the customer
• Document and agree with customer the definition of an emergency release
• Emergency releases managed to a documented procedure
• Release shall be tested in a controlled test environment prior to deployment
• Acceptance criteria shall be agreed with the customer
• Activities to reverse or remediate a release shall be planned
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 41
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
Summary
Copyright © 2012 BSI. All rights reserved. 82
Summary and Questions?
• Purpose and benefits of ISO/IEC 20000-1:2011
• Purpose of ISO 20000 standards
• Overview of the Management system
• Process approach and PDCA
• Management responsibilities
• Documentation requirements
• Service management processes
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 42
Copyright © 2012 BSI. All rights reserved. 83
Contact Information
Address: BSI Group America, Inc.
12110 Sunset Hills Road Suite 200
Reston, VA 20190-5902
Telephone: 1 (888) 429-6178
Fax: 1 (703) 437-9001
Email: [email protected]
Web www.bsiamerica.com
Copyright © 2012 BSI. All rights reserved. V2.1 June 2013
ITS-010-01-ENUS
Thank you for participating!
ISO/IEC 20000-1:2011 Understanding
Understanding ISO/IEC 20000-1:2011 Presentation Slides
ITS01001ENUS v2.1 June 2013 © The British Standards Institution 2012 43