ISO20K Overview
Transcript of ISO20K Overview
-
8/10/2019 ISO20K Overview
1/13
ISO/IEC 20000ISO/IEC 20000
overviewoverview
-
8/10/2019 ISO20K Overview
2/13
Copyright 2006 ITpreneurs Nederland BV.
2
1. What is ISO/IEC 20000?
2. ISO/IEC 20000 and ITIL
Overview
-
8/10/2019 ISO20K Overview
3/13
Copyright 2006 ITpreneurs Nederland BV.
3
BS 15000
BS15000 started in UK and first launched on July 1, 2003. Whichwas replaced by ISO/IEC 20000 after formal launching onDecember, 2005.
ISO/IEC 20000 is the first formal worldwide standard specifically
aimed at IT Service ManagementIt describes an integrated set of management processes for theeffective delivery of services to the business and its customers
ISO/IEC 20000 is derived from and complementary to ITIL
Audits are already available globally
Gartner on BS 15000 (now ISO/IEC 20000) All improvement efforts in Service Management should be done with ITIL and BS 15000 as a
frame of reference and baseline.
ISO/IEC 20000 is likely to become a basic business requirement, inthe same way as ISO 9000
-
8/10/2019 ISO20K Overview
4/13
Copyright 2006 ITpreneurs Nederland BV.
4
The standard is aligned with ITIL but is broader in concept
The standards checks that the overall concept of ServiceManagement has been set up and running correctly
ISO/IEC 20000 defines a level of quality for ITSM activities whichcan be audited
The standard looks for a fixed feedback loopPlanPlan Service Management
DoImplement Service Management
CheckMonitor Measure and Review
ActContinuous Improvement
ISO/IEC 20000 Certification provides a basis for proving that anorganisation has implemented best practises and are usingthem consistently across the organisation
ISO/IEC 20000, the worlds first qualitystandard for service management
-
8/10/2019 ISO20K Overview
5/13
Copyright 2006 ITpreneurs Nederland BV.
5
Manage ServicesManage Services
PLANPlan service
management
PLANPlan service
management
DOImplement
ServiceManagement
DOImplement
ServiceManagement
CHECKMonitor, Measure
and Review
CHECK
Monitor, Measureand Review
ACTContinuous
Improvement
ACTContinuous
Improvement
Management Responsibility
Management Responsibility
ISO/IEC 20000: Plan, Do, Check, ActManagement System
Business
Results
Business
Results
CustomerSatisfaction
CustomerSatisfaction
New or changed
service
New or changed
service
Other process,business,
supplier, customer
Other process,business,
supplier, customer
Team & people
Satisfaction
Team & people
Satisfaction
Business
requirements
Business
requirements
Customerrequirements
Customer
requirements
Request for newor changed services
Request for newor changed services
Service Desk
Service Desk
Other process,business,
supplier, customer
Other process,business,
supplier, customer
Source: ISO/IEC 20000-1:2005
Common toISO/IEC 20000 andISO 9001
Other Teams,
e.g. Security, IT Operations
Other Teams,
e.g. Security, IT Operations
-
8/10/2019 ISO20K Overview
6/13
Copyright 2006 ITpreneurs Nederland BV.
7
ISO 20000 Part 1 and Part 2 Basics
Part 1Shall
Part 2
should
4 Applicable to service providers of all sizes and types
4 Independent of organizational structure
4 ISO/IEC 20000-1:2005 is a specification
4 Compulsory requirements
4 Defines what is required shall4 Used as the basis of independent third-party audits
4 Notes are not mandatory
4 ISO/IEC 20000-2:2005 is a code of practice
4 Uses should
4 Guidance on best practice and guidance on theapplication of the requirements contained in ISO20000-1
4 Explains best practices and therefore the Part 1requirements
4 ISO 20000-2 does not itself contain any compulsoryrequirements
-
8/10/2019 ISO20K Overview
7/13
Copyright 2006 ITpreneurs Nederland BV.
8
ISO/IEC 20000 Content Overview
Service Delivery Processes
Capacity
Management
Service Continuity &AvailabilityManagement
Service Level Management
Service Reporting
Information Security
Management
Budgeting andAccounting
Release
Processes
ReleaseManagement
Resolution Processes
Incident Management
Problem Management
Relationship
Processes
BusinessRelationshipManagement
SupplierManagement
Control Processes
Configuration Management
Change Management
Management systemPlanning and implementing service management
Planning and implementing new and changed services
Source: BSI based on process diagram in ISO/IEC 20000
-
8/10/2019 ISO20K Overview
8/13
Copyright 2006 ITpreneurs Nederland BV.
10
Why do you need a formal certificationprogram for Service Management?
A formal certification ensures your service management investment isbeing well used
Drives consistency through the market place
Uses a broad base of Service Management experience to ensure thatyou have implemented Service Management correctly
A formal seal of approval that the IT Department (Service Provider) canuse to show its sponsors
-
8/10/2019 ISO20K Overview
9/13
Copyright 2006 ITpreneurs Nederland BV.
11
How is certification provided?
itSMF have created a certification scheme under whichorganizations can be independently audited
Managed by an itSMF Executive Sub-Committee (ESC)
itSMF register Certification Bodies (RCBs) and grant a licence to use the itSMFISO/IEC 20000 logo
RCBs conduct the audits
Auditors must remain independentRCB auditors are only allowed to audit,
they cannot also provide consultancy
-
8/10/2019 ISO20K Overview
10/13
Copyright 2006 ITpreneurs Nederland BV.
12
ISO 20000 and ITIL
ISO/IEC 20000 and ITIL are aligned but:
4 ITIL is a set of guidelines
4 ISO 20000 is a set of universal requirements
4 Minor differences in scope and grouping
Anyone can claim they have adopted ITILThe standard provides
4 A quality level for service management processes that can beaudited
ISO/IEC 20000 does not specify ITIL
4 ..but ISO 20000 would be difficult to achieve without ITIL
4 ..ISO 20000 checks ITIL has been adopted intelligently
ISO/IEC 20000 certification
4 Proof that an organization has implemented best practice
4 Independent, external auditing body
4 Personal certification examinations (consultant, auditor courses)
accredited by itSMF
-
8/10/2019 ISO20K Overview
11/13
Copyright 2006 ITpreneurs Nederland BV.
13
ITIL and ISO20000
-
8/10/2019 ISO20K Overview
12/13
Copyright 2006 ITpreneurs Nederland BV.
18
The position of the ISO 20000 qualitymanagement framework in respect to
other frameworks
PERFORMANCE:business goals
CONFORMANCEBasel II, Sarbanes-
Oxley Act, etc
Enterprise Governance
IT Governance
ISO9001:2000
ISO17799
ISO20000Best practice standards
QAProcedures
Processes andProcedures
Drivers
COBIT
COSO
SecurityPrinciples
ITIL
Balanced
Scorecard
-
8/10/2019 ISO20K Overview
13/13
Copyright 2006 ITpreneurs Nederland BV.
19
For more information . . .
ISO/IEC 20000 Certificationhttp://www.isoiec20000certification.com/
Institute of Service Managementhttp://www.iosm.com
itSMFhttp://www.itsmf.com