CFN People logo

ISO/IEC 20000

CFN People have practical experience in applying the ISO/IEC 20000 standards to the IT Service Management processes, to obtain processes that are compliant to and supported by the ISO/IEC 20000 standard. The paramount interest is to keep it simple and efficient, but at the same time live up to the given standards.

ISO/IEC 20000 is an international standard for IT Service Management. ISO/IEC 20000 is aligned with ITIL and describes an integrated set of management processes comparable to the ITIL processes for effective delivery of services.

ISO/IEC 20000 was prepared by BSI (as BS 15000) and was adopted, under a special “fast-track procedure”, by Joint Technical Committee ISO/IEC JTC 1, Information technology, in parallel with its approval by national bodies of ISO and IEC in 2005.

The focus of ISO/IEC 20000 is leadership, integrated processes, intelligent use of metrics as well as ‘doing more than documenting’. The standard currently con-sists of three parts:

ISO/IEC 20000-1:2005 is the formal Specification and defines the requirements for a Service Management system (SMS) to deliver managed IT services of an acceptable quality for its customers. The specification includes:
  • Requirements for a management system;
  • Planning and implementing Service Management;
  • Planning and implementing new or changed services;
  • Service delivery process;
  • Relationship processes;
  • Resolution processes;
  • Control processes; and
  • Release processes.
ISO 20000
Figure 5: Service Management processes covered by ISO/IEC 20000. Based on ISO/IEC 20000

ISO/IEC 20000-2:2005 is the Code of Practice which provides generic guidelines for implementing a Service Management system (SMS) in accordance with ISO/IEC 20000-1.

ISO/IEC 20000-3:2009 gives guidance on scope definition and applicability of ISO/IEC 20000-1. This part of ISO/IEC 20000 gives a list of main points on stating scope, on the applicability of ISO/IEC 20000-1 and on demonstrating conformity to ISO/IEC 20000-1. It also includes examples of scope statements, which vary according to the service provider’s circumstances.

According to the standard itself the target groups for ISO/IEC 20000 are:
  • businesses that are going out to tender for their services
  • businesses that require a consistent approach by all service providers in a supply chain
  • service providers that want to benchmark their IT Service Management
  • organizations that need to demonstrate the ability to provide services that meet customer requirements
  • organizations that aim to improve service through the effective applica-tion of processes to monitor and improve service quality
Approximately 450 organizations have been certified (February 2010) under the itSMF ISO/IEC 20000 certification scheme. The standard is currently under development. New editions of part 1 and part 2 are being prepared to obtain better alignment with ISO/IEC 9001 and ITIL ver-sion 3. Also completely new parts of the standard are in the pipeline:
  • Part 4: Process Reference Model (Purpose/Outcome)
  • Part 5: Exemplar implementation plan for ISO/IEC 20000-1
  • Part n: Incremental conformity
Read more here.