top of page

ISO/IEC 20000 IT Service

IT is essential to delivering today’s business. However, concerns are increasingly being raised about IT services, both internal and outsourced, not aligning with the needs of businesses and customers.

A recognized solution to this problem is to use an IT Service Management System (ITSMS) based on ISO/IEC 20000, the international standard for IT service management. Certification to this standard enables you to independently demonstrate to your customers that you meet best practice

ISO/IEC 20000 is published in two parts:

Part One is the specification for service management which covers the IT service management. It is this part which you can be audited against and it sets out minimum requirements that must be achieved in order to gain certification.

 

Part Two is the code of practice for service management, which describes the best practices for service management processes within the scope of the specification.


Who is it relevant to?

 

ISO/IEC 20000 is applicable to any organization, large or small, in any sector or part of the world which relies on IT services. The standard is particularly suitable for internal IT service providers, such as IT departments, and external IT service providers, such as IT outsourcing organizations.

 

The standard is already making a positive impact in some of the leading IT-dependent sectors, such as the business process outsourcing, telecommunications, finance and public sectors.

1. Gap Analysis & Planning:

 

  • Ensure you have the commitment of top management.
  • Define, with the authorization of top management, your company's IT management policy.
  • Planning must be completed to establish a framework for identifying gap assessments and the implementation of necessary control measures.
  • Legal obligations must be identified and understood, objectives set and a management programme for achieving them implemented; this entire process should be documented.

2. Implementation of IEC 20000:

  • Introducing performance, measuring and monitoring practices.
  • Establishing and documenting responsibility and authority for accidents, incidents, non-conformities, and corrective and preventative action.
  • Establishing a procedure for records and records management.
  • Auditing and assessing the performance of the management system.
  • Performing management reviews of the system at identified and defined intervals.

3. Internal Audit Process

4. Certification Audit Process

Primarily, ISO/IEC 20000 certification demonstrates that an organization has adequate controls and procedures in place to consistently deliver a cost effective, quality IT service.

Some of the key benefits are listed below:

 

  • IT service providers become more responsive to services which are business led rather than technology driven
  • External service providers can use certification as a differentiators and win new business as this increasingly becomes a contractual requirement
  • Gives you the ability to select and manage external service providers more effectively
  • More opportunities to improve the efficiency, reliability and consistency of IT services impacting costs and service
  • Certification audits enable the regular evaluation of the service management processes, which helps to maintain and improve effectiveness
  • The certification process can reduce the amount of supplier audits, thereby reducing costs
  • ISO/IEC 20000 is fully compatible with the ITIL (IT Infrastructure Library) framework of best practice guidance for ITSM processes
Overview
Benefits
Steps to certification
bottom of page