ISO 20000

ISO 20000 is the international standard for IT Service Management (ITSM), published by ISO (the International Organization for Standardization), and ICE (the International Electoral Commission). To become an international standard, ISO 20000 had to be agreed upon by a majority of member countries, which means it is accepted by a majority of countries worldwide.

ISO 20000-1:2011 is the formal specification for IT Service Management. It clearly defines all the requirements company needs to deliver managed IT services of an acceptable quality for your customers. On the other hand, The second part: ISO 20000-2:2012 is the code of practice for IT service management; it is the guidance of the application of service management systems. In other words, it helps you interpret the requirements of the standard. It defines the best practice management processes, and is very useful if a company is preparing to be audited against ISO 20000 or planning service improvements.

It’s important to note a company can get certified against ISO 20000-1:2011, but not against ISO 20000-2:2012 (this is a code of practice only).

Purpose

The standard describes a set of management processes designed to help you deliver more effective IT services (both to those within your business and to your customers). ISO 20000 gives the methodology and the framework to help manage ITSM, to prove that a company follows best practice. With the requirements of the standard company will achieve best practice, helping to improve your delivery of IT services. ISO 20000 is applicable to any company size and any industry.

Benifit

To understand the importance of ISO 20000, it’s vital to understand the relationship between IT and the overall success of your organization. Companies rely upon IT to help achieve organizational goals. It affects how they operate and how they communicate – it’s a fundamental element of how companies do business.

Companies use IT to overcome competitors, to reach larger audiences, to become more productive and more efficient. In myriad ways, IT is vital to improving revenues, reducing costs and enhancing company reputation.

So, it’s crucial to get the most from your IT investments – meaning IT services must be well planned, designed, managed and delivered. Without high-quality IT service management, IT projects routinely fail or go over budget. Ongoing costs become hard to manage, and organizations often see businesses fail before achieving any return on their investment.

So, put simply, high-quality IT service management standards are fundamental to success and gaining the ISO 20000 standard is a way to ensure that quality.

Certification Roadmap

If an organization wants to become certified, it needs to be formally assessed by an accredited certification body. It will need to demonstrate the quality of company’s IT processes against the ISO 20000-1 standard.

There are certain mandatory documents that, as a company, you will have to complete in order to gain the standard. However, merely creating ITSM process documentation is not enough. To ensure certification, a company has to integrate all the activities described in its documentation into its day-to-day business.

Moreover, most importantly, it has to gain value. There is little point in creating the documentation and making all these changes if, at the end, a company has not realized the real-world value possible from ISO 20000. After finishing all the documentation and implementing it, an organization also needs to perform these steps to ensure a successful completion of your project:

  • Internal audit - The purpose of an internal audit is to check your ITSM processes. The goal is to find problems and weaknesses that would otherwise stay hidden.
  • Management review - A formal way for management to take into account all the relevant facts about IT service management and make appropriate decisions.
  • Corrective actions - Following the internal audit and management review, company may need to correct any identified problems and document how they were resolved.

The company certification process is divided into two stages:
  • Stage One (documentation review) - The certification auditor will check whether all documentation is compliant with ISO 20000.
  • Stage Two (main audit) - Here the auditor will check whether all actual activities are compliant with both ISO 20000 and company’s own documentation.