ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, by ISO/IEC JTC1/SC7 and revised in 2011. It is based on and intended to supersede the earlier BS 15000 that was developed by BSI Group.
ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework (reference needed), although it equally supports other IT service management frameworks and approaches including Microsoft Operations Framework and components of ISACA's COBIT framework. The differentiation between ISO/IEC 20000 and BS 15000 has been addressed by Jenny Dugmore.
The standard was first published in December 2005. In June 2011, the ISO/IEC 20000-1:2005 was updated to ISO/IEC 20000-1:2011. In February 2012, ISO/IEC 20000-2:2005 was updated to ISO/IEC 20000-2:2012.
20000-1: Service management system requirements
Formally: ISO/IEC 20000-1:2011 ('part 1') includes "the design, transition, delivery and improvement of services that fulfill service requirements and provide value for both the customer and the service provider. This part of ISO/IEC 20000 requires an integrated process approach when the service provider plans, establishes, implements, operates, monitors, reviews, maintains and improves a service management system (SMS).". The 2011 version (ISO/IEC 20000-1:2011) comprises nine sections:
- Normative references
- Terms and definitions
- Service management system general requirements
- Design and transition of new or changed services
- Service delivery processes
- Relationship processes
- Resolution processes
- Control processes
20000-2: Guidance on the application of service management systems
ISO/IEC 20000-2:2012 provides guidance on the application of service management systems (SMS) based on the requirements in ISO/IEC 20000-1:2011. ISO/IEC 20000-2:2012 can answer many of the questions organizations and individuals have about implementing an SMS, as well as how to interpret and apply ISO/IEC 20000-1:2011 more accurately and therefore use it more effectively.
20000-3: Service providers
ISO/IEC TR 20000-3:2012 provides guidance on scope definition, applicability and demonstration of conformance for service providers aiming to meet the requirements of ISO/IEC 20000-1, or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as a business goal. It supplements the advice in ISO/IEC 20000-2, which provides generic guidelines for implementing an SMS in accordance with ISO/IEC 20000-1.
20000-4: Process assessment model
ISO/IEC TR 20000-4:2010 is intended to facilitate the development of a process assessment model according to ISO/IEC 15504 process assessment principles. ISO/IEC 15504-1 describes the concepts and terminology used for process assessment. ISO/IEC 15504-2 describes the requirements for the conduct of an assessment and a measurement scale for assessing process capability.
20000-5: Exemplar implementation plan for ISO/IEC 20000-1
ISO/IEC TR 20000-5:2013 is an exemplar implementation plan providing guidance to service providers on how to implement a service management system to fulfill the requirements of ISO/IEC 20000-1 or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as a business goal. It could also be useful for those advising service providers on how to best achieve the requirements of ISO/IEC 20000-1.
20000-9: Guidance on the application of ISO/IEC 20000-1 to cloud services
ISO/IEC TR 20000-9:2015 provides guidance on the use of ISO/IEC 20000‑1:2011 for service providers delivering cloud services.
20000-10: Concepts and terminology
ISO/IEC TR 20000-10:2015 describes the core concepts of ISO/IEC 20000, identifying how the different parts support ISO/IEC 20000‑1:2011 as well as the relationships between ISO/IEC 20000 and other International Standards and Technical Reports. This part of ISO/IEC 20000 also explains the terminology used in ISO/IEC 20000, so that organisations and individuals can interpret the concepts correctly.
20000-11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: ITIL®
ISO/IEC TR 20000-11:2015 is a Technical Report that provides guidance on the relationship between ISO/IEC 20000-1:2011 and a commonly used service management framework, ITIL.
20000-12: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: CMMI-SVC
ISO/IEC TR 20000-12:2016
Certifications and qualification schemes
As with most ISO standards, organizations and individuals seek training towards establishing knowledge and excellence in applying the standard. The certification scheme targets organizations, while the qualification scheme targets individuals.
Qualification of individuals is offered by APMG-International, EXIN, PECB, Loyalist Certification Services, TÜV SÜD Akademie, PEOPLECERT, and IRCA. The EXIN, Loyalist and TÜV SÜD program is in fact a qualification in IT Service Management based on ISO/IEC 20000 and includes a Foundation level and several role based certificates: professionals in Align, Deliver, Control and Support, Associate, (Executive) Consultant/Manager and Auditor. The APMG qualifications are focused on getting an organization certified and presume knowledge of IT Service Management is already available. The APMG qualifications are conducted at the Foundation, Practitioner and Auditor level. IRCA and other organizations involved in the certification of auditors have developed their own auditor training and certification for ISO/IEC 20000 auditors.
In terms of certification, there are leading certification bodies around the world, for instance, BSI in UK, Quality Austria in Austria, JQA in Japan, KFQ in Korea.
- International Journal of IT Standards and Standardization Research, ISSN 1539-3054 (internet), ISSN 1539-3062 (print), Information Resources Management Association
ISO20000-1:2011 released at 2011-04-12, ISO / IEC 20000 An Introduction ISBN 978-90-8753-081-5, Implementing ISO/IEC 20000 Certification - The Roadmap ISBN 978-90-8753-082-2, ISO/IEC 20000: A Pocket Guide ISBN 978-90-77212-79-0,
- ISO/IEC 20000-1:2011 Service management system requirements. Updated at 2011-04-12 (replacing ISO/IEC 20000-1:2005)
- ISO/IEC 20000-2:2012 Guidance on the application of service management systems. Updated at 2012-02-14 (replacing ISO/IEC 20000-2:2005)
- ISO/IEC 20000-3:2009 Guidance on scope definition and applicability of ISO/IEC 20000-1. Updated at 2012-08-14 (replacing ISO/IEC TR 20000-3:2009)
- ISO/IEC 20000-5:2010 Exemplar implementation plan for ISO/IEC 20000-1 Updated at 2013-10-30 (replacing ISO/IEC TR 20000-5:2010)
- ISO/IEC 20000-6: Requirements for bodies providing audit and certification of service management systems. Currently being developed
- ISO/IEC 20000-9: Application of ISO/IEC 20000-1 to the cloud services. Currently being developed. This International Standard gives guidance on application of Part 1 to the cloud.
- ISO/IEC 20000-8: Guidance on the application of service management systems for smaller organizations. Currently being developed.
- ISO/IEC 20000-11:2015(en) Information technology — Service management — Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: ITIL®
- ISO/IEC 20000-12: Guidance on the relationship between ISO/IEC 20000–1:2011 and service management frameworks: CMMI-SVC®2 [Technical Report]. Currently being developed.
- ISO/IEC 20000-1:2011 IT Service Management System (SMS) Standard
- BSI Group Fast Facts
- Dugmore, Jenny (2006). Achieving ISO/IEC 20000 - The Differences Between BS 15000 and ISO/IEC 20000. BSI Group . p. 124. ISBN 0-580-47348-1. External link in
- Dugmore, Jenny (2006). "BS 15000 to ISO/IEC 20000 What difference does it make?". ITNOW. 48 (3): 30. doi:10.1093/combul/bwl017.