ISO20000 Toolkit v10 Implementation Guide
3 Using the CertiKit ISO20000 Toolkit The following sections refer to the structure of the ISO20000 standard and how it may be interpreted, including showing how the documents in the Toolkit help to demonstrate conformity. It may help to have a copy of the ISO20000 standard available as you read this section.
3.1 Section 0: Foreword and introduction Relevant Toolkit documents: •
(None)
The foreword and the introduction to the standard are worth reading, if only once. Together they give a good summary of what the ISO sees as the key components of an SMS; this is relevant and important when understanding where the auditor is coming from in discussing what might be called the “spirit” of the SMS. The detail in other sections of the standard should be seen in the context of these overall principles and it is important not to lose sight of that when all attention is focussed on the exact wording of a requirement. The foreword also sets out the main changes in the 2018 version of the standard compared to the 2011 version. There are no requirements to be met in this section.
3.2 Section 1: Scope Relevant Toolkit documents: •
(None)
This section refers to both the scope of the standard and the scope of your SMS. It explains the fact that the standard is a “one size fits all” document which is intended to apply across business sectors, countries and organization sizes and can be used for a variety of purposes. It makes the point that all of the requirements are necessary in order to become certified; you cannot become “partially certified” by only performing some of the processes to the required standard. Furthermore, it also explains that the management system must be fully operated by the service provider whereas it is permissible to have some parts of the processes and/or services carried out by a third party as long as the service provider retains control (or “governance”) of them. There are no requirements to be met in this section, but you will need to confirm that the scope of your proposed SMS is allowed under the rules set out here. If you are in any doubt you could refer to Part 3 of ISO/IEC 20000 – Guidance on scope definition and applicability.
www.certikit.com
Page 18 of 45
