ISO20000 Toolkit v10 Implementation Guide
2 Introduction This guide takes you through the process of implementing the ISO/IEC 20000 standard using the document toolkit. It provides a recommended route to certification against the standard starting from a default position where very little is in place. Of course, every organization is different and there are many valid ways to embed the disciplines of IT service management. The best way for you may well depend upon a number of factors, including: • • • • • • • •
The size of your organization The mix of technologies you use Whether you are an in-house or external service provider The country or countries in which you operate The culture your organization has adopted The industry you operate within The resources you have at your disposal The legal, regulatory and contractual environment you operate within
So view this guide simply as a pointer to where you could start and a broad indication of the order you could do things in. There is no single “right way” to implement IT service management; the important thing is that you end up with a Service Management System (SMS) that is relevant and appropriate for your specific organization’s needs.
2.1 The ISO20000 standard The ISO/IEC 20000 international standard for “Information technology — Service management – Part 1: Service management system requirements” (referred to in this guide as “ISO/IEC 20000” and sometimes just “ISO20000”) was originally published by the ISO in 2005 and is based upon the earlier British standard BS15000. Revised in 2011 and now in 2018, ISO/IEC 20000 specifies the requirements that your SMS will need to meet in order for your organization to become certified to the standard. The requirements in ISO/IEC 20000 Part 1 are supplemented by guidance contained in Part 2: Guidance on the application of service management systems. ISO/IEC 20000 Part 2 is well worth reading as it fills in some of the gaps in understanding how the requirements in Part 1 should be met and gives more clues about what the auditor may be looking for. There are a number of other documents published within the ISO/IEC 20000 series and many of them provide useful supporting information for organizations going for ISO/IEC 20000 certification (or simply using it for guidance). Some of the commonly referenced ones are: • • • •
ISO/IEC 20000 Part 3 – Guidance on scope definition and applicability ISO/IEC 20000 Part 5 – Exemplar implementation plan ISO/IEC 20000 Part 9 - Guidance on the application of ISO/IEC 20000-1 to cloud services ISO/IEC 20000 Part 10 – Concepts and vocabulary www.certikit.com
Page 5 of 45
