What is ISO 20000 Certification?

For more information about ISO 20000-1 visit https://consulting.itgonline.com/iso-consulting/iso-20000-information-technology-service-management/

Introduction to ISO 20000 Certification

What is ISO 20000?  ISO 20000 consists of multiple standards that are a series of documents that comprise guidance on how to implement a service management system, typically applied to IT services.  The ISO 20000 series is comprised of the following most commonly used standards:

  1. ISO 20000-1:2011– Provides guidance on the management and delivery of services (typically associated with information technology) and works in harmony with Information Technology Infrastructure Library (ITIL) practices and aligns with ISO 9001 requirements.  ISO 20000-1 provides guidance on the requirements of a service management system to organizations preparing for ISO 20000 registration also known as ISO 20000 certification.
  2. ISO 20000-2:2012 – Commonly referred to as a Code of Practice for service management systems ISO 2000002 provides guidance on the application of service managements systems based on the requirements of ISO 20000-1:2011.  ISO 20000-2 provides information to organizations and individuals on how to interpret the requirements of ISO 20000-1 along with suggestions on how to meet ISO 20000 requirements for ISO 20000 certification or ISO 20000 registration.
  3. ISO 20000-3:2009 – Provides guidance on scoping a service management system.  ISO 20000-3 helps organizations understand if ISO 20000-1 is applicable to their circumstances and how to define the scope of their service management system.

Competitive Advantage with ISO 20000 Certification

Globally, only a limited number of companies have decided to incorporate ISO 20000 requirements to help define how their company meets service management objectives. This provides the unique opportunity for organizations to differentiate themselves through ISO 20000 registration or ISO 20000 certification. Many IT based organizations started the process of implementing ISO 20000 by adopting the principles of the Information Technology Infrastructure Library (ITIL) and applying the concepts to their business. Now organizations are looking to ISO 20000 to provide evidence of their commitment to service management principles, by obtaining ISO 20000 certification. There are multiple reasons for the increasing popularity of ISO 20000 including:

  1. Provides better definition on how service management companies operate than ISO 9001
  2. Provides guidance on planning and delivering service offerings
  3. Ensuring cost effective service delivery
  4. Transition from investing in technology to managing systems and services

Since the introduction of ISO 20000 in 2005 companies across the globe are investing in implementing the ISO 20000 guidance to help improve service delivery and IT management for internal and external customers.  The added benefit of being an early adopter provides a competitive edge in competing on contracts.  Large private and public sector organizations are starting to rely on ISO 20000 as a differentiating factor that helps to identify strong service providers.

ISO 20000 Implementation Requirements

ISO 20000-1:2011 is comprised of 6 major sections of guidance that must be implemented by a company:

Section NumberExpectations
4 Service Management System General RequirementsService Management Policy Service Catalog Management Commitment Governance of Processes Operated by Other Parties System for Document Control System for Record Control System for Internal Audits
5 Design and Transition of New or Changed ServicesSystem for Adding New Services System for Managing Changes to Services
6 Service Delivery ProcessesService Level Management Service Reporting Service Continuity and Availability Management Budgeting and Accounting for Services Capacity Management Information Security Management
7 Relationship ProcessesBusiness Relationship Management Supplier Management
8 Resolution ProcessesIncident and Service Request Management Problem Management
9 Control ProcessesConfiguration Management Change Management Release and Deployment Management

Cumulatively the above processes discuss the ISO 20000 requirements placed on an organization that wants to achieve ISO 20000 certification.  Unlike ISO 9001 a company is not able to exclude any of the requirements, instead if the company does not directly perform an activity they must show management control of the process to document what connections exist between your company and the provider of the process.

Each one of the mandatory processes of ISO 20000-1:2011 requires specific activities to be performed, in many cases organizations have already invested time and resource to address specific processes, for example a service desk tool is being utilized to track tickets through the lifecycle to ensure that customer’s needs are being met.  Since many organizations have started the implementation process to meet customers’ demands, the most pragmatic way to approach ISO 20000 is to evaluate the current system against each of the required processes.  Many early adopters of ISO 20000 are already certified to one or more standards such as ISO 9001 or ISO 27001, this makes the transition to ISO 20000 easier as some of the basic requirements of a management system such as document and record control are already be in place allowing the company to focus on incorporating new requirements in an existing method.

ISO 20000 Registration Process

After implementing the guidance of the service management system standard, ISO 20000-1 registration is a method in which a company can prove that they have successfully implemented the requirements. After documenting processes and performing reviews, a company can then look to an independent auditing company to review their processes and ensure that the company is adhering to the developed processes. At the end of the audit, the company is presented a certificate that they can provide to existing and potential customers.

Challenges of ISO 20000 Certification

The challenge that many organizations face in implementing ISO 20000 is the speed and level of depth that needs to be implemented to meet requirements. When an organization begins to apply the standard to their operations unnecessary or complicated solutions can be created for simple challenges.  By over applying the standard to your operations organizations expend precious resources, lose time, and have a less favorable opinion of the benefits of implementing ISO 20000.

ISO 20000 is still a relatively new standard and information and guidance is not readily available so many companies are look to consultants to help:

  1. Reduce the timeframe for implementation to meet customer requirements
  2. Reduce the costs for implementation and maintenance of requirements
  3. Convert existing practices to meet requirements while minimizing impacts to the organizations operations
  4. Educate staff on expectations of the standard
  5. Ensure successful first time achievement of certification

For more information about ISO 20000-1 visit https://consulting.itgonline.com/iso-consulting/iso-20000-information-technology-service-management/