Now, for the first time global Organizations wishing to seek assurances that IT Service Providers and Outsourcers are really “up to the job” have a major weapon in their armoury, namely ISO/IEC 20000. The new internationally fast-tracked IT Service Management Standard.
More and more Organizations wishing to ensure that prospective IT Service Providers are capable and have a track record of delivering quality service are ensuring that ISO/IEC 20000 certification has already been achieved and is capable of being achieved for the boundary of service delivery covering their own organization.
But why ISO/IEC 20000?
It’s important to remember that ITIL is NOT a standard. ITIL has no auditing criteria. Contrary to popular belief ITIL tools cannot be officially regarded as ITIL Compliant. ITIL is a framework of best practice that aims to ensure cost effective, appropriate and quality IT services are delivered. But there’s nothing in ITIL to Audit against. It just wasn’t meant to be that way.
Based totally on BS15000, ISO/IEC 20000 certification and achieving the standard is increasing in popularity, especially in the UK and Europe.
Elsewhere adoption is relatively sparse – but this is subject to change considerably since the ISO released it as ISO/IEC 20000 in December 2005. Now, for the very first time the IT Service Management community has an international standard for auditing and certifying IT Service.
But Organizations must beware of Vendor and Outsourcers claims. The Standard has strict eligibility criteria for IT Service Providers. For example, the IT Service Provider MUST maintain effective management control of all aspects of IT Service and there must be a solid commitment to ongoing Continual Service Improvement.
As a standard, ISO 20000 shows IT how to manage and improve IT while establishing audit criteria. In fact, there are 217 requirements that IT Service Providers must achieve when audited by a Registered Certification Body (RCB). In addition, three months worth of actual recorded information must support the IT Service Providers quest for certification.
ISO/IEC 20000 is currently in two specific parts: -
Part One is ISO/IEC 20000-1:2005 => The Specification.
Part Two is ISO/IEC 20000-2:2005 => The Code of Practice.
Part one is ISO/IEC 20000-1:2005 IT Service Management Specification for Service Management. This provides requirements for IT service management and is relevant to those responsible for initiating, implementing or maintaining IT service management in their organization. Organizations can have their IT service management systems independently certified as conforming to the requirements of ISO/IEC 20000-1:2005. Part 1 also defines the processes and provides assessment criteria and recommendations for those responsible for IT Service Management.
Part 2 is ISO/IEC 20000-2:2005 Information technology service management. Code of Practice for Service Management. This gives guidance to internal auditors and assistance to service providers planning service improvements or preparing for audits against ISO/IEC 20000-1:2005. ISO 20000-2 documents a “code of practice” that explains how manage IT with regard to ISO 20000-1 audits.
Both ISO 20000-1 and ISO 20000-2 are related to the ITIL best practice framework. However you DO NOT have to have ITIL implemented to be able to move forward with ISO/IEC 20000 certification. It sure does help though!
ISO/IEC 20000 actually groups many of the core ITIL processes into five core process sets:-
1. Service Delivery Processes – Which includes Service Level Management, Availability Management, Capacity Management, Continuity Management, and Budgeting and Accounting (But NOT Costing) for IT Service Financial Management. These are accompanied with Information Security Management and Service reporting.
2. Relationship Processes – There are two key ones to consider, namely, Business Relationship Management and Supplier Management.
3. Resolution Processes - Incident Management and Problem Management.
4. Control Processes -- Change Management and Configuration Management.
5. Release Process -- Release Management.
So, what does ISO/IEC 20000 actually mean?
It means that there is at last a more assured way of Organizations who spend millions of dollars with Service Providers every year, now have an Audit Standard to help them and ultimately their business.
It also means good news for ITIL which is currently undergoing a re-fresh to Version Three. The development of ITIL Version three is paying close attention to ISO/IEC 20000.
With ITIL and ISO/IEC 20000 combined, although different and exist to deliver quite separate deliverables, will enable IT Service Providers to march ahead with confidence in their ITT bids and their day to day IT Service Operations.
The development of ITIL into Version Three can only fuel the demand for ISO/IEC 20000 further.
To learn much more about ISO/IEC20000 why not download my free resources.
You can gain access to a free 65 minute audio briefing and PDF download.
Free Registration HERE.