ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005 by ISO/IEC JTC1/SC7 and revised in 2011 and 2018. It was originally based on the earlier BS 15000 that was developed by BSI Group.
ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework (reference needed), although it equally supports other IT service management frameworks and approaches including Microsoft Operations Framework and components of ISACA's COBIT framework. The differentiation between ISO/IEC 20000 and BS 15000 has been addressed by Jenny Dugmore.
The standard was first published in December 2005. In June 2011, the ISO/IEC 20000-1:2005 was updated to ISO/IEC 20000-1:2011. In February 2012, ISO/IEC 20000-2:2005 was updated to ISO/IEC 20000-2:2012.
ISO 20000-1 has now been revised by ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance. The revision has been released in July 2018. From that point certified entities enter a three year transition period to update to the new version of ISO 20000-1. <http://www.iso.org/standard/70636.html>
ISO/IEC 20000-1: Service management
Formally: ISO/IEC 20000-1:2018 ('part 1') specifies requirements for "establishing, implementing, maintaining and continually improving a service management system (SMS). An SMS supports the management of the service lifecycle, including the planning, design, transition, delivery and improvement of services, which meet agreed requirements and deliver value for customers, users and the organization delivering the services.". The 2018 version (ISO/IEC 20000-1:2018) comprises ten sections, following the high-level structure from Annex SL of the Consolidated ISO/IEC Directives, Part 1:
- Normative references
- Terms and definitions
- Context of the organization
- Support of the Service Management System
- Operation of the Service Management System
- Performance Evaluation
ISO/IEC 20000-2: Guidance on the application of service management systems
ISO/IEC 20000-2:2019 provides guidance on the application of service management systems (SMS) based on the requirements in ISO/IEC 20000-1:2018.
ISO/IEC 20000-3: Guidance on scope definition and applicability of ISO/IEC 20000-1
ISO/IEC 20000-3:2019 provides guidance on scope definition, applicability and demonstration of conformance for service providers aiming to meet the requirements of ISO/IEC 20000-1, or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as a business goal. It supplements the advice in ISO/IEC 20000-2, which provides generic guidelines for implementing an SMS in accordance with ISO/IEC 20000-1.
[Withdrawn] ISO/IEC 20000-4: Process assessment model
ISO/IEC TR 20000-4:2010 has been withdrawn. A set of new documents providing a Process Reference Model (PRM) and a Process Assessment Model (PAM) based on ISO/IEC 20000-1:2018 is being developed by ISO/IEC JTC1/SC7 in the 33000 series of standards.
ISO/IEC 20000-5: Exemplar implementation plan for ISO/IEC 20000-1
ISO/IEC TR 20000-5:2013 service providers on how to best achieve the requirements of ISO/IEC 20000-1. ISO/IEC 20000-5 will be updated based on the current version of ISO/IEC 20000-1.
ISO/IEC 20000-6:2017 Requirements for bodies providing audit and certification of service management systems
ISO/IEC 20000-6:2017 provides requirements for auditing bodies for the assessment of conformance to ISO/IEC 20000-1.
ISO/IEC 20000-7 Guidance on the Integration and Correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013
ISO/IEC TR 20000-7:2019 provides guidance on the integrated implementation of a Service Management System based on ISO/IEC 20000-1:2018 with a Quality Management System based on ISO 9001:2015 and/or an Information Security Management System based on ISO/IEC 27001:2013.
[Withdrawn] ISO/IEC 20000-9: Guidance on the application of ISO/IEC 20000-1 to cloud services
ISO/IEC TR 20000-9:2015 provided guidance on the use of ISO/IEC 20000‑1:2011 for service providers delivering cloud services.
ISO/IEC 20000-10: Concepts and vocabulary
ISO/IEC TR 20000-10:2018 describes the core concepts of ISO/IEC 20000, identifying how the different parts support ISO/IEC 20000‑1:2018 as well as the relationships between ISO/IEC 20000 and other International Standards and Technical Reports. This part of ISO/IEC 20000 also explains the terminology used in the ISO/IEC 20000 series, so that organizations and individuals can interpret the concepts correctly.
ISO/IEC 20000-11: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: ITIL®
ISO/IEC TR 20000-11:2015 is a Technical Report that provides guidance on the relationship between ISO/IEC 20000-1:2011 and a commonly used service management framework, ITIL.
ISO/IEC 20000-12: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: CMMI-SVC
ISO/IEC TR 20000-12:2016 is a Technical Report that provides guidance on the relationship between ISO/IEC 20000-1:2011 and a commonly used service management framework, CMMI-SVC.
ISO/IEC 20000-13: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: COBIT
ISO/IEC TR 20000-13 is a Technical Report that provides guidance on the relationship between ISO/IEC 20000-1:2018 and a commonly used service management framework, COBIT 2019. It is currently under development and aimed for publication late 2020.
Certifications and qualification schemes
As with most ISO standards, organizations and individuals seek training towards establishing knowledge and excellence in applying the standard. The certification scheme targets organizations, while the qualification scheme targets individuals.
Qualification of individuals is offered by URS, APMG-International, EXIN, PECB, Loyalist Certification Services, TÜV SÜD Akademie, PEOPLECERT, and IRCA. The EXIN, Loyalist and TÜV SÜD program is in fact a qualification in IT Service Management based on ISO/IEC 20000 and includes a Foundation level and several role based certificates: professionals in Align, Deliver, Control and Support, Associate, (Executive) Consultant/Manager and Auditor. The APMG qualifications are focused on getting an organization certified and presume knowledge of IT Service Management is already available. The APMG qualifications are conducted at the Foundation, Practitioner and Auditor level. IRCA and other organizations involved in the certification of auditors have developed their own auditor training and certification for ISO/IEC 20000 auditors.
In terms of certification, there are leading certification bodies around the world, for instance, BSI in UK, Quality Austria in Austria, JQA in Japan, KFQ in Korea and SAI Global in Australia, Asia and Americas.
- International Journal of IT Standards and Standardization Research, ISSN 1539-3054 (internet), ISSN 1539-3062 (print), Information Resources Management Association
- ISO20000-1:2018, released on 2018-07-15
- A Guide to ISO/IEC 20000-1:2018 Service Management ISBN 978-191-265-1344,
- ISO/IEC 20000-1:2018 Service management system requirements. Updated at 2018-07-15 (replacing ISO/IEC 20000-1:2011)
- ISO/IEC 20000-2:2012 Guidance on the application of service management systems.
- ISO/IEC 20000-3:2012 Guidance on scope definition and applicability of ISO/IEC 20000-1.
- ISO/IEC TR 20000-5:2013 Exemplar implementation plan for ISO/IEC 20000-1
- ISO/IEC 20000-6:2017 Requirements for bodies providing audit and certification of service management systems
- ISO/IEC 20000-7 Guidance on the Integration and Correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013. Currently being developed.
- ISO/IEC 20000-10:2018 Concepts and vocabulary
- ISO/IEC 20000-11:2015 Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: ITIL®
- ISO/IEC TR 20000-12:2016 Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: CMMI-SVC
- ISO/IEC TR 20000-13 Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: COBIT
- ISO/IEC 20000-1:2018 Service Management System (SMS) Standard
- BSI Group Fast Facts
- Dugmore, Jenny (2006). Achieving ISO/IEC 20000 - The Differences Between BS 15000 and ISO/IEC 20000. BSI Group . p. 124. ISBN 0-580-47348-1. External link in
- Dugmore, Jenny (2006). "BS 15000 to ISO/IEC 20000 What difference does it make?". ITNOW. 48 (3): 30. doi:10.1093/combul/bwl017.