Beruflich Dokumente
Kultur Dokumente
Content
What is ISO 20000? ........................................................................................ 1
Introduction to ISO 20000 ............................................................................................................... 1
The new Edition ISO/IEC 20000:2011 ............................................................................................. 2
Benefits of an ISO 20000 Certificate ............................................................................................... 3
ISO 20000 and ITIL ......................................................................................................................... 4
How the ITIL - ISO 20000 Bridge supports Certification Initiatives ...............12
Contents of the ITIL - ISO 20000 Bridge ...................................................................................... 12
Tasks within an ISO 20000 Initiative supported by the ITIL - ISO 20000 Bridge ......................... 12
-1-
against ISO 9001 will find it easier to achieve certification against ISO
20000.
Additional parts of the standard provide guidelines which are not
strictly mandatory:
ISO/IEC 20000:2012, Part 2: Guidance on the application of service
management systems (SMS) contains examples and suggestions
for the design of IT Service Management processes.
ISO/IEC TR 20000:2005, Part 3: Guidance on scope definition and
applicability of ISO/IEC 20000-1 provides guidance on scope
definition, applicability and demonstration of conformity.
ISO/IEC TR 20000:2010, Part 4: Process reference model.
ISO/IEC TR 20000:2010, Part 5: Exemplar implementation plan for
ISO/IEC 20000-1.
-2-
-3-
4.1
Management responsibility
4.2
4.3
Documentation management
Note: ITIL focuses on the life cycle of services, but offers less guidance
on establishing and operating the SMS itself. As a consequence, it is at times
not straightforward to map the ITIL guidance and (especially) sections 4 and
5 of ISO 20000, but various ITIL processes together can typically be used to
fulfill the requirements.
-4-
4.4
Resource management
4.5
5.1
General
5.2
5.3
5.4
6.1
6.2
Service reporting
6.3
6.4
6.5
Capacity management
6.6
Relationship processes
7.1
7.2
Supplier management
Supplier Management
Note: ITIL focuses on the life cycle of services, but offers less guidance
on establishing and operating the SMS itself. As a consequence, it is at times
not straightforward to map the ITIL guidance and (especially) section 4 of
ISO 20000, but various ITIL processes together can typically be used to fulfill
the requirements.
-5-
Resolution processes
8.1
8.2
Problem management
Problem Management
Control processes
9.1
Configuration management
9.2
Change management
Change Management
9.3
-6-
-7-
-8-
Retain certification
After the initial certification, a renewal of the certificate is due
every three years, with intermittent assessments every 6 to 12
months.
Make sure that you continue to adhere to the standard and put a
strong emphasis on continual service and process improvement.
IT Process Maps GbR, 2013
-9-
Insufficient resources
Management commitment must be backed up by the provision of
sufficient resources for the certification program. This includes
making sure that staff assigned to the project are freed from some of
their day-to-day tasks.
- 10 -
closing the gaps to become ISO 20000 compliant is by far the biggest
part of a certification project.
As a result, the total cost heavily depends on
The number of ITIL processes that are already implemented
Existing certificates, like e.g. ISO 9000
The size of your IT organization
The complexity of your services
The scope of the service management system to be certified.
Once the certificate is awarded it will be valid for an initial period
of three years. This means that regular re-certification audits and
intermittent assessments are required, so there are also ongoing
costs to be considered.
- 11 -
- 12 -
- 13 -
- 14 -
Release and
Deployment
Management
Process Owner
Superior Processes
CAB Agenda
Template
Change Manager
Change
Authorization
Hierarchy
Change Management
Support
IT Service Management
RFC Assessment
Guideline
Service Transition
Change Schedule
RFC Classification
+
Change Assessment by
the CAB
CMS/ CMDB
Change Scheduling
Service Design
Package (SDP)
Service Catalogue
Enterprise
Architecture (EA)
Risk Management
Policy
Change Management
Process Objective:
To authorize or reject a proposed
Change as well as to ensure a
preliminary scheduling and
incorporation into the Change
Schedule.
Service Design
Change Record
Resource
Change Manager
Regular CAB
meeting due.
Determine
required CAB
members
Depending on Changes
to be assessed by the
CAB.
Schedule CAB
meeting
Circulate agenda
and documents
for preparation
RFC must be
rejected
Notify RFC
initiator of
rejection
RFC may be
authorized
Create Change
Record from RFC
Document
Change
authorization
Release Record
RFC
rejected.
RFC to be
assessed by the
CAB.
RFC
authorized.
Resource
Assess risks
associated with
the proposed
Change
Change Advisory
Board (CAB)
Assess urgency of
the proposed
Change
Consider level of
damage if the
implementation
is delayed.
Assess
consequences if
Change is not
implemented
Assess the
proposed
schedule for
implementation
Check if there are any
reasons to object to
the proposed
implementation date.
Determine any
required
modifications to
the proposed
Change
Determine if RFC
must be escalated
to the next higher
level of authority
If the assessment leads to
the conclusion that a
higher level of authority is
required to authorize the
proposed Change (e.g. RFC
must be authorized by IT
Management or the
Business Executive Board).
Decide if
proposed Change
may be
authorized
Escalation of RFC
not required
If required, consult
also with the RFC
initiator.
Related Evidence
(Documents and Records)
Release and
Deployment
Management
Release Record
Incident Record
Change Management
Incident
Management Report
Information about the success or failure of releases and future release dates
shall be provided to the change management process, and incident and service
request management process.
Release Record
Change Schedule
- 15 -
Change Evaluation
Report
Release and
Deployment
Management
Change Management
- 16 -