ISO/IEC 20000 is a series of internationally-recognised standards for IT Service Management, which is based on the ITIL Framework.
ISO/IEC 20000 was originally developed to reflect best practice guidance contained within the ITIL framework, although it equally supports other IT service management frameworks and approaches including components of ISACA’s COBIT framework.
Structure of the Standard
- Part 1 is the main standard which specifies the requirements to be met by an organisation who wish to be certified to the standard or use the standard to improve their service delivery.
- Parts 2 and 3 provide guidance to support part 1.
- A new Part 7 will be produced with guidance for integrating ISO/IEC 20000-1 with ISO 9001 (quality management) and ISO/IEC 27001 (information security).
- Part 10 is concepts and vocabulary.
- Parts 11 and 12 provide mapping of the 20000-1 to ITIL® and CMMI®-SVC.
The series started as a British Standard in 2000 (BS15000) and became an International Standard in 2005 with a 2nd edition in 2011. The standard series is now going through a major revision with the 3rd edition of Part 1 and Part 10 published in September 2018.
Benefits of ISO/IEC 20000
ISO/IEC 20000 can help IT service providers benchmark the quality of IT Service Management, improve services, demonstrate the ability to meet customer requirements and create a framework for independent assessment.
Benefits of ISO 20000 certification for service providers:
- Offers competitive differentiation by demonstrating reliability and high quality of service.
- Gives access to key markets, as many organisations in the public sector mandate that their IT service providers demonstrate compliance with ISO 20000.
- Assures clients that their service requirements will be fulfilled.
- Enforces a measurable level of effectiveness and a culture of continual improvement by enabling service providers to monitor, measure and review their service management processes and services.
- Drives down the costs of conformance to a multitude of laws and standards, including the PCI DSS (Payment Card Industry Data Security Standard) and the Sarbanes-Oxley Act.
- Helps leverage ITIL practices to optimise resources and processes.