ISO / IEC 20000
The ISO / IEC 20000 is an internationally recognized standard for IT service management (ITSM). Certification is possible for organizational units. A certificate that has been acquired must be renewed every three years.
Goal setting
ISO / IEC 20000 is based on the British Standard BS 15000 , which has been in existence for some time . In a “fast track process”, BS 15000 was transferred to ISO / IEC 20000 by the Joint Technical Committee ISO / IEC JTC 1, Information Technology, and published on December 15, 2005. Further parts were published in 2009 and 2010. In 2011 the first part of the standard was revised and adopted as a new version.
The ISO / IEC 20000 IT Service Management serves as a measurable quality standard for IT Service Management ( ITSM ). For this purpose, the minimum requirements for processes are specified and presented in ISO / IEC 20000 that an organization must establish in order to be able to provide and manage IT services in a defined quality. ISO / IEC 20000 is based on the process descriptions as described by the IT Infrastructure Library ( ITIL ) of the Cabinet Office (until 2010: Office of Government Commerce - OGC) and supplements them in a complementary way.
A scope statement is used to define certification for an organization (company, department, etc.), one or more services and locations (locations). Restricted or broad definitions are possible here. The scope statement is listed in the certificate. It is not possible to restrict the management processes. As a result, it is determined whether the scope reaches certification. With ISO / IEC 15504 , since Part 8 was published, it is now also possible to determine the degree of capability for individual processes or the degree of maturity for the entire organization according to a standard. This represents a more differentiated assessment with which results above the ISO / IEC 20000 requirement can also be presented.
The following requirements and processes are defined within ISO / IEC 20000:
- Management system requirements
- Planning and implementation of service management
- Plan and implement new or changed services
- Service level management
- Service reporting
- Availability and Service Continuity Management
- Financial planning and cost accounting for IT services
- Capacity management
- Information security management
- Business relationship management
- Supplier management
- Incident Management
- Problem management
- Configuration management
- Change management
- Release and deployment management
Components of ISO / IEC 20000
The ISO / IEC 20000 consists of five parts. Parts 1 and 2 represent the standard (IS - International Standard ); Parts 3 to 5 are additions (TR - Technical Report ).
- ISO / IEC 20000 Part 1 - "Service Management System Requirements"
- The first part of ISO / IEC 20000-1: 2011 contains the formal specification of the standard. Requirements are documented that an organization must adhere to, ensure and demonstrate in order to obtain certification. ISO / IEC 20000-1 contains the “must-have criteria” of the standard. This part was revised in 2011 and adopted with the additions.
- ISO / IEC 20000 Part 2 - "Code of Practice"
- Within the second part of ISO / IEC 20000-2: 2005, the requirements of the first part are supplemented by explanations of best practice. ISO / IEC 20000-2 provides guidelines and recommendations for IT service management processes within the framework of the formal standard.
- ISO / IEC 20000 Part 3 - "Guidance on Scope Definition and Applicability of ISO / IEC 20000-1"
- With the third part of ISO / IEC TR 20000-3: 2009, a technical report (TR) is an aid to the standard, which considers the scope definition and the applicability.
- ISO / IEC 20000 Part 4 - "Process Reference Model"
- The fourth part of ISO / IEC TR 20000-4: 2010 as a Technical Report (TR) is an aid to the standard, which considers the underlying process model.
- ISO / IEC 20000 Part 5 - "Exemplary Implementation Plan for ISO / IEC 20000-1"
- In the fifth part of ISO / IEC TR 20000-5: 2010, a technical report (TR) is an aid to the standard that contains an example of the implementation of the standard.
Certification
In principle, only organizations (companies, cooperatives, etc.) can be certified. Individuals can only prove that they have certain knowledge of the application or implementation of the standard and can identify this with appropriate certificates.
Management systems
The successful implementation of ISO / IEC 20000 can be certified. This must be done by an authorized organization (Registered Certification Body, RCB). The ISO / IEC 20000 certification represents an opportunity to objectively measure and certify the successful implementation of an IT service management system in an organization using an international standard. Certification is carried out against the normative part ISO / IEC 20000-1: 2011.
people
There are various qualification offers for training and certification of people. These are designed by different certification companies, see list of IT certificates .
Sources of supply
The ISO standards are available for a fee from ISO or Beuth-Verlag .
See also
Web links
Individual evidence
- ^ Cabinet Office. Best Management Practice Portfolio. Cabinet Office, June 10, 2011, accessed January 22, 2012 .
- ↑ ISO / IEC 20000-1: 2011. ISO products. ISO, April 12, 2011, accessed June 2, 2011 .
- ↑ ISO / IEC 20000-2: 2005. ISO products. ISO, June 10, 2008, accessed June 2, 2011 .
- ↑ ISO / IEC TR 20000-3: 2009. ISO products. ISO, October 14, 2009, accessed June 2, 2011 .
- ↑ ISO / IEC TR 20000-4: 2010. ISO products. ISO, November 25, 2010, accessed June 2, 2011 .
- ↑ ISO / IEC TR 20000-5: 2010. ISO products. ISO, April 26, 2010, accessed June 2, 2011 .