ISO/IEC 20000 (often abbreviated to ISO 20000) is the internationally acknowledged standard for service management. It was developed in 2005 based on the earlier BS 15000, and subsequently revised in 2011 and 2018.
The standard enables organizations to demonstrate reliability and commitment to a high quality of service. ISO 20000 has thus become a competitive differentiator for the delivery of services.
- Benefits of ISO 20000
- FAQs about ISO 20000 certification
- Differences between the latest 2018 release of ISO 20000 and the earlier 2011 edition
- ISO 20000 and how it relates to ITIL and other service management frameworks
- The YaSM model and how it supports your ISO 20000 project
The basic principles behind ITIL and ISO 20000 are very much in line (see also: "Alignment White Paper: ITIL V3 and ISO/IEC 20000", Jenny Dugmore & Sharon Taylor, March 2008). The key differences are:
- ITIL certifications are available for individuals only, whereas ISO 20000 is a certification scheme for organizations.
- ITIL is a rather detailed collection of best practices, while ISO 20000 is an international standard that sets out Service Management requirements for IT organizations.
- When organizations say they are compliant to ITIL, very often this statement is not verifiable; a certification according to the ISO 20000 standard means there has been an objective assessment.
Frequently, an ISO 20000 certification is sought after introducing ITIL, because it allows an IT organization to actually prove that it is a customer-oriented, efficient and effective supplier of IT services. A certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.
ITIL was explicitly written to be aligned with ISO 20000, as the following table exemplifies: for every section in ISO/IEC 20000:2011, Part 1 (Mandatory Requirements) there are one or several related ITIL processes.
The following table summarizes in broad terms how the main ISO 20000 processes correspond to ITIL processes (ITIL 2011 main processes).
|ISO 20000 Sections (ISO/IEC 20000:2011)||Related ITIL Processes (ITIL 2011)|
|4||Service management system general requirements|
|4.2||Governance of processes operated by other parties|
|4.5||Establish and improve the SMS
4.5.1 Define scope
|5||Design and transition of new or changed services|
|5.2||Plan new or changed services|
|5.3||Design and development of new or changed services|
|5.4||Transition of new or changed Services||
|6||Service delivery processes|
|6.1||Service level management|
|6.3||Service continuity and availability management
6.3.1 Service continuity and availability requirements
|6.4||Budgeting and accounting for IT Services|
|6.6||Information security management
6.6.1 Information security policy
|7.1||Business relationship management|
|8.1||Incident and service request management|
|9.3||Release and deployment management|
ITIL focuses on the life cycle of services, but offers less guidance on establishing and operating the Service Management System (SMS) itself. As a consequence, it is at times not straightforward to map the ITIL guidance and (especially) Section 4 and Section 5 of ISO 20000, but various ITIL processes together can typically be used to fulfill the requirements.
The original ISO 20000 documents can be ordered from the publisher's web site: ISO International Organization for Standardization