ISO 20000: Difference between revisions
mNo edit summary |
No edit summary |
||
| Line 8: | Line 8: | ||
<br style="clear:both;"/> | <br style="clear:both;"/> | ||
ITIL provides guidance on what should be done in order to offer users adequate IT Services to support their business processes. ITIL | ITIL provides guidance on what should be done in order to offer users adequate IT Services to support their business processes. ITIL qualifications are available for individuals but until recently there was no way for an IT organization to prove that it is working along the ITIL recommendations. | ||
The ISO 20000 standard was conceived to fill this gap. Initiated by the two organizations itSMF and BSI (British | The ISO/IEC 20000:2005 standard (abbreviated to ISO 20000 in this wiki) was conceived to fill this gap. Initiated by the two organizations itSMF and BSI (British Standards Institution), it is modeled upon the principles of ITIL and allows IT organizations to have their IT Service Management certified. | ||
In contrast to the ITIL books, ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of requirements which must be met in order to qualify for [https://en.it-processmaps.com/iso20000/faq-iso-20000-certification.html ISO 20000 certification]. | In contrast to the ITIL books, ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of requirements which must be met in order to qualify for [https://en.it-processmaps.com/iso20000/faq-iso-20000-certification.html ISO 20000 certification]. | ||
| Line 18: | Line 18: | ||
== Central Requirements from ISO 20000 == | == Central Requirements from ISO 20000 == | ||
ISO 20000 promotes the “adoption of an integrated process approach to effectively deliver managed services to meet the business and customer requirements”. | |||
ISO 20000 does not prescribe that its requirements must be met by following the ITIL recommendations, so there are many possible ways to achieve compliance. Introducing ITIL, however, is the most widely used approach for obtaining an ISO 20000 certificate. | |||
It is also important to prove that IT processes are documented, actively managed, and continually improved. | |||
== How ITIL V3 and ISO 20000 are | |||
==The new Edition ISO/IEC 20000:2011== | |||
A new version of ISO/IEC 20000 Part 1: Service management system requirements (abbreviated to ISO/IEC 20000-1:2011) was published in April 2011. | |||
The authors of the new version describe the main differences to the earlier edition (ISO/IEC 20000-1:2005) as follows: | |||
* Closer alignment to both ISO 9001 and ISO/IEC 27001 | |||
* Clarification of existing definitions and addition of new definitions | |||
* Introduction of the term "Service Management System" (SMS) and aligning the standard with the concept of a SMS | |||
* Clarification of the requirements for the governance of processes operated by other parties | |||
* Addition of requirements for the design and transition of new or changed services | |||
== How ITIL V3 and ISO 20000 are related == | |||
The basic principles behind ITIL V3 and ISO 20000 are very much in line (see also: [http://www.best-management-practice.com/gempdf/ITIL_and_ISO_20000_March08.pdf "Alignment White Paper: ITIL V3 and ISO/IEC 20000"], Jenny Dugmore & Sharon Taylor, March 2008). The key differences are: | The basic principles behind ITIL V3 and ISO 20000 are very much in line (see also: [http://www.best-management-practice.com/gempdf/ITIL_and_ISO_20000_March08.pdf "Alignment White Paper: ITIL V3 and ISO/IEC 20000"], Jenny Dugmore & Sharon Taylor, March 2008). The key differences are: | ||
* ITIL certifications are available for individuals only, whereas ISO 20000 is a certification scheme for organizations | * ITIL certifications are available for individuals only, whereas ISO 20000 is a certification scheme for organizations. | ||
* ITIL is a rather detailed collection of best practices, while ISO 20000 is an international standard that sets out Service Management requirements for IT organizations | * ITIL is a rather detailed collection of best practices, while ISO 20000 is an international standard that sets out Service Management requirements for IT organizations. | ||
* | * When organizations say they are compliant to ITIL, very often this statement is not verifiable; a certification according to the ISO 20000 standard means there has been an objective assessment. | ||
Frequently, a certification according to ISO 20000 is sought after introducing ITIL, because it allows an IT organization to actually prove that it is a customer-oriented, efficient and effective supplier of IT services. A certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified. | Frequently, a certification according to ISO 20000 is sought after introducing ITIL, because it allows an IT organization to actually prove that it is a customer-oriented, efficient and effective supplier of IT services. A certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified. | ||
==ISO 20000 Sections and related ITIL V3 Processes== | |||
ITIL V3 was explicitly written to be aligned with ISO 20000, as the following table exemplifies: for every section in ISO/IEC 20000:2005, Part 1 (Mandatory Requirements) there are one or several related ITIL processes. | |||
{| border="1" cellpadding="5" cellspacing="0" align="center" | {| border="1" cellpadding="5" cellspacing="0" align="center" | ||
|- | |- | ||
! width="25%" colspan="2" style="background:#ffffdd;" | ISO 20000 | ! width="25%" colspan="2" style="background:#ffffdd;" | ISO 20000 Sections | ||
! width="75%" colspan="2" style="background:#ffffbb;" | Related ITIL V3 Processes | ! width="75%" colspan="2" style="background:#ffffbb;" | Related ITIL V3 Processes | ||
|- | |- | ||
| Line 130: | Line 144: | ||
<!-- This page is assigned to the following categories: --> | <!-- This page is assigned to the following categories: --> | ||
[[Category:ISO/IEC 20000|!]] | [[Category:ISO/IEC 20000|!]] | ||
<!-- --- --> | <!-- --- --> | ||
Revision as of 11:39, 9 August 2011
<seo metakeywords="iso 20000 processes, iso 20000 requirements" metadescription="In contrast to the ITIL books, ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of requirements which must ..." />
ITIL provides guidance on what should be done in order to offer users adequate IT Services to support their business processes. ITIL qualifications are available for individuals but until recently there was no way for an IT organization to prove that it is working along the ITIL recommendations.
The ISO/IEC 20000:2005 standard (abbreviated to ISO 20000 in this wiki) was conceived to fill this gap. Initiated by the two organizations itSMF and BSI (British Standards Institution), it is modeled upon the principles of ITIL and allows IT organizations to have their IT Service Management certified.
In contrast to the ITIL books, ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of requirements which must be met in order to qualify for ISO 20000 certification.
Central Requirements from ISO 20000
ISO 20000 promotes the “adoption of an integrated process approach to effectively deliver managed services to meet the business and customer requirements”.
ISO 20000 does not prescribe that its requirements must be met by following the ITIL recommendations, so there are many possible ways to achieve compliance. Introducing ITIL, however, is the most widely used approach for obtaining an ISO 20000 certificate.
It is also important to prove that IT processes are documented, actively managed, and continually improved.
The new Edition ISO/IEC 20000:2011
A new version of ISO/IEC 20000 Part 1: Service management system requirements (abbreviated to ISO/IEC 20000-1:2011) was published in April 2011.
The authors of the new version describe the main differences to the earlier edition (ISO/IEC 20000-1:2005) as follows:
- Closer alignment to both ISO 9001 and ISO/IEC 27001
- Clarification of existing definitions and addition of new definitions
- Introduction of the term "Service Management System" (SMS) and aligning the standard with the concept of a SMS
- Clarification of the requirements for the governance of processes operated by other parties
- Addition of requirements for the design and transition of new or changed services
The basic principles behind ITIL V3 and ISO 20000 are very much in line (see also: "Alignment White Paper: ITIL V3 and ISO/IEC 20000", Jenny Dugmore & Sharon Taylor, March 2008). The key differences are:
- ITIL certifications are available for individuals only, whereas ISO 20000 is a certification scheme for organizations.
- ITIL is a rather detailed collection of best practices, while ISO 20000 is an international standard that sets out Service Management requirements for IT organizations.
- When organizations say they are compliant to ITIL, very often this statement is not verifiable; a certification according to the ISO 20000 standard means there has been an objective assessment.
Frequently, a certification according to ISO 20000 is sought after introducing ITIL, because it allows an IT organization to actually prove that it is a customer-oriented, efficient and effective supplier of IT services. A certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.
ITIL V3 was explicitly written to be aligned with ISO 20000, as the following table exemplifies: for every section in ISO/IEC 20000:2005, Part 1 (Mandatory Requirements) there are one or several related ITIL processes.
| ISO 20000 Sections | Related ITIL V3 Processes | ||
|---|---|---|---|
| Ch. | Title | Remark | |
| 5 | Planning and Implementing New or Changed Services | Requirements are fulfilled by the ITIL processes “Service Strategy” and "Service Level Management" | |
| 6 | Service Delivery | ||
| 6.1 | Service Level Management | Requirements are fulfilled by the ITIL process "Service Level Management" | |
| 6.2 | Service Reporting | Requirements are fulfilled by the ITIL process "Service Level Management" | |
| 6.3 | Service Continuity and Availability Management | Requirements are fulfilled by the ITIL processes "IT Service Continuity Management" and "Availability Management" | |
| 6.4 | Budgeting and Accounting for IT Services | Requirements are fulfilled by the ITIL process "Financial Management"
(optional, i.e. non-obligatory component of the standard) | |
| 6.5 | Capacity Management | Requirements are fulfilled by the ITIL process "Capacity Management" | |
| 6.6 | Information Security Management | Requirements are fulfilled by the ITIL process "IT Security Management" | |
| 7 | Relationship Processes | ||
| 7.2 | Business Relationship Management | Requirements are fulfilled by various ITIL processes: “Service Portfolio Management”, „Service Level Management”; and “Continual Service Improvement” | |
| 7.3 | Supplier Management | Requirements are fulfilled by the ITIL process "Supplier Management" | |
| 8 | Resolution | ||
| 8.2 | Incident Management | Requirements are fulfilled by the ITIL process "Incident Management" | |
| 8.3 | Problem Management | Requirements are fulfilled by the ITIL process "Problem Management" | |
| 9 | Control | ||
| 9.1 | Configuration Management | Requirements are fulfilled by the ITIL process "Service Asset and Configuration Management" | |
| 9.2 | Change Management | Requirements are fulfilled by the ITIL process "Change Management" | |
| 10 | Release | ||
| 10.1 | Release Management | Requirements are fulfilled by the ITIL process "Release and Deployment Management" | |
