Introduction to ISO/IEC 20000
ISO/IEC 20000-1 (Part 1) is the international standard for IT Service Management used to demonstrate the service management capability of a service provider. Since the first edition was published in 2005, many organizations around the world are now certified.
A service provider certified under Part 1 has independent proof of having implemented best practice management techniques and processes, such as ITIL. A service provider can use ISO/IEC 20000 to deliver improved services that add value to their customers. This should enable customers to be more effective.
Many organizations use ISO/IEC 20000-1 as a contractual requirement for their suppliers.
New edition of ISO/IEC 20000-1
The second edition of ISO/IEC 20000-1 (Part 1) has just been published in April. Members of standards organizations from over 25 countries and liaison members from the itSMF and ISACA produced this new edition.
There are improvements in wording that help people that do not speak English as their native language. Terms have been standardised wherever possible. There are also more terms and definitions that will help organizations that use several standards such as ISO 9001 and ISO/IEC 27001. There is closer alignment to ISO 9001and the information security requirements used in ISO/IEC 27001.
One of the significant changes relate to the scope of the service management system. This can be complex and Part 1 now includes specific requirements for scope definition.
Another important change is the applicability of the standard. The new edition of Part 1 recognises that many services are composed of service components from many parties and suppliers. The new clause on governance of processes operated by other parties means that a service provider has to demonstrate that they control their suppliers effectively. If a service provider relies on other parties for the majority of the service management processes it may be difficult to demonstrate adequate control to achieve certification.
Many service management process requirements have been extended. The clause on the design and transition of new or changed services has more requirements. This will provide better support for organizations that have adopted the ITIL service lifecycle.
Transition to the new edition
Each ISO/IEC 20000 certification scheme owner defines their own plans for transition. The changeover may differ between the certification schemes and it is important to seek advice from the certification scheme owners. The International Accreditation Forum certification schemes will have a common transition approach. Typical changeovers like this take 2 years.
A certified service provider should check with their auditor to find out what arrangements there will be for transferring the certificate to the second edition of Part 1. At the moment, your auditor may not yet have detailed information because they need to assess the impact of the new edition before they can confirm the details on how to transition to the new edition if ISO/IEC 20000-1.
There are the ISO/IEC 20000 IT Service management qualification schemes for individuals that need updating. The qualification scheme owner or your training company will let you know about changes.
Where can I get a copy of ISO/IEC 20000-1:2011