Your SlideShare is downloading. ×

What is ISO20000

8,382

Published on

Introduction to ISO20000

Introduction to ISO20000

Published in: Technology, Business
1 Comment
4 Likes
Statistics
Notes
No Downloads
Views
Total Views
8,382
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
645
Comments
1
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Business is evolving, you should too. What is ISO20000? Ben Kalland, Tieturi Helsinki, Tampere, Turku, Tukholma, Göteborg | www.tieturi.fi
  • 2. Agenda • What is ISO/20000 and why should I care? • History and future • Relationship to ITIL and other standards • Certification, who, how much, why and when • ISO20000 processes – difference to ITIL • How to proceed from here
  • 3. ITIL is a library of best practice Service Strategy • strategic analysis, planning, positioning • Service Design translates plans to designs and specifications • Service Transition ensures design will deliver and can be operated • Service Operation manage a service throughout production life • Continual Service Improvement measure performance for maximum benefit
  • 4. ITIL • ITIL knowledge can be certified for individuals • Foundation • Practitioner • Service Manager – ITIL Expert • An organisation cannot be ITIL certified • Anyone can claim they have adopted ITIL
  • 5. ISO/IEC 20000 • Worldwide standard for IT Service Management • International certification against standard • Proof that best practices are implemented • ITIL not requirement • Not as deep as ITIL – minimum requirement • ITIL is a set of guidance – ISO is requirements • Easier to achieve if ITIL based approach • 200 + requirements to be able to demonstrate compliance • Based on BS15000, 400 minor adjustments • Certification for Quality Management (not i.e. tools)
  • 6. Relationship ISO 20000 - ITIL
  • 7. Relationship ISO 20 000 - ITIL
  • 8. Timeline - history and future • 1989 ITIL V1 • 1999 ITIL V2 • 2000 BS15000 • 2003 itSMF launched BS15000 certification • 2005 ISO/IEC 20000 • 2007 ITIL V3 • 2009 IS/IEC 20000 – v2
  • 9. Can you answer these questions? • What are the current and future requirements of the business • What happens if you have a major disaster • What level of service do you provide • What level of risks and liability do you have • What is the current level of failures and how much does it cost the business • If your business customer base doubles, what does it mean for IT and how much does it cost and when is it ready • Goal of SM: align with business, low cost, high quality
  • 10. Note! ISO/IEC 20000 certifies the quality management system and processes SUPPORTING the products or services provided. It does NOT certify the products or services themselves.
  • 11. Position against other frameworks
  • 12. Requirements • Part 1 provides the requirements for IT service management to gain certification • This is relevant to those responsible for initiating, implementing or maintaining IT service management in their organization • Senior Management are responsible and accountable for ensuring all requirements of Part One are met if Certification is sought • Compulsory requirements – shall • Basis for independent auditing • Example: “All incidents shall be recorded”
  • 13. Guidance • Part 2 - Code of Practice for Service Management • Provides guidance to internal auditors and assists service providers planning service improvements or preparing for audits against ISO 20000 • Guidance – should • Explanations, not compulsory • Ex: “The process for a major incident should include a review”
  • 14. Scope • Part 3 - Scope & Applicability • Advice on scoping for service management • Planning & improvements • Scope statements for certification audits • Suggestions on applicability include adding communications or wider technology enabled services • Not yet formally agreed.
  • 15. Who is certified? Examples • 50% private, 50% public • 50% internal, 50% external service providers • CSC Nordic, Denmark • Fujitsu Services, Finland • Siemens Business Services, Germany • Flughafen Munchen, Germany • T-Systems ITC Services, Spain • Salzburg AG, Austria • EDS, Netherlands • ING Services Centre Budapest, Hungary
  • 16. Who is certified? 349 organizations in March 2009 • UK 52 • Japan 50 • India 41 • South Korea 35 • China 34 • Germany 20 … • Denmark 2 • Finland 1 • Sweden, Norway - none
  • 17. Eligibility • An organisation must be able to demonstrate it has management control of each of the ISO 20000 processes • All requirements must be met • If a process or function is outsourced, the organisation must retain management control • Control of input, policy setting • Use and knowledge of output • Define metrics and continuous improvement • Management control of a process consists of: • knowledge and control of the inputs • knowledge, use and interpretation of the outputs • definition and measurement of metrics • demonstration of objective evidence of accountability for process functionality • definition, measurement and review of process improvements
  • 18. ISO/IEC 20000 processes
  • 19. Delivery processes
  • 20. Support processes
  • 21. How to proceed • Prepare for certification through Consultancy Services • Assessment, implementation of processes, mentoring and guidance • Undertake various forms of training: • ISO 20000 Foundation • Aimed at individuals familiar with ITIL, who participate in developing processes or preparing for audition • ISO 20000 Consultants Certifiacte • Aimed at experienced IT Service Management practitioners whose roles and responsibilities include preparing organisations for the adoption of ISO 20000. • ISO 20000 Auditors Certificate: • Aimed at experienced internal or external auditors who have at least 3 years’ general IT auditing experience and are either certified ISO 9000, ISO 27001 or TickIT auditors or are certified internal auditors • Service Management • ITIL Foundation, Practitioner, Managers • Planning To Implement • Experiential Learning & Awareness • Select an approved Registered Certified Body
  • 22. Audits • RCB • Needed documentation • Evidence of intention: process designs, SLA’s, plans, contracts, ... • Inputs, specifications • Records of achievement or activities performed: statistical data, minutes of meetings, RFC’s, ... • Outputs • Surveillance audits – at least annually • Full re-audits – every three year • Internal audits – ”at planned intervals”
  • 23. More information? Ben Kalland ITIL Expert, ISO 20000 Foundation certified consultant Accredited ITIL trainer ben.kalland@tieturi.fi Tieturi Oy, HTC Santa Maria Tammasaarenkatu 5 00180 HELSINKI www.tieturi.fi/itil

×