SlideShare a Scribd company logo

iso 20000

W
wvlglobal
1 of 10
Download to read offline
How to achieve ISO/IEC 20000 – The key successful factors Joe Hsieh (joe.hsieh@bsi-global.com) LOGO BSI Taiwan ISO 20000 Product Manager ISO 27001/ ISO 20000 Lead Auditor Agenda Trend and Challenge – 1. IT service and ITSMS 2. Key Implementation Issues of ITSMS Auditing issue – criteria 3. overview, auditing stage Auditing issue – 4. common problems & tips 1
Trend and Challenge – IT service and ITSMS Focus on Meet Business performance Strategy Focus Issue 1. Project -> Business growth 2. Linking business and IT strategies 3. Demonstrating the business value ROI Focused (Outsourcing / of IT BPO) 4. ……. 5. ……. Contract Gartner: IT Leaders' Next Big Decisions (2005) Trend and Challenge – IT service and ITSMS By 2008, ‘ITIL® Compliance’ will be a buying criteria in 75% of relevant IT sourcing decisions. Gartner Inc., January 5, 2006 More than 120 n organizations applied for Japa a re the ISO/ IEC 20000 Ko certifications worldwide. Others India The top four countries: United United Kingdom, India, Kingdom Korea and Japan. Certified Organizations 2
Key Implementation Issues of ITSMS (The content of ISO/ IEC 20000) Requirement for a management system (3) Requirement for a management system Planning and implementing service management (4) Planning (4) Planning and implementing new or changed services (5) Planning and implementing (5) Service Delivery Processes (6) Service Delivery Processes (6) Management System Capacity Management Service Level Management Information Framework Security Service Service Reporting Management Continuity and Budgeting and Availability Accounting Management Control Processes (9) Control for IT Configuration Management services Service Change Management Processes Requirement Incident Management Business Relationship Management Release Management Problem Supplier Management Management Release Release Resolution Resolution Relationship Relationship Processes (10) Processes (10) Processes (8) Processes (8) Processes (7) Processes (7) Key Implementation Issues of ITSMS (The key activities must be performed) 1. Define the scope of the ITSMS 2. Establish policy, objectives and requirements 3. The processes that are to be executed 4. Define management roles and responsibilities (ownership) such as management responsibilities service management overall each of the 13 service management processes 5. The interface between service management process and how to coordinated 6. The approach to be taken in identifying, assessing and managing issues and risks to the achievements of the defined objectives. 7. The approach for interfacing to projects that are creating or modifying services. 8. The resources, facilities and budget necessary to achieve the defined objectives 9. Tools are used to support the processes 10. How the quality of the service will be managed, audited and improved. 3
Key Implementation Issues of ITSMS (The scope definition of ITSMS) Organization must implement all of requirements of ISO/ IEC 20000 in order to be certified (Clause 3 ~ Clause 10) Proper ITSMS scope will allow organization to: • Verify the method of implementing whether is workable or not • Reduce the chance/ risk of failure to implement the ITSMS • Demonstrate the true value of the IT service • ……… Organization Location Aspect Aspect The scope of IT service management can be Scope Consideration defined by: Must focus on the relationship with Others – Service Geographical, supplier Aspect infrastructure Auditing issue (criteria overview) Organization must Registered Certification demonstrate that it has Body (RCB) will based on “management control” of organization’s scope to all of the processes perform the audit defined within the ISO/IEC 20000-1:2005. Plan Check Knowledge, use Knowledge and and interpretation control of inputs of outputs Do Act All of ISO/IEC 20000 RCB will follow certain requirements must be scheme to conduct the implemented (Clause audit (i.e. ITSMF or 3 ~ Clause 10) . UKAS (in future)) 4
Auditing issue (criteria overview) The Auditor is responsible for assessing the: Suitability of the scope of the audit; Implementations of PDCA cycle; Implementations of Service Management Processes (13 managements); Integration and management of the interfaces between processes; Flow of information and process control across interfaces (effectiveness) Auditing issue (auditing stage) Pre Assessment Initial Enquiry Initial Assessment (Optional) • Engage with RCB • Off-site/ On-site • Organizations can • Submit the decide to perform the assessment of Application Form pre-assessment prior process to the initial documentation • Confirm the detail of assessment such as assessment as • On-site audit scope, man-day, necessary (Optional) (implementation audit) special requirement, and etc. Triennial Re- Surveillance assessment Certification Assessment • The effectiveness of • valid for three years the ITSMS (Including • Semi-annual or • Full Re-audit the Management annual surveillance ITSMS Framework and audits are required Service Processes) • Triennial Re- assessment will be carried out 5
Auditing issue (common problems & tips) The pitfall to avoid: Inappropriate scope definition (for example, no clear interface between service processes or with 3rd party supplier) No clear role and responsibility of senior management or service process owner Not implement all of “shall” requirements Service management documents are defective (too long the relationship between them is unclear, or no documentary evidence) No clear inter-relationship between service processes (for example, SLM – Business Relationship Mgmt – Supplier Mgmt) Auditing issue (common problems & tips) The pitfall to avoid (cont’): No clear evidence of how the interfaces of chain of suppliers are managed (Supplier management) No clear evidence of how all interfaces to the customers are managed (Business relationship management, and other management such as Service level management) The service management culture is not established (people not buy in) – resistance to change There is no effective configuration management in place (i.e. integrity of CMDB) 6
Auditing issue (common problems & tips) Tips: Use checklist to check the compliance of the service management Have some one to carry out the pre- audit assessment (internal audit or independent party) before conduct official ISO20000 assessment What to check? Auditing issue (common problems & tips) Key point to check (for example): Background and review of documentation Service management policies and plans; Process and procedures within the scope of ISO20000 Service level agreements (and supporting agreements and contracts) Records required by the standard (change records, service reports, checklists, etc.) Proposed scope for the audit …. Detailed assessment (implementation audit) Interview the owners and users of the ITSMS Review high, medium and/or low critical areas Service objectives and targets Service and management reviews Links between the core documents within the system 7
Auditing issue (common problems & tips) Tips: Use metrics and service reporting to evaluate the service capability (PDCA) - From performance, value, compliance, etc. Reactive Metrics/ report Proactive Metrics/ report Forward Schedule Metrics/ report Auditing issue (common problems & tips) What activities must be monitored: Reporting on management responsibility Metrics for PDCA (Plan-Do-Check-Act of ITSMS) Metrics for implementing a new service Metrics for service management process Metrics for management of interfaces 8
Auditing issue (common problems & tips) What kind of service reporting could be useful? • Performance against service level targets • Noncompliance and issues • Workload characteristics, i.e. volume info of incident, problems. • Performance reporting after major events • Trend information • Satisfaction analysis Source: BSI BIP0032 Auditing issue (common problems & tips) – Example of service report Policy for service improvement: “service improvement will be targeted at delivering a faster and cheaper resolution service” Metrics (higher level) • Trends in incident and volumes (cost reduction from problem avoidance) • Trends in avg fix time for all incidents and problems (cheaper and faster due to quicker methods of resolutions) • Trend in unit cost of incident/ problem solving, with targets (cheaper unit cost) Metrics (lower level) • Number and types/ avg fix time of incidents and problem in each priority class. • Type and number of known error • Number of known errors eliminated permanently. • Cost of fixing incidents, including overheads. • Fix time for each hour of a working day/ for each person on a service desk. • The cause of the most frequently occurring incidents. Source: BSI BIP0032 9
Joe Hsieh (joe.hsieh@bsi-global.com) LOGO BSI Taiwan ISO 20000 Product Manager ISO 27001/ ISO 20000 Lead Auditor 10

Recommended

M2MSys ITIL Executive Summary
M2MSys ITIL Executive SummaryM2MSys ITIL Executive Summary
M2MSys ITIL Executive SummaryFilipe Pinto
 
COBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 ComparisonCOBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 ComparisonAnthony Dehnashi
 
Structured Approach To It Business System Availability And Continuity Plannin...
Structured Approach To It Business System Availability And Continuity Plannin...Structured Approach To It Business System Availability And Continuity Plannin...
Structured Approach To It Business System Availability And Continuity Plannin...guest1c9378
 
Itil 2011 Mind Maps
Itil 2011 Mind MapsItil 2011 Mind Maps
Itil 2011 Mind MapsHussein Elmenshawy
 
Solvency - II Programme Setup
Solvency - II Programme SetupSolvency - II Programme Setup
Solvency - II Programme Setupgainline
 
Cobit 4.1 Highlights
Cobit 4.1 HighlightsCobit 4.1 Highlights
Cobit 4.1 Highlightsgeoffharmer
 
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...QAI
 
Case Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise ChangeCase Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise ChangeVincent Kwon
 

Recommended

M2MSys ITIL Executive Summary
M2MSys ITIL Executive SummaryM2MSys ITIL Executive Summary
M2MSys ITIL Executive SummaryFilipe Pinto
 
COBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 ComparisonCOBIT 5 & 4.1 Comparison
COBIT 5 & 4.1 ComparisonAnthony Dehnashi
 
Structured Approach To It Business System Availability And Continuity Plannin...
Structured Approach To It Business System Availability And Continuity Plannin...Structured Approach To It Business System Availability And Continuity Plannin...
Structured Approach To It Business System Availability And Continuity Plannin...guest1c9378
 
Itil 2011 Mind Maps
Itil 2011 Mind MapsItil 2011 Mind Maps
Itil 2011 Mind MapsHussein Elmenshawy
 
Solvency - II Programme Setup
Solvency - II Programme SetupSolvency - II Programme Setup
Solvency - II Programme Setupgainline
 
Cobit 4.1 Highlights
Cobit 4.1 HighlightsCobit 4.1 Highlights
Cobit 4.1 Highlightsgeoffharmer
 
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...
CMMI High Maturity Best Practices HMBP 2010: CMMI® FOR SERVICES: INSIGHTS AND...QAI
 
Case Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise ChangeCase Studies Using Process as the Lever for Enterprise Change
Case Studies Using Process as the Lever for Enterprise ChangeVincent Kwon
 
ITIL® im Microsoft-Umfeld: Einführung in das MOF
ITIL® im Microsoft-Umfeld: Einführung in das MOFITIL® im Microsoft-Umfeld: Einführung in das MOF
ITIL® im Microsoft-Umfeld: Einführung in das MOFDigicomp Academy AG
 
Ch01 o.m.-introduction
Ch01 o.m.-introductionCh01 o.m.-introduction
Ch01 o.m.-introductionruchakarajgaonkar
 
CMMI Implementation with Digité Enterprise
CMMI Implementation with Digité EnterpriseCMMI Implementation with Digité Enterprise
CMMI Implementation with Digité EnterpriseDigite Inc
 
TQA Cat 6 Process Management
TQA Cat 6 Process ManagementTQA Cat 6 Process Management
TQA Cat 6 Process ManagementAreté Partners
 
IBM GPRA
IBM GPRAIBM GPRA
IBM GPRAfarrar_sydney
 
Using Six Sigma to Drive Tangible Service Desk Improvement and Savings
Using Six Sigma to Drive Tangible Service Desk Improvement and SavingsUsing Six Sigma to Drive Tangible Service Desk Improvement and Savings
Using Six Sigma to Drive Tangible Service Desk Improvement and SavingsITSM Academy, Inc.
 
RequirementPro™ Architecture
RequirementPro™ ArchitectureRequirementPro™ Architecture
RequirementPro™ ArchitectureEnfocus Solutions Inc.
 
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...CA Nimsoft
 
Configuration Management Best Practices
Configuration Management Best PracticesConfiguration Management Best Practices
Configuration Management Best PracticesTechExcel
 
Itil Mind Maps
Itil Mind MapsItil Mind Maps
Itil Mind MapsLyju Thomas
 
Corporate Data Quality: Research and Services Overview
Corporate Data Quality: Research and Services OverviewCorporate Data Quality: Research and Services Overview
Corporate Data Quality: Research and Services OverviewBoris Otto
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4brunise
 
Value Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtValue Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtArnaldo Colombo
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1AVASP - Ambiente Virtual de Aprendizado de São Paulo
 
Combining Itil And Six Sigma To Improve
Combining Itil And Six Sigma To ImproveCombining Itil And Six Sigma To Improve
Combining Itil And Six Sigma To ImproveAhmad Refai
 
Putting the PRO in PROcess Design - ITSM Academy Webinar
Putting the PRO in PROcess Design - ITSM Academy WebinarPutting the PRO in PROcess Design - ITSM Academy Webinar
Putting the PRO in PROcess Design - ITSM Academy WebinarITSM Academy, Inc.
 
Business Process Management
Business Process ManagementBusiness Process Management
Business Process ManagementIBMGovernmentCA
 
Messing
MessingMessing
MessingNASAPMC
 
BPM Courses and Certificates by Stevens Institute of Technology
BPM Courses and Certificates by Stevens Institute of TechnologyBPM Courses and Certificates by Stevens Institute of Technology
BPM Courses and Certificates by Stevens Institute of TechnologyMichael zur Muehlen
 
Implementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstImplementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstVyom Labs
 
ISO 20K is Not Scary
ISO 20K is Not ScaryISO 20K is Not Scary
ISO 20K is Not ScaryITSM Academy, Inc.
 
Improve IT Operations
Improve IT OperationsImprove IT Operations
Improve IT OperationsEnrique Vicente
 

More Related Content

What's hot

ITIL® im Microsoft-Umfeld: Einführung in das MOF
ITIL® im Microsoft-Umfeld: Einführung in das MOFITIL® im Microsoft-Umfeld: Einführung in das MOF
ITIL® im Microsoft-Umfeld: Einführung in das MOFDigicomp Academy AG
 
CMMI Implementation with Digité Enterprise
CMMI Implementation with Digité EnterpriseCMMI Implementation with Digité Enterprise
CMMI Implementation with Digité EnterpriseDigite Inc
 
TQA Cat 6 Process Management
TQA Cat 6 Process ManagementTQA Cat 6 Process Management
TQA Cat 6 Process ManagementAreté Partners
 
Using Six Sigma to Drive Tangible Service Desk Improvement and Savings
Using Six Sigma to Drive Tangible Service Desk Improvement and SavingsUsing Six Sigma to Drive Tangible Service Desk Improvement and Savings
Using Six Sigma to Drive Tangible Service Desk Improvement and SavingsITSM Academy, Inc.
 
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...CA Nimsoft
 
Configuration Management Best Practices
Configuration Management Best PracticesConfiguration Management Best Practices
Configuration Management Best PracticesTechExcel
 
Corporate Data Quality: Research and Services Overview
Corporate Data Quality: Research and Services OverviewCorporate Data Quality: Research and Services Overview
Corporate Data Quality: Research and Services OverviewBoris Otto
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4brunise
 
Value Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtValue Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtArnaldo Colombo
 
Combining Itil And Six Sigma To Improve
Combining Itil And Six Sigma To ImproveCombining Itil And Six Sigma To Improve
Combining Itil And Six Sigma To ImproveAhmad Refai
 
Putting the PRO in PROcess Design - ITSM Academy Webinar
Putting the PRO in PROcess Design - ITSM Academy WebinarPutting the PRO in PROcess Design - ITSM Academy Webinar
Putting the PRO in PROcess Design - ITSM Academy WebinarITSM Academy, Inc.
 
Business Process Management
Business Process ManagementBusiness Process Management
Business Process ManagementIBMGovernmentCA
 
BPM Courses and Certificates by Stevens Institute of Technology
BPM Courses and Certificates by Stevens Institute of TechnologyBPM Courses and Certificates by Stevens Institute of Technology
BPM Courses and Certificates by Stevens Institute of TechnologyMichael zur Muehlen
 
Implementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstImplementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstVyom Labs
 

What's hot (20)

ITIL® im Microsoft-Umfeld: Einführung in das MOF
ITIL® im Microsoft-Umfeld: Einführung in das MOFITIL® im Microsoft-Umfeld: Einführung in das MOF
ITIL® im Microsoft-Umfeld: Einführung in das MOF
 
Ch01 o.m.-introduction
Ch01 o.m.-introductionCh01 o.m.-introduction
Ch01 o.m.-introduction
 
CMMI Implementation with Digité Enterprise
CMMI Implementation with Digité EnterpriseCMMI Implementation with Digité Enterprise
CMMI Implementation with Digité Enterprise
 
TQA Cat 6 Process Management
TQA Cat 6 Process ManagementTQA Cat 6 Process Management
TQA Cat 6 Process Management
 
IBM GPRA
IBM GPRAIBM GPRA
IBM GPRA
 
Using Six Sigma to Drive Tangible Service Desk Improvement and Savings
Using Six Sigma to Drive Tangible Service Desk Improvement and SavingsUsing Six Sigma to Drive Tangible Service Desk Improvement and Savings
Using Six Sigma to Drive Tangible Service Desk Improvement and Savings
 
RequirementPro™ Architecture
RequirementPro™ ArchitectureRequirementPro™ Architecture
RequirementPro™ Architecture
 
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
Webcast: Is it Possible to Have Too Many Tools? Featuring George Spalding of ...
 
Configuration Management Best Practices
Configuration Management Best PracticesConfiguration Management Best Practices
Configuration Management Best Practices
 
Itil Mind Maps
Itil Mind MapsItil Mind Maps
Itil Mind Maps
 
Corporate Data Quality: Research and Services Overview
Corporate Data Quality: Research and Services OverviewCorporate Data Quality: Research and Services Overview
Corporate Data Quality: Research and Services Overview
 
Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4Cobit® 5 Comparação com Cobit® 4
Cobit® 5 Comparação com Cobit® 4
 
Value Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge MgtValue Reference Model - Information and Knowledge Mgt
Value Reference Model - Information and Knowledge Mgt
 
Cobit5 compare-with-4.1
Cobit5 compare-with-4.1Cobit5 compare-with-4.1
Cobit5 compare-with-4.1
 
Combining Itil And Six Sigma To Improve
Combining Itil And Six Sigma To ImproveCombining Itil And Six Sigma To Improve
Combining Itil And Six Sigma To Improve
 
Putting the PRO in PROcess Design - ITSM Academy Webinar
Putting the PRO in PROcess Design - ITSM Academy WebinarPutting the PRO in PROcess Design - ITSM Academy Webinar
Putting the PRO in PROcess Design - ITSM Academy Webinar
 
Business Process Management
Business Process ManagementBusiness Process Management
Business Process Management
 
Messing
MessingMessing
Messing
 
BPM Courses and Certificates by Stevens Institute of Technology
BPM Courses and Certificates by Stevens Institute of TechnologyBPM Courses and Certificates by Stevens Institute of Technology
BPM Courses and Certificates by Stevens Institute of Technology
 
Implementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process FirstImplementing ITIL - Product First Or Process First
Implementing ITIL - Product First Or Process First
 

Similar to iso 20000

Itil v3
Itil v3Itil v3
Itil v3Peleg
 
ECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesPatrick Nolot
 
IT Governance Presentation
IT Governance PresentationIT Governance Presentation
IT Governance Presentationjmcarden
 
Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14
Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14
Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14said missoum
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictabilitytlknecht
 
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceOptimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceKurt Solarte
 
Tatakelola Teknologi Informasi
Tatakelola Teknologi InformasiTatakelola Teknologi Informasi
Tatakelola Teknologi InformasiCahyo Darujati
 
Msp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery ProcessMsp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery Processkadhar_masthan
 
How to implement measurements to drive value
How to implement measurements to drive valueHow to implement measurements to drive value
How to implement measurements to drive valueOMNINET USA
 
Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...
Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...
Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...Alithya
 
South Florida HDI National Speakers Preview April 19 2012
South Florida HDI National Speakers Preview April 19 2012South Florida HDI National Speakers Preview April 19 2012
South Florida HDI National Speakers Preview April 19 2012Eddie Vidal
 
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStormSolutions
 
EGMP - Next Practice Service
EGMP - Next Practice ServiceEGMP - Next Practice Service
EGMP - Next Practice ServiceTariq Elsadik
 
ThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMZyma Arsalan
 
Top 10 Imperatives for Leading a Successful IT Improvement Program
Top 10 Imperatives for Leading a Successful IT Improvement ProgramTop 10 Imperatives for Leading a Successful IT Improvement Program
Top 10 Imperatives for Leading a Successful IT Improvement ProgramCognizant
 
What Is It Governance 24812
What Is It Governance 24812What Is It Governance 24812
What Is It Governance 24812Amr Mustafa
 

Similar to iso 20000 (20)

ISO 20K is Not Scary
ISO 20K is Not ScaryISO 20K is Not Scary
ISO 20K is Not Scary
 
Improve IT Operations
Improve IT OperationsImprove IT Operations
Improve IT Operations
 
Itil v3
Itil v3Itil v3
Itil v3
 
ECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT ServicesECATA - Sourcing Strategies of IT Services
ECATA - Sourcing Strategies of IT Services
 
IT Governance Presentation
IT Governance PresentationIT Governance Presentation
IT Governance Presentation
 
Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14
Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14
Qwr iso20000 auditor m04 implementing audit and tooling us 06 apr14
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictability
 
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceOptimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligence
 
Tatakelola Teknologi Informasi
Tatakelola Teknologi InformasiTatakelola Teknologi Informasi
Tatakelola Teknologi Informasi
 
Msp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery ProcessMsp It Goverance And Service Delivery Process
Msp It Goverance And Service Delivery Process
 
How to implement measurements to drive value
How to implement measurements to drive valueHow to implement measurements to drive value
How to implement measurements to drive value
 
Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...
Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...
Get Ready for Solvency II with Oracle's Hyperion Profitability and Cost Manag...
 
South Florida HDI National Speakers Preview April 19 2012
South Florida HDI National Speakers Preview April 19 2012South Florida HDI National Speakers Preview April 19 2012
South Florida HDI National Speakers Preview April 19 2012
 
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
 
EGMP - Next Practice Service
EGMP - Next Practice ServiceEGMP - Next Practice Service
EGMP - Next Practice Service
 
ThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBMThinkFaculty ITIL Training Course IBM
ThinkFaculty ITIL Training Course IBM
 
Cobit5 and-grc
Cobit5 and-grcCobit5 and-grc
Cobit5 and-grc
 
Top 10 Imperatives for Leading a Successful IT Improvement Program
Top 10 Imperatives for Leading a Successful IT Improvement ProgramTop 10 Imperatives for Leading a Successful IT Improvement Program
Top 10 Imperatives for Leading a Successful IT Improvement Program
 
Mv2421182120
Mv2421182120Mv2421182120
Mv2421182120
 
What Is It Governance 24812
What Is It Governance 24812What Is It Governance 24812
What Is It Governance 24812
 

iso 20000

  • 1. How to achieve ISO/IEC 20000 – The key successful factors Joe Hsieh (joe.hsieh@bsi-global.com) LOGO BSI Taiwan ISO 20000 Product Manager ISO 27001/ ISO 20000 Lead Auditor Agenda Trend and Challenge – 1. IT service and ITSMS 2. Key Implementation Issues of ITSMS Auditing issue – criteria 3. overview, auditing stage Auditing issue – 4. common problems & tips 1
  • 2. Trend and Challenge – IT service and ITSMS Focus on Meet Business performance Strategy Focus Issue 1. Project -> Business growth 2. Linking business and IT strategies 3. Demonstrating the business value ROI Focused (Outsourcing / of IT BPO) 4. ……. 5. ……. Contract Gartner: IT Leaders' Next Big Decisions (2005) Trend and Challenge – IT service and ITSMS By 2008, ‘ITIL® Compliance’ will be a buying criteria in 75% of relevant IT sourcing decisions. Gartner Inc., January 5, 2006 More than 120 n organizations applied for Japa a re the ISO/ IEC 20000 Ko certifications worldwide. Others India The top four countries: United United Kingdom, India, Kingdom Korea and Japan. Certified Organizations 2
  • 3. Key Implementation Issues of ITSMS (The content of ISO/ IEC 20000) Requirement for a management system (3) Requirement for a management system Planning and implementing service management (4) Planning (4) Planning and implementing new or changed services (5) Planning and implementing (5) Service Delivery Processes (6) Service Delivery Processes (6) Management System Capacity Management Service Level Management Information Framework Security Service Service Reporting Management Continuity and Budgeting and Availability Accounting Management Control Processes (9) Control for IT Configuration Management services Service Change Management Processes Requirement Incident Management Business Relationship Management Release Management Problem Supplier Management Management Release Release Resolution Resolution Relationship Relationship Processes (10) Processes (10) Processes (8) Processes (8) Processes (7) Processes (7) Key Implementation Issues of ITSMS (The key activities must be performed) 1. Define the scope of the ITSMS 2. Establish policy, objectives and requirements 3. The processes that are to be executed 4. Define management roles and responsibilities (ownership) such as management responsibilities service management overall each of the 13 service management processes 5. The interface between service management process and how to coordinated 6. The approach to be taken in identifying, assessing and managing issues and risks to the achievements of the defined objectives. 7. The approach for interfacing to projects that are creating or modifying services. 8. The resources, facilities and budget necessary to achieve the defined objectives 9. Tools are used to support the processes 10. How the quality of the service will be managed, audited and improved. 3
  • 4. Key Implementation Issues of ITSMS (The scope definition of ITSMS) Organization must implement all of requirements of ISO/ IEC 20000 in order to be certified (Clause 3 ~ Clause 10) Proper ITSMS scope will allow organization to: • Verify the method of implementing whether is workable or not • Reduce the chance/ risk of failure to implement the ITSMS • Demonstrate the true value of the IT service • ……… Organization Location Aspect Aspect The scope of IT service management can be Scope Consideration defined by: Must focus on the relationship with Others – Service Geographical, supplier Aspect infrastructure Auditing issue (criteria overview) Organization must Registered Certification demonstrate that it has Body (RCB) will based on “management control” of organization’s scope to all of the processes perform the audit defined within the ISO/IEC 20000-1:2005. Plan Check Knowledge, use Knowledge and and interpretation control of inputs of outputs Do Act All of ISO/IEC 20000 RCB will follow certain requirements must be scheme to conduct the implemented (Clause audit (i.e. ITSMF or 3 ~ Clause 10) . UKAS (in future)) 4
  • 5. Auditing issue (criteria overview) The Auditor is responsible for assessing the: Suitability of the scope of the audit; Implementations of PDCA cycle; Implementations of Service Management Processes (13 managements); Integration and management of the interfaces between processes; Flow of information and process control across interfaces (effectiveness) Auditing issue (auditing stage) Pre Assessment Initial Enquiry Initial Assessment (Optional) • Engage with RCB • Off-site/ On-site • Organizations can • Submit the decide to perform the assessment of Application Form pre-assessment prior process to the initial documentation • Confirm the detail of assessment such as assessment as • On-site audit scope, man-day, necessary (Optional) (implementation audit) special requirement, and etc. Triennial Re- Surveillance assessment Certification Assessment • The effectiveness of • valid for three years the ITSMS (Including • Semi-annual or • Full Re-audit the Management annual surveillance ITSMS Framework and audits are required Service Processes) • Triennial Re- assessment will be carried out 5
  • 6. Auditing issue (common problems & tips) The pitfall to avoid: Inappropriate scope definition (for example, no clear interface between service processes or with 3rd party supplier) No clear role and responsibility of senior management or service process owner Not implement all of “shall” requirements Service management documents are defective (too long the relationship between them is unclear, or no documentary evidence) No clear inter-relationship between service processes (for example, SLM – Business Relationship Mgmt – Supplier Mgmt) Auditing issue (common problems & tips) The pitfall to avoid (cont’): No clear evidence of how the interfaces of chain of suppliers are managed (Supplier management) No clear evidence of how all interfaces to the customers are managed (Business relationship management, and other management such as Service level management) The service management culture is not established (people not buy in) – resistance to change There is no effective configuration management in place (i.e. integrity of CMDB) 6
  • 7. Auditing issue (common problems & tips) Tips: Use checklist to check the compliance of the service management Have some one to carry out the pre- audit assessment (internal audit or independent party) before conduct official ISO20000 assessment What to check? Auditing issue (common problems & tips) Key point to check (for example): Background and review of documentation Service management policies and plans; Process and procedures within the scope of ISO20000 Service level agreements (and supporting agreements and contracts) Records required by the standard (change records, service reports, checklists, etc.) Proposed scope for the audit …. Detailed assessment (implementation audit) Interview the owners and users of the ITSMS Review high, medium and/or low critical areas Service objectives and targets Service and management reviews Links between the core documents within the system 7
  • 8. Auditing issue (common problems & tips) Tips: Use metrics and service reporting to evaluate the service capability (PDCA) - From performance, value, compliance, etc. Reactive Metrics/ report Proactive Metrics/ report Forward Schedule Metrics/ report Auditing issue (common problems & tips) What activities must be monitored: Reporting on management responsibility Metrics for PDCA (Plan-Do-Check-Act of ITSMS) Metrics for implementing a new service Metrics for service management process Metrics for management of interfaces 8
  • 9. Auditing issue (common problems & tips) What kind of service reporting could be useful? • Performance against service level targets • Noncompliance and issues • Workload characteristics, i.e. volume info of incident, problems. • Performance reporting after major events • Trend information • Satisfaction analysis Source: BSI BIP0032 Auditing issue (common problems & tips) – Example of service report Policy for service improvement: “service improvement will be targeted at delivering a faster and cheaper resolution service” Metrics (higher level) • Trends in incident and volumes (cost reduction from problem avoidance) • Trends in avg fix time for all incidents and problems (cheaper and faster due to quicker methods of resolutions) • Trend in unit cost of incident/ problem solving, with targets (cheaper unit cost) Metrics (lower level) • Number and types/ avg fix time of incidents and problem in each priority class. • Type and number of known error • Number of known errors eliminated permanently. • Cost of fixing incidents, including overheads. • Fix time for each hour of a working day/ for each person on a service desk. • The cause of the most frequently occurring incidents. Source: BSI BIP0032 9
  • 10. Joe Hsieh (joe.hsieh@bsi-global.com) LOGO BSI Taiwan ISO 20000 Product Manager ISO 27001/ ISO 20000 Lead Auditor 10