ISO 20000 & ITIL® Blog

ISO 20000 – The perfect way to improve IT services

In the Information Society in which we live there are many companies that provide IT services, but does every company care about customer satisfaction? In theory, everyone but the client knows that is not always true, and clients are becoming ever more demanding.

What can we do to satisfy our clients? We can provide good service with acceptable levels of quality, but how can we prove it? One way currently adopted by thousands of companies worldwide is through an International Standard called ISO/IEC 20000 “Information Technology – Service management.”

ISO 20000 was published in 2005 but, like other ISOs, originated in a British Standard: BS 15000. And, although they have many similarities, ISO 20000 at present has eight parts (ISO 20000-1 “Service management system requirement,” ISO 20000-2 “Guidance on the application of service management systems,” ISO 20000-3 “Guidance on scope definition and applicability of ISO 20000-1,” ISO 20000-4 “Process reference model,” ISO 20000-5 “Exemplar implementation plan for ISO 20000-1,” ISO 20000-7 “Application of ISO 20000-1 to the cloud,” ISO 20000-10 “Concepts and terminology for ISO 20000-1,” ISO 20000-11 “Guidance on the relationship between ISO 20000-1 and related frameworks”).

ISO 20000 and ITIL

ISO 20000 also has many similarities with ITIL. ITIL stands for “Information Technology Infrastructure Library,” and is a set of practices for IT service management. It was elaborated in the 1980s by the UK Government´s Central Computer and Telecommunications Agency, and at present is a code of practices internationally recognized.

An important difference between ISO 20000 and ITIL is that ISO 20000 gives a certificate to a company, (as you know, ISO 20000 has eight parts, but only ISO 20000-1 is certifiable), while ITIL gives a certificate to an individual person.

Both (ISO 20000 and ITIL) help us to manage IT services through a framework or code of practice, although in the case of ISO 20000 we also have a management system, which will be discussed in another blog post. Therefore, the most important parts of ISO are: ISO 20000-1 “Service management system requirement,” and ISO 20000-2 “Guidance on the application of service management systems.”

The structure of ISO 20000

There are many companies that implement and certify ISO 20000 because it is a way to assure customers that their services are managed under the umbrella of an internationally recognized code of good practice. And, although – as discussed below – implementing and maintaining ISO 20000 is often complex because there are many processes and procedures, any organization can start a project of this type regardless of size (although the organization will need the support of specialists).

ISO 20000 consists of processes, but what is a process? Basically, a process is a repetitive sequence of activities that occur in an organization to provide an outcome to a recipient. Depending on the activities, we can have different processes, and for each process, we will require resources.  At present ISO 20000 is made up of 13 discrete processes  and are grouped into four sets: service delivery, control, resolution and relationship with suppliers.

Now that you have an introduction to ISO 20000, you can think about how such a standard could improve your business. And yes, your business would undoubtedly improve, because you would have a management system to control all your business processes, and furthermore, you would have in mind an International code of practices to work with. At any rate, remember that ISO 20000 has more processes and we will talk about these in the next blog posts; do not miss them!

You can also check out free whitepapers and other downloads to get familiar with ISO 2000 and possible benefits for your organization.

Advisera Antonio Jose Segovia
Antonio Jose Segovia
Antonio Jose Segovia is an IT Engineer, and he has many professional certifications in the IT sector. He is also ISO 27001 IRCA and Lead Auditor qualified by BUREAU VERITAS in ISO 27001, ISO 20000, ISO 22301, ISO 27018, GDPR, and TISAX, as well as being an expert in information security, an ethical hacker, and a university professor in an online Master of Information Security program. With more than 10 years of experience in the IT sector, he has visited companies of all kinds in Spain, Portugal, Italy, France, United Kingdom, USA, Chile, Peru, and Costa Rica.