Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021
ISO-20000-ITIL-blog

ISO 20000 & ITIL® Blog

ISO/IEC 20000 Service Delivery processes – The basis for IT management

In this blog post, I will speak about the first group of processes of the ISO/IEC 20000: Service Delivery Group, because if you want to learn ISO 20000 we have to analyze its structure in detail. To understand all processes, you need to have in mind that a process performs activities to produce a result for the company, and this result helps us to manage the service.

I will focus on the Service Delivery group, because their processes are easier to understand; so, in the next lines you can find more information about this first group of processes!

The Service Delivery Group contains the following processes:

1. Capacity Management: The company requires the resources necessary to provide the service: people, equipment, and communications. Thus, an organization with ISO 20000 has to foresee a possible peak workload or an increase in performance of IT services offered to its customers. In the event that it is necessary to increase the capacity (people, equipment, etc.) is important to update the agreements of service and is also necessary to identify the costs.

2. Service Continuity & Availability Management: The disaster scenarios need to be identified and contingency strategies defined, so that in this way the service will be uninterrupted or a possible shutdown does not affect much the service. Therefore, the organization can ensure that the service is still running with acceptable quality levels. It is also very important to define a test plan to verify periodically that the established procedures are working properly.



3. Service Level Management: Agreements need to be defined so that it is clearly established what type of service is provided, and under what conditions. There are three types of agreements: Service Level Agreement (agreement with a client), Operational Level Agreement (according to an internal supplier) and Support Agreement (agreement with an external provider). In this case it is very important to establish regular meetings to check compliance with the agreements.

4. Service Reporting: Periodic reports need to be defined with detailed information about the service. It is important to establish a delivery plan and present the results to customers, which will have detailed information about the status of the service (possible failures, updates, changes in internal operations, maintenance, improvements, breakdowns, etc.). In this manner, the client will have a global vision of the status of the service, and this information will come periodically, so the customer can make decisions supported by actual information.

5. Information Security Management: Security measures need to be defined to protect information against threats. All information systems have risks; 100% security is not possible, and we need to guarantee the information of our customer. In this case it is very important to define a risk management methodology to identify assets, analyze threats / vulnerabilities, calculate risk and develop a treatment plan to reduce it to an acceptable level.

6. Budgeting & Accounting for Services: As expected, the money also is important. You need to control costs and profits of service delivery, because you need to know if your service is profitable or if you need to make a new investment. In addition, you need to know costs of resources, assets and equipment and to analyze actual cost versus planned cost.

Well, this is all that I can tell you for now about the service delivery group. This group of processes is basic for managing IT services because all companies need to manage the delivery of their services.  Otherwise, how will a company manage its workload? What if the service goes down and there are no contingency strategies defined? If service conditions are not reflected in an agreement, can our customer claim whatever he wants? If we do not send our customers periodic reports of the service, how can they know the status of the service? If we do not establish security measures, can we protect the information? And, if we offer service without controlling the budget, will we always have money to pay expenses?

But, remember that there are more groups and more processes, so you need to read my next blog post If you want to know them all!

You can also check out free samples of  Service Delivery processes templates to gain more knowledge.

Advisera Antonio Jose Segovia
Author
Antonio Jose Segovia
Antonio Jose Segovia is an IT Engineer, and he has many professional certifications in the IT sector. He is also ISO 27001 IRCA and Lead Auditor qualified by BUREAU VERITAS in ISO 27001, ISO 20000, ISO 22301, ISO 27018, GDPR, and TISAX, as well as being an expert in information security, an ethical hacker, and a university professor in an online Master of Information Security program. With more than 10 years of experience in the IT sector, he has visited companies of all kinds in Spain, Portugal, Italy, France, United Kingdom, USA, Chile, Peru, and Costa Rica.