ISO/IEC 20000 and ITILISO/IEC 20000 and ITIL
Presented ByPresented By
Dhananjay AnumandlaDhananjay Anumandla
Shaunak SontakkeShaunak Sontakke
Batch: 25 ITBatch: 25 IT
Institute of Technology & ManagementKhargar, Navi Mumbai
Topics CoveredTopics Covered
ISO/IEC 20000 OverviewISO/IEC 20000 Overview Why ISO 20000 ?Why ISO 20000 ? ITIL OverviewITIL Overview ITIL & ISO/IEC 20000ITIL & ISO/IEC 20000 ISO 20000 ProcessesISO 20000 Processes Central Requirements for ISO 20000Central Requirements for ISO 20000 Benefits and Limitations of ITILBenefits and Limitations of ITIL ISO/IEC 20000 relationship with ITILISO/IEC 20000 relationship with ITIL ISO 20000 Certification processISO 20000 Certification process Key differences – ITIL and ISO 20000Key differences – ITIL and ISO 20000 ISO/IEC 20000 Success factorsISO/IEC 20000 Success factors
ISO/IEC 20000 OverviewISO/IEC 20000 Overview
ISO/IEC 20000 is the first international standard for ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, IT service management. It was developed in 2005, by ISO/IEC and revised in 2011. It is based on and by ISO/IEC and revised in 2011. It is based on and intended to supersede the earlier BS 15000 that was intended to supersede the earlier BS 15000 that was developed by BSI Group.developed by BSI Group.
ISO/IEC 20000-1:2011 includes "the design, ISO/IEC 20000-1:2011 includes "the design, transition, delivery and improvement of services transition, delivery and improvement of services that fulfil service requirements and provide value for that fulfil service requirements and provide value for both the customer and the service provider.both the customer and the service provider.
ISO/IEC 20000-2:2012 provides guidance on the ISO/IEC 20000-2:2012 provides guidance on the application of service management systems (SMS) application of service management systems (SMS) based on the requirements in ISO/IEC 20000-1:2011.based on the requirements in ISO/IEC 20000-1:2011.
Why ISO 20000 ?Why ISO 20000 ? Is an international ISO standard and thus allows for an Is an international ISO standard and thus allows for an
organization certification organization certification Organization certification vs. people certification Organization certification vs. people certification Certified by independent, external bodies Certified by independent, external bodies Demands for continual quality assurance and Demands for continual quality assurance and
improvement improvement Alignment of information technology services and Alignment of information technology services and
business strategy business strategy Provides a benchmark type comparison with best Provides a benchmark type comparison with best
practices practices Strong market positioning on quality and cost-effective Strong market positioning on quality and cost-effective
services services Enhanced reputation and perception Enhanced reputation and perception
ITIL OverviewITIL Overview The The Information Technology Infrastructure Information Technology Infrastructure
LibraryLibrary ( (ITILITIL) is a set of practices for IT service ) is a set of practices for IT service management (ITSM) that focuses on aligning IT management (ITSM) that focuses on aligning IT services with the needs of businessservices with the needs of business
ITIL describes procedures, tasks and checklists that are ITIL describes procedures, tasks and checklists that are not organization-specific, used by an organization for not organization-specific, used by an organization for establishing a minimum level of competency. It allows establishing a minimum level of competency. It allows the organization to establish a baseline from which it the organization to establish a baseline from which it can plan, implement, and measure. It is used to can plan, implement, and measure. It is used to demonstrate compliance and to measure improvement.demonstrate compliance and to measure improvement.
The names The names ITILITIL and and IT Infrastructure LibraryIT Infrastructure Library are owned are owned by United Kingdom's Office of Government by United Kingdom's Office of Government Commerce (OGC)Commerce (OGC)
ITIL and ISO/IEC 20000ITIL and ISO/IEC 20000 ITIL provides guidance on what should be done in order to offer ITIL provides guidance on what should be done in order to offer
users adequate IT Services to support their business processes users adequate IT Services to support their business processes ITIL qualifications are available for individuals but until recently ITIL qualifications are available for individuals but until recently
there was no way for an IT organization to prove that it is there was no way for an IT organization to prove that it is working along the ITIL recommendationsworking along the ITIL recommendations
The ISO/IEC 20000:2011 standard was conceived to fill this The ISO/IEC 20000:2011 standard was conceived to fill this gap, it is modeled upon the principles of ITIL and allows IT gap, it is modeled upon the principles of ITIL and allows IT organizations to have their IT Service Management certified organizations to have their IT Service Management certified
In contrast to the ITIL, ISO 20000 does not offer specific advice In contrast to the ITIL, ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of on how to design your processes. It is rather a set of requirements which must be met in order to qualify for ISO requirements which must be met in order to qualify for ISO 20000 certification. 20000 certification.
As a result, ITIL is a very good basis for developing ISO 20000 As a result, ITIL is a very good basis for developing ISO 20000 compliant processes. compliant processes.
Central Requirements for ISO Central Requirements for ISO 2000020000
ISO 20000 promotes the “adoption of an integrated ISO 20000 promotes the “adoption of an integrated process approach to effectively deliver managed process approach to effectively deliver managed services to meet the business and customer services to meet the business and customer requirements”. requirements”.
ISO 20000 does not prescribe that its requirements ISO 20000 does not prescribe that its requirements must be met by following the ITIL recommendations, must be met by following the ITIL recommendations, so there are many possible ways to achieve so there are many possible ways to achieve compliance. Introducing ITIL, however, is the most compliance. Introducing ITIL, however, is the most widely used approach for obtaining an ISO 20000 widely used approach for obtaining an ISO 20000 certificate. certificate.
It is also important to prove that IT processes are It is also important to prove that IT processes are documented, actively managed, and continually documented, actively managed, and continually improved. improved.
SO/IEC 20000 relationship with SO/IEC 20000 relationship with ITILITIL
Service Management Systemgeneral requirements
Design and transition of new or changed services
Service delivery processes
Relationship processes
Control processes
Resolution processes
ITIL processeswhich fulfill the requirements
Related evidence(documents and records)
ISO/IEC 20000 ITIL 2011
SO/IEC 20000 relationship with SO/IEC 20000 relationship with ITILITIL
ITIL was explicitly written to be aligned with ISO ITIL was explicitly written to be aligned with ISO 20000, as the following table exemplifies: for 20000, as the following table exemplifies: for every section in ISO/IEC 20000:2011, Part 1 every section in ISO/IEC 20000:2011, Part 1 (Mandatory Requirements) there are one or (Mandatory Requirements) there are one or several related ITIL processes. several related ITIL processes.
The following table summarizes in broad terms The following table summarizes in broad terms how the main ISO 20000 processes correspond to how the main ISO 20000 processes correspond to ITIL processes (ITIL 2011 main processes). ITIL processes (ITIL 2011 main processes).
ITIL-ISO20000processes.xls
ISO 20000 Certification processISO 20000 Certification process
Does not certify the IT Service itself or single Does not certify the IT Service itself or single processes but the whole Service Management processes but the whole Service Management System (SMS) for the scope defined. System (SMS) for the scope defined.
To get the certification all requirements of the To get the certification all requirements of the specification must be fulfilled – there is no “pick specification must be fulfilled – there is no “pick and choose” and choose”
The certification is valid for a period of three The certification is valid for a period of three years and consists of years and consists of
• Certification audit Certification audit • Yearly verification auditsYearly verification audits• Re-certification audit after three years Re-certification audit after three years
Key differences – ITIL and ISO Key differences – ITIL and ISO 2000020000
The basic principles behind ITIL and ISO 20000 are very much The basic principles behind ITIL and ISO 20000 are very much in line. The key differences are: in line. The key differences are:
ITIL certifications are available for individuals only, whereas ITIL certifications are available for individuals only, whereas ISO 20000 is a certification scheme for organizations. ISO 20000 is a certification scheme for organizations.
ITIL is a rather detailed collection of best practices, while ITIL is a rather detailed collection of best practices, while ISO 20000 is an international standard that sets out Service ISO 20000 is an international standard that sets out Service Management requirements for IT organizations. Management requirements for IT organizations.
When organizations say they are compliant to ITIL, very When organizations say they are compliant to ITIL, very often this statement is not verifiable; a certification often this statement is not verifiable; a certification according to the ISO 20000 standard means there has been according to the ISO 20000 standard means there has been an objective assessment. an objective assessment.
ITIL focuses on the life cycle of services, but offers less ITIL focuses on the life cycle of services, but offers less guidance on establishing and operating the Service guidance on establishing and operating the Service Management System (SMS) itself Management System (SMS) itself
ISO/IEC 20000 Success factorsISO/IEC 20000 Success factors
Management commitment and support – Management commitment and support – allocation of resources and capabilities allocation of resources and capabilities
Focus on the implementation and the appliance Focus on the implementation and the appliance in the daily business and not on the creation of in the daily business and not on the creation of documents only documents only
Involve people Involve people Appropriate time frame Appropriate time frame Usage of adequate tools Usage of adequate tools Certification should not be an end in itselfCertification should not be an end in itself