Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


ISO 20000


Conrad Lidgett

on 30 October 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of ISO 20000

Some Words
ISO 20,000 What is it?
A Standard
So; What is a Standard?
“A reference point against which other things can be evaluated”
A British Standard Adopted Worldwide
What's in the box?

Code of Practice
Service Provider Requirements

Best Practice
SHALL: Mandatory

SHOULD: Optional (but could become mandatory)
In Reality there are 2 key elements
Management System
Shall have a clearly defined and documented scope
Shall have all requests for change documented
Shall assess changes for risk
Shall include a way to be reversed or remedied if unsuccessful
Shall ensure that all change are approved
Shall be implemented in a controlled manner
Shall be reviewed for success
Shall control emergency changes
Shall have a schedule of implementation dates
Shall communicate the schedule to relevant parties
Shall analyse change records to detect trends
Shall record the results from change analysis
Should have a clearly defined and documented scope
Should ensure that only business benefit changes are approved
Should ensure that changes are scheduled based on priority & risk
Should ensure that changes to configurations can be verified during implementation
Should ensure that time to implement changes is monitored and improved where required
Should demonstrate how a change is raised, recorded & classified
Should demonstrate how a change is assessed for: impact, urgency, cost, benefit, risk
Should demonstrate how it can be reversed or remedied if unsuccessful
Should demonstrate that it is document e.g. linked to affected configuration items
Should be approved or rejected by a change authority
Should be tested, verified and signed off
Should be closed and reviewed
Should be scheduled, monitored and reported on
Should be linked to incidents, problems and other change and configuration items
So; what processes does ISO20K cover?
Summary so far............

It's a standard (A reference point against which other things can be evaluated)

comes in 2 parts
part 1 SHALL
part 2 SHOULD

relates to:
A management system
A number of processes
The Management System covers:
The scope that the plan and the deliverable will cover (scoping statement)
Communicate need for meeting objectives and continual service improvement
Ensure customer requirements are determined and met
Manager responsible for co-ordinating and managing all services
Determine required resources and manage recruitment
Manage risks to the organisation
Conduct reviews of service management
Ensure continual suitability, adequacy and effectiveness
All required documentation is in place and managed
Records are accurate and keep
Staff competencies, awareness and training is in place
Worked in IT for too long (30 + years)
Working in most aspect

Took ITIL V1 in 1995 (in 1st 1000 people to do so)

designed, delivered, consulted on ITIL

V2 accredited trainer
V2 accredited examiner

ISO 20000 certified consultant

past 4 year designing management systems

What does ISO 20K give us?
A method of judging our management system and ITIL based processes
A certificate to hang on the wall

Anything else?
If we are a Service Provider we can gain access to government outsourcing opportunities
Who's ISO 20K certified?
How many certifications worldwide?
Answer: 482
Who are the top 3 countries?
In 3rd place?
UK 44 certifications
In 2nd place?
Japan 76 certifications
And No. 1 in the world with 83 certifications?
China !!
Australia, Austria, Botswana, Brazil
Bulgaria, China, Colombia, Croatia
Czech Republic, Denmark, Estonia, Finland
France, Germany, Hong Kong, India
Ireland, Italy, Japan, Kuwait
Latvia, Liechtenstein, Macedonia, Malaysia
Mexico, Netherlands, Norway, Philippines
Poland, Qatar, Russia
Saudi Arabia, Singapore, Slovakia, South Korea
Spain, Sri Lanka, Sweden, Switzerland, Taiwan
Thailand, Turkey, United Kingdom
United Arab Emirates, USA
45 countries worldwide
Anyone here aiming to be No. 483 in the world?
Of the 44 UK certifications

Over 1/2 are service providers
What Does the Standard Expect?
All SHALL criteria must be delivered

Appropriate SHOULD criteria must be delivered

Must appear in all the processes / management system
Must be consistently delivered
must be documented
must be evidenced
All processes must be covered

A scoping statement showing to what ISO 20K is applied

A formal audit by an accredited audit organisation (RCB)
Registered Certification Body
Is ISO 20K Good Practice or Best Practice?
Need to ask ourselves what GOOD & BEST mean?

1 to be desired or approved of
2 having the required qualities; of a high standard
3 morally right; virtuous
4 well behaved
5 enjoyable or satisfying
6 appropriate
7 (good for) beneficial to
8 thorough
9 at least

1 of the most excellent or desirable type or quality
2 most suitable, appropriate, or sensible
What word do we use in contracts?


GOOD Endevours?

BEST Endevours?

Instead;We use?

(sounds reasonable to me)
Reasonable Endevours
ISO 20K is neither GOOD or BEST Practice



1 fair and sensible
2 as much as is appropriate or fair; moderate
3 fairly good; average
Use / Misuse of the Standard
Some "rules"

Once said that you cannot claim things like:

Compatible with ISO 20K
Compliant to ISO 20K
Aligned to ISO 20K
Cannot claim certification for an organisation only the scope of the certification within the organisation
Service provider cannot claim certification if forming part of a client's scope

you are either certified or you are not!


page 20 (section 1.9) of the pocket guide does say:

"service providers can claim their compliance with the specifications of the ISO 20000 standard"

which is good for the use I make of ISO20K
Relationship with ITIL
Could be regarded as: 'ITIL Lite'

Is a cut down version of ITIL V2
A great way to get started with ITIL
No need to read loads of books, go on courses

ISO 20K gives you the basics (recommended)

It followed ITIL rather than lead it

ITIL V3 referenced ISO20K as the standard

Clearly miles apart

ISO 20K refresh?

ITIL V3 refresh (already started!)
Business Value?
Some government institutions are making certification mandatory

certified Providers get market access

clients get a known standard of delivery


482 certifications worldwide perhaps does not suggest any huge business value
ISO 20000: A Personal View

Conrad Lidgett

Today's mix?

Service Providers (outsourcing)
Central Government
Local Government
Private sector

"expressing an instruction or command"


"used to indicate what is probable"
Use or Misuse?...............................You decide
lets make some use out of ISO 20K
Just a reminder.....

What are the main components?
Come on !
We have:

A Standard (something to be judged against)
SHALL criteria
SHOULD criteria

Applied to:

The Management System
Some of the ITIL V2 processes
Where should we start?
Let's remind ourselves of what's in the Management System
Let's have your ideas !!
Main Components of a Management System:

Business requirements
People, competancies & training
Risk Management
Continual Suitability
Record keeping
Let's talk Management Systems

People Compliance
Financial Compliance
Service Compliance
Supplier Compliance
Formal Compliance
General Compliance
Client Compliance
Continual Transformation

Continual Business Relevance
Continual Service Improvement
Management of Risk
Operational Processes
What should our aim be?
3 Little words.....................
3 significant aims of any Management System
Business Requirements
Continual Suitability
Management of Risk
People, competancies & training
Summary (Management System)

Understand the business / client
Have your delivery ready ahead of their requirement
Be Efficient & Effective
Build your strategy
Manage the compliances
Manage: Conformance, Performance & Quality
Look after your people !

And finally: Back to the SHALL & SHOULD....................................
And let's not forget: THE SCOPE
Wrap up !

A Standard ("A reference point against which other things can be evaluated")
Management System
ITIL related processes
Continual Improvement
Breath a sigh of relief......................................................
The END !!
Scoping Statement

Shanghai Great Wall Ideal Co Ltd

"The IT Service Management System for the provision of IT Infrastructure Services, Application Management and Desktop Services to contracted external users"
Certifications is for the scope not the organisation
How would you describe the scope of what you would like to cover?
Continual Improvement

Based on Demming


(c) conrad@smda.co.uk
Full transcript