The document provides an introduction to ISO/IEC 20000, the international service management standard. It discusses the history and context of the standard, describing how it originated from the British Standard 15000 and was later developed by the ISO and IEC organizations. The core components of ISO/IEC 20000 are explained, including the service management system (SMS) framework, quality principles, and processes. Benefits of certification are also summarized, such as qualifying for new customers, entering global markets, and measuring compliance to industry best practices.

1. What is ISO/IEC 20000?
An Introduction to the International
Service Management Standard
by Mart Rovers
President
INTERPROM
©InterProm USA Corporation – Confidential and Proprietary Information 110/19/2015

2. WHAT IS ISO/IEC 20000?
Contents
©InterProm USA – Confidential and Proprietary Information 210/19/2015

3. Contents
• Background Information
• The Service Management System
• The Service Quality Principles
• A Pragmatic Norm
• ISO/IEC 20000 Contributions
• Benefits of ISO/IEC 20000
• The Certification Process
• ISO/IEC 20000 Publications
• Useful ISO/IEC 20000 Links
• About the Presenter
©InterProm USA – Confidential and Proprietary Information 310/19/2015
International Standards Organization (ISO)
is the Owner of ISO/IEC 20000

4. HISTORY AND CONTEXT
Background Information
©InterProm USA – Confidential and Proprietary Information 410/19/2015

5. History – Before 2005
• ISO/IEC 20000 is the offspring of the
British Standard 15000 (BS 15000), a
standard of the British Standard
Institute which originated in the 1990s.
• The BS 15000 standard was
introduced to measure the level of
implementation of ITIL®’s best
practices in an organization or its
adherence to the goals of the ITIL
processes.
©InterProm USA – Confidential and Proprietary Information 510/19/2015
ITIL is the acronym for
Information Technology Infrastructure Library.
Both ITIL and the Information Technology
Infrastructure Library are registered trademarks
that are owned by AXELOS Ltd.

6. History – In 2005
The Joint Technical Committee 1 /
Subcommittee 7 of the ISO and IEC
organizations released in 2005:
• Part 1: ISO/IEC 20000-1:2005
– Specification
– The normative part of the standard
– The requirements to meet
• Part 2: ISO/IEC 20000-2:2005
– Code of Practice
– The informative part of the standard
– The recommendations to meet the
requirements
©InterProm USA – Confidential and Proprietary Information 610/19/2015

7. History – In 2011 and 2012
In 2011, a new version of the normative
standard ISO/IEC 20000-1 was released:
• ISO/IEC 20000-1:2011
– Service Management System Requirements
– A list of 256 requirements a service provider
“shall” adhere to when seeking certification
In 2012, a new version of the informative
standard ISO/IEC 20000-2 was released:
• ISO/IEC 20000-2:2012
– Guidance on the Application of the Service
Management System
– A list of more than 800 recommendations a
service provider “should” take into consideration
when desiring to meet the 256 requirements
©InterProm USA – Confidential and Proprietary Information 710/19/2015

8. History – Since 2005
Since the introduction of the standard the
Subcommittee has released several additional
informative parts of the ISO/IEC 20000 standard
• ISO/IEC TR 20000-3
– Guidance on the Scope Definition and Applicability of
ISO/IEC 20000-1
• ISO/IEC TR 20000-4
– Process Reference Model
• ISO/IEC TR 20000-5
– Exemplar Implementation Plan
• ISO/IEC TR 20000-9
– Application of ISO/IEC 20000-1 to Cloud Services
• ISO/IEC TR 20000-10
– Concepts and Terminology
©InterProm USA – Confidential and Proprietary Information 810/19/2015
TR stands for Technical Report

9. Context – ISO/IEC 20000…
• … is a worldwide standard
that describes the
implementation of an
integrated process
approach for the delivery of
IT services.
• … consists of a set of
minimum requirements to
audit an organization
against effective IT Service
Management.
©InterProm USA – Confidential and Proprietary Information 910/19/2015
• … promotes the adoption of
an integrated process
approach to effectively
deliver managed services to
meet the business and
customer requirements.
• … promotes the coordinated
integration and
implementation of the
service management
processes to provide the
ongoing control, greater
efficiency and opportunities
for continual improvement.

10. ISO/IEC 20000 Structure
©InterProm USA – Confidential and Proprietary Information 1010/19/2015
4. Service Management System (SMS)
Management responsibility
Governance of processes operated by other parties
Documentation management
Resource management
Establish the SMS
Plan the SMS (Plan)
Implement and operate the SMS (Do)
Monitor and review the SMS (Check)
Maintain and improve the SMS (Act)
5. Design and Transition of new or changed services
6. Service Delivery Processes
Capacity management
Service continuity &
availability management
Service level management
Service reporting
Information security
management
Budgeting &
Accounting for services
9. Control Processes
Configuration management
Change management
Release and deployment
management
7. Relationship Processes8. Resolution Processes
Incident and service request
management
Problem management
Business relationship
management
Supplier management

11. SERVICE MANAGEMENT
SYSTEM
The SMS
©InterProm USA – Confidential and Proprietary Information 1110/19/2015

12. The SMS
• The Service Management System
(SMS) is what will be audited for
certification.
• The SMS is the framework of
processes, tools and resources
(human resources, technology resources,
information resources, and financial
resources) coordinately used to plan,
execute, document and continually
improve service management tasks
in a goal-oriented, customer-
oriented and quality-oriented way.
©InterProm USA – Confidential and Proprietary Information 1210/19/2015
4. Service Management System (SMS)
Management responsibility
Governance of processes operated by other parties
Documentation management
Resource management
Establish the SMS
Plan the SMS (Plan)
Implement and operate the SMS (Do)
Monitor and review the SMS (Check)
Maintain and improve the SMS (Act)
5. Design and Transition of new or changed services
6. Service Delivery Processes
Capacity management
Service continuity &
availability management
Service level management
Service reporting
Information security
management
Budgeting &
Accounting for services
9. Control Processes
Configuration management
Change management
Release and deployment
management
7. Relationship Processes8. Resolution Processes
Incident and service request
management
Problem management
Business relationship
management
Supplier management

13. The SMS Components
Important components of the SMS are:
• Management Responsibility
• Governance of Processes Operated
by Other Parties
• Documentation Management
• Resource Management
• A structured approach to establish
and improve the SMS, following the
Deming Cycle
• A set of 14 Strategic, Tactical and
Operational processes
©InterProm USA – Confidential and Proprietary Information 1310/19/2015
4. Service Management System (SMS)
Management responsibility
Governance of processes operated by other parties
Documentation management
Resource management
Establish the SMS
Plan the SMS (Plan)
Implement and operate the SMS (Do)
Monitor and review the SMS (Check)
Maintain and improve the SMS (Act)
5. Design and Transition of new or changed services
6. Service Delivery Processes
Capacity management
Service continuity &
availability management
Service level management
Service reporting
Information security
management
Budgeting &
Accounting for services
9. Control Processes
Configuration management
Change management
Release and deployment
management
7. Relationship Processes8. Resolution Processes
Incident and service request
management
Problem management
Business relationship
management
Supplier management

14. The SMS Deming Cycle
ISO/IEC 20000 provides the
requirements of the steps involved to
establish and maintain the SMS. These
steps follow the Quality Circle of
Deming: Plan-Do-Check-Act:
• Plan the SMS (Plan)
• Implement and Operate the SMS
(Do)
• Monitor and Review the SMS
(Check)
• Maintain and Improve the SMS (Act)
©InterProm USA – Confidential and Proprietary Information 1410/19/2015

15. SMS Triggers
Answers to questions that trigger the
SMS to start functioning are:
1. What are the customer and business requirements, needs and
expectations?
2. What are the statutory and legal requirements the service
provider needs to take into account?
3. Are there requirements of other standards the service provider
needs to abide by?
4. Does the service provider have contractual obligations to
adhere to?
5. What are the service requirements, as a result of these
requirements and obligations as listed above?
6. What is the portfolio of services that is needed to meet these
service requirements?
7. What is the service management policy and what is the service
management plan, i.e. the service strategy, to meet these
service requirements?
©InterProm USA – Confidential and Proprietary Information 1510/19/2015
4. Service Management System (SMS)
Management responsibility
Governance of processes operated by other parties
Documentation management
Resource management
Establish the SMS
Plan the SMS (Plan)
Implement and operate the SMS (Do)
Monitor and review the SMS (Check)
Maintain and improve the SMS (Act)
5. Design and Transition of new or changed services
6. Service Delivery Processes
Capacity management
Service continuity &
availability management
Service level management
Service reporting
Information security
management
Budgeting &
Accounting for services
9. Control Processes
Configuration management
Change management
Release and deployment
management
7. Relationship Processes8. Resolution Processes
Incident and service request
management
Problem management
Business relationship
management
Supplier management

16. A Working SMS
The execution of the service
management plan will be performed
by the 14 ISO/IEC 20000 processes.
• Strategic Processes
– Relationship Processes
• Tactical Processes
– Design and Transition of New or
Changed Services (process #14)
– Service Delivery Processes
• Operational Processes
– Control Processes
– Resolution Processes
©InterProm USA – Confidential and Proprietary Information 1610/19/2015
Service Delivery Processes:
1. Service Level Management
2. Service Reporting
3. Service Continuity and
Availability Management
4. Budgeting and Accounting for
Services
5. Capacity Management
6. Information Security
Management
Relationship Processes:
7. Business Relationship
Management
8. Supplier Management
Resolution Processes:
9. Incident and Service Request
Management
10. Problem Management
Control Processes:
11. Configuration Management
12. Change Management
13. Release and Deployment
Management

17. The Purpose of the SMS
Ultimately, the SMS serves one major
purpose:
• Turning customers with needs,
expectations and requirements into
satisfied customers.
This is why the standard focuses on
effectiveness. Overtime, the focus can
shift towards efficiency by means of
continuous improvements.
©InterProm USA – Confidential and Proprietary Information 1710/19/2015

18. PERMANENCY OF SERVICE
QUALITY
Service Quality Principles
©InterProm USA – Confidential and Proprietary Information 1810/19/2015

19. ISO/IEC 20000 is Framework-neutral
©InterProm USA – Confidential and Proprietary Information 1910/19/2015
ISO/IEC 20000-1
ISO/IEC 20000-2
Service Management Frameworks
(e.g. ITIL, COBIT, Six Sigma, PMBOK, PRINCE2, CMMI)
&
Quality Management and Other Supporting Standards
(e.g. ISO 9000 and ISO 31000, ISO/IEC 27001, ISO/IEC 38500,
ISO22301, ISO 21500, ISO/IEC 15504)
ISO/IEC 20000 is based on many
frameworks, such as ITIL and
COBIT. This does not imply
that an organization is
required to adopt the
best practices of
these frameworks
In order to meet
the standard’s
requirements.
ISO/IEC 20000 relates to many other
ISO standards such as ISO 9001,
ISO/IEC 27001 and ISO 31000.
This does not imply that an
organization has to meet
the requirements of these
related standards.
These standards
merely serve as
additional
guidance.

20. Service Quality Principles
• ISO/IEC 20000 incorporates all
of the eight quality management
principles of ISO 9001
• Every ISO/IEC 20000-1
requirement supports one or
more of these quality principles.
• What does this mean?
Implementing the requirements
of the standard will bring a
cultural and organizational
change.
©InterProm USA – Confidential and Proprietary Information 2010/19/2015

21. Importance of Principles
• Principles are Guidelines for
Human Conduct that are proven
to have Enduring Permanent
Value
• Principles are deep, fundamental
truths
• Principles are unarguable
because they are self-evident
• Principles have a universal
application
©InterProm USA – Confidential and Proprietary Information 2110/19/2015

22. COMMON SENSE PREVAILS
A Pragmatic Norm
©InterProm USA – Confidential and Proprietary Information 2210/19/2015

23. Pragmatic Requirements
• Representatives of more than 20
countries, working together in
the Joint Technical Committee 1
/ Subcommittee 7 of the ISO/IEC
organizations, have contributed
to the 2011 version of the
standard through a transparent
and democratic voting process
• Years of combined practical
experience has resulted in a
collection of logical, pragmatic
and clear requirements
©InterProm USA – Confidential and Proprietary Information 2310/19/2015

24. Pragmatic Norms For…
• Leadership
• Business Relationship Managers
• Supplier/Vendor Management
Managers
• Project Managers
• Business Analysts
• Human Resource Managers
• Service Owners
• Process Owners
• Asset Owners
• Talent Managers
• And more…
©InterProm USA – Confidential and Proprietary Information 2410/19/2015
For
Any
Service
Provider,
Not just IT
Organizations

25. WHEN TO CONSIDER
ISO/IEC 20000 Contributions
©InterProm USA – Confidential and Proprietary Information 2510/19/2015

26. When to Consider? (1 of 4)
• When comparing IT service providers.
ISO/IEC 20000 provides uniform and
common language as well as a norm for
benchmarking
• When selecting an IT service provider.
An IT organization can express added
value when offering its services and
distinguish itself from its competition
• When an IT department/organization is
looking for ways to better understand
the needs of the customer. ISO/IEC
20000 can be a norm to improve IT
governance
©InterProm USA – Confidential and Proprietary Information 2610/19/2015

27. When to Consider? (2 of 4)
• When needing guidance to determine
which best practices to focus on first
when adopting industry best practices
to improve the effectiveness and
efficiency of the IT
department/organization
• When seeking increased transparency
of IT service provision costs, risks, IT
budgets and costs
• When looking for ways to implement
changes faster and more effective and
when seeking for a norm to improve
efficiency and effectiveness
©InterProm USA – Confidential and Proprietary Information 2710/19/2015

28. When to Consider? (3 of 4)
• When attempting to better align the IT
department’s/organization’s services to
a third party’s services, creating a
uniform chain of services in particular
from a process perspective
• When looking for an effective method
and uniform guidelines to outsource or
offshore through a well-aligned process
interfaces and common and consistent
nomenclature. A norm which regulates
outsourcing
• When seeking a norm for reliable and
available quality IT services
©InterProm USA – Confidential and Proprietary Information 2810/19/2015

29. When to Consider? (4 of 4)
• When looking for evidence that IT’s
processes are in compliance with
international financial and security
norms, rules and regulations
• When going for a broad range of
quality improvements within the IT
department/organization, as well as
boosting IT’s professional image
• When looking for an independent and
non-biased baseline to weigh service
providers against and use it as a norm
©InterProm USA – Confidential and Proprietary Information 2910/19/2015

30. WHAT TO EXPECT?
Benefits of ISO/IEC 20000
©InterProm USA – Confidential and Proprietary Information 3010/19/2015

31. What to Expect? (1 of 2)
• To qualify for new customers; more and
more companies and organizations
consider ISO/IEC 20000 certification an
essential requirement for conducting
business with a new vendor
• To enter global markets; the ISO/IEC 20000
standards are widely recognized
• To objectively measure the level of
compliance to industry best practices
• To have better information available for
numerous purposes
• To better streamline to various process
improvements that may go on
simultaneously in an IT department
©InterProm USA – Confidential and Proprietary Information 3110/19/2015

32. What to Expect? (2 of 2)
• To provide guidance with prioritizing the
best practices to be implemented in an IT
department
• To give a company or organization a
competitive edge
• To show a drive for quality services
• To objectively assess and benchmark IT’s
level of maturity
• To increase customer focus and
transparency of value provided to the
business
• To establish a mentality of continual
improvement in IT
©InterProm USA – Confidential and Proprietary Information 3210/19/2015

33. STEPS TOWARDS
CERTIFICATION
The Certification Process
©InterProm USA – Confidential and Proprietary Information 3310/19/2015

34. 7 Steps to become Certified
and uphold Certification
1. Complete a Questionnaire of the RCB
2. Apply for an Assessment by the RCB
3. Conduct an optional pre-audit by the RCB
4. Conduct the Initial Audit (Stage 1)
– Documentation Review
5. Conduct the Certification Audit (Stage 2)
– Onsite Inspection
– Interviews
– Records Review
6. Conduct Surveillance Audits every 12 months
– Spot Checks
7. Conduct the Re-certification Audit every 3 years
– Stage 1
– Stage 2
©InterProm USA – Confidential and Proprietary Information 3410/19/2015

35. READING MATERIAL
ISO/IEC 20000 Publications
©InterProm USA – Confidential and Proprietary Information 3510/19/2015

36. ISO/IEC 20000 Publication
• ISO/IEC 20000-1:2011 – A Pocket Guide
• Publisher: Van Haren Publishing
• ISBN-13: 978-9087537265
• Author: Mart Rovers
• Price: USD$25
• This Pocket Guide provides a concise
explanation of the nature, content and aim
of ISO/IEC 20000-1: 2011 and a short
summary of ISO/IEC 20000-2:2012.
©InterProm USA – Confidential and Proprietary Information 3610/19/2015

37. LEARN MORE…
Useful ISO/IEC 20000 Links
©InterProm USA – Confidential and Proprietary Information 3710/19/2015

38. ISO/IEC 20000 Links
• ISO Organization: http://www.iso.org
• ISO Standard:
http://www.iso.org/iso/home/store/catalogue_ics.htm
• http://webstore.ansi.org/
• ISO/IEC 20000 Certification Training:
http://www.interpromusa.com/training-services/iso-iec-
20000-certification-training/
• ISO/IEC 20000 Books:
http://www.interpromusa.com/resources/
• ISO/IEC 20000 Certified Firms:
http://www.isoiec20000certification.com/
• ISO/IEC 20000 RCBs:
http://www.isoiec20000certification.com/
©InterProm USA – Confidential and Proprietary Information 3810/19/2015

39. MART ROVERS
About the Presenter
©InterProm USA – Confidential and Proprietary Information 3910/19/2015

40. About Mart Rovers
• Mart Rovers is the President of INTEPROM. He has
over 30 years of experience in IT and has been
consulting and training in IT Service Management
(ITSM), Information Security Management (ISM), IT
Governance and Business Continuity Management
since 1992.
• He has led numerous organizations towards
becoming ISO/IEC 20000, ISO/IEC 27001, and ISO
22301 certified.
• He is a frequent speaker at international events and is
the author of the ISO/IEC 20000 – A Pocket Guide
• Mart received his MBA degree in Information
Analytics and holds BS degrees in Mathematics,
Statistics and in Marketing.
©InterProm USA – Confidential and Proprietary Information 4010/19/2015