ISO/IEC 20000 and ITILISO/IEC 20000 and ITIL

Presented ByPresented By

Dhananjay AnumandlaDhananjay Anumandla

Shaunak SontakkeShaunak Sontakke

Batch: 25 ITBatch: 25 IT

Institute of Technology & ManagementKhargar, Navi Mumbai

Topics CoveredTopics Covered

ISO/IEC 20000 OverviewISO/IEC 20000 Overview Why ISO 20000 ?Why ISO 20000 ? ITIL OverviewITIL Overview ITIL & ISO/IEC 20000ITIL & ISO/IEC 20000 ISO 20000 ProcessesISO 20000 Processes Central Requirements for ISO 20000Central Requirements for ISO 20000 Benefits and Limitations of ITILBenefits and Limitations of ITIL ISO/IEC 20000 relationship with ITILISO/IEC 20000 relationship with ITIL ISO 20000 Certification processISO 20000 Certification process Key differences – ITIL and ISO 20000Key differences – ITIL and ISO 20000 ISO/IEC 20000 Success factorsISO/IEC 20000 Success factors

ISO/IEC 20000 OverviewISO/IEC 20000 Overview

ISO/IEC 20000 is the first international standard for ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, IT service management. It was developed in 2005, by ISO/IEC and revised in 2011. It is based on and by ISO/IEC and revised in 2011. It is based on and intended to supersede the earlier BS 15000 that was intended to supersede the earlier BS 15000 that was developed by BSI Group.developed by BSI Group.

ISO/IEC 20000-1:2011 includes "the design, ISO/IEC 20000-1:2011 includes "the design, transition, delivery and improvement of services transition, delivery and improvement of services that fulfil service requirements and provide value for that fulfil service requirements and provide value for both the customer and the service provider.both the customer and the service provider.

ISO/IEC 20000-2:2012 provides guidance on the ISO/IEC 20000-2:2012 provides guidance on the application of service management systems (SMS) application of service management systems (SMS) based on the requirements in ISO/IEC 20000-1:2011.based on the requirements in ISO/IEC 20000-1:2011.

Why ISO 20000 ?Why ISO 20000 ? Is an international ISO standard and thus allows for an Is an international ISO standard and thus allows for an

organization certification organization certification Organization certification vs. people certification Organization certification vs. people certification Certified by independent, external bodies Certified by independent, external bodies Demands for continual quality assurance and Demands for continual quality assurance and

improvement improvement Alignment of information technology services and Alignment of information technology services and

business strategy business strategy Provides a benchmark type comparison with best Provides a benchmark type comparison with best

practices practices Strong market positioning on quality and cost-effective Strong market positioning on quality and cost-effective

services services Enhanced reputation and perception Enhanced reputation and perception

ITIL OverviewITIL Overview The The Information Technology Infrastructure Information Technology Infrastructure

LibraryLibrary ( (ITILITIL) is a set of practices for IT service ) is a set of practices for IT service management (ITSM) that focuses on aligning IT management (ITSM) that focuses on aligning IT services with the needs of businessservices with the needs of business

ITIL describes procedures, tasks and checklists that are ITIL describes procedures, tasks and checklists that are not organization-specific, used by an organization for not organization-specific, used by an organization for establishing a minimum level of competency. It allows establishing a minimum level of competency. It allows the organization to establish a baseline from which it the organization to establish a baseline from which it can plan, implement, and measure. It is used to can plan, implement, and measure. It is used to demonstrate compliance and to measure improvement.demonstrate compliance and to measure improvement.

The names The names ITILITIL and  and IT Infrastructure LibraryIT Infrastructure Library are owned  are owned by United Kingdom's Office of Government by United Kingdom's Office of Government Commerce (OGC)Commerce (OGC)

ITIL and ISO/IEC 20000ITIL and ISO/IEC 20000 ITIL provides guidance on what should be done in order to offer ITIL provides guidance on what should be done in order to offer

users adequate IT Services to support their business processes users adequate IT Services to support their business processes ITIL qualifications are available for individuals but until recently ITIL qualifications are available for individuals but until recently

there was no way for an IT organization to prove that it is there was no way for an IT organization to prove that it is working along the ITIL recommendationsworking along the ITIL recommendations

The ISO/IEC 20000:2011 standard was conceived to fill this The ISO/IEC 20000:2011 standard was conceived to fill this gap, it is modeled upon the principles of ITIL and allows IT gap, it is modeled upon the principles of ITIL and allows IT organizations to have their IT Service Management certified organizations to have their IT Service Management certified

In contrast to the ITIL, ISO 20000 does not offer specific advice In contrast to the ITIL, ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of on how to design your processes. It is rather a set of requirements which must be met in order to qualify for ISO requirements which must be met in order to qualify for ISO 20000 certification. 20000 certification.

As a result, ITIL is a very good basis for developing ISO 20000 As a result, ITIL is a very good basis for developing ISO 20000 compliant processes. compliant processes.

ISO 20000 ProcessesISO 20000 Processes

ITIL ProcessesITIL Processes

Central Requirements for ISO Central Requirements for ISO 2000020000

ISO 20000 promotes the “adoption of an integrated ISO 20000 promotes the “adoption of an integrated process approach to effectively deliver managed process approach to effectively deliver managed services to meet the business and customer services to meet the business and customer requirements”. requirements”.

ISO 20000 does not prescribe that its requirements ISO 20000 does not prescribe that its requirements must be met by following the ITIL recommendations, must be met by following the ITIL recommendations, so there are many possible ways to achieve so there are many possible ways to achieve compliance. Introducing ITIL, however, is the most compliance. Introducing ITIL, however, is the most widely used approach for obtaining an ISO 20000 widely used approach for obtaining an ISO 20000 certificate. certificate.

It is also important to prove that IT processes are It is also important to prove that IT processes are documented, actively managed, and continually documented, actively managed, and continually improved. improved.

Benefits and Limitations of ITIL Benefits and Limitations of ITIL

SO/IEC 20000 relationship with SO/IEC 20000 relationship with ITILITIL

Service Management Systemgeneral requirements

Design and transition of new or changed services

Service delivery processes

Relationship processes

Control processes

Resolution processes

ITIL processeswhich fulfill the requirements

Related evidence(documents and records)

ISO/IEC 20000 ITIL 2011

SO/IEC 20000 relationship with SO/IEC 20000 relationship with ITILITIL

ITIL was explicitly written to be aligned with ISO ITIL was explicitly written to be aligned with ISO 20000, as the following table exemplifies: for 20000, as the following table exemplifies: for every section in ISO/IEC 20000:2011, Part 1 every section in ISO/IEC 20000:2011, Part 1 (Mandatory Requirements) there are one or (Mandatory Requirements) there are one or several related ITIL processes. several related ITIL processes.

The following table summarizes in broad terms The following table summarizes in broad terms how the main ISO 20000 processes correspond to how the main ISO 20000 processes correspond to ITIL processes (ITIL 2011 main processes). ITIL processes (ITIL 2011 main processes).

ITIL-ISO20000processes.xls

ISO 20000 Certification processISO 20000 Certification process

Does not certify the IT Service itself or single Does not certify the IT Service itself or single processes but the whole Service Management processes but the whole Service Management System (SMS) for the scope defined. System (SMS) for the scope defined.

To get the certification all requirements of the To get the certification all requirements of the specification must be fulfilled – there is no “pick specification must be fulfilled – there is no “pick and choose” and choose”

The certification is valid for a period of three The certification is valid for a period of three years and consists of years and consists of

• Certification audit Certification audit • Yearly verification auditsYearly verification audits• Re-certification audit after three years Re-certification audit after three years

ISO 20000 Certification processISO 20000 Certification process

ISO 20000 Certification processISO 20000 Certification process

Key differences – ITIL and ISO Key differences – ITIL and ISO 2000020000

The basic principles behind ITIL and ISO 20000 are very much The basic principles behind ITIL and ISO 20000 are very much in line. The key differences are: in line. The key differences are:

ITIL certifications are available for individuals only, whereas ITIL certifications are available for individuals only, whereas ISO 20000 is a certification scheme for organizations. ISO 20000 is a certification scheme for organizations.

ITIL is a rather detailed collection of best practices, while ITIL is a rather detailed collection of best practices, while ISO 20000 is an international standard that sets out Service ISO 20000 is an international standard that sets out Service Management requirements for IT organizations. Management requirements for IT organizations.

When organizations say they are compliant to ITIL, very When organizations say they are compliant to ITIL, very often this statement is not verifiable; a certification often this statement is not verifiable; a certification according to the ISO 20000 standard means there has been according to the ISO 20000 standard means there has been an objective assessment. an objective assessment.

ITIL focuses on the life cycle of services, but offers less ITIL focuses on the life cycle of services, but offers less guidance on establishing and operating the Service guidance on establishing and operating the Service Management System (SMS) itself Management System (SMS) itself

ISO/IEC 20000 Success factorsISO/IEC 20000 Success factors

Management commitment and support – Management commitment and support – allocation of resources and capabilities allocation of resources and capabilities

Focus on the implementation and the appliance Focus on the implementation and the appliance in the daily business and not on the creation of in the daily business and not on the creation of documents only documents only

Involve people Involve people Appropriate time frame Appropriate time frame Usage of adequate tools Usage of adequate tools Certification should not be an end in itselfCertification should not be an end in itself

Demo ComparisonDemo Comparison

Start Video

THANK YOUTHANK YOU