About
Subscribe

ISO issues new ITSM standards

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 19 Oct 2011

In order to address new practices, and to bring ISO/IEC 20000 into alignment, the Organisation for International Standardisation (commonly known as ISO), together with the International Electrotechnical Commission (IEC), issued a new version of the Specification for IT Service Management System, commonly known as ISO/IEC 20000-1.

This has long been the standard for IT service organisations to adhere to, in order to assure continuous improvement and adequate service levels. The standard, issued in 2005, has been updated as of May 2011, and the revised ISO/IEC 20000-1:2011 provides new guidelines and requirements for certified companies, against which they will be audited in the future.

“The original ISO/IEC 20000 standard was an adaptation of the British Standard BS15000, which was fast-tracked through the mechanisms, resulting in a lack of alignment of this standard with other ISO standards,” explains Johann Botha, principal consultant at Marval SA.

The revised standard represents several substantial changes, particularly around clauses three and four, which define management responsibility and the service management system. The previous version of the standard did not provide in-depth descriptions of these areas, which has been consummately addressed with the update.

With the increased content in these areas, management now has a far clearer definition of various aspects; and a new sub-clause has been introduced to delineate the roles and responsibilities of the management representative, who is accountable for ensuring the success of ISO/IEC 20000 within the organisation.

Clearer guidelines have also been provided around the and procedures that should be put in place to ensure accountability is assigned to those with the relevant authority to shoulder this and make the necessary decisions.

of all processes that are operated by a third party. This clause assists organisations to ensure that all outsourced providers comply with the rules of the organisation in line with ISO/IEC 20000, by defining the measures and methods that need to be put in place to govern third-party processes.

An expanded view of what is needed in terms of document management and control has also been included, along with a clause on human resources and resource management. The existing clause that dealt with the implementation of quality management in the form of service management has been augmented with additional requirements.

Finally, the old clause named 'Implementing New and Changed Services' has been renamed to 'Design and Transition of New and Changed Services', in order to further clarify the purpose of this clause.

The ISO/IEC 20000 standard bundle has also been augmented with additional documentation, providing information for enhanced internal evaluation and a framework for internal audits, as well as guidance to assist organisations with achieving the outcomes defined in the standard.

Where previously the standard pack contained ISO/IEC 20000-1, which represents the standards to be audited against, and ISO/IEC 20000-2, the code of practice to ensure expected outcomes are achieved, the new pack contains these along with ISO/IEC 2000-3.

Share