ISO Certification Services

Internationally recognized certifications for Management Systems in the field of Quality, Environment, Health & Safety, Information Security and Information Technology.

ISO 20000:2011 Certification – IT Services

WHAT IS ISO 20000:2011 CERTIFICATION – IT Service Management System
STRUCTURE OF ISO 20000 CERTIFICATION – IT Service Management System
IT INFRASTRUCTURE LIBRARY
IT SERVICE MANAGEMENT

ISO 20000:2011 CERTIFICATION / BS 15000

CERTIFICATION – DEFINITION

ISO 20000 / BS 15000 is the world’s first standard for IT service management. The standard specifies a set of inter-related management processes, and is based heavily upon the ITIL (IT Infrastructure Library) framework. This directory is intended to serve as a start point for your ISO 20000 / BS 15000 needs. Whether you are entirely new to the topic, or whether you are a seasoned ITIL practitioner, you should hopefully find something of value.

Top

ISO 20000 CERTIFICATION/ BS 15000

CERTIFICATION – STRUCTURE

ISO 20000 / BS 15000 consists of two parts.

ISO 20000 – 1 / BS 15000 consists of following: Scope, Terms and Definitions, Requirements for a Management System, Planning and Implementing Service Management, Planning and Implementing New or Changed Services, Service Delivery Process, Relationship Processes, Resolution Processes, Control Processes, and Release Process

ISO 20000 – 2 / BS 15000 provides assistance to organizations that are to be audited against ISO 20000 – 1 / BS 15000 – 1 or are planning service improvements.

Top

IT INFRASTRUCTURE LIBRARY

The ITIL (IT Infrastructure Library) forms the basis of the ISO 20000 / BS 15000 standard. It consists of 7 sets: Managers Set; Service Support; Service Delivery; Software Support; Networks; Computer Operations; Environmental.

Although the UK Government originally created the ITIL, it was rapidly adopted across Europe as the standard for best practice in the provision of IT Service. Although the ITIL covers a number of areas, its main focus is on IT Service Management (ITSM).

Top

IT SERVICE MANAGEMENT

IT Service Management (ITSM) itself is divided into two main areas: Service Support and Service Delivery. Together, these two areas consist of 10 disciplines that are responsible for the provision and management of effective IT services.

The 10 ITIL disciplines are as follows, five in the area of service support and five in the area of service delivery:

Service Support Disciplines:

Service Delivery Disciplines:

Brief info is given below on the above-mentioned bullet points:

Configuration Management:

Configuration Management is the implementation of a database (Configuration Management Database – CMDB) that contains details of the organisation’s elements that are used in the provision and management of its IT services. This is more than just an ‘asset register’, as it will contain information that relates to the maintenance, movement, and problems experienced with the Configuration Items.

The CMDB also holds a much wider range of information about items that the organisation’s IT Services are dependant upon. This range of information includes:

  • Hardware
  • Software
  • Documentation
  • Personnel

Configuration Management essentially consists of 4 tasks:

1) Identification: this is the specification, identification of all IT components and their inclusion in the CMDB.

2) Control: this is the management of each Configuration Item, specifying who is authorised to ‘change’ it.

3) Status: this task is the recording of the status of all Configuration Items in the CMDB, and the maintenance of this information.

4) Verification: this task involves reviews and audits to ensure the information contained in the CMDB is accurate.

Problem Management:

Problem Management is the resolution and prevention of incidents that effect the normal running of an organisation’s IT services. This includes ensuring that faults are corrected, preventing any recurrence of these faults, and the application of preventative maintenance to reduce the likelihood of these faults occurring in the first instance

Change Management is the practice of ensuring that all changes to Configuration Items are carried out in a planned and authorised manner.

This includes ensuring that there is a business reason behind each change, identifying the specific Configuration Items and IT Services affected by the change, planning the change, testing the change, and having a back-out plan should the change result in an unexpected state of the Configuration Item.

Change Management:

This discipline of ITIL is the management of all software Configuration Items within the organisation. It covers the management of software development, installation and support of an organisation’s software products.

Software is often not regarded as a tangible asset because of its clearly intangible nature, which can result in it not being effectively controlled. There can be several versions of the same software within the organisation for example, and there can also be unlicensed and illegal copies of externally provided software.

Help Desk:

The Help Desk plays an important part in the provision of IT Services. It is very often the first contact the business users have in their use of IT Services when something does not work as expected.

The two main focuses of the Help Desk are Incident Control and Communication.

There are different types of Help Desk, the selection of which is dependant upon what the business requires. Some Help Desks provide a simple call logging function, and escalate calls to more experienced and trained staff. Others provide a high degree of business and technical knowledge with the ability to solve most incidents at the time that the business user reports them.

Software Control and Distribution:

The practice of effective Software Control & Distribution involves the creation of a Definitive Software Library (DSL), into which the master copies of all software is stored and from here its control and release is managed. The DSL consists of a physical store and a logical store. The physical store is where the master copies of all software media are stored. This tends to be software that has been provided from an external source. The logical store is the index of all software and releases, versions, etc. highlighting where the physical media can be located. The logical store may also be used for the storage of software developed within the organisation.

SC&D procedures include the management of the software Configuration Items and their distribution and implementation into a production environment. This will involve the definition of a release programme suitable for the organisation, the definition of how version control will be implemented, and the procedures surrounding how software will be built, released and audited.

Service Level Management:

Service Level Management (SLM) is a primary management of IT services, ensuring that agreed services are delivered when and where they are supposed to be delivered. The Service Level Manager is dependent upon all the other areas of Service Delivery providing the necessary support that ensures the agreed services are provided in an efficient, secure, and cost effective manner.

There are a number of business processes that form part of Service Level Management. These are:

  • Reviewing existing services
  • Negotiating with the Customers
  • Implementation of Service Improvement policy and processes
  • Establishing priorities
  • Planning for service growth
  • Reviewing the underpinning contacts of 3rd party service providers
  • Producing and monitoring the Service Level Agreement (SLA)
  • Involvement in the Accounting process to cost services and recover these costs

Capacity Management:

Capacity Management is the discipline that ensures that IT infrastructure is provided at the right time, in the correct volume at the right price – helping to ensure that IT is used in the most efficient manner.

This involves input from many areas of the business to identify what services are (or will be) required, what IT infrastructure is required to support these services, what level of Contingency will be needed, and what the cost of this infrastructure will be.

These are inputs into the following Capacity Management processes:

  • Performance monitoring
  • Workload monitoring
  • Resource forecasting
  • Demand forecasting
  • Application sizing
  • Modeling

From these processes come the results of capacity management, these being the capacity plan itself, forecasts, tuning data and Service Level Management guidelines.

Contingency Planning:

Contingency planning is the process by which plans are put in place to ensure that IT Services can recover and continue should a serious incident occur. It is not just about reactive measures, but also about proactive measures – reducing the risk of a disaster in the first instance.

Contingency planning is so important that many organisations will not do business with IT service providers if contingency planning is not practiced within the service provider’s organisation. It is also a fact that many organisations that have been involved in a disaster where their contingency plan failed, ceased trading within 18 months following the disaster.

Contingency planning is regarded as the recovery of the IT infrastructure used to deliver IT Services, but many businesses these days practice the much further reaching process of Business Continuity Planning (BCP), to ensure that the whole end-to-end business process can continue should a serious incident occur.

Contingency planning involves the following basic steps:

  • Prioritising the businesses to be recovered by conducting a Business Impact Analysis (BIA)
  • Performing a Risk Assessment (aka Risk Analysis) for each of the IT Services to identify the assets, threats, vulnerabilities and countermeasures for each service.
  • Evaluating the options for recovery
  • Producing the Contingency Plan
  • Testing, reviewing, and revising the plan on a regular basis

Availability Management:

Availability Management is the practice of identifying levels of IT Service availability for use in Service Level Reviews with Customers / Clients.

All areas of a service must be measurable and defined within the Service Level Agreement (SLA). To measure availability the following areas are usually included in the SLA itself:

  • Agreement statistics: such as what is included within the agreed service.
  • Contingency: agreed contingency details, location of documentation, contingency site, 3rd party involvement, etc.
  • Capacity: performance timings for online transactions, report production, numbers of users, etc.
  • Help Desk Calls: number of incidents raised, response times, resolution times.
  • Availability: agreed service times, response times, etc.
  • Costing Details: charges for the service, and any penalties should service levels not be met.

Availability is usually calculated based on a model involving the Availability Ratio and techniques such as Fault Tree Analysis, and includes the following elements:

  • Serviceability: where a service is provided by a 3rd party organisation, this is the expected availability of a component.
  • Maintainability: the ease with which a component can be maintained, which can be both remedial or preventative.
  • Resilience: the ability to withstand failure.
  • Reliability: the time for which a component can be expected to perform under specific conditions without failure.
  • Recoverability: the time it should take to restore a component back to its operational state after a failure.
  • Security: the ability of components to withstand breaches of security.

Cost Management:

Cost Management is the discipline of ensuring IT infrastructure is obtained at the most effective price (which does not necessarily mean cheapest), and calculating the cost of providing IT services so that an organisation can understand the costs of its IT services. These costs may then be recovered from the Customer of the service.

Costs are divided into costing units:

  • Equipment
  • Organisation (staff, overtime)
  • Accommodation
  • Software
  • Transfer (costs of 3rd party service providers)

The costs are divided into Direct and Indirect costs, and can be Capital or Ongoing.

Contact Us – We are looking forward to hearing from you!