What’s new with ISO/IEC DIS 20000-1:2017?
The ISO/IEC 20000-1 standard is being reviewed and revised by ISO/IEC JTC1/SC40. The Draft International Standard (DIS) of ISO/IEC 20000 was recently published on 29 Sept 2017 and is undergoing voting process until 22 Dec 2017.
The content of the new ISO/IEC 20000 standard will be formatted into new High-level Structure (HLS) structure and introduces some of the new requirements.
Annex SL FormatISO/IEC 20000-1 now adopts the “Annex SL” format – the same format adopted by other popular management system standards such as ISO/IEC 22301, ISO/IEC 27001, ISO 9001 and ISO 14001. The “13 processes” in the IT Service Management model is now spread (with modifications) in Clause 8 of ISO/IEC DIS 20000-1.
Some new requirements are added:
- Plan the services
- Knowledge management
- Asset management
- Demand management
- Service delivery
Clauses re-arrangementSome clauses which were previously combined together are now separated, e.g. Incident and service request, Service availability and service continuity, etc.
Changes of documented procedures
- Removed requirement for availability and capacity plan
- Replaced with requirements to plan service availability and capacity
- Removed requirement for a CMDB
- Replaced with requirement for configuration information
- Removed requirement for release policy
- Replaced with requirement to define release types and frequency
- Removed requirement of continual improvement policy
- Replaced with requirement to determine and evaluation criteria for opportunities for improvement
- Removed the clause of service reporting
- Moved detailed reporting requirement from the service reporting clause into clauses where the reports are likely to be produced
As a result, the number of required documented procedures is reduced.
Change of terminology and definitions
To fit with the Annex SL core text and common definitions, some terminology are changed:
- “service provider” is now replaced by “organization”
- “internal group” is now replaced by “internal supplier”
- “availability” is now replaced by “service availability”
- “information security” is aligned with ISO/IEC 27000.
SummaryThe direction of the changes in ISO/IEC DIS 20000-1:2017 is expected and aligns with the general movement of the ISO management system standards. For the time being, the publication date of the upgraded standard and the transition plan are not known. SGS, as your trusted partner in the ICT industry, will keep a close watch on the progress and update of the ISO/IEC 20000 development status as well as any change in the accreditation and training requirements associated with the new version.
About ISO 20000
The ISO 20000 standard focuses on the integration and implementation of coordinated service management processes. Its aim is to provide ongoing control, greater efficiency and opportunities for continuing improvement. That means working within your organization to align the staff and procedures of your service desk, service support, service delivery and operations team.
The standard aimed at achieving quality assurance in IT service quality consists of two main parts.
- ISO 20000-1 - a formal specification that defines the requirements for an organisation to deliver managed services of an acceptable quality for customers, against which your compliance can be assessed
- ISO 20000-2 - a Code of Practice that describes the best practices for Service Management processes within the scope of ISO 20000-1. The Code of Practice is particularly useful for organisations preparing for an audit against ISO 20000-1 or planning service improvements
ISO 20000 certification demonstrates the reliability and quality of your IT services to employees, stakeholders and customers.
- ISO 20000 - IT Service Management Systems Auditor/Lead Auditor Training Course
- ISO/IEC 27001:2013 - Information Security Management Systems Training
- EuroCloud Star Audit (SA) Professional Cloud Assurance Training
In the field of Information Technology, SGS has been taking the lead to provide enterprises with an array of IT certification and training services. SGS is the first batch of certified organizations to provide ISO 20000 and ISO/IEC 27001 certifications and the first organization to be certified to provide auditing from both CSA STAR Certification and EuroCloud. SGS is also the first batch of certified organizations to bring ECSA auditing trainings to China.
SGS provides certification auditing and training services on information security management systems, should you have any inquiries, please contact us at:
Certification and Business Enhancement
t: (852) 2765 3620