SIMS ISO 20000 - 2011 Awareness Rev 00 PDF

AWARENESS TO ISO
20000:2011 standard
requirements
Presented By Alex Dcosta
Consultant
SIMS Consulting, Kuwait
Introduction
20000:2011 standard requirements
If you dont want to help

yourself, no one can
ISO

3

To provide a management system,

including polices and a framework
to enable the effective
management and implementation
of all IT services
First
Describes processes for delivery of services
Aligned
with and complementary to the

process approach defined within ITIL
Certification
for Quality Management, Like

ISO 9001 in IT Service Management
ISO/IEC
20000 consists of two parts:

worldwide standard specifically aimed

at IT Service Management
ISO/IEC 20000-1:2011, the formal Requirements

ISO/IEC 20000-2:2012, the Code of Practice
Guarantee
your IT Service Management

Advantage for IT Service
Provider
Improve
brand image from customer

perspective
Business-IT
Customer
Alignment
Satisfaction
Effectiveness
and Efficiency for IT Service

Competitive

7
Introduction
terms and definitions
Requirements
Planning
Design
for a SMS
and implementing SMS
& Transition - new or changed services
Process

Scope,
and overview
groupings
8

9

10

11

12
Configuration management
Change management

Control processes
13

14
Mngt. Commitment: define scope, policy, objectives, plan,

resources, reviews risks
Service Mngt. Policy: acts as framework, fit 4 purpose, gets

reviewed; incl. commitments to meet SLR, improve SMS &
services & communicate to and make aware SP staff
Define/maintain ITSM Authorities, Responsibilities. Estab./impl.

Communication procedures
Appoint Mngt. Rep. with authority/responsibility to: fulfil SLR,

assign auth/resp for design, impl. & improve processes according
to policy and objectives; integrate SM processes with SMS, meet
statute/regulatory/contract reqs.
MR reports to top management on perf./improve to processes

and SMS

15
Controlling
Accountability
for processes & authority to

require adherence to processes by suppliers,
contractors and outsourced vendors
Eg: shared processes between customer & SP

Planning
and prioritising process

Improvements

Definition of processes, Interface

to other processes and Measuring process
performance and compliance
16
Establish and maintain docs. incl. SLA and

service catalogue + POPPP: Policies, Objectives,
Plans, Processes, Procedures
Control Docs with documented procedure to:

create/approve/comm./review/revise/maintain
/version-control/prevent obsol. doc. use/control
external doc. labelling and use
Control Records to demonstrate compliance.

Documented procedure to define record controls

17
Required policies
Service management policy

Service improvement policy
Information security policy
Change management policy
Release policy
Required plans
Service management plan,

New service design
Service transition plan
Capacity plan
Service continuity and availability plan
Release plan

18
Required
Communication
Document control
Record control
Internal audit
Service improvement
Service delivery processes
Relationship processes
Resolution processes
Control processes
Service

procedures:
management manual
19
catalogue
Service
Level agreements
Partner/Supplier
Configuration
agreements
Management DB (CMDB)
Change
control records
Service
reports
Internal
audit reports
Management

Service
review reports
20
Provide
Competent
staff in place: understand

competence & training; maintain training
recs. + raise awareness to staff of their
contribution to ITSM objectives and fulfilling
service requirements.

human/tech/info/financial resources
to run SMS, services and improvements
21
Define
Plan
Do Check Act:
Plan SMS, - Key objectives

Do SMS (Implement/ operate), - Policies, processes
Check SMS (monitor/review), - audit
Act SMS (maintain/review) - improve

Scope: geography of SP
locations/customer locations/technology
used
22
Plan
Service
design, Transition

Design & develop Transition each new

or changed service. (related to contract,
SLA, SOW)
23
Service Delivery processes

24
Service Level Management
Goals
agree a catalogue of services with the customer. The catalogue of services shall
include the dependencies between services and service components.
agree the services to be delivered with the customer.
For each service delivered, one or more SLAs shall be agreed with the customer.
When creating SLAs, take into consideration the service requirements. SLAs shall
include agreed service targets, workload characteristics and exceptions.
review services and SLAs with the customer at planned intervals.
Changes to the documented service requirements, catalogue of services, SLAs
and other documented agreements shall be controlled by the change management
process.
monitor trends and performance against service targets at planned intervals.
For service components provided by an internal group or the customer, the
service provider shall develop, agree, review and maintain documented
agreement to define the activities and interfaces between the two parties.
monitor performance of the internal group or the customer against agreed
service targets and other agreed commitments, at planned intervals.
Results shall be recorded and reviewed to identify the causes of
nonconformities and opportunities for improvement.

To maintain and gradually improve business aligned IT service quality, through a constant
cycle of defining, agreeing, monitoring, reporting and IT service achievements and through
instigating actions to eradicate unacceptable levels of service
25
Service reporting shall include at least:

performance against service targets;
relevant information about atleast major incidents,

deployment of new or changed services and the service
continuity plan being invoked;
detected nonconformities against the requirements in this

part of ISO/IEC 20000, the SMS requirements or the service
requirements and their identified causes;
trend information;
customer satisfaction measurements, service complaints

and results of the analysis of satisfaction
measurements and complaints.

26
IT Service Coninuity Management
Goals
27

To support the overall Business Continuity Management

process by ensuring that the required IT technical services and
facilities can be recovered within required and agreed business
time-scales
Availabtily Management
Goals
28

To optimise the capability of the IT infrastructure and supporting

organisations to deliver a cost effective and sustained level of
availability that enables the business to satisfy its objectives
Capacity Management
Goals

To understand the future business requirements (the required

service delivery), the organization's operations (the current
delivery), and ensure that all current and future capacity and
aspects of the business requirements are provided cost
effectively
29
Financial Management For IT Services
Goals
budgeting and accounting for service components including at least:
1) assets including licences used to provide the services,
2) shared resources,
3) overheads,
4) capital and operating expenses,
5) externally supplied services,
6) personnel,
7) facilities;

To provide cost-effective stewardship of the IT assets and financial

resources used in Services
apportioning indirect costs and allocating direct costs to services, to provide

an overall cost for each service;
Costs shall be budgeted to enable effective financial control and decisionmaking for services delivered.
monitor and report

costs against the budget, review the financial forecasts
30
and manage costs.
31

RELATIONSHIP
PROCESSES
For each customer, allocate a designated individual who is responsible for

managing the customer relationship and customer satisfaction.
review the performance of the services at planned intervals, with the customer.
Changes to the documented service requirements shall be controlled by the

change management process.
Changes to the SLAs shall be co-ordinated with the service level management
process.
documented procedure to manage service complaints. record, investigate, act

upon, report and close service complaints. Where a service complaint is not
resolved through the normal channels, escalation shall be provided to the customer.
measure customer satisfaction at planned intervals based on a representative

sample of the customers and users of the services. The results shall be analysed and
reviewed to identify opportunities for improvement.

32
agree with the supplier service levels to support and

align with the SLAs between the service provider and the
customer.
roles of and relationships between lead and subcontracted suppliers are documented.
verify that lead suppliers are managing their subcontracted suppliers to fulfill contractual obligations.
monitor the performance of the supplier at planned

intervals.

33
34

RESOLUTION
PROCESSES
Incident Management
Goals
To restore normal service operation as quickly as possible with

best achievable levels of availability and service are
maintained
documented procedure for managing Incidents and the
fulfilment of service requests from recording to closure.
When prioritizing incidents and service requests, take into
consideration the impact and urgency of the incident or
service request.

minimum disruption to the business, thus ensuring that the
35
Incident Management
Activities
Yes
No

Including Impact and Urgency

selection
Note. This is not Problem Closure
36
Problem Management
Goals
The procedure for problems shall define:

a) identification;
b) recording;
c) allocation of priority;
d) classification;
e) updating of records;
f) escalation;
g) resolution;
h) closure.
analyse data and trends on incidents and problems to identify root causes and their potential
preventive action.
Where the root cause has been identified, but the problem has not been permanently resolved,
perform actions to reduce or eliminate the impact of the problem on the services. Known errors shall
be recorded.

To minimize the adverse effect on the business of Incidents and Problems caused by errors in
the infrastructure, and to proactively prevent the occurrence of Incidents, Problems and
Errors.
Up-to-date information on known errors and problem resolutions should be maintained

The effectiveness of problem resolution shall be monitored, reviewed and reported.
37
PROCESSES
CONTROL

38
Configueration Management
Goals
Enabling control of the infrastructure by monitoring and maintaining information on:

Configuration
CI
status and history
CI
relationships
Valuable
Items (CI) needed to deliver services
CIs (monetary or service)
Providing information on the IT infrastructure to all other processes and to IT Management
audit the records stored in the CMDB, at planned intervals. Where

deficiencies are found, take necessary actions and report on the actions taken.
Information from the CMDB shall be provided to the change management

process, to support the assessment of requests for change.
Changes to CIs shall be traceable and auditable to ensure integrity of the

CIs and the data in the CMDB.

39
Configueration Management
Activities
Desktop Device #1
Desktop Device #2
Ethernet
Cable #2
Cable #3
Disk #1
Printer #1
Power
Server
Disk #2

Cable #1
Relationships
System Software
Is connected to
Is a copy of
Is part of
Printer #2
Application A
Application B
Attributes
Owner, status,
location, serial #,
version, supplier, etc.
40
Change Management
Goals
Removal of a service, Transfer of a service from the service provider to the

customer
documented procedure to record, classify, assess and approve requests for
change.
All requests for change shall be recorded and classified normal, minor, major
,emergency.
Decision-making shall take into consideration the risks, the potential impacts
to services and the customer, service requirements, business benefits,
technical feasibility and financial impact.
Approved changes shall be developed and tested.
A schedule of change containing details of the approved changes and their
proposed deployment dates.
The change shall be reversed or remedied if unsuccessful. Unsuccessful
changes shall be investigated and agreed actions taken.
The CMDB records shall be updated following the successful deployment of
changes.
review changes for effectiveness and take actions agreed with interested parties.

Process of controlling changes to the infrastructure or any other aspect of services, in

a controlled manner, enabling approved changes with minimum disruption.
41
Release Management
Goals
plan with the customer and interested parties the deployment of new or changed services into
the live environment.
Planning shall include the dates for deployment of each release, deliverables and methods of
deployment.
Emergency releases shall be managed
Releases shall be built and tested prior to deployment. A controlled acceptance test
environment shall be used for the building and testing of releases.
Acceptance criteria for the release shall be agreed
The deployment of the release shall be reversed or remedied if unsuccessful.
Unsuccessful releases shall be investigated and agreed actions taken.
The success or failure of releases shall be monitored and analysed.
The results and conclusions drawn from the analysis shall be recorded and reviewed to identify

The focus of Release Management is the protection of the live environment and its services through
the use of formal procedures and checks.
42
Management Support
Balancing between ITIL and organization culture
Staff Awareness and Organization Change
ITSM Tools
Staff Competency
Implementation Scope
Continuous Monitoring
Continual Service Improvement
Beliefs
Attitudes

Behaviors
43

44

SIMS ISO 20000 - 2011 Awareness Rev 00 PDF

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

SIMS ISO 20000 - 2011 Awareness Rev 00 PDF

Caricato da

Copyright:

Formati disponibili

AWARENESS TO ISO

20000:2011 standard requirements

If you dont want to help

If you dont want to help

If you dont want to help

To provide a management system,

Describes processes for delivery of services

with and complementary to the

for Quality Management, Like

20000 consists of two parts:

If you dont want to help

worldwide standard specifically aimed

ISO/IEC 20000-1:2011, the formal Requirements

your IT Service Management

brand image from customer

and Efficiency for IT Service

If you dont want to help

If you dont want to help

terms and definitions

and implementing SMS

& Transition - new or changed services

If you dont want to help

If you dont want to help

If you dont want to help

If you dont want to help

If you dont want to help

If you dont want to help

If you dont want to help

Mngt. Commitment: define scope, policy, objectives, plan,

Service Mngt. Policy: acts as framework, fit 4 purpose, gets

Define/maintain ITSM Authorities, Responsibilities. Estab./impl.

Appoint Mngt. Rep. with authority/responsibility to: fulfil SLR,

MR reports to top management on perf./improve to processes

If you dont want to help

for processes & authority to

Eg: shared processes between customer & SP

and prioritising process

If you dont want to help

Definition of processes, Interface

Establish and maintain docs. incl. SLA and

Control Docs with documented procedure to:

Control Records to demonstrate compliance.

If you dont want to help

Service management policy

Service management plan,

If you dont want to help

If you dont want to help

If you dont want to help

staff in place: understand

If you dont want to help

Plan SMS, - Key objectives

If you dont want to help

If you dont want to help

Design & develop Transition each new

Service Delivery processes

If you dont want to help

Service Level Management

If you dont want to help

Service reporting shall include at least:

relevant information about atleast major incidents,

detected nonconformities against the requirements in this

customer satisfaction measurements, service complaints