ISO/IEC 20000

ISO 20000 Standard is an Information Technology IT – Service Management System (SMS) requirements. The main objective of this standard is the organization shall establish, implement, maintain and improve the Information Technology- Service management system within the organization. To ensure:

  • Meeting the service requirements to achieve customer satisfaction
  • Designing and delivering services based on the SMS that add value for the customer
  • Continually improving the SMS and the services based on objective measurements In common business practice the ISO 20000 standard is also referred as SMS /ITSMS standard.

ISO/IEC 20000-1 – IT service management

Certification of your IT service management system demonstrates the ability to deliver effective services relating to configuration management and change management and process is covering incident and problem management.

In an increasingly technology driven world, the ability to deliver IT services internally and externally and to resolve issues gives companies a competitive edge in national and international markets.

ISO/IEC 20000-1 provides a framework and a systematic approach to plan, implement, operate, review, maintain and improve an IT service management system. 

What is ISO/IEC 20000-1

ISO/IEC 20000-1 is the most recognized international standard for IT management systems. It is currently in its third iteration (2018). The nature of ISO/IEC 20000-1 allows it to be applied to the complete range of business sectors, scopes, and activities. It can be limited in scope to defined areas of the organization or expanded to cover all internal activities and customer needs.

  1. It assists organizations to establish service management policy and objectives and understand how significant aspects can be managed, implement necessary controls and set clear objectives to improve IT service delivery.
  2. It allows an organization to manage its obligation to comply with applicable legal and requirements and other stakeholder obligations, and to regularly check the compliance status. This permits a continual improvement of the management system to enhance its performance.

ISO 20000-1 is designed to be compatible and harmonized with other recognized management system standards, including ISO 9001. It is therefore ideal for integration into existing management systems and processes.

Benefits of becoming certified Organization

The potential benefits of ISO 20000-1 are numerous, but the most significant and tangible ones are that the standard enables your organization to:

The benefits of ISO 20000 cannot be overstated; companies large and small have used this standard to great effect, discovering and securing tremendous cost and efficiency savings. Here are just a few of these benefits:

Improve your image and credibility  ISO 20000 is the only internationally recognized standard for IT Service Management. Its international adoption has been rapid in recent years, as organizations see it as a key differentiator in the marketplace. And, as a popular and proven standard, you can be sure of the efficacy and scalability of the processes.

Become more productive – Gain a competitive advantage through increased efficiency and effectiveness due to more reliable IT services. With everybody clear about who does what and when, you’ll reduce both the number of incidents and your ability to handle them.

Increased customer satisfaction – Whether it’s your internal or external customers, you’re able to deliver improved IT services that better meet their needs – while at the same time better protecting the company and its assets, shareholders, and directors.

Benchmark and improve – You can compare your organization’s processes and activities against the international standard for ITSM (you can then easily indentify and implement any necessary improvements). And, because an independent certification body audits your company, you (and anyone interacting with your organization) can be sure you’re meeting the required level of service.

Fully integrated processes  ISO 20000 helps you align IT services with the wider business strategy. You can ensure your company is focused on the IT Service Management solutions best suited to serving your customers and the needs of the business.

Reduce the cost of IT – Better understand and manage the cost of IT. Plan future financial costs with greater accuracy and clarity. With simpler processes and clear responsibilities, you can operate a leaner, more efficient service.

Create a culture of continual improvement – The business environment does not sit still, particularly in our age of digital and technological innovation. Ensuring your organization is always improving its processes in reaction to customer feedback is not just a nice-to-have – it’s essential for a company’s longevity. And this also extends to improvements identified internally, changing technology, and developing business norms.

Become more agile and change quickly  ISO 20000 creates a solid framework of best practice that helps support innovation. Change in your organization can be handled more adeptly and with greater speed, meaning you reduce internal and external risk levels and are more likely to meet your organizational objectives.

Gain a competitive advantage – Through more effective and efficient delivery of IT services, you can give your organization tangible advantages over your competitors. For example, you can reduce IT issues and respond to them faster, freeing up more of your time for strategic IT development in your organization.

ISO/IEC 20000-1: IT Service management

ISO/IEC 20000-1:2018 (‘part 1’) specifies requirements for “establishing, implementing, maintaining and continually improving a service management system (SMS). An SMS supports the management of the service lifecycle, including the planning, design, transition, delivery and improvement of services, which meet agreed requirements and deliver value for customers, users and the organization delivering the services.”. The 2018 version (ISO/IEC 20000-1:2018) comprises ten sections, following the high-level structure from Annex SL of the Consolidated ISO/IEC Directives,

Part 1:

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context of the organization
  5. Leadership
  6. Planning
  7. Support of the Service Management System
  8. Operation of the Service Management System
  9. Performance Evaluation
  10. Improvement
ISO/IEC 20000-2: Guidance on the application of service management systems

ISO/IEC 20000-2:2019 provides guidance on the application of service management systems (SMS) based on the requirements in ISO/IEC 20000-1:2018.

ISO/IEC 20000-3: Guidance on scope definition and applicability of ISO/IEC 20000-1

ISO/IEC 20000-3:2019 provides guidance on scope definition, applicability and demonstration of conformance for service providers aiming to meet the requirements of ISO/IEC 20000-1, or for service providers who are planning service improvements and intending to use ISO/IEC 20000 as a business goal. It supplements the advice in ISO/IEC 20000-2, which provides generic guidelines for implementing an SMS in accordance with ISO/IEC 20000-1.

[Withdrawn] ISO/IEC 20000-4: Process assessment model

ISO/IEC TR 20000-4:2010 has been withdrawn. A set of new documents providing a Process Reference Model (PRM) and a Process Assessment Model (PAM) based on ISO/IEC 20000-1:2018 is being developed by ISO/IEC JTC1/SC7 in the 33000 series of standards.

ISO/IEC 20000-5: Implementation guidance for ISO/IEC 20000-1

ISO/IEC TR 20000-5:2022 provides guidance to service providers on how to implement an SMS based on ISO/IEC 20000-1.

ISO/IEC 20000-6 Requirements for bodies providing audit and certification of service management systems

ISO/IEC 20000-6:2017 provides requirements for auditing bodies for the assessment of conformance to ISO/IEC 20000-1.

ISO/IEC 20000-7: Guidance on the Integration and Correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013

ISO/IEC TR 20000-7:2019 provides guidance on the integrated implementation of a Service Management System based on ISO/IEC 20000-1:2018 with a Quality Management System based on ISO 9001:2015 and/or an Information Security Management System based on ISO/IEC 27001:2013.

[Withdrawn] ISO/IEC 20000-9: Guidance on the application of ISO/IEC 20000-1 to cloud services

ISO/IEC TR 20000-9:2015 provided guidance on the use of ISO/IEC 20000‑1:2011 for service providers delivering cloud services.

ISO/IEC 20000-10: Concepts and vocabulary

ISO/IEC TR 20000-10:2018 describes the core concepts of ISO/IEC 20000, identifying how the different parts support ISO/IEC 20000‑1:2018 as well as the relationships between ISO/IEC 20000 and other International Standards and Technical Reports. This part of ISO/IEC 20000 also explains the terminology used in the ISO/IEC 20000 series, so that organizations and individuals can interpret the concepts correctly.

ISO/IEC 20000-11: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: ITIL

ISO/IEC TS 20000-11:2021 is a Technical Specification that provides guidance on the relationship between ISO/IEC 20000-1:2011 and a commonly used service management framework, ITIL 4.

The summarized requirement details of ISO 20000 are given below :

General Requirements of Service management System

The Top Management of the organization shall demonstrate the commitment for ITSMS, established the ITSMS Policy, established the role, responsibility & Authority, established the internal & external communication system, Appoint the management representative , established the governance system for the processes operated by other parties, established the documents management system & resource management, Define scope of SMS, Plan the SMS, Implement and operate the SMS, Monitor and review the SMS – by conducting Internal Audit and Management review meeting.

Design and transition of new or changed services

The organization shall Plan new or changed services, Design and development of new or changed services and Transition of new or changed services. Service delivery processes The organization shall agree a catalogue of services with the customer, SLA agreement, Service reporting, ensure Service continuity and availability management, develop of plans, monitoring and testing, defined interface between the budgeting and accounting for services process and other financial management processes. Identify and agree capacity and performance requirements with the customer and interested parties. Develop information security policy and established information security control. Relationship processes Business relationship management and Supplier management Resolution processes Incident and service request management and Problem management. Control processes Configuration management, Change management, Release and deployment management Benefits of ISO 20000 Certification

  • Consistency in IT service delivery
  • Reduce the response time for IT- service delivery
  • Enhance customer satisfaction and retention of customer
  • Improve the Legal, Regulatory and contractual compliance.
  • Reputation enhancement among stake holders, interested party and customer.
  • Reduce the operational cost.
  • Improve the business potential among the competitor
  • Overall Improvement of organization reputation in the market.
  • Business opportunity improved.

How to get ISO 20000 certification – The Applicant organization shall ensure the followings prior to ISO 20k Certification Certification (Information Technology- Service Management System Certification)

  • Organization has implemented the Information Technology Service Management System (ITSMS) in the organization as per the requirements of ISO 20000 standard. Established the Scope, Policy, ITSMS Quality Manual, relevant procedures and SOP’S.
  • Conducted one complete cycle Information Technology service Management System (ITSMS) Internal Audit.
  • Conducted at least one Management review meeting on Information Technology Service Management System.
Information technology-ISO 20000

ISO 20000 – Information Technology Service Management System Certification Process

  • Application review and contract sign up between OSS and applicant organization.
  • Stage-1 Audit
  • Stage-2 Audit
  • Certification decision
  • Issue of certificate.
  • Surveillance audit (annually or Half yearly as finalized during application review process and agreed by client)
  • Re-Certification Audit (within three years before expiry of certificate)


Oss Middle East Company:

Aim to help organization in all sectors in Egypt and Middle East to apply the international standard in Quality Management systems in all fields.

OSS accredited by:-

OSS register by Many Egyptian Organization:

Other Article:-

Leave a Reply

Your email address will not be published. Required fields are marked *