I wrote a previous blog about the mandatory documents required by ISO/IEC 20000-1. Following on from that, I have been asked how to minimize the number of documents.
The mandatory documents were listed in a previous blog. They add up to:
• 6 policies
• 8 plans
• 14 processes for clauses 5 – 9 plus other processes for sub-clauses of clause 4 e.g. documentation management, resource management, internal audit, continual improvement
• 19 procedures
• 5 definitions
• 12 other documents e.g. SLA, service catalogue.
Remember that documents do not need to be very long – in fact they are more likely to be used if they are kept short and succinct. Some documents can be embedded within a tool e.g. procedures. Documents should be written to be used and useful, not just because the standard requires it.
It is quite acceptable to combine a policy, process and procedure into one document. This can save time and effort in maintaining documents. It can also be easier for use as everything is in one place.
For example, the change management policy and change management process can be combined with the procedures for recording, classifying, assessing and approving requests for change and the procedure for managing emergency changes. This has combined 4 documents together.
However, there are some cases where it may be more useful to have documents separately. For example, would it be better to have emergency change and release procedures separate if they need to be used in the middle of the night? Or can the procedures for managing incidents from opening to closure be embedded within the service desk tool? Every service provider will look at these questions in a different way and need to make the decisions about combining documents to suit themselves.
The service management plan
The service management plan (SM plan) can usefully incorporate many documents. It is mandatory to include in the SM plan the policy, scope and objectives for service management. As well as the mandatory items listed in clause 4.5.2, it can also be useful to include in the SM plan:
• all mandatory policies
• communication procedures, as required by clause 4.1.3b)
• description of all service reports, as required by clause 6.2
• list of customers, users and interested parties of the services, as required by clause 7.1
• list of suppliers with the roles of, and relationships between, lead and sub-contracted suppliers, as required by clause 7.2.
At its simplest, the communication procedures can be included as a spreadsheet showing the items to be communicated with the method of communication, audience, frequency, purpose, responsibility and data source. Items to be communicated are listed throughout the standard e.g. top management has to communicate the policy, scope and objectives of service management.
Similarly the description of service reports can be included as a spreadsheet showing the name of each report with its identifier, purpose, audience, frequency, responsibility and data source.
There are 5 items which need to be defined and all, except the CI, agreed with customers. These are as follows:
a) service complaint (7.1). This is often defined in the SLA
b) major incident (8.1). This is often defined in the SLA
c) types of Configuration Item (CI) (9.1). This is usually defined in the configuration management process
d) emergency change (9.2). This is often defined in the SLA
e) emergency release (9.3). This is often defined in conjunction with the definition of emergency change in the SLA.
In summary, there are many documents required by the standard but this should not be seen as a chore. Some can be combined together. Some can be incorporated into tools. It is important to remember the hierarchy of policy, plan, process and procedure. Everything must align with the relevant policies. Process specific plans must align with the service management plan. Processes document what is to be done. Procedures support processes with more detail of how activities are to be done. All documents are there to enable the service provider to operate and deliver an excellent high quality service.
Lynda Cooper, an independent consultant and trainer, is one of the first people in the world to hold the ITIL Master qualification. Lynda sits on the BSI committee for IT service management (ITSM) and is one of the authors of ISO/IEC 20000. Lynda sits on various ISO/IEC committees and is the project editor for ISO/IEC 20000-1 and ISO/IEC 90006.