ISO/IEC 20000 series of standards
The new edition of part ISO/IEC 20000-1, Service Management System Requirements, was published in April 2011. Aligned to this, the new editions of part 2 and 3 were published in 2012. A new part 10, concepts and terminology, was published on November 1st 2013. See previous blogs on the updated parts 1, 2 and 3. This blog will address the new part 10. Also published on November 1st are an updated part 5 and a new standard ISO/IEC 90006 for the application of ISO 9001 to service management and its integration with ISO/IEC 20000-1. Future blogs will cover these two items.
What is Part 10?
ISO/IEC 20000-10 has the title ‘Concepts and terminology’. It defines the terms used across the ISO/IEC 20000 series. It additionally contains an explanation of each part of the series and their relationship. It also identifies other related standards. There are several useful diagrams showing all the relationships. This contributes to the understanding of the ISO/IEC 20000 series and supports the integration with other standards.
Part 10 is intended as a document that can be updated frequently to maintain a full list of terms as well as an explanation of the parts of ISO/IEC 20000 and other related standards.
There are other management system standards which similarly have a separate free part for terms and concepts e.g. ISO/IEC 27000, ISO 9000.
Have any of the terms changed in part 10?
All of the terms currently in ISO/IEC 20000-1 now appear in part 10 unchanged. The terms will be removed from part 1 when this is updated in a few years’ time. At this later stage, there may be updates to the terms but until then, they will remain unchanged.
Currently, no additional terms have been added. However, it is expected that there will be additional terms added for new parts of the 20000 series. For example, part 9 for the application of ISO/IEC 20000-1 to cloud services, is being developed and will involve some new defined terms. It is intended that only part 10 will contain defined terms.
As well as the definition of terms, there is also some additional explanation for terms which are also used in other standards. For example, top management is further explained for its use in the ISO/IEC 20000 series and its use in ISO 9001.
Concepts of a service management system
Clause 4 contains an overview of service management systems (SMS) which can be useful for those new to the subject. It covers:
- General introduction
- What is an SMS?
- The integrated process approach
- Continual improvement
- What constitutes an effective SMS
- Benefits of an SMS.
ISO/IEC 20000 series
Clause 5 covers all the parts in the ISO/IEC 20000 series that are currently published. This will be updated as new parts are published. Each part is explained by its scope, purpose and relationship with part 1.
New parts which are planned are shown in a diagram with their title but not explained since the details of these can change during the development process prior to publication.
Other related standards
Clause 6 covers other related standards. The closely related standards, explained by scope, purpose and relationship with ISO/IEC 20000-1 are:
- ISO/IEC TS 15504‑8:2012 Process assessment – Part 8: An exemplar assessment model for IT service management;
- ISO/IEC 27013:2012 Information technology – Security techniques – Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000‑1;
- ISO/IEC TR 90006:2013 Guideline on the application of ISO 9001:2008 to IT service management and its integration with ISO/IEC 20000‑1:2011.
Other standards which can provide support to organizations using ISO/IEC 20000 are briefly explained with an overview. These are:
- ISO 9000 – Quality management systems — Fundamentals and vocabulary
- ISO 9001 – Quality management systems — Requirements
- ISO 10007 – Quality management systems — Guidelines for configuration management
- ISO/IEC 19770-1 – Information technology — Software asset management — Part 1: Processes and tiered assessment of conformance
- ISO/IEC 27000 – Information technology — Security techniques — Information security
- management systems — Overview and vocabulary
- ISO/IEC 27001 – Information technology — Security techniques — Information security management systems — Requirements
- ISO/IEC 31000 – Risk management — Principles and guidelines
- ISO/IEC 38500 – Corporate governance of information technology
Impact of part 10 on the APMG certification and qualification schemes
There is no current impact on these schemes since they concentrate on part 1 which contains the terms and definitions required. The schemes may refer to part 10 in the future. If this occurs, all accredited training organisations and registered certification bodies will be notified.
Part 10 is a useful introduction to the ISO/IEC 20000 series, to an SMS and to related standards. It will be essential to refer to part 10 for terms for new parts. Once part 1 is updated in a few years’ time, all terms will be in part 10.
ISO/IEC 20000 part 10 can be obtained from the ISO web site or your country standards organisation e.g. BSI in the UK.
ITIL Master, ISO/IEC 20000-1 project editor, consultant and trainer