ITIL and ISO/IEC 20000

The number of organizations that have adopted ITIL and achieved ISO/IEC 20000 certification has been growing rapidly across the world. ISO/IEC 20000 is the auditing standard that is aligned with ITIL. ITIL Version 2 was developed in alignment with BS 15000, the former UK standard for IT Service Management. Adopting an ITIL based framework is well suited to achieve ISO/IEC 20000 certification and ITIL’s role is shown in Figure 1.

Figure 1: How ITIL supports ISO/IEC 20000.

The Office of Government Commerce, (OGC), the owner of ITIL, has always been committed to maintaining an alignment between ITIL and the IT Service Management standard. Some of the key success factors for ITIL Version 3 were to build on the ITIL V2 and support easier integration of ITIL with ISO/IEC 20000.

Service Management System and Continual Improvement

ISO/IEC 20000 is the auditing standard that is aligned with ITIL. ISO/IEC 20000 requires a service provider to deliver managed services of an acceptable quality for its customers. To do this an organization must understand and measure how it provides value to their customers. ITIL V3 provides concepts, models and guidance on integrating all aspects of IT service provision to deliver value to the business by linking improvement efforts to the outcomes.

To achieve ISO/IEC 20000, an organization needs to demonstrate that it uses management systems and practices in order to be compliant to the standard. The ITIL V3 guidance is useful for:

• Establishing the integration of business strategy with IT service strategy

• Establishing the service management systems, policies, guidelines, and processes across the ITIL service lifecycle

• Ensuring that the organization can handle the costs and risks associated with their service portfolios

• Developing a knowledge capability for decision and management of services

The ITIL service lifecycle approach provides a closed-loop feedback system, based on the Plan, Do, Check, Act (PDCA) cycle specified in ISO/IEC 20000.

Integrating the Service Management Processes

ISO/IEC 20000 specifies a number of closely related service management processes, as shown in Figure 2. The standard recognises that the relationships between the processes depend on the application within an organization and that these are complex to model. ITIL V3 provides guidance on all these processes and on managing the complexity related to integrating the processes, changing services and the service management processes.

Figure 2: ISO/IEC 20000 Service Management framework of processes

Planning and implementing new and changed services

The requirements in ISO/IEC 20000 are challenging for organizations that have a dynamic, high risk, rapidly changing business environment. To provide true value to the business, IT services must be developed with the business objectives in mind and ITIL V3 fully supports this.

The ITIL V3 Service Design lifecycle stage turns Service Strategy into the blueprint for delivering the business objectives. Service Transition provides guidance for the development and improvement of capabilities for transitioning new and changed services into live service operation. It provides guidance on how the requirements of Service Strategy encoded in Service Design are effectively realized in Service Operation while controlling the risks of failure and disruption.

BCS representative on the BSI committee for IT Service Management. ISO UK principal expert for Process Assessment Working Group, shirley.lacy@connectsphere.com

Copyright © 2007 Connectsphere Ltd.