YaSM and ISO 20000: Difference between revisions

From YaSM Service Management Wiki
No edit summary
No edit summary
 
(16 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<itpmch><title>YaSM and ISO/IEC 20000 | YaSM Service Management Wiki</title>
<itpmch><title>YaSM and ISO/IEC 20000 | YaSM Service Management Wiki</title>
<meta name="keywords" content="yasm iso 20000, yasm iso/iec 20000" />
<meta name="keywords" content="yasm iso 20000, yasm iso/iec 20000, iso 20000 processes" />
<meta name="description" content="One of the objectives when creating YaSM was to provide a service management process framework which is closely aligned with ISO/IEC 20000 (&quot;ISO 20000&quot;)." />
<meta name="description" content="YaSM is designed to be well aligned with ISO 20000, and there are one or several related service management processes for every section in ISO/IEC 20000:2018, Part 1 (Mandatory requirements), as exemplified in the following tables: [...]" />
<meta property="og:url" content="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" />
<meta property="og:url" content="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" />
<meta property="og:title" content="YaSM and ISO/IEC 20000 | YaSM Service Management Wiki" />
<meta property="og:title" content="YaSM and ISO/IEC 20000 | YaSM Service Management Wiki" />
<meta property="og:description" content="One of the objectives when creating YaSM was to provide a service management process framework which is closely aligned with ISO/IEC 20000 (&quot;ISO 20000&quot;)." />
<meta property="og:description" content="YaSM is designed to be well aligned with ISO 20000, and there are one or several related service management processes for every section in ISO/IEC 20000:2018, Part 1 (Mandatory requirements), as exemplified in the following tables: [...]" />
<meta property="og:site_name" content="YaSM">
<meta property="og:site_name" content="YaSM Service Management">
<meta property="og:type" content="article" />
<meta property="og:type" content="article" />
<meta property="article:publisher" content="https://www.facebook.com/yasmcom" />
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/16x9/Yasm-iso-20000-processes.jpg" />
<meta property="fb:admins" content="100002035253209" />
<meta property="og:image:width" content="1200" />
<meta property="fb:admins" content="100002592864414" />
<meta property="og:image:height" content="675" />
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000-processes.jpg" />
<meta property="og:image:width" content="700" />
<meta property="og:image:height" content="523" />
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" />
<meta property="og:image:width" content="346" />
<meta property="og:image:height" content="577" />
<link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" />
<link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" />
<meta name="pinterest-rich-pin" content="false" />
<meta name="pinterest-rich-pin" content="false" />
</itpmch>
</itpmch>
<html><a href="https://yasm.com/wiki/de/index.php/YaSM_und_ISO_20000"><img src="https://yasm.com/wiki/en/img/yasm-wiki/yasm-wiki-deutsch.png" width="48" height="30" style="float:right;" alt="auf Deutsch" title="diese Seite auf Deutsch" /></a><br style="clear:both;"/>
<html><div class="noresize"><a href="https://yasm.com/wiki/de/index.php/YaSM_und_ISO_20000"><img src="https://yasm.com/wiki/en/img/yasm-wiki/YaSM-Wiki-Deutsch.png" width="140" height="36" style="float:right;" alt="auf Deutsch" title="This page in German" /></a></div><br style="clear:both;"/>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p><b>Comparison:</b> YaSM and ISO/IEC 20000</p>
<p><b>Comparison:</b> YaSM and ISO 20000 (ISO/IEC 20000:2018)</p>
<p><b>Part of</b>: <a href="https://yasm.com/wiki/en/index.php/What_is_YaSM#yasm-other-service-management-frameworks" title="YaSM and other service management frameworks and standards">YaSM vs. other service management frameworks and standards</a></p>
<p><b>Part of</b>: <a href="https://yasm.com/wiki/en/index.php/What_is_YaSM#yasm-other-service-management-frameworks" title="YaSM and other service management frameworks and standards">YaSM vs. other service management frameworks and standards</a></p>
<p>&nbsp;</p>
<p>&nbsp;</p>


<p><span id="md-webpage-description" itemprop="description">One of the objectives when creating YaSM&reg; was to provide a service management process framework which is closely aligned with ISO/IEC 20000 ('ISO 20000').</span></p>
<div itemid="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" itemscope itemtype="https://schema.org/ImageObject">
<meta itemprop="caption" content="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement." />
<meta itemprop="width" content="1200" />
<meta itemprop="height" content="900" />
<meta itemprop="dateCreated" content="2014-05-18" />
<meta itemprop="dateModified" content="2018-10-17" />
<meta itemprop="datePublished" content="2014-05-18" />
<meta itemprop="representativeOfPage" content="true"/>
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject">
  <meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/16x9/Yasm-iso-20000-processes.jpg" />
  <meta itemprop="width" content="1200" />
  <meta itemprop="height" content="675" />
  <meta itemprop="dateCreated" content="2019-05-10" />
  <meta itemprop="datePublished" content="2019-05-10" />
</span>
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject">
  <meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/480px/Yasm-iso-20000-processes.jpg" />
  <meta itemprop="width" content="480" />
  <meta itemprop="height" content="360" />
  <meta itemprop="dateCreated" content="2022-11-14" />
  <meta itemprop="datePublished" content="2022-11-14" />
</span>
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject">
  <meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" />
  <meta itemprop="width" content="600" />
  <meta itemprop="height" content="1000" />
</span>
<meta itemprop="keywords" content="yasm iso 20000" />
<meta itemprop="keywords" content="yasm iso iec 20000" />
<meta itemprop="keywords" content="iso 20000 requirements" />
<figure class="mw-halign-right" typeof="mw:File/Thumb"><a href="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" title="YaSM and ISO 20000" itemprop="thumbnailUrl"><img itemprop="contentUrl" srcset="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/480px/Yasm-iso-20000-processes.jpg 480w, https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg 1200w" sizes="100vw" src="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" fetchpriority="high" decoding="async" width="480" height="360" class="mw-file-element" alt="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement. The ISO 20000 Bridge provides: Service management processes; related evidence: documents, policies and records; checklists and document templates." /></a><figcaption><span style="font-variant:small-caps;"><b>Fig. 1: YaSM and ISO/IEC 20000</b><br /><a href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" title="ISO 20000 process and document templates">Process and document templates for every ISO 20000 requirement</a>.</span></figcaption></figure></div></html>


<p>Frequently, certification according to ISO 20000 is sought because it enables organizations to prove that they are customer-oriented, efficient and effective suppliers of services. The certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.</html>
<span style="margin-top: 0; word-wrap:normal;">One&nbsp;of&nbsp;the&nbsp;objec&shy;tives when creating [[What is YaSM|YaSM]]<sup><small>&#174;</small></sup> was to provide a process model that is closely aligned with [[ISO 20000|ISO/IEC 20000 ('ISO 20000')]], the internationally acknowledged standard for service management.</span>


Organizations often seek [[FAQ: ISO 20000 Certification|certification to ISO 20000]] because it enables them to prove that they are customer-oriented, efficient and effective suppliers of services. The certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.
<p>&nbsp;</p>
<p>&nbsp;</p>


==<span id="yasm-iso-20000-related">YaSM - A framework closely related with ISO/IEC 20000</span>==
__TOC__
 
==<span id="yasm-iso-20000-related">Closely aligned with ISO/IEC 20000 - the YaSM model</span>==
 
ISO 20000 sets out "requirements for establishing, implementing, maintaining and continually improving a service management system (SMS)".


<html><div itemscope itemtype="https://schema.org/ImageObject">
To meet these requirements, organizations typically must define and implement a set of service management processes which comply with the standard. But ISO 20000 does not prescribe specific processes, nor does it provide detailed descriptions that organizations could use as guidance.
<a href="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000-processes.jpg" title="YaSM and ISO 20000" itemprop="contentUrl">
<meta itemprop="caption" content="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement." />
<meta itemprop="width" content="700" />
<meta itemprop="height" content="523" />
<meta itemprop="keywords" content="yasm iso 20000" />
<meta itemprop="keywords" content="yasm iso iec 20000" />
<meta itemprop="keywords" content="iso 20000 requirements" />
<img itemprop="thumbnailUrl" style="margin:5px 0px 30px 30px; float:right;" src="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" width="346" height="577" title="YaSM and ISO 20000" alt="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement." /></a></div><p></html>


ISO 20000 does not prescribe how the requirements are to be fulfilled, so there are many possible ways to achieve compliance. In practice, organizations need to define and implement a set of processes which as a whole fulfill all ISO 20000 requirements.
<html>Some more guidance can be found in the popular service management frameworks and approaches, such as <a href="https://yasm.com/wiki/en/index.php/YaSM_and_ITIL" title="YaSM and the IT Infrastructure Library ITIL&reg;">ITIL</a><sup><small>&#174;</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_CMMI_for_Services_-_CMMI-SVC" title="YaSM and CMMI&reg; for Services (CMMI-SVC)">CMMI-SVC</a><sup><small>&#174;</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT" title="YaSM and COBIT (Control Objectives for Information and Related Technologies)">COBIT</a><sup><small>&#174;</small></sup>, <a href="https://yasm.com/wiki/en/index.php/VeriSM" title="What is VeriSM&trade;?">VeriSM</a>&trade;, <a href="https://yasm.com/wiki/en/index.php/SIAM" title="What is SIAM Service Integration and Management?">SIAM</a>&trade;, etc. But some of these frameworks provide only high-level descriptions of service management processes, while others are not well aligned with ISO 20000, especially regarding the requirements related to the service management system.</p>


A popular solution is to turn to ITIL&reg; [[#ITIL|[1]]] for advice, since ISO 20000 and ITIL&reg; have many principles in common. The alignment of ITIL&reg; and ISO 20000, however, is incomplete in some areas, especially regarding the requirements related to the service management system (section 4 of ISO 20000).
<p>As a result, there is a need for <a href="https://yasm.com/wiki/en/index.php/Service_Management_Processes" title="Service management processes">detailed process descriptions</a> that are based on established service management frameworks and concepts and, at the same time, offer better alignment with ISO 20000:</p>


As a result, there was a need for a service management framework which incorporates the established ITIL&reg; principles but offers better alignment with ISO 20000:
<p>The <a href="https://yasm.com/en/products/yasm-process-map" title="ISO 20000 compliant process model: The YaSM Process Map">YaSM process model</a> provides such detailed descriptions as process templates in a graphical, easy-to-read format, including document templates for the policies and other documented information that usually needs to be prepared for the certification audit.</html>


YaSM consists of a tightly focused set of processes, policies and document templates which provide a solution for every ISO 20000 requirement. Implementing the YaSM processes is thus a straightforward approach for obtaining ISO 20000 certification.<br style="clear:both;"/>
The YaSM service management model thus provides a solution for every ISO 20000 requirement, and implementing the [[Service Management Processes|YaSM processes]] is a straightforward approach for obtaining ISO 20000 certification.<br style="clear:both;"/>


<p>&nbsp;</p>
==<span id="iso-20000-yasm-processes">ISO 20000 requirements and related service management processes</span>==


==<span id="iso-20000-yasm-processes">ISO 20000 requirements and related YaSM processes</span>==
<html><span id="md-webpage-description" itemprop="description">YaSM is designed to be well aligned with ISO 20000, and there are one or several <span id="md-webpage-educationalUse" itemprop="educationalUse">related service management processes for every section in ISO/IEC 20000:2018, Part 1 (Mandatory requirements)</span>, as exemplified in the following tables:</span></p>


<html><p>As YaSM is designed to be well aligned with ISO 20000, there are one or several <span id="md-webpage-educationalUse" itemprop="educationalUse">related YaSM processes for every section in ISO/IEC 20000:2011, Part 1 (Mandatory requirements)</span>, as exemplified in the following tables:
<ul style="clear:both;"/>
</p>
<li><a href="#Context_of_the_organization" title="ISO/IEC 20000, section 6: Context of the organization">Section 4: Context of the organization</a></li>
<ul>
<li><a href="#Leadership" title="ISO/IEC 20000, section 5: Leadership">Section 5: Leadership</a></li>
<li><a href="#section-4" title="YaSM &amp; ISO/IEC 20000, section 4: Service management system general requirements">Section 4: Service management system general requirements</a>
<li><a href="#Planning" title="ISO/IEC 20000, section 6: Planning">Section 6: Planning</a></li>
</li>
<li><a href="#Support_of_the_SMS" title="ISO/IEC 20000, section 7: Support of the service management system">Section 7: Support of the service management system</a></li>
<li><a href="#section-5" title="YaSM &amp; ISO/IEC 20000, section 5: Design and transition of new or changed services">Section 5: Design and transition of new or changed services</a>
<li><a href="#Operation_of_the_SMS" title="ISO/IEC 20000, section 8: Operation of the service management system">Section 8: Operation of the service management system</a></li>
</li>
<li><a href="#Performance_Evaluation" title="ISO/IEC 20000, section 9: Performance Evaluation">Section 9: Performance Evaluation</a></li>
<li><a href="#section-6" title="YaSM &amp; ISO/IEC 20000, section 6: Service delivery processes">Section 6: Service delivery processes</a>
<li><a href="#Improvement" title="ISO/IEC 20000, section 10: Improvement">Section 10: Improvement</a></li>
</li>
<li><a href="#section-7" title="YaSM &amp; ISO/IEC 20000, section 7: Relationship processes">Section 7: Relationship processes</a>
</li>
<li><a href="#section-8" title="YaSM &amp; ISO/IEC 20000, section 8: Resolution processes">Section 8: Resolution processes</a>
</li>
<li><a href="#section-9" title="YaSM &amp; ISO/IEC 20000, section 9: Control processes">Section 9: Control processes</a>
</li>
</ul>
</ul>


<p>&nbsp;</p>
<p><b>Notes:</b></p>
 
<ul><li>This overview omits sections 1 to 3 of ISO 20000, part 1, as they do not contain actual requirements (sections 1 to 3 cover scope, normative references, as well as terms and definitions).</li>
<p><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge" ><img src="https://yasm.com/en/content/videos/yasm-iso-20000-bridge/video-yasm-iso-20000.jpg" width="345" height="205" class="thumbimage" alt="Video: Stefan Kempter introducing the YaSM - ISO 20000 Bridge" title="Start the video: Introduction to the YaSM - ISO 20000 Bridge" style="display: block; float: right; margin-left: 30px; margin-bottom: 10px; margin-right: 10px" /></a>
<li>The following tables are based on ISO/IEC 20000:2018, part 1. Learn more about the new edition of the ISO 20000 standard:</li></ul>
<p style="margin-top: 0;">A detailed cross-reference between the YaSM processes and every single ISO 20000 requirement is available in the form of the <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="YaSM - ISO 20000 Bridge">YaSM - ISO 20000 Bridge</a>, an additional component to the YaSM<sup><small>&#174;</small></sup> Process Map.</p>
<ul style="list-style-image: URL('/wiki/en/img/yasm-wiki/icon-arrow-right.png');padding-left: 18px;">
<p>Watch the video: "<a href="https://yasm.com/en/videos/yasm-iso-20000-bridge">Introduction: YaSM - ISO 20000 Bridge</a>" [Duration: 4:10 min.]</p>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="The newest edition of ISO/IEC 20000:2018">The new version of ISO/IEC 20000:2018, and changes between ISO 20000:2018 and ISO 20000:2011.</a></li></ul>
<br style="clear:both;"/><p></html>


<p>&nbsp;</p>
<p>&nbsp;</p>
<p>A detailed cross-reference between the YaSM service management processes and every single ISO 20000 requirement is available in the form of the <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="YaSM - ISO 20000 Bridge">YaSM - ISO 20000 Bridge</a>, an additional component to the <a href="https://yasm.com/en/products/yasm-process-map" title="YaSM Process Map">YaSM Process Map</a>.</p>


'''''Notes:'''''<br />
<figure class="mw-halign-right" typeof="mw:File/Thumb"><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge" title="The YaSM - YaSM - ISO 20000 Bridge: Introduction (video)"><img srcset="https://yasm.com/en/content/videos/yasm-iso-20000-bridge/480px/yasm-iso-20000-processes-video.jpg 480w, https://yasm.com/en/content/videos/yasm-iso-20000-bridge/yasm-iso-20000-processes-video.jpg 1280w" sizes="100vw" src="https://yasm.com/en/content/videos/yasm-iso-20000-bridge/yasm-iso-20000-processes-video.jpg" decoding="async" width="480" height="270" class="mw-file-element" alt="The YaSM - ISO 20000 Bridge: Introduction (video). The YaSM process model is perfectly aligned with ISO 20000 (ISO/IEC 20000:2018). The process diagrams and document templates contained in the YaSM model make the task of designing ISO 20000 compliant processes for your organization manageable." /></a>
*''This overview omits sections 1 to 3 of ISO 20000, part 1, as they do not contain actual requirements (sections 1 to 3 cover scope, normative references, as well as terms and definitions).''
<figcaption><span style="font-variant:small-caps;"><b><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge" title="Start the video: The YaSM - ISO 20000 Bridge; Introduction">Start the video: Introduction to the YaSM - ISO 20000 Bridge</a></b></span></figcaption></figure>
*''The following tables are based on ISO/IEC 20000:2011, part 1.''
 
<p>&nbsp;</p>


==<span id="section-4">Service management system general requirements (ISO/IEC 20000, section 4)</span>==
<p style="margin-top: 0px; word-wrap:normal;">The ISO 20000 Bridge makes the task of designing ISO 20000 compliant processes for your organization manageable.</p>
<p>Watch the video:</p>
<ul style="list-style-image: URL('/wiki/en/img/yasm-wiki/icon-video-camera.png');padding-left: 15px;">
<li><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge" title="ISO 200000 processes: The YaSM - ISO 20000 Bridge (video)">The YaSM - ISO 20000 Bridge: Introduction</a>&quot; (6:03 min.)</li></ul></html>
<p style="clear:both;">&nbsp;</p>


<p>&nbsp;</p>
===Context of the organization===
----


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 4: 'Context of the organization'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|4.1 Management responsibility
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
|
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
*[[SP1: Set up and maintain the service management system]];
|
*This requirement is fulfilled predominantly by creating and maintaining an adequate set of service management policies.
*The YaSM policies are supported by a process model which defines, documents and communicates the service management processes.
|-style="vertical-align:top"
|-style="vertical-align:top"
|4.2 Governance of processes operated by other parties
|
|
*[[SP1: Set up and maintain the service management system]];
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
*[[SP2: Maintain the service portfolio]];
*[[SP11: Manage suppliers]]
|
|
*Processes operated by other parties are identified in the process model, which also documents the interfaces between internally and externally operated processes.
* The main service management policy contains a section that lists the relevant factors affecting the organization, including their impacts and approach for addressing these factors.
*YaSM recommends setting up and managing processes operated by other parties as supporting services, governed by service definitions and service agreements.
* The service management policy includes an overview of the interested parties and their requirements.
* The scope of the SMS is defined in the main service management policy.
|}
 
===Leadership===
----
 
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 5: 'Leadership'
|-
|-style="vertical-align:top"
|-style="vertical-align:top"
|4.3 Documentation management
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
|
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
*[[SP1: Set up and maintain the service management system]];
*[[SP4: Manage configuration information]]
|
*This requirement is fulfilled by the main service management policy, the strategic plan, the process model, as well as the various policies and plans related to specific YaSM processes.
*YaSM recommends managing documents as configuration items. The applicable authorities, responsibilities and controls can thus be defined for each type of document in the configuration model. Control can be exerted, for example, by appropriately configuring a document management system.
|-style="vertical-align:top"
|-style="vertical-align:top"
|4.4 Resource management
|
|
*[[LP3: Build new or changed services]];
*[[LP1: Set the strategic direction]]
*[[SP10: Manage human resources]];
*[[LP2: Design new or changed services]]
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
*[[SP10: Manage human resources]]
*[[SP11: Manage suppliers]]
*[[SP12: Manage service financials]]
*[[SP12: Manage service financials]]
|
|
*Financial resources are provided through the financial management process, which allocates the required budgets for creating, operating and improving the services and processes.
* The process for setting up and maintaining the SMS ensures that policies and objectives are established.
*Once the financial resources are allocated, the service provider is able to acquire the necessary technical and information resources through the various YaSM processes responsible for creating, operating and improving the services and processes.
* The organization maintains a number of service management plans, in particular the strategic plan and service and process improvement plans.
|-style="vertical-align:top"
* Authorities are assigned through the RACI matrix (part of the process model).
|4.5 Establish and improve the SMS
* Control of other parties is ensured through the supplier management process.
|
* SMS requirements are taken into account during process design, for example by including the service requirements and involving compliance management.
*[[LP5: Improve the services]];
* Resources are provided, for example, by the financial management and HR processes.
*[[SP1: Set up and maintain the service management system]]
* Regular reviews of the processes and services ensure the SMS achieves its intended outcomes.
|
* Continual improvement is ensured through the processes for improving the services and for improving the service management processes.
*The scope of the SMS is defined in YaSM's main service management policy. The services to be delivered are defined in the service portfolio.
*Instead of one all-encompassing service management plan, YaSM suggests to maintain a number of focused and more manageable plans and documents.
*The process for maintaining the SMS includes activities to monitor, audit and review the service management processes and to regularly re-assess the service management policies.
*The procedure for improving the SMS and the services is documented in the process model. Opportunities for improvement are documented in a number of ways, for example in the service and process review reports, as well as in the various improvement plans.
|}
|}


<p>&nbsp;</p>
===Planning===
<p>&nbsp;</p>
----
 
==<span id="section-5">Design and transition of new or changed services (ISO/IEC 20000, section 5)</span>==
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 6: 'Planning'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.1 General
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
|
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
*[[LP2: Design new or changed services]];
*[[LP3: Build new or changed services]];
*[[SP4: Manage configuration information]];
*[[SP5: Assess and coordinate changes]];
*[[SP6: Manage projects]]
|
*YaSM advises that the formal service design and build processes be used for all new or significantly changed services, where the service design policy defines the criteria for what constitutes a "significantly changed" service. Any changes required for a new or changed service will be submitted to the change assessment process.
*The service build process ensures that configuration information in the CMS is updated as new services are deployed.
*The project management and service build processes are responsible for the effective development and transition of the service.
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.2 Plan new or changed services
|
|
*[[LP1: Set the strategic direction]];
*[[LP1: Set the strategic direction]]
*[[LP2: Design new or changed services]];
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
*[[SP6: Manage projects]]
*[[SP6: Manage projects]]
*[[SP10: Manage human resources]]
|
|
*Various YaSM processes contribute to the identification of the service requirements. In particular, these are the strategic process, the customer relationship process and the service design process.
* High-level service management objectives are stated in the service management policy. More detailed objectives are established, for instance, in the form of strategic objectives, process and service objectives, project objectives, etc.
*The authorities and responsibilities for service design, development and transition, as well as the activities to be performed, are documented in the organization's policies, especially in the service design, service build and project management policies. Responsibilities for specific service development projects are defined in the project charters and the project plans.
* The service management processes, as defined and mandated through the process model, ensure alignment of planning activities with the various elements of the service management plan.
*The project plan specifies the design, development, testing and deployment activities in detail, including the timescales and required resources.
* Planning is done at several levels: At the strategic level, at the level of services and processes, and at the level of individual projects or initiatives.
* Evaluation of results is ensured, for example, through regular strategic reviews, service and process reviews, project reviews, etc.
|}
 
===Support of the SMS===
----
 
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 7: 'Support of the service management system'
|-
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.3 Design and development of new or changed services
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
|
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
*[[LP2: Design new or changed services]];
*[[LP3: Build new or changed services]]
|
*The service owners (the individuals with ultimate responsibility for delivering the new or changed services) are identified in the service definitions. Further responsibilities and the activities to be performed for the delivery of the services are specified in the service operation manual.
*The service implementation blueprint describes what is required to provide the new services, including technical infrastructure, processes, policies, external supporting services and contracts, documentation, financial resources, as well as skills and human resources.
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.4 Transition of new or changed services
|
|
*[[LP3: Build new or changed services]];
*[[LP1: Set the strategic direction]]
*[[SP5: Assess and coordinate changes]];
*[[LP5: Improve the services]]
*[[SP6: Manage projects]]
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
*[[SP2: Maintain the service portfolio]]
*[[SP10: Manage human resources]]
|
|
*The deployment of new or changed services is performed by YaSM's service build process.
* Required resources are determined when planning initiatives for setting up - or upgrading - services or (parts of) the service management system. Such initiatives are typically managed through the strategic plan and the various service and process improvement plans.
*Once a service development project is completed, a project review will be held to check if the project's objectives have been achieved.
* Skills are managed through the human resources management process and documented in the sills inventory.
*Furthermore, the change assessment process performs post-implementation reviews for each major change.
* Awareness of service management policies is achieved through publication and communication of the policies, for example via a service management portal on the intranet.
* Awareness of the list of services is ensured by making the service portfolio accessible throughout the organization.
* The data model (a particular view of the process model) provides a complete overview of the documented information required by the SMS.
|}
|}


<p>&nbsp;</p>
===Operation of the SMS===
<p>&nbsp;</p>
----
 
==<span id="section-6">Service delivery processes (ISO/IEC 20000, section 6)</span>==
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 8: 'Operation of the service management system'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.1 Service level management
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Operational-planning-and-control">8.1 Operational planning and control</span></span>'''
|-style="vertical-align:top"
|
|
*[[LP4: Operate the services]];
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
*[[LP5: Improve the services]];
*[[SP5: Assess and coordinate changes|SP5: Assess and coordinate changes]]
*[[SP2: Maintain the service portfolio]];
*[[SP11: Manage suppliers]]
*[[SP3: Manage customer relationships]]
|
|
*Customer service agreements determine which services are delivered to particular customers.
* The service management processes are planned and implemented through the process improvement plans. Processes are defined and documented in the process model.
*The complete range of services managed by the service provider is documented in the service portfolio, which also describes the dependencies between customer services and supporting services.
* Changes to the service management processes, policies and services are controlled through the change management process.
*Service catalogs are specific views of the service portfolio for particular customers which are maintained by the service portfolio manager.
* Outsourced services and processes are controlled via the supplier management process. This includes specifying requirements for service suppliers in line with the SMS requirements.
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Service-portfolio">8.2 Service portfolio</span></span>'''
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.2 Service reporting
|
|
*[[LP4: Operate the services]];
*[[LP1: Set the strategic direction]]
*[[LP2: Design new or changed services]]
*[[LP5: Improve the services]]
*[[LP5: Improve the services]]
*[[SP2: Maintain the service portfolio]]
*[[SP3: Manage customer relationships|SP3: Manage customer relation&shy;ships]]
*[[SP4: Manage configuration information|SP4: Manage config. infor&shy;mation]]
|
|
*Service quality reports are produced as part of operational activities. The reports include information on targeted vs. achieved service levels, workloads and trends, as well as exceptional events.
* Descriptions of the services, their purpose and the intended outcomes are contained in the service portfolio and the service definitions.
*Furthermore, the service improvement process produces reports to document the results of service reviews.
* Service catalogues are specific views of the service portfolio for particular customers and users.
* Service requirements are determined during service design and documented in the service definitions.
* Proposals to change services may originate from several processes, for example service strategy, customer relationship management or service improvement.
* The types of CIs for which configuration information is maintained are defined in the configuration model.
* Configuration information is recorded as configuration item (CI) records, as specified in the configuration model. Configuration information is typically stored in a database to allow control of access and traceability of changes.
* The attributes to be recorded for each CI are specified in the configuration model.
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Relationship-and-agreement">8.3 Relationship and agreement</span></span>'''
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.3 Service continuity and availability management
|
|
*[[LP2: Design new or changed services]];
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]];
*[[LP4: Operate the services]]
*[[LP5: Improve the services]];
*[[LP5: Improve the services]]
*[[SP8: Prepare for disaster events]]
*[[SP3: Manage customer relationships|SP3: Manage customer relation&shy;ships]]
*[[SP11: Manage suppliers]]
|
|
*Service availability and continuity targets are specified in the service definitions attached to customer service agreements.
* Regular communication with the customers, in particular through customer meetings and surveys, ensures the organization is kept up-to-date on new or changed service requirements.
*YaSM does not stipulate an availability plan but recommends managing availability improvements like any other service improvements through service improvement plans.
* Customer requirements are a key input for defining the services in service design and continual service improvement.
*With regards to service continuity, initiatives to improve service continuity are managed through the continuity improvement plan. Service continuity plans describe how service continuity is ensured for particular types of disasters.
* The customer management process includes activities for recording, investigating and resolving customer complaints.
*The service operation process includes activities to constantly monitor and report service quality levels, including service availability.
* The service properties, including service level targets, are specified in the service definitions.
* The service operation process tracks agreed vs. actual service levels and compiles service quality reports.
* Each supplier is assigned a supplier manager, as documented in the supplier portfolio.
* External service agreements and associated service definitions specify the properties of the services to be delivered, as well as the obligations and responsibilities of the contractual parties.
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Supply-and-demand">8.4 Supply and demand</span></span>'''
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.4 Budgeting and accounting for services
|
|
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]]
*[[LP5: Improve the services]]
*[[SP12: Manage service financials]]
*[[SP12: Manage service financials]]
|
|
*The YaSM process for managing service financials is focused on budgeting and accounting for services. Other financial management processes are not covered.
* Costs are budgeted and controlled through the financial budget and budget requests.
*Costs are budgeted and financial control is exerted through the financial management process, which prepares the financial budget, monitors expenditures and provides budget deviation analyses.
* Regular financial reports provide insight into actual costs for providing services. These reports are a key input for preparing financial forecasts and budgets.
* The reports prepared by financial management support the decision-making for services.
* Demand for services and capacity requirements are determined when specifying new or changed services.
* The service operation process produces regular service quality reports that include an analysis of capacity and performance data.
* If performance needs to be improved, improvement initiatives can be managed through the service improvement plan.
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Service-design-build-and-transition">8.5 Service design, build and transition</span></span>'''
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.5 Capacity management
|
|
*[[LP2: Design new or changed services]];
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]];
*[[LP3: Build new or changed services]]
*[[LP5: Improve the services]]
*[[SP5: Assess and coordinate changes|SP5: Assess and coor&shy;dinate changes]]
|
|
*Service capacity and performance requirements are specified in the service definitions attached to customer service agreements.
* Items that are under the control of change management, categories of change and criteria to determine risk levels are specified in the change policy. How changes are managed is described in the process model, which includes a detailed definition of the change management process.
*YaSM does not stipulate a capacity plan but recommends managing service capacity upgrades like any other service improvements through service improvement plans.
* Aspects to be considered when assessing proposed changes are specified in the change policy. Facts and arguments that lead to the approval or rejection of changes are documented in the change records.
*The service operation process includes activities to constantly monitor and report workloads and service quality levels, including capacity and performance.
* Requirements for changes to resources and skills are determined during service design and documented in the service implementation blueprint.
* Relevant service definitions are updated during service design. If required, customer and supporting agreements are updated in line with the service definitions as the new or changed services are implemented.
* Services are built according to the specifications in the service definitions, requirements specifications and in the service implementation blueprint. The service build process includes activities to create test cases and perform tests, to verify if all service components have been deployed successfully, and to take corrective action if necessary.
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Resolution-and-fulfilment">8.6 Resolution and fulfilment</span></span>'''
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.6 Information security management
|
|
*[[LP4.6: Resolve incidents and service requests]]
*[[LP4.7: Resolve problems]]
|
* Incidents are managed in the incident resolution process and documented in incident records.
* Actions taken to resolve incidents are documented in incident records.
* Service requests are managed in the incident and service request resolution process and documented in service request records.
* Actions taken to resolve service requests are documented in service request records.
* The problem resolution process performs data and trend analyses to detect problems. Any identified root causes and solutions are documented in problem records.
* If possible, problem management will identify workarounds and document them in the problem records. If feasible, problem management provides support staff with incident models, containing detailed instructions on how to apply the workarounds in order to resolve specific types of incidents.
* Known errors are documented in problem records with identified root causes and workarounds.
|-style="vertical-align:top"
|colspan="2"|'''<span style="color:#004260;"><span id="Service-assurance">8.7 Service assurance</span></span>'''
|-style="vertical-align:top"
|
*[[LP2: Design new or changed services]]
*[[LP3: Build new or changed services]]
*[[LP4: Operate the services]]
*[[LP5: Improve the services]]
*[[SP7: Ensure security]]
*[[SP7: Ensure security]]
*[[SP8: Ensure continuity]]
|
|
*YaSM's process to ensure security does not relate specifically to "information security", since YaSM is a concept which can be applied by all types of organizations providing services (i.e. not only IT service providers).  
* Service availability requirements and targets are specified in the service definitions attached to customer service agreements. The service implementation blueprint, created during service design, describes the technical and other measures to ensure service availability.
*The process responsible for setting up the service management system produces a set of service management policies, including a security policy. In addition, the security process produces specific supporting security policies.
* Service availability is monitored as part of service operation and documented in service quality reports. If availability targets are not met, the service improvement process will re-assess the risks to service availability and take corrective action if necessary.
*The security process is specified and documented in the process model. This process includes activities to conduct risk (re-)assessments and security reviews and to identify opportunities for improvement.
* Service continuity requirements are specified in the service definitions attached to customer service agreements.
* The process for managing service continuity performs regular assessments of continuity risks and maintains a register of critical events for which continuity mechanisms are to be put in place.
* Security risks are assessed on a regular basis, resulting in an updated register of security risks. This register identifies the relevant security risks with the mechanisms and controls applied to mitigate the risks.
* Security controls are designed and implemented through the service design and build processes or through the security management process. Security operation manuals provide guidance for the operation of the security controls.
|}
|}


<p>&nbsp;</p>
===Performance Evaluation===
<p>&nbsp;</p>
----
 
==<span id="section-7">Relationship processes (ISO/IEC 20000, section 7)</span>==
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 9: 'Performance Evaluation'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|7.1 Business relationship management
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
|
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
*[[SP3: Manage customer relationships]]
|
*YaSM's customer relationship management process contains several communication mechanisms with the customer, in particular customer meetings, customer satisfaction surveys and procedures for handling complaints.
*Regular service reviews are performed as part of the service improvement process. Customers are typically invited to take part in the reviews.
|-style="vertical-align:top"
|-style="vertical-align:top"
|7.2 Supplier management
|
|
*[[SP11: Manage suppliers]]
*[[LP1: Set the strategic direction]]
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]]
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
|
|
*YaSM recommends setting up and managing processes operated by external parties as supporting services, governed by external service agreements and defined by service definitions.
* Service levels and their target values are specified during service design in the service definitions.
*The supplier managers responsible for managing the relationships between service provider and suppliers are identified in the external service agreements.
* Monitoring and measurement for services is based on service levels.
*The service operation process contains activities to continually monitor the quality of externally provided services. Services and their suppliers are also submitted to regular reviews.
* Services are evaluated against service requirements during service reviews.
* Process metrics are defined during process design.
* Effectiveness and performance of the SMS is evaluated as part of the regular process reviews.
* Monitoring and measurement for the service management processes is based on process metrics.
* The service and process operation manuals contain instructions for monitoring and measuring, and determine when service and process reviews are to be performed.
* Management reviews are held at regular intervals in the form of strategic assessments. The continued adequacy of the service management system and the services is also ensured through regular service and process reviews.
|}
|}


<p>&nbsp;</p>
===Improvement===
<p>&nbsp;</p>
----
 
==<span id="section-8">Resolution processes (ISO/IEC 20000, section 8)</span>==
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#465674; color:#ffffff; font-size: 110%" colspan="2"|Processes for ISO/IEC 20000 section 10: 'Improvement'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|8.1 Incident and service request management
!style="background:#eeeeee; font-size: 100%; width:30%"|Related service mgmt. processes
|
!style="background:#eeeeee; font-size: 100%; width:70%"|Notes
*[[LP4.6: Resolve incidents and service requests]]
|
*The process for resolving incidents and service requests is documented in the YaSM process model. Other aspects of incident and service request resolution are documented in the incident and service request policy.
*Incident and service request models are provided as guidance to personnel involved in the resolution of incidents and service requests.
*There are two specific sub-processes for pro-actively informing customers and monitoring the resolution of incidents and service requests.
|-style="vertical-align:top"
|-style="vertical-align:top"
|8.2 Problem management
|
|
*[[LP4.7: Resolve problems]]
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system|SP1: Set up and maintain the service mgmt. system]]
*[[SP9: Ensure compliance]]
|
|
*The process for resolving problems is documented in the YaSM process model. Other aspects of problem resolution are documented in the problem resolution policy.
* Non-conformities are identified during service and process reviews. If corrective action is required, improvement initiatives are managed, for example, through the service and process improvement plans.  
*The problem resolution process performs data and trend analyses to detect problems. Any identified root causes and solutions are documented in problem records.
* Furthermore, the compliance management process reviews compliance with standards and regulations at regular intervals and takes corrective action if necessary.
*If possible, the problem manager will identify workarounds and document them in the problem records and possibly in incident models.
* Evaluation criteria for potential service and process improvements are specified in the service management policies.
* Improvement initiatives are only approved if submitted with clearly defined, measurable objectives and a business case.
|}
|}
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
==<span id="section-9">Control processes (ISO/IEC 20000, section 9)</span>==


<p>&nbsp;</p>
==More about ISO 20000==


{| class="wikitable" style="background: white;"
ISO&#8239;20000 basics:
|-
* [[ISO_20000|What is ISO 20000?]]
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
* [[ISO_20000_-_2018|The current edition of ISO 20000:2018]]
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
* [[FAQ: ISO 20000 Certification|FAQs: ISO 20000 certification]]
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|9.1 Configuration management
|
*[[SP4: Manage configuration information]]
|
*The various CI types managed through the configuration management system are defined in the configuration model. Information for each CI is recorded in CI records.
*YaSM refers to a configuration management system (CMS) rather than a CMDB.
*YaSM's configuration management process contains the required activities to ensure reliability and accuracy of configuration information.
|-style="vertical-align:top"
|9.2 Change management
|
*[[SP5: Assess and coordinate changes]]
|
*YasM recommends submitting all RFCs to the change assessment process.
*RFCs may be raised in different contexts, for example as part of service development projects (which typically entail a number of major changes to be implemented through the service design and build processes). Other changes may be required as part of service or process improvement initiatives or operational activities.
*Irrespective of the context in which a RFC has been raised, YaSM's change assessment process will assess its potential impact and risks and decide upon the required level of authority for authorizing the proposed change.
|-style="vertical-align:top"
|9.3 Release and deployment management
|
*[[LP3: Build new or changed services]];
*[[SP5: Assess and coordinate changes]];
*[[SP6: Manage projects]]
|
*For significant initiatives, the project management process is responsible for planning and controlling the deployment of new or changed services or service components. Typically, such initiatives require that requests for change (RFCs) are submitted to the change assessment process.
*For changes on a smaller scale, it will be the responsibility of the change owners to obtain authorization for the changes through the change assessment process and to coordinate the change implementation.
*YaSM defines a specific procedure for dealing with emergency changes and releases.
|}


<p>&nbsp;</p>
<html><p>ISO 20000 reference processes:</p>
<p>&nbsp;</p>
<ul><li>Product page: <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge">The YaSM - ISO 20000 Bridge</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_Project" title="Use cases - ISO 20000 projects">Use cases: How the YaSM model supports your ISO 20000 project</a></li>
<li><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge: Introduction (video)">Video: Introduction to the YaSM - ISO 20000 Bridge</a></li></ul></html>


==References==
==References==
*[ISO, 2011] International Organization for Standardization: ISO/IEC 20000-1:2011, Information technology - Service management - Part 1: Service management system requirements. - Geneva, Switzerland, April 2011.
*[ISO, 2018] International Organization for Standardization: ISO/IEC 20000-1:2018, Information technology - Service management - Part 1: Service management system requirements. - Geneva, Switzerland, September 2018.
 
<p>&nbsp;</p>


== Notes ==
== Notes ==
[1] <span id="ITIL">ITIL&reg; is a registered trade mark of AXELOS Limited. - IT Infrastructure Library&reg; is a registered trade mark of AXELOS Limited.</span><br />


Is based on: The [https://yasm.com/en/products/yasm-iso-20000-bridge YaSM - ISO 20000 Bridge].
Is based on: The [https://yasm.com/en/products/yasm-iso-20000-bridge YaSM - ISO 20000 Bridge].


<html>By:&#160;&#160;Andrea Kempter&#160;<a rel="author" href="https://plus.google.com/113316270668629760475/about"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/google.jpg" width="16" height="16" title="By: Andrea Kempter | Profile on Google+" alt="Author: Andrea Kempter, IT Process Maps GbR" /></a>&#160;&#160;and&#160;&#160;Stefan Kempter&#160;<a href="https://plus.google.com/111925560448291102517/about"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/google.jpg" width="16" height="16" title="By: Stefan Kempter | Profile on Google+" alt="Contributor: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.
<html>By:&#160;&#160;Andrea Kempter&#160;<a rel="author" href="https://www.linkedin.com/in/andreakempter"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/linkedin.jpg" width="16" height="16" title="By: Andrea Kempter | Profile on LinkedIn" alt="Author: Andrea Kempter, IT Process Maps GbR" /></a>&#160;&#160;and&#160;&#160;Stefan Kempter&#160;<a href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/linkedin.jpg" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Contributor: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.


<p>&nbsp;</p>
<p>&nbsp;</p>


<p><small>
<p><small>
<span itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<span itemprop="breadcrumb" itemscope itemtype="http://schema.org/BreadcrumbList">
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#yasm-iso-20000-related" itemprop="url"><span itemprop="title">YaSM: Closely related with ISO 20000</span></a>
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
</span>
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Closely_aligned_with_ISO.2FIEC_20000_-_the_YaSM_model">
<span itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<span itemprop="name">Closely aligned with ISO/IEC 20000 - the YaSM model</span></a>
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#iso-20000-yasm-processes" itemprop="url"><span itemprop="title">ISO 20000 requirements &amp; related YaSM processes</span></a>
<meta itemprop="position" content="1" /></span>
</span>
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<span itemscope="itemscope" itemtype="http://data-vocabulary.org/Breadcrumb">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#ISO_20000_requirements_and_related_service_management_processes">
<a href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#section-4" itemprop="url"><span itemprop="title">ISO/IEC 20000, section 4</span></a>
<span itemprop="name">ISO 20000 requirements and related service management processes</span></a>
<meta itemprop="position" content="2" /></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Context_of_the_organization">
<span itemprop="name">Context of the organization</span></a>
<meta itemprop="position" content="3" /></span>
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Leadership">
<span itemprop="name">Leadership</span></a>
<meta itemprop="position" content="4" /></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Planning">
<span itemprop="name">Planning</span></a>
<meta itemprop="position" content="5" /></span>
</span>
</span>
</small></p>
</small></p>
Line 398: Line 415:
   <meta itemprop="alternativeHeadline" content="YaSM and ISO/IEC 20000" />
   <meta itemprop="alternativeHeadline" content="YaSM and ISO/IEC 20000" />
   <link itemprop="url" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" />
   <link itemprop="url" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" />
   <link itemprop="primaryImageOfPage" href="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000-processes.jpg" />
   <link itemprop="primaryImageOfPage" href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" />
   <meta itemprop="significantLinks" content="https://yasm.com/en/products/yasm-iso-20000-bridge" />
   <meta itemprop="significantLinks" content="https://yasm.com/en/products/yasm-iso-20000-bridge" />
   <meta itemprop="significantLinks" content="https://yasm.com/en/products/yasm-process-map" />
   <meta itemprop="significantLinks" content="https://yasm.com/en/products/yasm-process-map" />
Line 412: Line 429:


<!-- This page is assigned to the following categories: -->
<!-- This page is assigned to the following categories: -->
[[Category:Service management frameworks and standards]]
[[Category:Service management frameworks and standards]][[Category:ISO 20000]]
<!-- --- -->
<!-- --- -->

Latest revision as of 16:20, 22 July 2024

auf Deutsch


 

Comparison: YaSM and ISO 20000 (ISO/IEC 20000:2018)

Part of: YaSM vs. other service management frameworks and standards

 

One of the objec­tives when creating YaSM® was to provide a process model that is closely aligned with ISO/IEC 20000 ('ISO 20000'), the internationally acknowledged standard for service management.

Organizations often seek certification to ISO 20000 because it enables them to prove that they are customer-oriented, efficient and effective suppliers of services. The certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.

 

Closely aligned with ISO/IEC 20000 - the YaSM model

ISO 20000 sets out "requirements for establishing, implementing, maintaining and continually improving a service management system (SMS)".

To meet these requirements, organizations typically must define and implement a set of service management processes which comply with the standard. But ISO 20000 does not prescribe specific processes, nor does it provide detailed descriptions that organizations could use as guidance.

Some more guidance can be found in the popular service management frameworks and approaches, such as ITIL®, CMMI-SVC®, COBIT®, VeriSM™, SIAM™, etc. But some of these frameworks provide only high-level descriptions of service management processes, while others are not well aligned with ISO 20000, especially regarding the requirements related to the service management system.

As a result, there is a need for detailed process descriptions that are based on established service management frameworks and concepts and, at the same time, offer better alignment with ISO 20000:

The YaSM process model provides such detailed descriptions as process templates in a graphical, easy-to-read format, including document templates for the policies and other documented information that usually needs to be prepared for the certification audit.

The YaSM service management model thus provides a solution for every ISO 20000 requirement, and implementing the YaSM processes is a straightforward approach for obtaining ISO 20000 certification.

ISO 20000 requirements and related service management processes

YaSM is designed to be well aligned with ISO 20000, and there are one or several related service management processes for every section in ISO/IEC 20000:2018, Part 1 (Mandatory requirements), as exemplified in the following tables:

Notes:

  • This overview omits sections 1 to 3 of ISO 20000, part 1, as they do not contain actual requirements (sections 1 to 3 cover scope, normative references, as well as terms and definitions).
  • The following tables are based on ISO/IEC 20000:2018, part 1. Learn more about the new edition of the ISO 20000 standard:

 

A detailed cross-reference between the YaSM service management processes and every single ISO 20000 requirement is available in the form of the YaSM - ISO 20000 Bridge, an additional component to the YaSM Process Map.

The YaSM - ISO 20000 Bridge: Introduction (video). The YaSM process model is perfectly aligned with ISO 20000 (ISO/IEC 20000:2018). The process diagrams and document templates contained in the YaSM model make the task of designing ISO 20000 compliant processes for your organization manageable.
Start the video: Introduction to the YaSM - ISO 20000 Bridge

The ISO 20000 Bridge makes the task of designing ISO 20000 compliant processes for your organization manageable.

Watch the video:

 

Context of the organization


Processes for ISO/IEC 20000 section 4: 'Context of the organization'
Related service mgmt. processes Notes
  • The main service management policy contains a section that lists the relevant factors affecting the organization, including their impacts and approach for addressing these factors.
  • The service management policy includes an overview of the interested parties and their requirements.
  • The scope of the SMS is defined in the main service management policy.

Leadership


Processes for ISO/IEC 20000 section 5: 'Leadership'
Related service mgmt. processes Notes
  • The process for setting up and maintaining the SMS ensures that policies and objectives are established.
  • The organization maintains a number of service management plans, in particular the strategic plan and service and process improvement plans.
  • Authorities are assigned through the RACI matrix (part of the process model).
  • Control of other parties is ensured through the supplier management process.
  • SMS requirements are taken into account during process design, for example by including the service requirements and involving compliance management.
  • Resources are provided, for example, by the financial management and HR processes.
  • Regular reviews of the processes and services ensure the SMS achieves its intended outcomes.
  • Continual improvement is ensured through the processes for improving the services and for improving the service management processes.

Planning


Processes for ISO/IEC 20000 section 6: 'Planning'
Related service mgmt. processes Notes
  • High-level service management objectives are stated in the service management policy. More detailed objectives are established, for instance, in the form of strategic objectives, process and service objectives, project objectives, etc.
  • The service management processes, as defined and mandated through the process model, ensure alignment of planning activities with the various elements of the service management plan.
  • Planning is done at several levels: At the strategic level, at the level of services and processes, and at the level of individual projects or initiatives.
  • Evaluation of results is ensured, for example, through regular strategic reviews, service and process reviews, project reviews, etc.

Support of the SMS


Processes for ISO/IEC 20000 section 7: 'Support of the service management system'
Related service mgmt. processes Notes
  • Required resources are determined when planning initiatives for setting up - or upgrading - services or (parts of) the service management system. Such initiatives are typically managed through the strategic plan and the various service and process improvement plans.
  • Skills are managed through the human resources management process and documented in the sills inventory.
  • Awareness of service management policies is achieved through publication and communication of the policies, for example via a service management portal on the intranet.
  • Awareness of the list of services is ensured by making the service portfolio accessible throughout the organization.
  • The data model (a particular view of the process model) provides a complete overview of the documented information required by the SMS.

Operation of the SMS


Processes for ISO/IEC 20000 section 8: 'Operation of the service management system'
Related service mgmt. processes Notes
8.1 Operational planning and control
  • The service management processes are planned and implemented through the process improvement plans. Processes are defined and documented in the process model.
  • Changes to the service management processes, policies and services are controlled through the change management process.
  • Outsourced services and processes are controlled via the supplier management process. This includes specifying requirements for service suppliers in line with the SMS requirements.
8.2 Service portfolio
  • Descriptions of the services, their purpose and the intended outcomes are contained in the service portfolio and the service definitions.
  • Service catalogues are specific views of the service portfolio for particular customers and users.
  • Service requirements are determined during service design and documented in the service definitions.
  • Proposals to change services may originate from several processes, for example service strategy, customer relationship management or service improvement.
  • The types of CIs for which configuration information is maintained are defined in the configuration model.
  • Configuration information is recorded as configuration item (CI) records, as specified in the configuration model. Configuration information is typically stored in a database to allow control of access and traceability of changes.
  • The attributes to be recorded for each CI are specified in the configuration model.
8.3 Relationship and agreement
  • Regular communication with the customers, in particular through customer meetings and surveys, ensures the organization is kept up-to-date on new or changed service requirements.
  • Customer requirements are a key input for defining the services in service design and continual service improvement.
  • The customer management process includes activities for recording, investigating and resolving customer complaints.
  • The service properties, including service level targets, are specified in the service definitions.
  • The service operation process tracks agreed vs. actual service levels and compiles service quality reports.
  • Each supplier is assigned a supplier manager, as documented in the supplier portfolio.
  • External service agreements and associated service definitions specify the properties of the services to be delivered, as well as the obligations and responsibilities of the contractual parties.
8.4 Supply and demand
  • Costs are budgeted and controlled through the financial budget and budget requests.
  • Regular financial reports provide insight into actual costs for providing services. These reports are a key input for preparing financial forecasts and budgets.
  • The reports prepared by financial management support the decision-making for services.
  • Demand for services and capacity requirements are determined when specifying new or changed services.
  • The service operation process produces regular service quality reports that include an analysis of capacity and performance data.
  • If performance needs to be improved, improvement initiatives can be managed through the service improvement plan.
8.5 Service design, build and transition
  • Items that are under the control of change management, categories of change and criteria to determine risk levels are specified in the change policy. How changes are managed is described in the process model, which includes a detailed definition of the change management process.
  • Aspects to be considered when assessing proposed changes are specified in the change policy. Facts and arguments that lead to the approval or rejection of changes are documented in the change records.
  • Requirements for changes to resources and skills are determined during service design and documented in the service implementation blueprint.
  • Relevant service definitions are updated during service design. If required, customer and supporting agreements are updated in line with the service definitions as the new or changed services are implemented.
  • Services are built according to the specifications in the service definitions, requirements specifications and in the service implementation blueprint. The service build process includes activities to create test cases and perform tests, to verify if all service components have been deployed successfully, and to take corrective action if necessary.
8.6 Resolution and fulfilment
  • Incidents are managed in the incident resolution process and documented in incident records.
  • Actions taken to resolve incidents are documented in incident records.
  • Service requests are managed in the incident and service request resolution process and documented in service request records.
  • Actions taken to resolve service requests are documented in service request records.
  • The problem resolution process performs data and trend analyses to detect problems. Any identified root causes and solutions are documented in problem records.
  • If possible, problem management will identify workarounds and document them in the problem records. If feasible, problem management provides support staff with incident models, containing detailed instructions on how to apply the workarounds in order to resolve specific types of incidents.
  • Known errors are documented in problem records with identified root causes and workarounds.
8.7 Service assurance
  • Service availability requirements and targets are specified in the service definitions attached to customer service agreements. The service implementation blueprint, created during service design, describes the technical and other measures to ensure service availability.
  • Service availability is monitored as part of service operation and documented in service quality reports. If availability targets are not met, the service improvement process will re-assess the risks to service availability and take corrective action if necessary.
  • Service continuity requirements are specified in the service definitions attached to customer service agreements.
  • The process for managing service continuity performs regular assessments of continuity risks and maintains a register of critical events for which continuity mechanisms are to be put in place.
  • Security risks are assessed on a regular basis, resulting in an updated register of security risks. This register identifies the relevant security risks with the mechanisms and controls applied to mitigate the risks.
  • Security controls are designed and implemented through the service design and build processes or through the security management process. Security operation manuals provide guidance for the operation of the security controls.

Performance Evaluation


Processes for ISO/IEC 20000 section 9: 'Performance Evaluation'
Related service mgmt. processes Notes
  • Service levels and their target values are specified during service design in the service definitions.
  • Monitoring and measurement for services is based on service levels.
  • Services are evaluated against service requirements during service reviews.
  • Process metrics are defined during process design.
  • Effectiveness and performance of the SMS is evaluated as part of the regular process reviews.
  • Monitoring and measurement for the service management processes is based on process metrics.
  • The service and process operation manuals contain instructions for monitoring and measuring, and determine when service and process reviews are to be performed.
  • Management reviews are held at regular intervals in the form of strategic assessments. The continued adequacy of the service management system and the services is also ensured through regular service and process reviews.

Improvement


Processes for ISO/IEC 20000 section 10: 'Improvement'
Related service mgmt. processes Notes
  • Non-conformities are identified during service and process reviews. If corrective action is required, improvement initiatives are managed, for example, through the service and process improvement plans.
  • Furthermore, the compliance management process reviews compliance with standards and regulations at regular intervals and takes corrective action if necessary.
  • Evaluation criteria for potential service and process improvements are specified in the service management policies.
  • Improvement initiatives are only approved if submitted with clearly defined, measurable objectives and a business case.

 

More about ISO 20000

ISO 20000 basics:

ISO 20000 reference processes:

References

  • [ISO, 2018] International Organization for Standardization: ISO/IEC 20000-1:2018, Information technology - Service management - Part 1: Service management system requirements. - Geneva, Switzerland, September 2018.

Notes

Is based on: The YaSM - ISO 20000 Bridge.

By:  Andrea Kempter   and  Stefan Kempter Contributor: Stefan Kempter, IT Process Maps GbR, IT Process Maps.

 

Closely aligned with ISO/IEC 20000 - the YaSM model  › ISO 20000 requirements and related service management processes  › Context of the organization  › Leadership  › Planning