FAQ: ISO 20000 Certification: Difference between revisions
No edit summary |
No edit summary |
||
(6 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
<meta property="og:title" content="FAQ: ISO 20000 Certification | YaSM Service Management Wiki" /> | <meta property="og:title" content="FAQ: ISO 20000 Certification | YaSM Service Management Wiki" /> | ||
<meta property="og:description" content="Browse through these FAQs to find answers to common questions about ISO 20000 certifications and ISO/IEC 20000 audits." /> | <meta property="og:description" content="Browse through these FAQs to find answers to common questions about ISO 20000 certifications and ISO/IEC 20000 audits." /> | ||
<meta property="og:site_name" content="YaSM"> | <meta property="og:site_name" content="YaSM Service Management"> | ||
<meta property="og:type" content="article | <meta property="og:type" content="article" /> | ||
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/16x9/iso-20000-certification-steps.jpg" /> | |||
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" /> | |||
<meta property="og:image:width" content="1200" /> | <meta property="og:image:width" content="1200" /> | ||
<meta property="og:image:height" content=" | <meta property="og:image:height" content="675" /> | ||
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/1x1/iso-20000-certification-steps.jpg" /> | <meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/1x1/iso-20000-certification-steps.jpg" /> | ||
<meta property="og:image:width" content="1200" /> | <meta property="og:image:width" content="1200" /> | ||
<meta property="og:image:height" content="1200" /> | <meta property="og:image:height" content="1200" /> | ||
<meta name=" | <meta name="author" content="Stefan Kempter"> | ||
<link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" /> | <link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" /> | ||
<meta name="pinterest-rich-pin" content="false" /> | <meta name="pinterest-rich-pin" content="false" /> | ||
</itpmch> | </itpmch> | ||
<html | <html><div class="noresize"><a href="https://yasm.com/wiki/de/index.php/FAQ:_ISO_20000-Zertifizierung"><img src="https://yasm.com/wiki/en/img/yasm-wiki/YaSM-Wiki-Deutsch.png" width="140" height="36" style="float:right;" alt="auf Deutsch" title="This page in German" /></a></div><br style="clear:both;"/></html> | ||
<p> </p> | <p> </p> | ||
<html><span id="md-webpage-description" itemprop="description">Browse through these FAQs to find answers to common questions about <a href="https://yasm.com/wiki/en/index.php/ISO_20000" title="What is ISO 20000?">ISO 20000</a> certifications and ISO/IEC 20000 audits.</span></html> | <html><span id="md-webpage-description" itemprop="description">Browse through these FAQs to find answers to common questions about <a href="https://yasm.com/wiki/en/index.php/ISO_20000" title="What is ISO 20000?">ISO 20000</a> certifications and ISO/IEC 20000 audits. Tips for organizations that want to sustainably improve their <a href="https://yasm.com/wiki/en/index.php/Service_Management_Processes" title="YaSM service management processes">service management processes</a> and get certified to <a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="The most recent edition of ISO 20000 2018">ISO/IEC 20000:2018</a>.</span></html> | ||
<p> </p> | <p> </p> | ||
Line 43: | Line 34: | ||
What's more, the decision to seek ISO 20000 certification sets a specific target for your organization and helps concentrate minds. An ISO 20000 certification initiative is thus a good way to kick-start the adoption of service management best practice and to make sure motivation stays high. | What's more, the decision to seek ISO 20000 certification sets a specific target for your organization and helps concentrate minds. An ISO 20000 certification initiative is thus a good way to kick-start the adoption of service management best practice and to make sure motivation stays high. | ||
==What is the audit process?== | ==What is the audit process?== | ||
Line 51: | Line 41: | ||
*During the <i>stage 1 audit</i>, your auditor will determine your organization's readiness for ISO 20000 certification. A key output from this stage is typically a list of identified non-conformities (areas where the standard's requirements are not fulfilled). The stage 1 audit report will thus help you with correcting any issues in preparation for the final stage 2 audit. | *During the <i>stage 1 audit</i>, your auditor will determine your organization's readiness for ISO 20000 certification. A key output from this stage is typically a list of identified non-conformities (areas where the standard's requirements are not fulfilled). The stage 1 audit report will thus help you with correcting any issues in preparation for the final stage 2 audit. | ||
*The <i>stage 2 audit</i> aims to assess compliance with the ISO 20000 requirements. If you complete the stage 2 audit successfully, your organization is certified against ISO 20000. | *The <i>stage 2 audit</i> aims to assess compliance with the ISO 20000 requirements. If you complete the stage 2 audit successfully, your organization is certified against ISO 20000. | ||
==What is being audited?== | ==What is being audited?== | ||
Line 66: | Line 55: | ||
*everyone is familiar with the processes | *everyone is familiar with the processes | ||
*the documented processes are adhered to. | *the documented processes are adhered to. | ||
==How do we prepare for the audit?== | ==How do we prepare for the audit?== | ||
Unfortunately, ISO 20000 only sets out requirements that must be fulfilled, but it does not provide detailed guidance. Its authors recommend that organizations use <i>"a combination of generally accepted frameworks and their own experience"</i> in their effort to get aligned with ISO 20000. | Unfortunately, ISO 20000 only sets out requirements that must be fulfilled, but it does not provide detailed guidance. Its authors recommend that organizations use <i>"a combination of generally accepted frameworks and their own experience"</i> in their effort to get aligned with ISO 20000. | ||
<html>So the classic approach to preparing an organization for the ISO 20000 audit is to take the advice from the popular service management frameworks and approaches such as <a href="https://yasm.com/wiki/en/index.php/YaSM_and_ITIL" title="YaSM and the IT Infrastructure Library ITIL®">ITIL</a><sup><small>®</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_CMMI_for_Services_ | <html>So the classic approach to preparing an organization for the ISO 20000 audit is to take the advice from the popular service management frameworks and approaches such as <a href="https://yasm.com/wiki/en/index.php/YaSM_and_ITIL" title="YaSM and the IT Infrastructure Library ITIL®">ITIL</a><sup><small>®</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_CMMI_for_Services_-_CMMI-SVC" title="YaSM and CMMI® for Services (CMMI-SVC)">CMMI-SVC</a><sup><small>®</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT" title="YaSM and COBIT (Control Objectives for Information and Related Technologies)">COBIT</a><sup><small>®</small></sup>, <a href="https://yasm.com/wiki/en/index.php/VeriSM" title="What is VeriSM?">VeriSM™</a>, <a href="https://yasm.com/wiki/en/index.php/FitSM" title="What is FitSM">FitSM</a>, <a href="https://yasm.com/wiki/en/index.php/SIAM" title="What is SIAM Service Integration and Management?">SIAM</a>™, etc. Wherever nonconformities with ISO 20000 are identified, organizations can use that guidance to adapt their processes or documentation, as needed.</p> | ||
<p>The <a href="https://yasm.com/en/products/yasm-process-map" title="YaSM Process Map: The service management process model">YaSM process model</a> and the <a href="https://yasm.com/ | <p>The <a href="https://yasm.com/en/products/yasm-process-map" title="YaSM Process Map: The service management process model">YaSM process model</a> and the <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="YaSM - ISO 20000 Bridge: ISO 20000 reference processes">YaSM - ISO 20000 Bridge</a> make this task a lot easier, because YaSM was developed with ISO 20000 in mind. For every ISO 20000 requirement, YaSM provides you with detailed guidance in the form of process and document templates that you can adapt to your needs.</html> | ||
==How long does it take?== | ==How long does it take?== | ||
Line 80: | Line 67: | ||
So there is no simple answer to the question how long it will take, but in our experience most organizations spend one year or two preparing for their certification audit. | So there is no simple answer to the question how long it will take, but in our experience most organizations spend one year or two preparing for their certification audit. | ||
==What are the typical project steps leading to ISO 20000 certification?== | ==What are the typical project steps leading to ISO 20000 certification?== | ||
<html><div | <html><div itemid="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" itemscope itemtype="https://schema.org/ImageObject"> | ||
<meta itemprop="caption" content="Typical project steps leading to ISO 20000 certification" /> | <meta itemprop="caption" content="Typical project steps leading to ISO 20000 certification" /> | ||
<meta itemprop="width" content="1200" /> | <meta itemprop="width" content="1200" /> | ||
<meta itemprop="height" content="900" /> | <meta itemprop="height" content="900" /> | ||
<meta itemprop="representativeOfPage" content="true"/> | <meta itemprop="representativeOfPage" content="true"/> | ||
<meta itemprop="dateCreated" content="2018-07-10" /> | |||
<meta itemprop="datePublished" content="2018-07-10" /> | |||
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject"> | <span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject"> | ||
<meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/1x1/iso-20000-certification-steps.jpg" /> | <meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/1x1/iso-20000-certification-steps.jpg" /> | ||
Line 95: | Line 82: | ||
<meta itemprop="height" content="1200" /> | <meta itemprop="height" content="1200" /> | ||
</span> | </span> | ||
< | <span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject"> | ||
< | <meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/16x9/iso-20000-certification-steps.jpg" /> | ||
<meta itemprop="width" content="1200" /> | |||
<meta itemprop="height" content="675" /> | |||
<meta itemprop="dateCreated" content="2019-04-27" /> | |||
<meta itemprop="datePublished" content="2019-04-27" /> | |||
</span> | |||
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject"> | |||
<meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/480px/iso-20000-certification-steps.jpg" /> | |||
<meta itemprop="width" content="480" /> | |||
<meta itemprop="height" content="360" /> | |||
<meta itemprop="dateCreated" content="2022-11-08" /> | |||
<meta itemprop="datePublished" content="2022-11-09" /> | |||
</span> | |||
<meta itemprop="keywords" content="ISO 20000 steps" /> | |||
<meta itemprop="keywords" content="ISO 20000 certification" /> | |||
====Step 1: Create awareness | <figure class="mw-halign-right" typeof="mw:File/Thumb"><a itemprop="contentUrl" href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" title="6 steps to ISO 20000 certification"><img srcset="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/480px/iso-20000-certification-steps.jpg 480w, https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg 1200w" sizes="100vw" src="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" fetchpriority="high" decoding="async" width="480" height="360" class="mw-file-element" alt="Typical project steps leading to ISO 20000 certification. - 1. Create awareness, 2. Determine the ISO 20000 certification scope, 3. Conduct an initial ISO 20000 assessment, 4. Set up the project, 4. Prepare for the certification audit, 5. Conduct the ISO 20000 audit. Retain ISO 20000 certification." /></a><figcaption><span style="font-variant:small-caps;"><b>Fig. 1: <a href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" title="Typical steps leading to ISO 20000 certification">6 steps to ISO 20000 certification</a></b></span></figcaption></figure></div></html> | ||
How to become ISO 20000 certified? Let's break it down into six steps. | |||
===Step 1: Create awareness=== | |||
Communicate the goals and benefits of the ISO 20000 certification and the approach for achieving ISO 20000 compliance. This step should include giving everyone in your organization at least a basic understanding of service management best practice. | Communicate the goals and benefits of the ISO 20000 certification and the approach for achieving ISO 20000 compliance. This step should include giving everyone in your organization at least a basic understanding of service management best practice. | ||
===Step 2: Determine the ISO 20000 certification scope=== | |||
If you wish to limit the scope of your ISO 20000 certificate: Decide what parts of the organization, what services and/ or what locations shall be covered by the ISO 20000 certificate. | If you wish to limit the scope of your ISO 20000 certificate: Decide what parts of the organization, what services and/ or what locations shall be covered by the ISO 20000 certificate. | ||
===Step 3: Conduct an initial ISO 20000 assessment=== | |||
Determine gaps between today’s situation and the standard's requirements; this can be done by an external advisor, or by way of a self-assessment. | Determine gaps between today’s situation and the standard's requirements; this can be done by an external advisor, or by way of a self-assessment. | ||
<html>The YaSM model provides <a href="https://yasm.com/en/ | <html>The YaSM model provides <a href="https://yasm.com/wiki/en/index.php/Service_Management_Processes" title="ISO 20000 compliant service management processes">a complete set of ISO 20000 compliant processes</a> as a benchmark for your assessment.</html> | ||
The result of this step is a detailed list of the ISO 20000 requirements where conformant and non-conformant areas are identified. For non-conformant areas the list includes the findings on what exactly the issues are and how they can be addressed. | The result of this step is a detailed list of the ISO 20000 requirements where conformant and non-conformant areas are identified. For non-conformant areas the list includes the findings on what exactly the issues are and how they can be addressed. | ||
===Step 4: Set up the ISO 20000 project=== | |||
Establish a project board. Choose a project manager and project staff. | Establish a project board. Choose a project manager and project staff. | ||
Determine the necessary resources, prepare a project plan and assign tasks. Choose an auditor and an experienced external advisor. | Determine the necessary resources, prepare a project plan and assign tasks. Choose an auditor and an experienced external advisor. | ||
===Step 5: Prepare for the ISO 20000 certification audit=== | |||
Close the gaps identified during the initial ISO 20000 assessment. | Close the gaps identified during the initial ISO 20000 assessment. | ||
This is usually the most time-consuming part of an ISO 20000 initiative, because (depending on the level of compliance found during the initial assessment) a considerable number of service management processes may need to be modified or introduced. | This is usually the most time-consuming part of an ISO 20000 initiative, because (depending on the level of compliance found during the initial assessment) a considerable number of service management processes may need to be modified or introduced. | ||
Defining processes to meet the ISO 20000 requirements can be a challenge, but with the YaSM model we provide detailed process templates so you don't have to start from nothing. | <html>Defining processes to meet the ISO 20000 requirements can be a challenge, but with the <a href="https://yasm.com/en/products/yasm-process-map" title="The YaSM Process Map: ISO 20000 compliant process templates">YaSM process model</a> we provide detailed process templates so you don't have to start from nothing.</p> | ||
During preparation for the ISO 20000 audit, use a checklist to keep track of what requirements are already fulfilled and what related evidence (documents and records) is in place. | <p>During preparation for the ISO 20000 audit, use a checklist to keep track of what requirements are already fulfilled and what related evidence (documents and records) is in place.</p> | ||
< | <p>To help you with this, the <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge">YaSM - ISO 20000 Bridge</a> contains a pre-configured Excel table with all ISO 20000 requirements which you can use to monitor your progress towards ISO 20000 compliance.</html> | ||
===Step 6: Conduct the ISO 20000 certification audit=== | |||
The actual ISO 20000 audit must be carried out by an external auditor from a Registered Certification Body (RCB). | The actual ISO 20000 audit must be carried out by an external auditor from a Registered Certification Body (RCB). | ||
=== | ===Retain ISO 20000 certification=== | ||
After the initial certification, renewal of the ISO 20000 certificate is due every three years. Make sure you continue to adhere to the standard and put a strong emphasis on continual service and process improvement. | After the initial certification, renewal of the ISO 20000 certificate is due every three years. Make sure you continue to adhere to the standard and put a strong emphasis on continual service and process improvement. | ||
==Are there typical pitfalls in an ISO 20000 project?== | ==Are there typical pitfalls in an ISO 20000 project?== | ||
These are the most critical pitfalls in ISO 20000 projects organizations should avoid. | |||
If staff are able to contribute their views and experiences during the ISO 20000 project, this greatly enhances acceptance of the new processes - and ensures long-term success. | ; 1. No management support | ||
: Management must understand and communicate why the organization seeks certification, and visibly endorse the initiative. | |||
; 2. Too little involvement of staff | |||
Management commitment must be backed up by the provision of sufficient resources for the certification program. This includes making sure that staff assigned to the project are freed from some of their day-to-day tasks. | : The advantages of best practice should be explained to everyone in your organization, and all members of staff should be involved as closely as possible during the design of the new ISO 20000 compliant processes. | ||
: If staff are able to contribute their views and experiences during the ISO 20000 project, this greatly enhances acceptance of the new processes - and ensures long-term success. | |||
; 3. Insufficient resources for the ISO 20000 project | |||
If you plan to get certified against ISO 20000 for the first time, it pays to seek the help of an external advisor. | : Management commitment must be backed up by the provision of sufficient resources for the certification program. This includes making sure that staff assigned to the project are freed from some of their day-to-day tasks. | ||
; 4. No external support | |||
Many requirements are, to a certain extent, open for interpretation, and an experienced consultant can tell you what's of importance to your auditor. He or she can thus direct your efforts in the right direction. Your goal should be to be well prepared for the audit - without overshooting the mark. | : If you plan to get certified against ISO 20000 for the first time, it pays to seek the help of an external advisor. | ||
: Many requirements are, to a certain extent, open for interpretation, and an experienced consultant can tell you what's of importance to your auditor. He or she can thus direct your efforts in the right direction. Your goal should be to be well prepared for the audit - without overshooting the mark. | |||
==More about ISO 20000== | ==More about ISO 20000== | ||
<html><ul><li><a href="https://yasm.com/wiki/en/index.php/ISO_20000" title="ISO 20000">What is ISO 20000?</a></li> | <html><ul><li><a href="https://yasm.com/wiki/en/index.php/ISO_20000" title="ISO 20000">What is ISO 20000?</a></li> | ||
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_Project" title="Use cases - ISO 20000 projects">Use cases: How the YaSM model supports your ISO 20000 project</a></li> | <li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_Project" title="Use cases - ISO 20000 projects">Use cases: How the YaSM model supports your ISO 20000 project</a></li> | ||
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="ISO 20000 - 2018">The | <li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="ISO 20000 - 2018">The most recent edition of ISO 20000:2018</a></li> | ||
<li><a href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" title="YaSM and ISO 20000">How YaSM relates to ISO 20000</a></li> | <li><a href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" title="YaSM and ISO 20000">How YaSM relates to ISO 20000</a></li> | ||
<li><a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge">The YaSM - ISO 20000 Bridge</a></li></ul></html> | <li><a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge">The YaSM - ISO 20000 Bridge</a></li></ul></html> | ||
== Notes and references == | == Notes and references == | ||
Is based on: The [https://yasm.com/en/products/yasm-iso-20000-bridge YaSM - ISO 20000 Bridge]. | Is based on: The [https://yasm.com/en/products/yasm-iso-20000-bridge YaSM - ISO 20000 Bridge]. | ||
<html>By:  Stefan Kempter <a | <html>By:  Stefan Kempter <a href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/linkedin.jpg" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>  and  Andrea Kempter <a href="https://www.linkedin.com/in/andreakempter"><img style="margin:0px 0px 0px 0px;" src="/wiki/en/img/yasm-wiki/bookmarking/linkedin.jpg" width="16" height="16" title="By: Andrea Kempter | Profile on LinkedIn" alt="Contributor: Andrea Kempter, IT Process Maps GbR" /></a>, IT Process Maps. | ||
<p> </p> | <p> </p> | ||
Line 179: | Line 179: | ||
<meta itemprop="position" content="3" /></span> › | <meta itemprop="position" content="3" /></span> › | ||
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | <span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem"> | ||
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification#What_are_the_typical_project_steps_leading_to_ISO_20000_certification.3F"> <span itemprop="name"> | <a itemprop="item" href="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification#What_are_the_typical_project_steps_leading_to_ISO_20000_certification.3F"> <span itemprop="name">6 steps to ISO 20000 certification</span></a> | ||
<meta itemprop="position" content="4" /></span> | <meta itemprop="position" content="4" /></span> | ||
</span> | </span> | ||
</small></p> | </small></p> | ||
<!-- define schema.org/WebPage --> <span itemid="https://yasm.com/wiki/en/index.php/ | <!-- define schema.org/WebPage --> <span itemid="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification" itemscope itemtype="https://schema.org/WebPage" itemref="md-webpage-description"> | ||
<meta itemprop="name Headline" content="FAQ: ISO 20000 Certification" /> | <meta itemprop="name Headline" content="FAQ: ISO 20000 Certification" /> | ||
<meta itemprop="alternativeHeadline" content="ISO 20000 Certification" /> | <meta itemprop="alternativeHeadline" content="ISO 20000 Certification" /> | ||
<link itemprop="url" href="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification" /> | <link itemprop="url" href="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification" /> | ||
<time itemprop="dateModified" datetime="2022-11-09"></time> | |||
<link itemprop="primaryImageOfPage" href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" /> | <link itemprop="primaryImageOfPage" href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/iso-20000-certification-steps.jpg" /> | ||
<meta itemprop="significantLinks" content="https://yasm.com/wiki/de/index.php/ISO_20000_-_2018" /> | <meta itemprop="significantLinks" content="https://yasm.com/wiki/de/index.php/ISO_20000_-_2018" /> |
Latest revision as of 17:41, 22 July 2024
Browse through these FAQs to find answers to common questions about ISO 20000 certifications and ISO/IEC 20000 audits. Tips for organizations that want to sustainably improve their service management processes and get certified to ISO/IEC 20000:2018.
What are the benefits of ISO 20000 certification?
The ISO 20000 certificate is proof that your organization has demonstrated its ability to
- Be aware of customer needs and respond to these needs
- Deliver services which meet defined quality levels
- Make use of resources in an economical way.
As such, the ISO 20000 certificate and the corresponding logo are competitive advantages in the marketplace. Many organizations, for example in the public sector, even mandate ISO 20000 compliance as a condition for awarding contracts.
Working along ISO 20000 principles and service management best practice also offers internal benefits for your organization, because the standard is all about supporting clients with adequate services, while providing these services as efficiently as possible.
What's more, the decision to seek ISO 20000 certification sets a specific target for your organization and helps concentrate minds. An ISO 20000 certification initiative is thus a good way to kick-start the adoption of service management best practice and to make sure motivation stays high.
What is the audit process?
If your organization wishes to be formally certified against ISO 20000, you will need to be assessed by a Registered Certification Body (RCB). If you are able to demonstrate compliance with the requirements of ISO 20000-1 (part 1 of the standard, containing the mandatory requirements), the RCB will issue a certificate of conformance.
According to ISO 17021, the certification audit should be divided into two stages: Stage 1 audit and stage 2 audit.
- During the stage 1 audit, your auditor will determine your organization's readiness for ISO 20000 certification. A key output from this stage is typically a list of identified non-conformities (areas where the standard's requirements are not fulfilled). The stage 1 audit report will thus help you with correcting any issues in preparation for the final stage 2 audit.
- The stage 2 audit aims to assess compliance with the ISO 20000 requirements. If you complete the stage 2 audit successfully, your organization is certified against ISO 20000.
What is being audited?
The aim of the ISO 20000 certification audit is to verify if your organization fulfils the requirements of ISO/IEC 20000, Part 1: Service Management System Requirements.
So for each requirement, you need to state during the audit how it is fulfilled and provide relevant evidence.
Evidence is typically presented in the form of documented information. Your auditor will usually ask to see the following documents and verify if they are fit for purpose:
- documented processes
- service management policies
- other documented information as required by ISO 20000
The auditor will also hold interviews with members of staff in your organization to check if
- everyone is familiar with the processes
- the documented processes are adhered to.
How do we prepare for the audit?
Unfortunately, ISO 20000 only sets out requirements that must be fulfilled, but it does not provide detailed guidance. Its authors recommend that organizations use "a combination of generally accepted frameworks and their own experience" in their effort to get aligned with ISO 20000.
So the classic approach to preparing an organization for the ISO 20000 audit is to take the advice from the popular service management frameworks and approaches such as ITIL®, CMMI-SVC®, COBIT®, VeriSM™, FitSM, SIAM™, etc. Wherever nonconformities with ISO 20000 are identified, organizations can use that guidance to adapt their processes or documentation, as needed.
The YaSM process model and the YaSM - ISO 20000 Bridge make this task a lot easier, because YaSM was developed with ISO 20000 in mind. For every ISO 20000 requirement, YaSM provides you with detailed guidance in the form of process and document templates that you can adapt to your needs.
How long does it take?
Obviously, the timescale and work effort for aligning an organization with the requirements of ISO 20000 will depend on the type and size of the organization, and also on where it starts from. For example, organizations that have previously been certified against other management standards such as ISO 9001 enjoy a clear advantage.
So there is no simple answer to the question how long it will take, but in our experience most organizations spend one year or two preparing for their certification audit.
What are the typical project steps leading to ISO 20000 certification?
How to become ISO 20000 certified? Let's break it down into six steps.
Step 1: Create awareness
Communicate the goals and benefits of the ISO 20000 certification and the approach for achieving ISO 20000 compliance. This step should include giving everyone in your organization at least a basic understanding of service management best practice.
Step 2: Determine the ISO 20000 certification scope
If you wish to limit the scope of your ISO 20000 certificate: Decide what parts of the organization, what services and/ or what locations shall be covered by the ISO 20000 certificate.
Step 3: Conduct an initial ISO 20000 assessment
Determine gaps between today’s situation and the standard's requirements; this can be done by an external advisor, or by way of a self-assessment.
The YaSM model provides a complete set of ISO 20000 compliant processes as a benchmark for your assessment.
The result of this step is a detailed list of the ISO 20000 requirements where conformant and non-conformant areas are identified. For non-conformant areas the list includes the findings on what exactly the issues are and how they can be addressed.
Step 4: Set up the ISO 20000 project
Establish a project board. Choose a project manager and project staff.
Determine the necessary resources, prepare a project plan and assign tasks. Choose an auditor and an experienced external advisor.
Step 5: Prepare for the ISO 20000 certification audit
Close the gaps identified during the initial ISO 20000 assessment.
This is usually the most time-consuming part of an ISO 20000 initiative, because (depending on the level of compliance found during the initial assessment) a considerable number of service management processes may need to be modified or introduced.
Defining processes to meet the ISO 20000 requirements can be a challenge, but with the YaSM process model we provide detailed process templates so you don't have to start from nothing.
During preparation for the ISO 20000 audit, use a checklist to keep track of what requirements are already fulfilled and what related evidence (documents and records) is in place.
To help you with this, the YaSM - ISO 20000 Bridge contains a pre-configured Excel table with all ISO 20000 requirements which you can use to monitor your progress towards ISO 20000 compliance.
Step 6: Conduct the ISO 20000 certification audit
The actual ISO 20000 audit must be carried out by an external auditor from a Registered Certification Body (RCB).
Retain ISO 20000 certification
After the initial certification, renewal of the ISO 20000 certificate is due every three years. Make sure you continue to adhere to the standard and put a strong emphasis on continual service and process improvement.
Are there typical pitfalls in an ISO 20000 project?
These are the most critical pitfalls in ISO 20000 projects organizations should avoid.
- 1. No management support
- Management must understand and communicate why the organization seeks certification, and visibly endorse the initiative.
- 2. Too little involvement of staff
- The advantages of best practice should be explained to everyone in your organization, and all members of staff should be involved as closely as possible during the design of the new ISO 20000 compliant processes.
- If staff are able to contribute their views and experiences during the ISO 20000 project, this greatly enhances acceptance of the new processes - and ensures long-term success.
- 3. Insufficient resources for the ISO 20000 project
- Management commitment must be backed up by the provision of sufficient resources for the certification program. This includes making sure that staff assigned to the project are freed from some of their day-to-day tasks.
- 4. No external support
- If you plan to get certified against ISO 20000 for the first time, it pays to seek the help of an external advisor.
- Many requirements are, to a certain extent, open for interpretation, and an experienced consultant can tell you what's of importance to your auditor. He or she can thus direct your efforts in the right direction. Your goal should be to be well prepared for the audit - without overshooting the mark.
More about ISO 20000
- What is ISO 20000?
- Use cases: How the YaSM model supports your ISO 20000 project
- The most recent edition of ISO 20000:2018
- How YaSM relates to ISO 20000
- The YaSM - ISO 20000 Bridge
Notes and references
Is based on: The YaSM - ISO 20000 Bridge.
By: Stefan Kempter and Andrea Kempter , IT Process Maps.
Benefits › The audit process › What is being audited? › 6 steps to ISO 20000 certification