YaSM and ISO 20000: Difference between revisions

From YaSM Service Management Wiki
No edit summary
No edit summary
Line 1: Line 1:
<itpmch><title>YaSM and ISO/IEC 20000 | YaSM Service Management Wiki</title>
<itpmch><title>YaSM and ISO/IEC 20000 | YaSM Service Management Wiki</title>
<meta name="keywords" content="yasm iso 20000, yasm iso/iec 20000" />
<meta name="keywords" content="yasm iso 20000, yasm iso/iec 20000" />
<meta name="description" content="The YaSM service management model consists of a tightly focused set of processes, policies and document templates which provide a solution for every ISO 20000 requirement. Implementing the YaSM processes is thus a straightforward approach for obtaining ISO 20000 certification." />
<meta name="description" content="The YaSM service management model thus provides a solution for every ISO 20000 requirement, and implementing the YaSM processes is a straightforward approach for obtaining ISO 20000 certification." />
<meta property="og:url" content="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" />
<meta property="og:url" content="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000" />
<meta property="og:title" content="YaSM and ISO/IEC 20000 | YaSM Service Management Wiki" />
<meta property="og:title" content="YaSM and ISO/IEC 20000 | YaSM Service Management Wiki" />
<meta property="og:description" content="The YaSM service management model consists of a tightly focused set of processes, policies and document templates which provide a solution for every ISO 20000 requirement. Implementing the YaSM processes is thus a straightforward approach for obtaining ISO 20000 certification." />
<meta property="og:description" content="The YaSM service management model thus provides a solution for every ISO 20000 requirement, and implementing the YaSM processes is a straightforward approach for obtaining ISO 20000 certification." />
<meta property="og:site_name" content="YaSM">
<meta property="og:site_name" content="YaSM">
<meta property="og:type" content="article" />  
<meta property="og:type" content="article" />  
Line 12: Line 12:
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" />
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" />
<meta property="og:image:width" content="1200" />
<meta property="og:image:width" content="1200" />
<meta property="og:image:height" content="600" />
<meta property="og:image:height" content="900" />
<meta property="og:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" />
<meta property="og:image:width" content="346" />
<meta property="og:image:height" content="577" />
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@yasmcom">
<meta name="twitter:site" content="@yasmcom">
<meta name="twitter:creator" content="@yasmcom">
<meta name="twitter:creator" content="@yasmcom">
<meta name="twitter:title" content="YaSM and ISO/IEC 20000 | YaSM Wiki">
<meta name="twitter:title" content="YaSM and ISO/IEC 20000 | YaSM Wiki">
<meta name="twitter:description" content="YaSM and ISO/IEC 20000: service management process and document templates for every ISO 20000 requirement.">
<meta name="twitter:description" content="YaSM and ISO/IEC 20000: service management process flows and document templates for every ISO 20000 requirement.">
<meta name="twitter:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg">
<meta name="twitter:image" content="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg">
<meta name="twitter:image:alt" content="The YaSM service management model consists of a tightly focused set of processes, policies and document templates which provide a solution for every ISO 20000 requirement. Implementing the YaSM processes is thus a straightforward approach for obtaining ISO 20000 certification.">
<meta name="twitter:image:alt" content="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement. The ISO 20000 Bridge provides: Service management processes; related evidence: documents, policies and records; checklists and document templates.">
<link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" />
<link href="https://plus.google.com/104150539756444616711/posts" rel="publisher" />
<meta name="pinterest-rich-pin" content="false" />
<meta name="pinterest-rich-pin" content="false" />
Line 28: Line 25:
<html><div class="floatright"><div class="noresize"><map name="ImageMap_yasm-wiki-share"><area href="https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fyasm.com%2Fwiki%2Fen%2Findex.php%2FYaSM_and_ISO_20000&hl=en_US&source=YaSM%20Wiki" class="plainlinks" rel="nofollow" shape="rect" coords="55,0,99,36" alt="share this page on LinkedIn" title="share this page on LinkedIn"/><area href="https://twitter.com/intent/tweet?url=https%3A%2F%2Fyasm.com%2Fwiki%2Fen%2Findex.php%2FYaSM_and_ISO_20000&text=%23YaSMwiki%20%7C%20YaSM%20and%20ISO%2FIEC%2020000%3A%20Comparison%0A%E2%96%BA&lang=en&via=yasmcom" class="plainlinks" rel="nofollow" shape="rect" coords="97,0,140,36" alt="share this page on Twitter" title="share this page on Twitter"/></map><img alt="share this page" src="https://yasm.com/wiki/en/img/yasm-wiki/YaSM-Wiki-share.png" width="140" height="36" usemap="#ImageMap_yasm-wiki-share"/></div></div><div class="noresize"><a href="https://yasm.com/wiki/de/index.php/YaSM_und_ISO_20000"><img src="https://yasm.com/wiki/en/img/yasm-wiki/YaSM-Wiki-Deutsch.png" width="140" height="36" style="float:left;" alt="auf Deutsch" title="This page in German" /></a></div><br style="clear:both;"/>
<html><div class="floatright"><div class="noresize"><map name="ImageMap_yasm-wiki-share"><area href="https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fyasm.com%2Fwiki%2Fen%2Findex.php%2FYaSM_and_ISO_20000&hl=en_US&source=YaSM%20Wiki" class="plainlinks" rel="nofollow" shape="rect" coords="55,0,99,36" alt="share this page on LinkedIn" title="share this page on LinkedIn"/><area href="https://twitter.com/intent/tweet?url=https%3A%2F%2Fyasm.com%2Fwiki%2Fen%2Findex.php%2FYaSM_and_ISO_20000&text=%23YaSMwiki%20%7C%20YaSM%20and%20ISO%2FIEC%2020000%3A%20Comparison%0A%E2%96%BA&lang=en&via=yasmcom" class="plainlinks" rel="nofollow" shape="rect" coords="97,0,140,36" alt="share this page on Twitter" title="share this page on Twitter"/></map><img alt="share this page" src="https://yasm.com/wiki/en/img/yasm-wiki/YaSM-Wiki-share.png" width="140" height="36" usemap="#ImageMap_yasm-wiki-share"/></div></div><div class="noresize"><a href="https://yasm.com/wiki/de/index.php/YaSM_und_ISO_20000"><img src="https://yasm.com/wiki/en/img/yasm-wiki/YaSM-Wiki-Deutsch.png" width="140" height="36" style="float:left;" alt="auf Deutsch" title="This page in German" /></a></div><br style="clear:both;"/>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p><b>Comparison:</b> YaSM and ISO/IEC 20000</p>
<p><b>Comparison:</b> YaSM and ISO 20000 (ISO/IEC 20000:2018)</p>
<p><b>Part of</b>: <a href="https://yasm.com/wiki/en/index.php/What_is_YaSM#yasm-other-service-management-frameworks" title="YaSM and other service management frameworks and standards">YaSM vs. other service management frameworks and standards</a></html>
<p><b>Part of</b>: <a href="https://yasm.com/wiki/en/index.php/What_is_YaSM#yasm-other-service-management-frameworks" title="YaSM and other service management frameworks and standards">YaSM vs. other service management frameworks and standards</a></html>


<p>&nbsp;</p>
<p>&nbsp;</p>


One of the objectives when creating YaSM&reg; was to provide a service management model which is closely aligned with [[ISO 20000|ISO/IEC 20000 ('ISO 20000')]].
One of the objectives when creating YaSM<sup><small>&#174;</small></sup> was to provide a process model that is closely aligned with [[ISO 20000|ISO/IEC 20000 ('ISO 20000')]], the internationally acknowledged standard for service management.


Frequently, [[FAQ: ISO 20000 Certification|certification according to ISO 20000]] is sought because it enables organizations to prove that they are customer-oriented, efficient and effective suppliers of services. The certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.
Organizations often seek [[FAQ: ISO 20000 Certification|certification to ISO 20000]] because it enables them to prove that they are customer-oriented, efficient and effective suppliers of services. The certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.
<p>&nbsp;</p>


<p>&nbsp;</p>
__TOC__


==<span id="yasm-iso-20000-related">Closely aligned with ISO/IEC 20000 - the YaSM model</span>==
==<span id="yasm-iso-20000-related">Closely aligned with ISO/IEC 20000 - the YaSM model</span>==


<html><div itemid="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" itemscope itemtype="https://schema.org/ImageObject">
ISO 20000 sets out "requirements for establishing, implementing, maintaining and continually improving a service management system (SMS)".  
<a href="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" title="YaSM and ISO 20000" itemprop="contentUrl">
<meta itemprop="caption" content="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement." />
<meta itemprop="width" content="1200" />
<meta itemprop="height" content="600" />
<meta itemprop="keywords" content="yasm iso 20000" />
<meta itemprop="keywords" content="yasm iso iec 20000" />
<meta itemprop="keywords" content="iso 20000 requirements" />
<img itemprop="thumbnailUrl" style="margin:5px 0px 30px 30px; float:right;" src="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" width="346" height="577" title="YaSM and ISO 20000" alt="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement." /></a></div><p></html>


ISO 20000 does not prescribe how the requirements are to be fulfilled, so there are many possible ways to achieve compliance. In practice, organizations need to define and implement a set of processes which as a whole fulfill all ISO 20000 requirements.
To meet these requirements, organizations typically must define and implement a set of service management processes which comply with the standard. But ISO 20000 does not prescribe specific processes, nor does it provide detailed descriptions that organizations could use as guidance.


A popular solution is to turn to ITIL&reg; [[#ITIL|[1]]] for advice, since ISO 20000 and ITIL&reg; have many principles in common. The alignment of ITIL&reg; and ISO 20000, however, is incomplete in some areas, especially regarding the requirements related to the service management system ([[#SMS_general_requirements|section 4 of ISO 20000]]).
<html>Some more guidance can be found in the popular service management frameworks and approaches, such as <a href="https://yasm.com/wiki/en/index.php/YaSM_and_ITIL" title="YaSM and the IT Infrastructure Library ITIL&reg;">ITIL</a><sup><small>&#174;</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_CMMI_for_Services_(CMMI-SVC)" title="YaSM and CMMI&reg; for Services (CMMI-SVC)">CMMI-SVC</a><sup><small>&#174;</small></sup>, <a href="https://yasm.com/wiki/en/index.php/YaSM_and_COBIT" title="YaSM and COBIT (Control Objectives for Information and Related Technologies)">COBIT</a><sup><small>&#174;</small></sup>, <a href="https://yasm.com/wiki/en/index.php/VeriSM" title="What is VeriSM&trade;?">VeriSM</a>&trade;, <a href="https://yasm.com/wiki/en/index.php/SIAM" title="What is SIAM Service Integration and Management?">SIAM</a><sup><small>&#174;</small></sup>, etc. But some of these frameworks provide only high-level descriptions of service management processes, while others are not well aligned with ISO 20000, especially regarding the requirements related to the service management system.</p>


As a result, there was a need for a service management approach which incorporates the established ITIL&reg; principles but offers better alignment with ISO 20000:
<p>As a result, there is a need for <a href="https://yasm.com/wiki/en/index.php/Service_Management_Processes" title="Service management processes">detailed process descriptions</a> that are based on established service management frameworks and concepts and, at the same time, offer better alignment with ISO 20000:</p>


<span id="md-webpage-description" itemprop="description">The YaSM service management model consists of a tightly focused set of processes, policies and document templates which provide a solution for every ISO 20000 requirement. Implementing the [[Service Management Processes|YaSM processes]] is thus a straightforward approach for obtaining ISO 20000 certification.</span><br style="clear:both;"/>
<p>The <a href="https://yasm.com/en/products/yasm-process-map" title="ISO 20000 compliant process model: The YaSM Process Map">YaSM process model</a> provides such detailed descriptions as process templates in a graphical, easy-to-read format, including document templates for the policies and other documented information that usually needs to be prepared for the certification audit.</html>


<span id="md-webpage-description" itemprop="description">The YaSM service management model thus provides a solution for every ISO 20000 requirement, and implementing the [[Service Management Processes|YaSM processes]] is a straightforward approach for obtaining ISO 20000 certification.</span><br style="clear:both;"/>
<p>&nbsp;</p>
<p>&nbsp;</p>


==<span id="iso-20000-yasm-processes">ISO 20000 requirements and related service management processes</span>==
==<span id="iso-20000-yasm-processes">ISO 20000 requirements and related service management processes</span>==


<html><p>As YaSM is designed to be well aligned with ISO 20000, there are one or several <span id="md-webpage-educationalUse" itemprop="educationalUse">related YaSM processes for every section in ISO/IEC 20000:2011, Part 1 (Mandatory requirements)</span>, as exemplified in the following tables:
<html><div itemid="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" itemscope itemtype="https://schema.org/ImageObject">
</p>
<a href="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" title="YaSM and ISO 20000" itemprop="thumbnailUrl">
<ul>
<meta itemprop="caption" content="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement." />
<li><a href="#SMS_general_requirements" title="ISO/IEC 20000, section 4: Service management system general requirements">Section 4: Service management system general requirements</a>
<meta itemprop="width" content="1200" />
</li>
<meta itemprop="height" content="900" />
<li><a href="#Design_and_transition_of_services" title="ISO/IEC 20000, section 5: Design and transition of new or changed services">Section 5: Design and transition of new or changed services</a>
<meta itemprop="representativeOfPage" content="true"/>
</li>
<span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject">
<li><a href="#Service_delivery_processes" title="ISO/IEC 20000, section 6: Service delivery processes">Section 6: Service delivery processes</a>
  <meta itemprop="url" content="https://yasm.com/wiki/en/img/yasm-frameworks/Yasm-iso-20000.jpg" />
</li>
  <meta itemprop="width" content="600" />
<li><a href="#Relationship_processes" title="ISO/IEC 20000, section 7: Relationship processes">Section 7: Relationship processes</a>
  <meta itemprop="height" content="1000" />
</li>
</span>
<li><a href="#Resolution_processes" title="ISO/IEC 20000, section 8: Resolution processes">Section 8: Resolution processes</a>
<meta itemprop="keywords" content="yasm iso 20000" />
</li>
<meta itemprop="keywords" content="yasm iso iec 20000" />
<li><a href="#Control_processes" title="ISO/IEC 20000, section 9: Control processes">Section 9: Control processes</a>
<meta itemprop="keywords" content="iso 20000 requirements" />
</li>
<meta itemprop="dateCreated" content="2014-05-18" />
<meta itemprop="dateModified" content="2018-10-17" />
<meta itemprop="datePublished" content="2014-05-18" />
<img style="margin:5px 0px 30px 30px; float:right;" itemprop="contentUrl" src="https://yasm.com/wiki/en/img/yasm-frameworks/iso-20000/Yasm-iso-20000-processes.jpg" width="480" height="360" title="YaSM and ISO 20000" alt="YaSM and ISO/IEC 20000: Process and document templates for every ISO 20000 requirement. The ISO 20000 Bridge provides: Service management processes; related evidence: documents, policies and records; checklists and document templates." /></a></div>
 
<p>YaSM&nbsp;is&nbsp;designed to be well aligned with ISO 20000, and there are one or several <span id="md-webpage-educationalUse" itemprop="educationalUse">related service management processes for every section in ISO/IEC 20000:2011, Part 1 (Mandatory requirements)</span>, as exemplified in the following tables:</p>
 
<ul style="clear:both;"/>
<li><a href="#Context_of_the_organization" title="ISO/IEC 20000, section 6: Context of the organization">Section 4: Context of the organization</a></li>
<li><a href="#Leadership" title="ISO/IEC 20000, section 5: Leadership">Section 5: Leadership</a></li>
<li><a href="#Planning" title="ISO/IEC 20000, section 6: Planning">Section 6: Planning</a></li>
<li><a href="#Support_of_the_SMS" title="ISO/IEC 20000, section 7: Support of the service management system">Section 7: Support of the service management system</a></li>
<li><a href="#Operation_of_the_SMS" title="ISO/IEC 20000, section 8: Operation of the service management system">Section 8: Operation of the service management system</a></li>
<li><a href="#Performance_Evaluation" title="ISO/IEC 20000, section 9: Performance Evaluation">Section 9: Performance Evaluation</a></li>
<li><a href="#Improvement" title="ISO/IEC 20000, section 10: Improvement">Section 10: Improvement</a></li>
</ul>
</ul>


<p>&nbsp;</p>
<p>&nbsp;</p>


<p><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge" ><img src="https://yasm.com/en/content/videos/yasm-iso-20000-bridge/yasm-iso-20000-processes-video.jpg" width="345" height="194" class="thumbimage" alt="Video: Stefan Kempter introducing the YaSM - ISO 20000 Bridge" title="Start the video: Introduction to the YaSM - ISO 20000 Bridge" style="display: block; float: right; margin-left: 30px; margin-bottom: 10px; margin-right: 10px" /></a>
<p>A detailed cross-reference between the YaSM service management processes and every single ISO 20000 requirement is available in the form of the <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="YaSM - ISO 20000 Bridge">YaSM - ISO 20000 Bridge</a>, an additional component to the <a href="https://yasm.com/en/products/yasm-process-map" title="YaSM Process Map">YaSM Process Map</a>.</p>
<p style="margin-top: 0;">A detailed cross-reference between the YaSM processes and every single ISO 20000 requirement is available in the form of the <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="YaSM - ISO 20000 Bridge">YaSM - ISO 20000 Bridge</a>, an additional component to the <a href="https://yasm.com/en/products/yasm-process-map" title="YaSM Process Map">YaSM Process Map</a>.</p>
<p>Watch the video:</p>
 
<ul style="list-style-image: URL('/wiki/en/img/yasm-wiki/icon-video-camera.png');padding-left: 18px;">
<li><a href="https://yasm.com/en/videos/yasm-iso-20000-bridge">Introduction: YaSM - ISO 20000 Bridge</a> (4:10 min.)</li></ul>
<br style="clear:both;"/></p>


<p>&nbsp;</p>
<p>&nbsp;</p>
Line 96: Line 95:
<li>The following tables are based on ISO/IEC 20000:2011, part 1.</li></ul>
<li>The following tables are based on ISO/IEC 20000:2011, part 1.</li></ul>


<p>Learn more about the next edition of the ISO 20000 standard, scheduled for publication in Q4/2018:</p>
<p>Learn more about the new edition of the ISO 20000 standard:</p>
 
<ul style="list-style-image: URL('/wiki/en/img/yasm-wiki/icon-arrow-right.png');padding-left: 18px;">
<ul style="list-style-image: URL('/wiki/en/img/yasm-wiki/icon-arrow-right.png');padding-left: 18px;">
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="The newest edition of ISO/IEC 20000:2018">The new version of ISO/IEC 20000:2018, and changes between ISO 20000:2018 and ISO 20000:2011.</a></li></ul></html>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="The newest edition of ISO/IEC 20000:2018">The new version of ISO/IEC 20000:2018, and changes between ISO 20000:2018 and ISO 20000:2011.</a></li></ul></html>


<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>


==SMS general requirements==
==Context of the organization==


*<i><span id="section-4">ISO/IEC 20000 section 4: 'Service management system general requirements'</span></i>
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 4: 'Context of the organization'
|-
|-style="vertical-align:top"
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
|-style="vertical-align:top"
|4 Context of the organization
|
*[[SP1: Set up and maintain the service management system]]
|
* The main service management policy contains a section that lists the relevant factors affecting the organization, including their impacts and approach for addressing these factors.
* The service management policy includes an overview of the interested parties and their requirements.
* The scope of the SMS is defined in the main service management policy.
|}


<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
==Leadership==


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 5: 'Leadership'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|4.1 Management responsibility
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
|
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
*[[SP1: Set up and maintain the service management system]];
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
|
*This requirement is fulfilled predominantly by creating and maintaining an adequate set of service management policies.
*The YaSM policies are supported by a process model which defines, documents and communicates the service management processes.
|-style="vertical-align:top"
|-style="vertical-align:top"
|4.2 Governance of processes operated by other parties
|5 Leadership
|
|
*[[SP1: Set up and maintain the service management system]];
*[[LP1: Set the strategic direction]]
*[[SP2: Maintain the service portfolio]];
*[[LP2: Design new or changed services]]
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system]]
*[[SP10: Manage human resources]]
*[[SP11: Manage suppliers]]
*[[SP11: Manage suppliers]]
|
*Processes operated by other parties are identified in the process model, which also documents the interfaces between internally and externally operated processes.
*YaSM recommends setting up and managing processes operated by other parties as supporting services, governed by service definitions and service agreements.
|-style="vertical-align:top"
|4.3 Documentation management
|
*[[SP1: Set up and maintain the service management system]];
*[[SP4: Manage configuration information]]
|
*This requirement is fulfilled by the main service management policy, the strategic plan, the process model, as well as the various policies and plans related to specific YaSM processes.
*YaSM recommends managing documents as configuration items. The applicable authorities, responsibilities and controls can thus be defined for each type of document in the configuration model. Control can be exerted, for example, by appropriately configuring a document management system.
|-style="vertical-align:top"
|4.4 Resource management
|
*[[LP3: Build new or changed services]];
*[[SP10: Manage human resources]];
*[[SP12: Manage service financials]]
*[[SP12: Manage service financials]]
|
|
*Financial resources are provided through the financial management process, which allocates the required budgets for creating, operating and improving the services and processes.
* The process for setting up and maintaining the SMS ensures that policies and objectives are established.
*Once the financial resources are allocated, the service provider is able to acquire the necessary technical and information resources through the various YaSM processes responsible for creating, operating and improving the services and processes.
* The organization maintains a number of service management plans, in particular the strategic plan and service and process improvement plans.
|-style="vertical-align:top"
* Authorities are assigned through the RACI matrix (part of the process model).
|4.5 Establish and improve the SMS
* Control of other parties is ensured through the supplier management process.
|
* SMS requirements are taken into account during process design, for example by including the service requirements and involving compliance management.
*[[LP5: Improve the services]];
* Resources are provided, for example, by the financial management and HR processes.
*[[SP1: Set up and maintain the service management system]]
* Regular reviews of the processes and services ensure the SMS achieves its intended outcomes.
|
* Continual improvement is ensured through the processes for improving the services and for improving the service management processes.
*The scope of the SMS is defined in YaSM's main service management policy. The services to be delivered are defined in the service portfolio.
*Instead of one all-encompassing service management plan, YaSM suggests to maintain a number of focused and more manageable plans and documents.
*The process for maintaining the SMS includes activities to monitor, audit and review the service management processes and to regularly re-assess the service management policies.
*The procedure for improving the SMS and the services is documented in the process model. Opportunities for improvement are documented in a number of ways, for example in the service and process review reports, as well as in the various improvement plans.
|}
|}


Line 162: Line 157:
<p>&nbsp;</p>
<p>&nbsp;</p>


==Design and transition of services==
==Planning==
 
*<i><span id="section-5">ISO/IEC 20000 section 5: 'Design and transition of new or changed services'</span></i>
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 6: 'Planning'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.1 General
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
|
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
*[[LP2: Design new or changed services]];
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
*[[LP3: Build new or changed services]];
*[[SP4: Manage configuration information]];
*[[SP5: Assess and coordinate changes]];
*[[SP6: Manage projects]]
|
*YaSM advises that the formal service design and build processes be used for all new or significantly changed services, where the service design policy defines the criteria for what constitutes a "significantly changed" service. Any changes required for a new or changed service will be submitted to the change assessment process.
*The service build process ensures that configuration information in the CMS is updated as new services are deployed.
*The project management and service build processes are responsible for the effective development and transition of the service.
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.2 Plan new or changed services
|6 Planning
|
|
*[[LP1: Set the strategic direction]];
*[[LP1: Set the strategic direction]]
*[[LP2: Design new or changed services]];
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system]]
*[[SP6: Manage projects]]
*[[SP6: Manage projects]]
*[[SP10: Manage human resources]]
|
|
*Various YaSM processes contribute to the identification of the service requirements. In particular, these are the strategic process, the customer relationship process and the service design process.
* High-level service management objectives are stated in the service management policy. More detailed objectives are established, for instance, in the form of strategic objectives, process and service objectives, project objectives, etc.
*The authorities and responsibilities for service design, development and transition, as well as the activities to be performed, are documented in the organization's policies, especially in the service design, service build and project management policies. Responsibilities for specific service development projects are defined in the project charters and the project plans.
* The service management processes, as defined and mandated through the process model, ensure alignment of planning activities with the various elements of the service management plan.
*The project plan specifies the design, development, testing and deployment activities in detail, including the timescales and required resources.
* Planning is done at several levels: At the strategic level, at the level of services and processes, and at the level of individual projects or initiatives.
* Evaluation of results is ensured, for example, through regular strategic reviews, service and process reviews, project reviews, etc.
|}
 
<p>&nbsp;</p>
<p>&nbsp;</p>
 
==Support of the SMS==
 
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 7: 'Support of the service management system'
|-
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.3 Design and development of new or changed services
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
|
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
*[[LP2: Design new or changed services]];
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
*[[LP3: Build new or changed services]]
 
|
*The service owners (the individuals with ultimate responsibility for delivering the new or changed services) are identified in the service definitions. Further responsibilities and the activities to be performed for the delivery of the services are specified in the service operation manual.
*The service implementation blueprint describes what is required to provide the new services, including technical infrastructure, processes, policies, external supporting services and contracts, documentation, financial resources, as well as skills and human resources.
|-style="vertical-align:top"
|-style="vertical-align:top"
|5.4 Transition of new or changed services
|7 Support of the service management system
|
|
*[[LP3: Build new or changed services]];
*[[LP1: Set the strategic direction]]
*[[SP5: Assess and coordinate changes]];
*[[LP5: Improve the services]]
*[[SP6: Manage projects]]
*[[SP1: Set up and maintain the service management system]]
*[[SP2: Maintain the service portfolio]]
*[[SP10: Manage human resources]]
|
|
*The deployment of new or changed services is performed by YaSM's service build process.
* Required resources are determined when planning initiatives for setting up - or upgrading - services or (parts of) the service management system. Such initiatives are typically managed through the strategic plan and the various service and process improvement plans.
*Once a service development project is completed, a project review will be held to check if the project's objectives have been achieved.
* Skills are managed through the human resources management process and documented in the sills inventory.
*Furthermore, the change assessment process performs post-implementation reviews for each major change.
* Awareness of service management policies is achieved through publication and communication of the policies, for example via a service management portal on the intranet.
* Awareness of the list of services is ensured by making the service portfolio accessible throughout the organization.
* The data model (a particular view of the process model) provides a complete overview of the documented information required by the SMS.
|}
|}


Line 218: Line 213:
<p>&nbsp;</p>
<p>&nbsp;</p>


==Service delivery processes==
==Operation of the SMS==
 
*<i><span id="section-6">ISO/IEC 20000 section 6: 'Service delivery processes'</span></i>
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 8: 'Operation of the service management system'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.1 Service level management
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
|-style="vertical-align:top"
|8.1 Operational planning and control
|
|
*[[LP4: Operate the services]];
*[[SP1: Set up and maintain the service management system]]
*[[LP5: Improve the services]];
*[[SP5: Assess and coordinate changes]]
*[[SP2: Maintain the service portfolio]];
*[[SP11: Manage suppliers]]
*[[SP3: Manage customer relationships]]
|
|
*Customer service agreements determine which services are delivered to particular customers.
* The service management processes are planned and implemented through the process improvement plans. Processes are defined and documented in the process model.
*The complete range of services managed by the service provider is documented in the service portfolio, which also describes the dependencies between customer services and supporting services.
* Changes to the service management processes, policies and services are controlled through the change management process.
*Service catalogs are specific views of the service portfolio for particular customers which are maintained by the service portfolio manager.
* Outsourced services and processes are controlled via the supplier management process. This includes specifying requirements for service suppliers in line with the SMS requirements.
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.2 Service reporting
|8.2 Service portfolio
|
|
*[[LP4: Operate the services]];
*[[LP1: Set the strategic direction]]
*[[LP2: Design new or changed services]]
*[[LP5: Improve the services]]
*[[LP5: Improve the services]]
*[[SP2: Maintain the service portfolio]]
*[[SP3: Manage customer relationships]]
*[[SP4: Manage configuration information]]
|
|
*Service quality reports are produced as part of operational activities. The reports include information on targeted vs. achieved service levels, workloads and trends, as well as exceptional events.
* Descriptions of the services, their purpose and the intended outcomes are contained in the service portfolio and the service definitions.
*Furthermore, the service improvement process produces reports to document the results of service reviews.
* Service catalogues are specific views of the service portfolio for particular customers and users.
* Service requirements are determined during service design and documented in the service definitions.
* Proposals to change services may originate from several processes, for example service strategy, customer relationship management or service improvement.
* The types of CIs for which configuration information is maintained are defined in the configuration model.
* Configuration information is recorded as configuration item (CI) records, as specified in the configuration model. Configuration information is typically stored in a database to allow control of access and traceability of changes.
* The attributes to be recorded for each CI are specified in the configuration model.
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.3 Service continuity and availability management
|8.3 Relationship and agreement
|
|
*[[LP2: Design new or changed services]];
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]];
*[[LP4: Operate the services]]
*[[LP5: Improve the services]];
*[[LP5: Improve the services]]
*[[SP8: Prepare for disaster events]]
*[[SP3: Manage customer relationships]]
*[[SP11: Manage suppliers]]
|
|
*Service availability and continuity targets are specified in the service definitions attached to customer service agreements.
* Regular communication with the customers, in particular through customer meetings and surveys, ensures the organization is kept up-to-date on new or changed service requirements.
*YaSM does not stipulate an availability plan but recommends managing availability improvements like any other service improvements through service improvement plans.
* Customer requirements are a key input for defining the services in service design and continual service improvement.
*With regards to service continuity, initiatives to improve service continuity are managed through the continuity improvement plan. Service continuity plans describe how service continuity is ensured for particular types of disasters.
* The customer management process includes activities for recording, investigating and resolving customer complaints.
*The service operation process includes activities to constantly monitor and report service quality levels, including service availability.
* The service properties, including service level targets, are specified in the service definitions.
* The service operation process tracks agreed vs. actual service levels and compiles service quality reports.
* Each supplier is assigned a supplier manager, as documented in the supplier portfolio.
* External service agreements and associated service definitions specify the properties of the services to be delivered, as well as the obligations and responsibilities of the contractual parties.
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.4 Budgeting and accounting for services
|8.4 Supply and demand
|
|
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]]
*[[LP5: Improve the services]]
*[[SP12: Manage service financials]]
*[[SP12: Manage service financials]]
|
|
*The YaSM process for managing service financials is focused on budgeting and accounting for services. Other financial management processes are not covered.
* Costs are budgeted and controlled through the financial budget and budget requests.
*Costs are budgeted and financial control is exerted through the financial management process, which prepares the financial budget, monitors expenditures and provides budget deviation analyses.
* Regular financial reports provide insight into actual costs for providing services. These reports are a key input for preparing financial forecasts and budgets.
* The reports prepared by financial management support the decision-making for services.
* Demand for services and capacity requirements are determined when specifying new or changed services.
* The service operation process produces regular service quality reports that include an analysis of capacity and performance data.
* If performance needs to be improved, improvement initiatives can be managed through the service improvement plan.
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.5 Capacity management
|8.5 Service design, build and transition
|
|
*[[LP2: Design new or changed services]];
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]];
*[[LP3: Build new or changed services]]
*[[LP5: Improve the services]]
*[[SP5: Assess and coordinate changes]]
|
|
*Service capacity and performance requirements are specified in the service definitions attached to customer service agreements.
* Items that are under the control of change management, categories of change and criteria to determine risk levels are specified in the change policy. How changes are managed is described in the process model, which includes a detailed definition of the change management process.
*YaSM does not stipulate a capacity plan but recommends managing service capacity upgrades like any other service improvements through service improvement plans.
* Aspects to be considered when assessing proposed changes are specified in the change policy. Facts and arguments that lead to the approval or rejection of changes are documented in the change records.
*The service operation process includes activities to constantly monitor and report workloads and service quality levels, including capacity and performance.
* Requirements for changes to resources and skills are determined during service design and documented in the service implementation blueprint.
* Relevant service definitions are updated during service design. If required, customer and supporting agreements are updated in line with the service definitions as the new or changed services are implemented.
* Services are built according to the specifications in the service definitions, requirements specifications and in the service implementation blueprint. The service build process includes activities to create test cases and perform tests, to verify if all service components have been deployed successfully, and to take corrective action if necessary.
|-style="vertical-align:top"
|-style="vertical-align:top"
|6.6 Information security management
|8.6 Resolution and fulfilment
|
|
*[[SP7: Ensure security]]
*[[LP4.6: Resolve incidents and service requests]]
|
*[[LP4.7: Resolve problems]]
*YaSM's process to ensure security does not relate specifically to "information security", since YaSM is a concept which can be applied by all types of organizations providing services (i.e. not only IT service providers).  
*The process responsible for setting up the service management system produces a set of service management policies, including a security policy. In addition, the security process produces specific supporting security policies.
*The security process is specified and documented in the process model. This process includes activities to conduct risk (re-)assessments and security reviews and to identify opportunities for improvement.
|}
 
<p>&nbsp;</p>
<p>&nbsp;</p>
 
==Relationship processes==
 
*<i><span id="section-7">ISO/IEC 20000 section 7: 'Relationship processes'</span></i>
 
<p>&nbsp;</p>
 
{| class="wikitable" style="background: white;"
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|7.1 Business relationship management
|
|
*[[SP3: Manage customer relationships]]
* Incidents are managed in the incident resolution process and documented in incident records.
|
* Actions taken to resolve incidents are documented in incident records.
*YaSM's customer relationship management process contains several communication mechanisms with the customer, in particular customer meetings, customer satisfaction surveys and procedures for handling complaints.
* Service requests are managed in the incident and service request resolution process and documented in service request records.
*Regular service reviews are performed as part of the service improvement process. Customers are typically invited to take part in the reviews.
* Actions taken to resolve service requests are documented in service request records.
* The problem resolution process performs data and trend analyses to detect problems. Any identified root causes and solutions are documented in problem records.
* If possible, problem management will identify workarounds and document them in the problem records. If feasible, problem management provides support staff with incident models, containing detailed instructions on how to apply the workarounds in order to resolve specific types of incidents.
* Known errors are documented in problem records with identified root causes and workarounds.
|-style="vertical-align:top"
|-style="vertical-align:top"
|7.2 Supplier management
|8.7 Service assurance
|
|
*[[SP11: Manage suppliers]]
*[[LP2: Design new or changed services]]
*[[LP3: Build new or changed services]]
*[[LP4: Operate the services]]
*[[LP5: Improve the services]]
*[[SP7: Ensure security]]
*[[SP8: Prepare for disaster events]]
|
|
*YaSM recommends setting up and managing processes operated by external parties as supporting services, governed by external service agreements and defined by service definitions.
* Service availability requirements and targets are specified in the service definitions attached to customer service agreements. The service implementation blueprint, created during service design, describes the technical and other measures to ensure service availability.
*The supplier managers responsible for managing the relationships between service provider and suppliers are identified in the external service agreements.
* Service availability is monitored as part of service operation and documented in service quality reports. If availability targets are not met, the service improvement process will re-assess the risks to service availability and take corrective action if necessary.
*The service operation process contains activities to continually monitor the quality of externally provided services. Services and their suppliers are also submitted to regular reviews.
* Service continuity requirements are specified in the service definitions attached to customer service agreements.
* The process for managing disaster events performs regular assessments of continuity risks and maintains a register of disaster events for which continuity mechanisms are to be put in place.
* Security risks are assessed on a regular basis, resulting in an updated register of security risks. This register identifies the relevant security risks with the mechanisms and controls applied to mitigate the risks.
* Security controls are designed and implemented through the service design and build processes or through the security management process. Security operation manuals provide guidance for the operation of the security controls.
|}
|}


Line 321: Line 325:
<p>&nbsp;</p>
<p>&nbsp;</p>


==Resolution processes==
==Performance Evaluation==
 
*<i><span id="section-8">ISO/IEC 20000 section 8: 'Resolution processes'</span></i>
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 9: 'Performance Evaluation'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|8.1 Incident and service request management
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
|
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
*[[LP4.6: Resolve incidents and service requests]]
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
|
*The process for resolving incidents and service requests is documented in the YaSM process model. Other aspects of incident and service request resolution are documented in the incident and service request policy.
*Incident and service request models are provided as guidance to personnel involved in the resolution of incidents and service requests.
*There are two specific sub-processes for pro-actively informing customers and monitoring the resolution of incidents and service requests.
|-style="vertical-align:top"
|-style="vertical-align:top"
|8.2 Problem management
|9 Performance Evaluation
|
|
*[[LP4.7: Resolve problems]]
*[[LP1: Set the strategic direction]]
*[[LP2: Design new or changed services]]
*[[LP4: Operate the services]]
*[[LP5: Improve the services]]
*[[SP1: Set up and maintain the service management system]]
|
|
*The process for resolving problems is documented in the YaSM process model. Other aspects of problem resolution are documented in the problem resolution policy.
* Service levels and their target values are specified during service design in the service definitions.
*The problem resolution process performs data and trend analyses to detect problems. Any identified root causes and solutions are documented in problem records.
* Monitoring and measurement for services is based on service levels.
*If possible, the problem manager will identify workarounds and document them in the problem records and possibly in incident models.
* Services are evaluated against service requirements during service reviews.
* Process metrics are defined during process design.
* Effectiveness and performance of the SMS is evaluated as part of the regular process reviews.
* Monitoring and measurement for the service management processes is based on process metrics.
* The service and process operation manuals contain instructions for monitoring and measuring, and determine when service and process reviews are to be performed.
* Management reviews are held at regular intervals in the form of strategic assessments. The continued adequacy of the service management system and the services is also ensured through regular service and process reviews.
|}
|}


Line 353: Line 356:
<p>&nbsp;</p>
<p>&nbsp;</p>


==Control processes==
==Improvement==
 
*<i><span id="section-9">ISO/IEC 20000 section 9: 'Control processes'</span></i>
 
<p>&nbsp;</p>


{| class="wikitable" style="background: white;"
{| class="wikitable" style="background: white;"
|+style="background:#379988; color:#ffffff; font-size: 110%" colspan="3"|ISO/IEC 20000 section 10: 'Improvement'
|-
|-
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|ISO 20000 sections
!style="background:#379988; font-size: 110%; color:#ffffff;  width:25%"|Related YaSM processes
!style="background:#379988; font-size: 110%; color:#ffffff;  width:50%"|Notes
|-style="vertical-align:top"
|-style="vertical-align:top"
|9.1 Configuration management
!style="background:#eeeeee; font-size: 100%; width:20%"|ISO 20000 section
|
!style="background:#eeeeee; font-size: 100%; width:25%"|Related service management processes
*[[SP4: Manage configuration information]]
!style="background:#eeeeee; font-size: 100%; width:55%"|Notes
|
*The various CI types managed through the configuration management system are defined in the configuration model. Information for each CI is recorded in CI records.
*YaSM refers to a configuration management system (CMS) rather than a CMDB.
*YaSM's configuration management process contains the required activities to ensure reliability and accuracy of configuration information.
|-style="vertical-align:top"
|-style="vertical-align:top"
|9.2 Change management
|10 Improvement
|
|
*[[SP5: Assess and coordinate changes]]
*[[LP5: Improve the services]]
|
*[[SP1: Set up and maintain the service management system]]
*YaSM recommends submitting all RFCs to the change assessment process.
*[[SP9: Ensure compliance]]
*RFCs may be raised in different contexts, for example as part of service development projects (which typically entail a number of major changes to be implemented through the service design and build processes). Other changes may be required as part of service or process improvement initiatives or operational activities.
*Irrespective of the context in which a RFC has been raised, YaSM's change assessment process will assess its potential impact and risks and decide upon the required level of authority for authorizing the proposed change.
|-style="vertical-align:top"
|9.3 Release and deployment management
|
*[[LP3: Build new or changed services]];
*[[SP5: Assess and coordinate changes]];
*[[SP6: Manage projects]]
|
|
*For significant initiatives, the project management process is responsible for planning and controlling the deployment of new or changed services or service components. Typically, such initiatives require that requests for change (RFCs) are submitted to the change assessment process.
* Non-conformities are identified during service and process reviews. If corrective action is required, improvement initiatives are managed, for example, through the service and process improvement plans.  
*For changes on a smaller scale, it will be the responsibility of the change owners to obtain authorization for the changes through the change assessment process and to coordinate the change implementation.
* Furthermore, the compliance management process reviews compliance with standards and regulations at regular intervals and takes corrective action if necessary.
*YaSM defines a specific procedure for dealing with emergency changes and releases.
* Evaluation criteria for potential service and process improvements are specified in the service management policies.
* Improvement initiatives are only approved if submitted with clearly defined, measurable objectives and a business case.
|}
|}
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>


==More about ISO 20000==
==More about ISO 20000==
<html><ul><li><a href="https://yasm.com/wiki/en/index.php/ISO_20000" title="ISO 20000">What is ISO 20000?</a></li>
<html><ul><li><a href="https://yasm.com/wiki/en/index.php/ISO_20000" title="ISO 20000">What is ISO 20000?</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_Project" title="Use cases - ISO 20000 projects">Use cases: How the YaSM model supports your ISO 20000 project</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_Project" title="Use cases - ISO 20000 projects">Use cases: How the YaSM model supports your ISO 20000 project</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="ISO 20000 - 2018">The new edition of ISO 20000:2018</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/ISO_20000_-_2018" title="ISO 20000 - 2018">The new edition of ISO 20000:2018</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification" title="FAQ: ISO 20000 Certification">FAQ: ISO 20000 Certification</a></li>
<li><a href="https://yasm.com/wiki/en/index.php/FAQ:_ISO_20000_Certification" title="FAQ: ISO 20000 Certification">FAQ: ISO 20000 Certification</a></li>
<li>The YaSM - ISO 20000 Bridge: <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge">ISO20k compliant reference processes.</a></li></ul></html>
<li>Product page: <a href="https://yasm.com/en/products/yasm-iso-20000-bridge" title="The YaSM - ISO 20000 Bridge">The YaSM - ISO 20000 Bridge</a></li></ul></html>
<p>&nbsp;</p>
<p>&nbsp;</p>


==References==
==References==
*[ISO, 2011] International Organization for Standardization: ISO/IEC 20000-1:2011, Information technology - Service management - Part 1: Service management system requirements. - Geneva, Switzerland, April 2011.
*[ISO, 2018] International Organization for Standardization: ISO/IEC 20000-1:2018, Information technology - Service management - Part 1: Service management system requirements. - Geneva, Switzerland, September 2018.


<p>&nbsp;</p>
<p>&nbsp;</p>
Line 428: Line 414:
<meta itemprop="position" content="2" /></span> ›
<meta itemprop="position" content="2" /></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#SMS_general_requirements">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Context_of_the_organization">
<span itemprop="name">SMS general requirements</span></a>
<span itemprop="name">Context of the organization</span></a>
<meta itemprop="position" content="3" /></span> ›
<meta itemprop="position" content="3" /></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Design_and_transition_of_services">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Leadership">
<span itemprop="name">Design and transition of services</span></a>
<span itemprop="name">Leadership</span></a>
<meta itemprop="position" content="4" /></span> ›
<meta itemprop="position" content="4" /></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Service_delivery_processes">
<a itemprop="item" href="https://yasm.com/wiki/en/index.php/YaSM_and_ISO_20000#Planning">
<span itemprop="name">Service delivery processes</span></a>
<span itemprop="name">Planning</span></a>
<meta itemprop="position" content="5" /></span>
<meta itemprop="position" content="5" /></span>
</span>
</span>

Revision as of 17:44, 24 October 2018

share this page on LinkedInshare this page on Twittershare this page
auf Deutsch


 

Comparison: YaSM and ISO 20000 (ISO/IEC 20000:2018)

Part of: YaSM vs. other service management frameworks and standards

 

One of the objectives when creating YaSM® was to provide a process model that is closely aligned with ISO/IEC 20000 ('ISO 20000'), the internationally acknowledged standard for service management.

Organizations often seek certification to ISO 20000 because it enables them to prove that they are customer-oriented, efficient and effective suppliers of services. The certification can thus be used for marketing purposes, or to gain access to customers and markets which require their service suppliers to be ISO 20000 certified.

 

Closely aligned with ISO/IEC 20000 - the YaSM model

ISO 20000 sets out "requirements for establishing, implementing, maintaining and continually improving a service management system (SMS)".

To meet these requirements, organizations typically must define and implement a set of service management processes which comply with the standard. But ISO 20000 does not prescribe specific processes, nor does it provide detailed descriptions that organizations could use as guidance.

Some more guidance can be found in the popular service management frameworks and approaches, such as ITIL®, CMMI-SVC®, COBIT®, VeriSM™, SIAM®, etc. But some of these frameworks provide only high-level descriptions of service management processes, while others are not well aligned with ISO 20000, especially regarding the requirements related to the service management system.

As a result, there is a need for detailed process descriptions that are based on established service management frameworks and concepts and, at the same time, offer better alignment with ISO 20000:

The YaSM process model provides such detailed descriptions as process templates in a graphical, easy-to-read format, including document templates for the policies and other documented information that usually needs to be prepared for the certification audit.

The YaSM service management model thus provides a solution for every ISO 20000 requirement, and implementing the YaSM processes is a straightforward approach for obtaining ISO 20000 certification.

 

ISO 20000 requirements and related service management processes

YaSM is designed to be well aligned with ISO 20000, and there are one or several related service management processes for every section in ISO/IEC 20000:2011, Part 1 (Mandatory requirements), as exemplified in the following tables:

 

A detailed cross-reference between the YaSM service management processes and every single ISO 20000 requirement is available in the form of the YaSM - ISO 20000 Bridge, an additional component to the YaSM Process Map.

 

Notes:

  • This overview omits sections 1 to 3 of ISO 20000, part 1, as they do not contain actual requirements (sections 1 to 3 cover scope, normative references, as well as terms and definitions).
  • The following tables are based on ISO/IEC 20000:2011, part 1.

Learn more about the new edition of the ISO 20000 standard:

 

 

Context of the organization

ISO/IEC 20000 section 4: 'Context of the organization'
ISO 20000 section Related service management processes Notes
4 Context of the organization
  • The main service management policy contains a section that lists the relevant factors affecting the organization, including their impacts and approach for addressing these factors.
  • The service management policy includes an overview of the interested parties and their requirements.
  • The scope of the SMS is defined in the main service management policy.

 

 

Leadership

ISO/IEC 20000 section 5: 'Leadership'
ISO 20000 section Related service management processes Notes
5 Leadership
  • The process for setting up and maintaining the SMS ensures that policies and objectives are established.
  • The organization maintains a number of service management plans, in particular the strategic plan and service and process improvement plans.
  • Authorities are assigned through the RACI matrix (part of the process model).
  • Control of other parties is ensured through the supplier management process.
  • SMS requirements are taken into account during process design, for example by including the service requirements and involving compliance management.
  • Resources are provided, for example, by the financial management and HR processes.
  • Regular reviews of the processes and services ensure the SMS achieves its intended outcomes.
  • Continual improvement is ensured through the processes for improving the services and for improving the service management processes.

 

 

Planning

ISO/IEC 20000 section 6: 'Planning'
ISO 20000 section Related service management processes Notes
6 Planning
  • High-level service management objectives are stated in the service management policy. More detailed objectives are established, for instance, in the form of strategic objectives, process and service objectives, project objectives, etc.
  • The service management processes, as defined and mandated through the process model, ensure alignment of planning activities with the various elements of the service management plan.
  • Planning is done at several levels: At the strategic level, at the level of services and processes, and at the level of individual projects or initiatives.
  • Evaluation of results is ensured, for example, through regular strategic reviews, service and process reviews, project reviews, etc.

 

 

Support of the SMS

ISO/IEC 20000 section 7: 'Support of the service management system'
ISO 20000 section Related service management processes Notes
7 Support of the service management system
  • Required resources are determined when planning initiatives for setting up - or upgrading - services or (parts of) the service management system. Such initiatives are typically managed through the strategic plan and the various service and process improvement plans.
  • Skills are managed through the human resources management process and documented in the sills inventory.
  • Awareness of service management policies is achieved through publication and communication of the policies, for example via a service management portal on the intranet.
  • Awareness of the list of services is ensured by making the service portfolio accessible throughout the organization.
  • The data model (a particular view of the process model) provides a complete overview of the documented information required by the SMS.

 

 

Operation of the SMS

ISO/IEC 20000 section 8: 'Operation of the service management system'
ISO 20000 section Related service management processes Notes
8.1 Operational planning and control
  • The service management processes are planned and implemented through the process improvement plans. Processes are defined and documented in the process model.
  • Changes to the service management processes, policies and services are controlled through the change management process.
  • Outsourced services and processes are controlled via the supplier management process. This includes specifying requirements for service suppliers in line with the SMS requirements.
8.2 Service portfolio
  • Descriptions of the services, their purpose and the intended outcomes are contained in the service portfolio and the service definitions.
  • Service catalogues are specific views of the service portfolio for particular customers and users.
  • Service requirements are determined during service design and documented in the service definitions.
  • Proposals to change services may originate from several processes, for example service strategy, customer relationship management or service improvement.
  • The types of CIs for which configuration information is maintained are defined in the configuration model.
  • Configuration information is recorded as configuration item (CI) records, as specified in the configuration model. Configuration information is typically stored in a database to allow control of access and traceability of changes.
  • The attributes to be recorded for each CI are specified in the configuration model.
8.3 Relationship and agreement
  • Regular communication with the customers, in particular through customer meetings and surveys, ensures the organization is kept up-to-date on new or changed service requirements.
  • Customer requirements are a key input for defining the services in service design and continual service improvement.
  • The customer management process includes activities for recording, investigating and resolving customer complaints.
  • The service properties, including service level targets, are specified in the service definitions.
  • The service operation process tracks agreed vs. actual service levels and compiles service quality reports.
  • Each supplier is assigned a supplier manager, as documented in the supplier portfolio.
  • External service agreements and associated service definitions specify the properties of the services to be delivered, as well as the obligations and responsibilities of the contractual parties.
8.4 Supply and demand
  • Costs are budgeted and controlled through the financial budget and budget requests.
  • Regular financial reports provide insight into actual costs for providing services. These reports are a key input for preparing financial forecasts and budgets.
  • The reports prepared by financial management support the decision-making for services.
  • Demand for services and capacity requirements are determined when specifying new or changed services.
  • The service operation process produces regular service quality reports that include an analysis of capacity and performance data.
  • If performance needs to be improved, improvement initiatives can be managed through the service improvement plan.
8.5 Service design, build and transition
  • Items that are under the control of change management, categories of change and criteria to determine risk levels are specified in the change policy. How changes are managed is described in the process model, which includes a detailed definition of the change management process.
  • Aspects to be considered when assessing proposed changes are specified in the change policy. Facts and arguments that lead to the approval or rejection of changes are documented in the change records.
  • Requirements for changes to resources and skills are determined during service design and documented in the service implementation blueprint.
  • Relevant service definitions are updated during service design. If required, customer and supporting agreements are updated in line with the service definitions as the new or changed services are implemented.
  • Services are built according to the specifications in the service definitions, requirements specifications and in the service implementation blueprint. The service build process includes activities to create test cases and perform tests, to verify if all service components have been deployed successfully, and to take corrective action if necessary.
8.6 Resolution and fulfilment
  • Incidents are managed in the incident resolution process and documented in incident records.
  • Actions taken to resolve incidents are documented in incident records.
  • Service requests are managed in the incident and service request resolution process and documented in service request records.
  • Actions taken to resolve service requests are documented in service request records.
  • The problem resolution process performs data and trend analyses to detect problems. Any identified root causes and solutions are documented in problem records.
  • If possible, problem management will identify workarounds and document them in the problem records. If feasible, problem management provides support staff with incident models, containing detailed instructions on how to apply the workarounds in order to resolve specific types of incidents.
  • Known errors are documented in problem records with identified root causes and workarounds.
8.7 Service assurance
  • Service availability requirements and targets are specified in the service definitions attached to customer service agreements. The service implementation blueprint, created during service design, describes the technical and other measures to ensure service availability.
  • Service availability is monitored as part of service operation and documented in service quality reports. If availability targets are not met, the service improvement process will re-assess the risks to service availability and take corrective action if necessary.
  • Service continuity requirements are specified in the service definitions attached to customer service agreements.
  • The process for managing disaster events performs regular assessments of continuity risks and maintains a register of disaster events for which continuity mechanisms are to be put in place.
  • Security risks are assessed on a regular basis, resulting in an updated register of security risks. This register identifies the relevant security risks with the mechanisms and controls applied to mitigate the risks.
  • Security controls are designed and implemented through the service design and build processes or through the security management process. Security operation manuals provide guidance for the operation of the security controls.

 

 

Performance Evaluation

ISO/IEC 20000 section 9: 'Performance Evaluation'
ISO 20000 section Related service management processes Notes
9 Performance Evaluation
  • Service levels and their target values are specified during service design in the service definitions.
  • Monitoring and measurement for services is based on service levels.
  • Services are evaluated against service requirements during service reviews.
  • Process metrics are defined during process design.
  • Effectiveness and performance of the SMS is evaluated as part of the regular process reviews.
  • Monitoring and measurement for the service management processes is based on process metrics.
  • The service and process operation manuals contain instructions for monitoring and measuring, and determine when service and process reviews are to be performed.
  • Management reviews are held at regular intervals in the form of strategic assessments. The continued adequacy of the service management system and the services is also ensured through regular service and process reviews.

 

 

Improvement

ISO/IEC 20000 section 10: 'Improvement'
ISO 20000 section Related service management processes Notes
10 Improvement
  • Non-conformities are identified during service and process reviews. If corrective action is required, improvement initiatives are managed, for example, through the service and process improvement plans.
  • Furthermore, the compliance management process reviews compliance with standards and regulations at regular intervals and takes corrective action if necessary.
  • Evaluation criteria for potential service and process improvements are specified in the service management policies.
  • Improvement initiatives are only approved if submitted with clearly defined, measurable objectives and a business case.

 

 

More about ISO 20000

 

References

  • [ISO, 2018] International Organization for Standardization: ISO/IEC 20000-1:2018, Information technology - Service management - Part 1: Service management system requirements. - Geneva, Switzerland, September 2018.

 

Notes

[1] ITIL® is a registered trade mark of AXELOS Limited. - IT Infrastructure Library® is a registered trade mark of AXELOS Limited.

Is based on: The YaSM - ISO 20000 Bridge.

By:  Andrea Kempter   and  Stefan Kempter Contributor: Stefan Kempter, IT Process Maps GbR, IT Process Maps.

 

Closely aligned with ISO/IEC 20000 - the YaSM model  › ISO 20000 requirements and related service management processes  › Context of the organization  › Leadership  › Planning

Retrieved from "https://yasm.com/wiki/en/index.php?title=YaSM_and_ISO_20000&oldid=714"