We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Industry

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is ISO 20000?

By Andy Hill
Updated: May 17, 2024
Views: 5,454
Share

The standard ISO 20000 is an information technology (IT) service management certification that has been developed to replace the former British Standard (BS) 15000 certification as set by British Standards International group (BSI). Developed as a joint project by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the standard is alternatively known as IEC 20000. The concept of the standard is to allow all organizations with a core business model founded in information technology to ensure that internationally set best practice measures are adhered to. It also provides the tools for companies to develop and maintain processes that provide for the core needs of their businesses.

Consisting of two main sections, ISO 20000 shares similarities with other ISO standards, such as ISO 14000 and ISO 9000. These similarities include a continual improvement process (CIP) and a process improvement cycle based on the concepts of plan, do, check, and act. As with other ISO certifications, conforming to ISO 20000 guidelines is not certified by the ISO itself but rather through a network of independent assessors and certification bodies. These assessors have the ability to issue ISO 20000 accreditation following an extensive auditing process.

The two parts of the standard have different objectives: specifying the requirements of the standard and setting out the accreditation guidelines. Part one of the documentation is a specification document and sets out the requirements for IT service management in regard to initializing and maintaining processes. It is in this first part that the core requirements for ISO 20000 accreditation are established.

While bearing the same general title as part one, part two is actually a code of practice documentation. In this second section, guidelines for both external auditors and those individuals with responsibility for maintaining the service provision processes within the applying organization are set out. Within the code of practice documentation, guidelines in regard to the measures against which an organization will be audited are provided.

For an organization to be eligible to apply for ISO 20000 accreditation, the scoping document for the standard states that they must possess management control of a process. To achieve this management control, the company must have knowledge and control of the inputs and outputs of the process, including having a set measurement and review procedure in place. The scoping guidelines, published to accompany the documentation for the standard, provide examples of this management control along with guidance regarding whether or not an organization will be eligible to apply for ISO 20000 accreditation.

Share
WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.

Editors' Picks

Discussion Comments
By allenJo — On Jun 27, 2011

@hamje32 - I agree, I think that ITIL processes have wider applications. They are basically a set of management principles that will explain how to address common Information Systems scenarios, such as help desk, configuration, capacity planning and continuity management to name a few.

In my opinion these principles are indispensable. Companies that don’t have a formal certification with ITIL or another comparable standard are basically shooting from the hip as I see it.

ITIL training forces you to confront real world scenarios so that when you encounter systems incidents at your workplace, you will be operating from a well thought out philosophy towards resolution rather than just playing things by ear.

By hamje32 — On Jun 25, 2011

@NathanG - It depends on what you want to do; the focus of Cobit is a little different. Cobit is more about IT governance, and I think it has become popular in part due to increased demands for compliance with certain legislation about information security. ITIL, on the other hand, is about managing information systems and processes.

There may be some crossover between the two but they are different. ITIL in my opinion is broader whereas Cobit might be useful if you want to work in the banking or financial sector in some kind of an auditing position.

By NathanG — On Jun 23, 2011

@hamje32 - I’m familiar with ITIL, but I’ve read a lot of stuff online about Cobit certification. Have you heard about this and do you think it would be worth pursuing?

By hamje32 — On Jun 20, 2011

I believe that ISO certification has been the gold standard for companies wanting to certify the integrity of their business processes for many years. ISO means quality control and we actually considered whether we should pursue ISO certification for our small business.

Actually, for us it came down to a debate between whether to go for the ISO 9001 certification or the ITIL v3 certification. ITIL is more focused on Information Technology whereas ISO 9001 is more focused on management principles in general; in the end we had the IT crew go for the ITIL certifications.

We may pursue the ISO 9001 certification down the line as well, but as a company I think we’ve already internalized ISO 9001’s eight principles of management in our current business processes, so formal certification is not important at this point just yet.

Share
https://www.wisegeek.net/what-is-iso-20000.htm
Copy this link
WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.