Vous êtes sur la page 1sur 15
BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012
BCS Foundation Certificate
in ISO/IEC 20000: IT Service
Management Syllabus
Version 2.3
September 2012

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus

Contents

Change History

 

2

Introduction

3

Learning Objectives

 

3

Entry Criteria

4

Format and Duration of the Examination

 

4

Notice to Training Providers

 

4

Syllabus

6

  • 1. ISO/IEC 20000 Scope, Purpose and Use (20%)

 

6

  • 2. ISO/IEC

20000

Service

Management

System General Requirements (10%)

7

  • 3. ISO/IEC 20000 Service Management Process Requirements (40%)

..................................

7

  • 4. Achieving ISO/IEC 20000 and continual improvement (10%)

.............................................

8

  • 5. ISO/IEC 200000-1 Review, Assessment and Audit Activities (20%)...................................8

  • 6. Format of the Examination

 

9

Appendix A - Type of assessment and audits and their outcomes

10

Appendix B - Complementary standards and best practices

 

12

Bibliography

14

Copyright © BCS 2012

Page 1 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Change History

Version

Changes Made

Number and

Date

Version 2.3

Updated the Reasonable Adjustments

September

2013

Version 2.2

Further amendments to incorporate changes from ISO/IEC20000

April 2012

Version 2.1

New version to incorporate changes from IS)/IEC 20000-1:2005 to 2011, second edition

Version 2.0

Re-formatted based on new branding guidelines – no change to technical content.

Copyright © BCS 2012

Page 2 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Introduction

This qualification covers the knowledge required to gain an understanding of the content and requirements of the international standard, ISO/IEC 20000, service management system requirements. It covers the certification requirements of ISO/IEC 20000-1:2011 and how the guidance in ISO/IEC 20000-2:2012 can be adopted by an organisation to deliver effective managed services and continually improve those services. The qualification is aimed at staff in internal and external service provider organisations who require knowledge and understanding of the ISO/IEC 20000 standard and its content. It will provide:

IT managers, service owners, process owners and other service management staff with an awareness of and familiarity with the ISO/IEC 20000 standard Individuals with the necessary knowledge to assess the relevance and importance of the ISO/IEC 20000 standard to the service management activities within their own organisation Managers and team leaders with a knowledge of a typical ISO/IEC 20000 service management system Internal auditors, process owners, process reviewers and assessors with a good knowledge of the ISO/IEC 20000 standard, its contents and justification of the need for internal reviews, assessments and audits

Evidence that delegates have achieved a foundation level of knowledge of the ISO/IEC

  • 20000 standard

This qualification does not provide the advanced level of knowledge for external auditors, consultants or those responsible for managing implementation of the standard in a service provider organisation.

Learning Objectives

Holders of the BCS ISO/IEC 20000 Foundation Certificate will be able to demonstrate their competence in, and their ability to:

Describe the scope, intent and use of the ISO/IEC 20000 series, specifically Parts 1, 2, 3

  • 20000 -1 (Part 1) requirements standard.

and 5. The key terms and definitions

Explain their understanding of the integrated approach to establishing and maintaining a

service management systems (SMS) and processes that conform with ISO/IEC 20000-1 (Part 1) certification. Describe the application of ISO/IEC 20000 and scope definition parameters for achieving

certification. Understand and describe the requirements of the SMS and the approach to a continual

improvement cycle, (Plan- Do- Check- Act methodology) Understand and describe the intent and requirements of each clause of the ISO/IEC

Recognise and describe the need to:

  • - plan and implement IT service management processes;

  • - report on the services and major metrics of the service management processes;

  • - schedule and conduct regular reviews, assessments and audits;

  • - plan for continual service improvement

Plan and prepare for an ISO/IEC 2000-1 (Part 1) audit.

Explain the purpose of assessments, reviews, internal and external audits of an SMS

and how they are used. Understand accreditation and certification schemes for ISO/IEC 2000-1 (Part 1);

Explain the relationship with linked ISO standards and ITIL ®1 best practices.

Copyright © BCS 2012

Page 3 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Entry Criteria

To be entered for the ISO/IEC 20000 examination candidates must demonstrate at least two year's IT service management experience or hold the IT Service Management Foundation certificate.

Format and Duration of the Examination

The examination is a one hour closed book examination (no materials can be taken into the examination room) and will consist of 40 scenario-based multiple choice questions. The pass mark is 26/40.

Notice to Training Providers

Each major subject heading in this syllabus is assigned an allocated time. The purpose of this is two-fold: first, to give both guidance on the relative proportion of time to be allocated to each section of an accredited course and an approximate minimum time for the teaching of each section; second, to guide the proportion of questions in the exam. Training Providers may spend more time than is indicated and candidates may spend more time again in reading and research. The total time specified is 18 hours of lecture and practical work. Courses do not have to follow the same order as the syllabus. Courses may be run as a single module or broken down into two or three smaller modules.

The Foundation examinations examination will be based on the syllabus in this document. Examination questions may be drawn from all areas of the syllabus and coverage given can be expected to be in proportion to the amount of time allocated to that topic in the syllabus.

Answers to examination questions may require the use of material based on more that one section of this syllabus, all sections of the syllabus are examinable.

The syllabus contains references to established standards. The use of referenced standards in the preparation of training material is mandatory. Each standard used must be the version quoted in the current version of this syllabus. Appendix A and B provide related information that can be used as the basis for an examination question.

This syllabus is structured into sections relating to major subject headings and numbered with a single digit section number. Each section is allocated a minimum contact time for presentation. Learning objectives are identified at the beginning of each section. The K level for each learning objective is identified at the lowest level of breakdown in the learning objectives list.

The breakdown of content matches the structure of the learning objectives, so that the material related to a given learning objective appears in a paragraph bearing the same numerical reference as that of the related learning objective. The content associated with each learning objective may include non-examinable explanatory commentary in italics as well as the examinable content associated with the learning objective.

Copyright © BCS 2012

Page 4 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Additional Time for Candidates who require Reasonable Adjustments due to a temporary or permanent disability

Candidates may request additional time if they require reasonable adjustments. Please refer to the reasonable adjustments policy for detailed information on how and when to apply.

Additional Time for Candidates whose business language is not English

An additional 15 minutes will be allowed for candidates sitting the examination

in a language that is not their mother tongue, and

where the language of the exam is not their primary business language,

Foreign language candidates who meet the above requirements are also entitled to the use of a paper dictionary (to be supplied by the candidate).

The candidate registration form asks for the candidate’s business language, if this is not English then BCS will automatically allocate additional time.

Copyright © BCS 2012

Page 5 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Syllabus

  • 1. ISO/IEC 20000 Scope, Purpose and Use (20%) Understand the principles of the multi-part ISO/IEC 20000 standard and be able to describe its scope, purpose and use. On completion of the course the candidate should be able to describe:

The scope, purpose and use of key documents that comprise ISO/IEC 20000:

  • - Part 1: Service management system requirements;

  • - Part 2: Guidance on the application of service management systems;

  • - Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1;

  • - Part 5: Exemplar implementation plan for ISO/IEC 20000-1

The purpose and use of ISO/IEC 20000-1 described in the Introduction and Scope, including Application (of ISO/IEC 20000).

The purpose and use of guidance documents such as ISO/IEC 20000-2 and the use of “shall”, “should”, “may” and “can” statements.

The principles of a service management system including the need for:

  • - defining the scope of the service management system;

  • - basing the overall quality management system on a structured hierarchy of policy, process and procedures, plans;

  • - the role of the top management and management representative, including a process owner;

  • - focusing on quality, measurement and improvement driven by business and customer requirements;

  • - taking an end to end service approach;

  • - management responsibility and control;

  • - good customer relationships;

  • - demonstrating governance of processes and control of other parties;

  • - recognition of the contribution of personnel

The relationships and differences between ISO/IEC 20000-1 (Part 1) and ITIL (see

and COBIT ® 1 (see Appendix B)

Appendix B). How ISO/IEC 20000 relates to other standards and best practice approaches that are

commonly used in an organisation, such as ISO 9001, ISO/IEC 27001.ISO/IEC 38500

Terms and definitions within ISO/ IEC 20000-1 (Part 1)

Accreditation and certification schemes including the role of ISO/IEC 17021:2011 (see

Appendix A and B). Certification bodies

1 COBIT ® is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute.

Copyright © BCS 2012

Page 6 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

2.

ISO/IEC 20000 Service Management System General Requirements (10%)

Understand the principles and processes for service management and the requirements of

the overall management system. On completion of the course the candidate should be able to describe the requirements of a management system including:

The scope of the service management system and the parameters required for a

definition of scope. The requirements and responsibilities of management, including top management

Governance of processes operated by other parties.

The documentation requirements including the mandatory documents and records and

the role of document and knowledge management in achieving the requirement. The requirements for resource management, including staff education, training, skills and

experience. The requirements for establishing and maintaining the SMS

  • 3. ISO/IEC 20000 Service Management Process Requirements (40%) Understand the intent of the requirements and the requirements of the ISO/IEC 20000 service management processes. [Note: The intent of each process is based on ISO/IEC 20000-2:2012.] On completion of the course the candidate should be able to describe:

The intent and requirements for the design and transition of new or changed services

(3%).

The intent and requirements of the service delivery processes (15%):

  • - service reporting;

  • - service continuity and availability management;

  • - budgeting and accounting for services;

  • - capacity management;

  • - information security management.

The intent requirements of the relationship processes (5%):

  • - business relationship management;

  • - supplier management.

The intent and requirements of the resolution processes (5%):

  • - incident management;

  • - problem management.

The intent and requirements of the control processes (7%):

  • - change management;

  • - configuration management;

  • - release and deployment management.

The interfaces between the design and transition of new or changed services and the control processes

Copyright © BCS 2012

Page 7 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

4.

Achieving ISO/IEC 20000 and continual improvement (10%)

Understand the approach to establishing and maintaining the SMS to ensure the required processes are effectively implemented, services are continually improved and the requirements of the ISO/IEC 20000-1 standard are met. On completion of the course the candidate should be able to describe the requirements for service management including:

Applicability, scope definition and scope statements:

  • - scope definition requirements for parameters;

  • - scope statements for certificates;

  • - the requirements of Part 1 and guidance of Part 3 for scope definition and the structure of a scope statement;

  • - The guidance and requirements for application, applicability and scope definition

and there use in certification (ISO/IEC 20000-1:2011, Clauses 1.2 and 4.5.1,

ISO/IEC TR 20000-3 2 , Clauses 4, 5, 6, Annexes A and B). The plan-do-check-act methodology and its application to service management,

processes and the services. The typical inputs and outputs to be managed.

Defining the scope of the SMS.

The requirements for planning service management and the SMS.

The requirements to implement and operate service management and provide the

services. The requirements for monitoring, measuring, reviewing and auditing.

The requirements for continual improvement

  • 5. ISO/IEC 200000-1 Review, Assessment and Audit Activities (20%) Understand the types of review, assessment and audit of a service management system, including service management, and the use of supporting systems, tools and techniques that enable an organisation to plan and conduct reviews, assessments and internal audits of service management systems. Appendix A contains the types of assessmen, audits and their outcomes that can be topics on an examination paper, On completion of the course the candidate should be able to describe the following:

The types of evidence required to demonstrate conformity to ISO/IEC 20000-1.

  • - reviews;

The types of reviews, assessments and audits required by the standard.

The techniques and approaches that can be used for conducting reviews, assessment

and audits, such as audit and self-assessment checklists. The implication of ISO/IEC 17021:2011 for audit practices.

How to prepare for:

  • - assessments;

  • - internal audits.

What is involved in an external audit:

  • - the steps involved in external certification;

  • - the benefits of external certification;

  • - how to prepare for an external audit;

  • - the certification process for certification under ISO/IEC 20000-1, including full audits and surveillance audits;

  • - what to expect in an audit and how to manage audit observations and nonconformities (major and minor).

2 Under technical revision to become an International Standard re-aligned to ISO/IEC 20000-1:2011.

Copyright © BCS 2012

Page 8 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

6.

Format of the Examination

This syllabus has an accompanying examination at which the candidate must achieve to be awarded the BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus

Type

40 Question Multiple Choice

Duration

1 Hour - An additional 15 minutes will be allowed for candidates sitting the examination in a language that is not their mother tongue, and

where the language of the exam is not their primary business language, Foreign language candidates who meet the above requirements are also entitled to the use of a paper dictionary (to be supplied by the candidate).

Pre-Requisites

To be entered for the ISO/IEC 20000 examination candidates must demonstrate at least two year's IT service management experience or hold the IT Service Management Foundation Certificate.

Supervised/Invigilated

Yes

Open Book

No

Pass Mark

26/40

Distinction Mark

N/A

Delivery

Paper based examination only.

To align with ISO/IEC 20000, the examination uses lower case including all references to ISO/IEC 20000 processes, defined terms and proper nouns. Upper case is used only for Clause (when referring to a specific numbered clause), International Standard, Part (when referring to a specific numbered part of ISO/IEC 20000).

The examination uses the verbal forms that are defined in the ISO/IEC Directives Part 2 (Annex H) and the ISO/IEC 20000 series, as follows:

"Shall" is "must do". ‘Shall’ statements are those which are audited for certification or

conformity 3 . For example, “The service provider shall measure customer satisfaction at planned intervals…… ” .. “Should” is used for guidance to recommend the preferred option for fulfilling a

requirement 4 , in Parts 2 – 5. Equivalent expressions are “it is recommended that” or “ought to”. “Can” means “be able to”, “there is a possibility of” or “it is possible to”.

“May” is used to signify permission expressed in the document. Equivalent expressions are: “is permitted” or “is allowed” or “is permissible”.

3 'Shall' is used for a requirement strictly to be followed to conform, with no deviation permitted. 4 'Should’ indicates that one among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required, or with ‘should not’ (the negative form) a possibility or course of action is deprecated but not prohibited.

Copyright © BCS 2012

Page 9 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Appendix A - Type of assessment and audits and their outcomes

Type

Description of assessment / audit

Initial

Conducted by an accredited certification body for the first assessment of

certification

conformity against ISO/IEC 20000-1.

audit

Re-certification

Conducted by a certification body to assess conformity against ISO/IEC 20000-

audit

1 after the first assessment.

Surveillance

Conducted by a certification body and carried out at least annually to assess

audit

and ensure continued conformity. It is a shorter audit than the initial and re- certification audits. It ensures that representative areas of the management system are monitored on a regular basis. The focus is improvements, internal audits, management reviews, complaints, operational control, effectiveness of the SMS against service management objectives, areas of major change and

any weaknesses identified during the previous

.

First party audit /

Conducted by the service provider’s own resources, or external consultants

“self-

acting on their behalf. An internal audit for ISO/IEC 20000-1 should meet the

assessment”

requirements of Part 1, Clause 4.5.4.2. A "self-assessment" can be conducted the service provider’s personnel used to monitor and analyse a process and provide feedback to management on the effectiveness of the process and the benefits of any improvement.

Second party

Audit by a person or organisation that has a user interest in the service

audit

provider e.g. customer

Third party audit

Audit by a conformity assessment organisation usually referred to as a certification body. They are independent of and have no user interest in the service provider’s organisation.

Copyright © BCS 2012

Page 10 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Typical outcomes of an assessment or audit by external and internal auditors are shown below. Using the terms from ISO/IEC 17021, Clause 9, a nonconformity is a ‘non-fulfilment of a requirement’ (in Part 1). Examples are given below.

Type of

Description

Examples

outcome

Nonconformity -

A failure to fulfil one or more requirements of

A whole process is missing,

major

ISO/IEC 20000-1 or a situation that raises significant doubt about the ability of the SMS to achieve its intended outputs.

such as a service management process not performed, i.e. a significant requirement is not fulfilled by the SMS.

Nonconformity –

All other nonconformities that are not major. For

A correction is planned for a

minor

example a few defective records. Any failure to fulfil a significant requirement where there is an agreed plan for correction and corrective action for the nonconformities, even if that nonconformity is major.

failure to agree the service continuity plan with the customer.

Opportunity for

A feature of the SMS where action does not

Examples of opportunities for

improvement

need to be taken. Opportunities for improvement

improvement can be slow

(sometimes

must not be used instead of a nonconformity. In

implementation of agreed

'observation').

some assessments 'observations' are used to note an unusually good feature of the SMS.

improvements or service levels that compare badly to industry benchmarks, even if the service targets are met. Observations can be fast and low risk turn-round of change requests, services that are exceptionally good value to the customer-

Out of scope

An aspect that is not in scope of the standard and does not need to be audited.

The procurement process.

Copyright © BCS 2012

Page 11 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Appendix B - Complementary standards and best practices

This appendix provides supporting information about ISO/IEC 20000, related standards and ITIL best practices that can be used in examination questions. Those that are most relevant are:

Management system standards ISO 9001, ISO/IEC 27001;

 

ITIL Service management best practices;

ISO/IEC 38500:2008 and COBIT for governance of IT;

Software asset management series, ISO/IEC 19770.

Aspect

ISO/IEC 20000-1

ISO 9001

ISO/IEC 27001

Purpose

A standard that can be used for a conformity assessment of an organisation’s service management system (SMS). To be certified a service provider must fulfil all requirements of the standard.

A standard that can be used for a conformity assessment of an organisation’s quality management system (QMS)

A standard that can be used for a conformity assessment of an organisation’s information security management system (ISMS)

Focus

Focus is service management. It is specifically designed to ensure the use of best practice processes for service management. The

Applicable to all organisations and is therefore more widely applicable than ISO/IEC 20000-1 and ISO/IEC 27001. It can

Covers the requirements and information security management controls for an organisation’s information security management system that

information security management process requirements have some

address all working practices in the whole of an organisation.

can have a different scope to the service management system in ISO/IEC 20000-

similarities to ISO/IEC 27001 controls, but are not the same.

1.

Usage

Many service providers achieve certification to both ISO/IEC 20000-1 and ISO/IEC 27001.

Management

Yes, they are all management system standards. Although the management

system

systems are different there is overlap in general management system

standard

requirements and in some service management processes, including information security management. All three use the Plan-Do-Check-Act methodology.

Conformity

ISO/IEC 17021 applies to audits under each of these standards.

assessment

Note ISO/IEC 17021, Clauses 9.1.1.2 and 9.3.2.2 and Annex E

and

  • a) The certificate normally lasts 3 years before a full re-audit. However,

certification

certification can be suspended and then lost after a surveillance audit which is done at least once a year. Before the three years between full audits there might need to be a complete re-audit, if the service provider’s circumstances change or there is a major change to the SMS or service.

  • b) ISO/IEC 17021, Clause 9.1.1.2 states: "The audit programme shall include a

two-stage initial audit, surveillance audits in the first and second years, and a

recertification audit in the third year prior to expiration of certification. The three- year certification cycle begins with the certification or recertification decision.”

  • c) ISO/IEC 17021, Clause 9.3.2.2 states: "Surveillance audits shall be conducted

at least once a year. The date of the first surveillance audit following initial certification shall not be more than 12 months from the last day of the stage 2 audit."

Copyright © BCS 2012

Page 12 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Aspect

ISO/IEC 20000-1

ITIL

Purpose

A requirements standard that can be used for a conformity assessment of an organisation's service management system (SMS). To be certified a service provider must fulfil all requirements of the standard.

A set of best practice guidelines that includes advice on how to do service management. ITIL is NOT suitable for a conformity assessment for an organisation or its service management system (SMS).

Management

Clause 4 contains general

Contains references to ISO/IEC 20000

system

requirements for a service management system, including the service management processes

and the service management system. ITIL practices can be used to achieve the general SMS requirements in ISO/IEC 20000-1, Clause 4.

Plan-Do-

Uses the Plan-Do-Check-Act

The ITIL Continual Service Improvement

Check-Act

methodology (Deming cycle) as

publication includes the 7-step

methodology

the basis of a continual improvement cycle

improvement process that is mapped to the Plan-Do-Check-Act methodology.

Governance of IT

ISO/IEC20000-1 does not specify requirements for the governance IT. It only includes requirements for the governance of processes operated by other parties.

ISO/IEC38500 is a guidance standard for corporate governance of IT. The purpose of the standard is to promote effective, efficient, and acceptable and lower risk use of IT in all organisations by:

assuring stakeholders that, if the guidance in the standard is followed, they can have confidence in the organisation’s corporate governance of IT; informing and guiding directors in governing the use of IT in their organisation; providing a basis for objective evaluation of the corporate governance of IT.

The Control Objectives for Information and related Technology (COBIT 5 ) is a governance and control framework for IT management. It was created by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI). COBIT draws from the expertise of association’s members, industry experts, control and security professionals. It provides an objective and practical resource for executive management, business management, IT management and auditors.

Software asset management

ISO/IEC20000-1 includes requirements for managing software assets in several clauses. The ISO/IEC19770 series can be used for the management, control and protection of software assets, licences and to manage the risks arising from their use.

5 COBIT® is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute.

Copyright © BCS 2012

Page 13 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office

Bibliography

  • 1. ISO/IEC 20000-1:2011, Information technology — Service management — Service management system requirements

  • 2. ISO/IEC 20000-1:2005, Information technology — Service management — Code of practice

  • 3. ISO/IEC 20000-2:2012, Information technology — Service management — Guidance on the application of service management systems

  • 4. ISO/IEC TR 20000-3:2009 2 , Information technology — Service management — Guidance on scope definition and applicability of Part 1

  • 5. ISO/IEC TR 20000-4:2010 2 , Information technology — Service management — Process reference model for IT service management

  • 6. ISO/IEC TR 20000-5:2009 2, Information technology — Service management — Exemplar implementation plan for ISO/IEC 20000-1

  • 7. ISO 9000:2005, Quality management systems — Fundamentals and vocabulary (some ISO/IEC 20000 terms are aligned with 9000)

  • 8. ISO9001:2008, Quality management systems — Requirements

  • 9. ISO/IEC 27001:2005, Information technology — Security techniques — Information security management systems — Requirements

    • 10. ISO/IEC 17021:2011, Conformity assessment — Requirements for bodies providing audit and certification of management systems

    • 11. ISO/IEC Directives, Part 2: 2011, Rules for the structure and drafting of International Standards Edition 6.0

    • 12. ISO/IEC 19770:2006, Information technology — Software asset management – Part 1 — Processes

    • 13. ISO/IEC 38500:2009, Corporate governance of information technology

    • 14. Cabinet Office (2011). ITIL Service Strategy. TSO, London.

    • 15. Cabinet Office (2011). ITIL Service Design. TSO, London.

    • 16. Cabinet Office (2011). ITIL Service Transition. TSO, London.

    • 17. Cabinet Office (2011). ITIL Service Operation. TSO, London.

    • 18. Cabinet Office (2011). ITIL Continual Service Improvement. TSO, London.

Copyright © BCS 2012

Page 14 of 14

BCS Foundation Certificate in ISO/IEC 20000: IT Service Management Syllabus Version 2.3 September 2012 ITIL ® is a registered trade mark of The Cabinet Office