Experience From Implementation of ISO 20000 v3

Viktorija Donceva
Trajkovski & Partners Management Consulting

Ohrid, May 2009
Introduction
Law regulation from the National bank of the

Republic of Macedonia
ISO 20000:2005 standard requirements
Practical experience from implementation of

ISO 20000:2005
24.01.15
If you dont want to help

yourself, no one can

3
24.01.15
Describes
processes for delivery of services
Aligned with and complementary to the

process approach defined within ITIL
ISO/IEC 20000 consists of two parts:

ISO/IEC
20000-1, the formal Specification

ISO/IEC 20000-2, the Code of Practice
Formerly British Standard 15000, adopted by

ISO in December, 2005
24.01.15

First worldwide standard specifically aimed

at IT Service Management

5
24.01.15
Introduction and overview
Scope, terms and definitions
Requirements for a management system
Planning and implementing ITSM
Planning and implementing new or changed

IT services
Process groupings
24.01.15


Control processes
Configuration management
Change management
24.01.15

8
24.01.15
DECISION on the bank's information system

security ("Official Gazette of the Republic of
Macedonia" No. 31/2008)
DECISION on amending the Decision on the

bank's information system security ("Official
Gazette of RM" No. 78/08)
DECISION on amending the Decision on the

bank's information system security ("Official
Gazette of RM" No. 31/2009)
24.01.15

Outsourcing company of the bank with main

activity of managing data processing system
and which based on written agreement
manages and stores bank data while
performing bank or financial activities.
The outsourcing company shall obligatorily

be certified in accordance with the
international standard ISO/IEC 20000.
24.01.15

10

11
24.01.15
24.01.15

To provide a management system,

including polices and a framework
to enable the effective
management and implementation
of all IT services
12
Policies
management and improvement policy,
Budgeting and accounting policy, Release policy
etc.
Plans
Service
management plan, Service improvement

plan, Capacity plan etc.
Processes
Improvement
process, supplier management

process, Change management process etc.
24.01.15

Service
13
Procedures
control, Incident management,
Problem management etc.
Records
Service
level agreements, Management review

report, Proposal for new or changed services,
Risk Assessments, Configuration management
database (CMDB)etc.
24.01.15

Document
14

15
24.01.15
Implemented QMS based on ISO 9001:2000
Implemented ISMS based on ISO 27001:2005
Implementing ITSMS based on ISO 20000:2005

The
Scope of the IT Service Management System

are all the services that the organization
provides for its customers and for the internal
users.
ITSMS Framework + ITSM processes
Connections and overlaps between the

management systems
24.01.15

16
ISO/IEC 20000-1:2005
ISO/IEC 27001:2005
1 Scope
2 Terms & definitions
3 Requirements for a
management system
4 Planning and implementing
service management
5 Planning and implementing
new or changed services
4, A.6.1
7.1
A.6
7.2
A.10.3, A.12.1
6 Service delivery process
7.2
7 Relationship processes
8 Resolution processes
9 Control processes
10 Release management
7.2.3/4.1
4.1, 4.2, A.10.8
8.5
A.10.10
7.5.1
A.12.2

ISO 9001:2008
7.3
24.01.15
17
1.
3.
4.
5.
6.
7.
8.
9.
10.
24.01.15

2.
Introduction
Service Management and Improvement Policy
IT Service Management System Overview
Management Responsibility
Organization for Service Management
ITSMS Documentation
Services overview
Planning and implementing service
management
services
Service Management Process Model
18
24.01.15

Defined 13 processes based on ISO 20000:2005

standard
Service Improvement
services
Service level management and reporting
Service continuity and availability management
Budgeting and accounting for IT services
Capacity management
Business Relationship management
Supplier management
Incident management
Problem management
Configuration management
Change management
Release management
19
Service Level Management
Service Level Management Goal

To maintain and improve IT Service quality,
through a constant cycle of agreeing,
monitoring and reporting upon IT Service
Achievements.
Service Level Management objective

To
define, agree, record and manage levels of

service
24.01.15

ISO20000-1:2005 ref. number: 6.1
20

21
24.01.15
List of all services IT provides to Customers
Provides a clear explanation of the services,

Customers/Users, descriptions and costs
Essential to any service provider business in

order to define products and services
Managed and updated by the Business

Development Department
24.01.15

22
Separate catalogs for services provided to

clients and internal services
Each service separately described through

the following information:
Service name, Status of service, Description of

service, Standard and additional service
features, Frequency of service delivery, Service
availability, Client technical requirements for
using the service, Service support (description
and hours), Service owner, Standard and
additional Tariff costs, Service delivery level
24.01.15

23
24.01.15

Services included/excluded
Service hours
Availability / Reliability targets
Throughput, transaction response times, batch
turnaround times
Support arrangements / targets
Change targets
Security Plan
IT Service Continuity Plan
Service costs and charges
Reviews and reporting
Penalties and Incentives
24

Questions?
Thank you for your
attention!
24.01.15
25

Experience From Implementation of ISO 20000 v3

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Experience From Implementation of ISO 20000 v3

Transféré par

Droits d'auteur :

Formats disponibles

Viktorija Donceva

Trajkovski & Partners Management Consulting

Law regulation from the National bank of the

ISO 20000:2005 standard requirements

Practical experience from implementation of

If you dont want to help

If you dont want to help

processes for delivery of services

Aligned with and complementary to the

ISO/IEC 20000 consists of two parts:

20000-1, the formal Specification

Formerly British Standard 15000, adopted by

If you dont want to help

First worldwide standard specifically aimed

If you dont want to help

Introduction and overview

Scope, terms and definitions

Requirements for a management system

Planning and implementing ITSM

Planning and implementing new or changed

If you dont want to help

If you dont want to help

If you dont want to help

DECISION on the bank's information system

DECISION on amending the Decision on the

DECISION on amending the Decision on the

If you dont want to help

Outsourcing company of the bank with main

The outsourcing company shall obligatorily

If you dont want to help

If you dont want to help

If you dont want to help

To provide a management system,

management plan, Service improvement

process, supplier management

If you dont want to help

level agreements, Management review

If you dont want to help

If you dont want to help

Implemented QMS based on ISO 9001:2000

Implemented ISMS based on ISO 27001:2005

Implementing ITSMS based on ISO 20000:2005

Scope of the IT Service Management System

Connections and overlaps between the

If you dont want to help

2 Terms & definitions

6 Service delivery process

4.1, 4.2, A.10.8

If you dont want to help

If you dont want to help

If you dont want to help

Defined 13 processes based on ISO 20000:2005

Service Level Management

Service Level Management Goal

Service Level Management objective

define, agree, record and manage levels of

If you dont want to help

ISO20000-1:2005 ref. number: 6.1

If you dont want to help

List of all services IT provides to Customers

Provides a clear explanation of the services,

Essential to any service provider business in

Managed and updated by the Business

If you dont want to help