Bsi bip 0130 2011

Cer ifc tion to ISO/IEC 2 0 0-1 by ana cre ite cerifc tionb d shows that a serv ice provid r is commit e to d lv rin valu to cus omer an contin al service improv me t.. ISO/IEC 2 0 0-1 i

Lynda Cooper

© British Sta d rds Insitution 2 1

Al rig t reserv d E cept as permite u d r th Co yrig t, Des ig s and Patent Ac 1988 , no par of this publcation

ma be reprod ce , sore ina retie al sysem or t a smite ina y form or by a y me ns – electonic, photoco yin ,

recordin or oth rwise – without prior permisioninwritin fom th publsh r

W his e ery care h s be nta e in d v lo in a d compi n this publcation,BSI ac ept no labi ty for a y los or

d ma e ca se , arisin directly or in irectly in con ection with rela ce on it conte t e cept to th e te t th t such

labi ty ma not be e clu e inlaw

W hie ev ery effor h s be n ma e to tace al co yrig t hold r , a yon claimin co yrig t shouldg t in touchwithth

BSI at th ab v a dres

BSI h s no resp nsibi ty for th perise ce or ac uracy of URLs for e tern l or third-pary intern t websites refere to in

this b ok, a d does not g ara te th t a y conte t onsuchwebsites is,or wi remain, ac urate or ap ro riate

Typeset inFrutig r by Monolth, www.monolth.u com

Printe inGre t Britainby B r or Group,www.beror co.u

Britis h Library Catalo uin in P blcatio Data

A catalog e record for this b ok is a aiable f om th British Library

ISBN 9 8 0 5 0 7 5 1 3

2 S mmary of the k ey cha ges ma e from th 2 0 e ition to th 2 1 e ition 5

Ap e dix C Map ing a d diff erences betwe n the 2 0 e ition a d th 2 1 e ition

(T e tables in this ap e dix are giv n in ful on th CD a compan in this b ok)

Ap e dix D Mappin a d differences betwe n th 2 1 e ition a d th 2 0 e ition

(T e tables in this ap e dix are giv n in ful on th CD a compan in this b ok)

Ap e dix E BS ISO/IEC 2 0 0-1:2 1 , Information tech olog — S rvice ma a eme t —

It is not p s ible to a k owle g al those who hav be n inv olv d but I w ouldlk in par icular to than

those in olv d in th re raf in of th san ard an th re iew of this b ok:

• Graham C x – for his work in re iewin this b ok an his e ceptional ski s in E glsh grammar;

• Nick Frig t – for his w ork in re iew in this b ok an his k owle g of oth r s an ards;

• Shirle L cy – for h r work in re iewin this b ok an h r k owle g as an ITIL

®1

author;

• A nita Myrberg (Swe e ) – for h r w ork as co-e itor of th san ard an for brin in a c lm, reason d,

k owle g able ap roa hto our work;

• Profesor Piere T ory (France) – for his work as co-e itor of th s an ard an brin in his manag me t

thin in to th san ard;

• P ter Resel of BSI for g idin us al throu h th comple ities of th BSI an ISO proces es an directiv s;

• Ja k R ber son-Wor fold – for his ad itions to th b ok on o erational is u s, w hich are shown in b x es

throu hout th te t;

• Dr Alasair Walk r (SouthAf ic ) – for his analysis to l f om SPI L b ratory (Pty) Ltd, which h lps to

id ntify th dif fere ces in e itions;

• A ll member of th BSI an ISO commite s – (you k ow who you are) for th ir par s in comme tin on,

resolvin an sup orin th prod ction of th 2 1 e ition of Par 1

T e s an ard is manag d throu h workin group 2 (W G2 ) of th SC7 subcommite of ISO/IEC JTC1 T e

con e or of W G2 d rin th re ision of Par 1 w as Dr Je n Du more T e project e itor for Par 1 w as

Ly da C o er (UK), withco-e itor Anita Myrberg (Swe e ) an Profes or Pier e T ory (France) Man

cou t ies are represe te on W G2 an hav play d an a tiv par in th d v lo me t of th 2 1 e ition

T e inclu e Aus rala, Canada, China, C te d’voire, Czech Republc, Finlan , France, German , In ia, Italy,

Japan, Korea, Lu emb urg, New Z alan , South Afic , Spain, UK an USA

Also, I would lk to than Dr Je n Du more (UK) for h r role as conv enor for th BSI an ISO commit e s,

which has se re th ISO/IEC 2 0 0 series to what it is today

Finaly, I would lk to than Jula Helmsle an Je n Cranw el of BSI for th ir sup or d rin th prod ction

of this b ok

1

IT IL ® is a r egisered tademark of the Offce of Go ernment C mmerce in the United Kin d m an other co nties

inclu e th d sig , tr ansition, d lver y an impr oveme t of er vices to f ulfl agr ee ser vice r eq ir eme t.

T e fr t e itionof ISO/IEC 2 0 0-1 was publsh d in 2 0 T e title was Informatio tech olo y — Service

management — Par 1: Specifcatio T e secon e ition of ISO/IEC 2 0 0-1 was publsh d in 2 1 w ith a

re ise title T e title is Informatio tech olo y — Service management — Par 1: Service management s ys tem

req irements T is refect th emphasis on th SMS an alg me t with th title of ISO 9 01 It also mov s

away f om th term ‘specifc tion’ which is reserv d for use w ith sof ware s an ards

T e n w e ition has be n d v lo e with th in olv eme t of th international commu ity throu h it

national s an ards organiz tions an th International Organiz tion for Stan ardiz tion (ISO) T e 2 1

e ition should lead to improv me t in IT effcie cy an busin s prod ctivity

T e chan es wi impa t organiz tions cerife to this s an ard, or workin towards cer ifc tion, that use

th s an ard in conta t, or that use th s an ard as g idance It wi also impa t th au itor, tain r an

consultant who use th san ard for th ir cusomer

ISO/IEC 2 0 0 is use internationaly an by man organiz tions to g id th ir serv ice manag me t, man bein

cer ife to ISO/IEC 2 0 0-1 A serv ice manag me t sy stem also prov id s sup or f or corp rate gov ernance,

w hich is of te relant on inf ormation f rom IT serv ices an th sup or of h proces es in ISO/IEC 2 0 0-1

T ere are man be eft f om usin ISO/IEC 2 0 0-1 Cer ifc tion to ISO/IEC 2 0 0-1 by ana cre ite

cerifc tionb d shows that a serv ice provid r is commit e to d lv rin valu to cus omer an contin al

service improv me t

ISO/IEC 2 0 0-1 is driv nby th contin al improv me t of proces es an services, so a service provid r wi

normaly fn that impleme tin th re uireme t in Par 1 giv s an improv d serv ice that ad s much greater

valu to th cusomer In turn, this e ables th cus omer an th ir busin s es to be more effectiv

W his impleme tin bes pra tice service manag me t principles sup les o vious be eft,

organiz tions sometimes fn th mselv s not contin in on towards cerifc tion, citin th reason

that it is u n ces ary to prov be on th cusomer e perie ce that thin s are improv in T is is a

false premise W his p lcies c n direct vision an proces es c nsup ly aworkin s ructure, peo le

may lo k for a route of leas resis ance to g tin thin s don ; in e d in cer ain c ses e pe ie cy

is ofe se n as a means of subju atin agre d p lcy by takin shor cut throu h proceses

W his this c n d lv r shor -term be eft , in th lon er term it increases cos an risk an re uces

o erational ef fectiv n s W ith conformity comes re uce manag me t ov erh ads; manag r are

more proa tiv as th y s o havin to fg t fres, an service manag me t is more ef fectiv e

of ‘shal sateme t an c n be th basis of a conformity ases me t;

• Par 2: Code of pracice (2 0 ) Par 2 specifes recomme dations to sup or th impleme tation of Par 1

Par 2 is cur e tly bein update an wi be publsh dw ith an w title of Guidance o the ap lcatio of

s ervice management s ys tems T is rev ision of Par 2 wi alg w ith th 2 1 e ition of Par 1;

• Par 3: Guidance o s co e defnitio and ap lcabi ty of ISO/IEC 20 0 0 0 -1 (T ch ic l Rep r ) Par 3 is a

g idance docume t cov rin two specifc areas that are comple for ISO/IEC 2 0 0 T is docume t c n

sup or those who wish to d monsrate conformity to Par 1;

• Par 4: Proces s re erence model (T ch ic l Rep r ) Par 4 is aproces refere ce mod l that wi sup or

th d v elo me t of th proces ases me t mod l that wi be publsh d as ISO/IEC 15 0 -8;

• Par 5: Ex mplar implementatio plan for ISO/IEC 20 0 0 0 -1(T ch ic l Rep r) Par 5 is a g idance

docume t to sup or organiz tions that are impleme tin ISO/IEC 2 0 0-1 for th fr t time or that are

improv in th ir e is in service manag me t sys em;

• Par 10 : Co cepts and termin lo y Par 10 is not y t publsh d It wi be adocume t to pul tog th r

th concept an terminolog use in th ISO/IEC 2 0 0 series T e n xt e ition of Par 1 wi not n e to

inclu e terms an d fnitions as th se wi be in Par 10

Par s 6 to 9 are u d r consid ration, subject to research on what is re uire by th service manag me t

in us ry Pro osals inclu e map in th re uireme t inPar 1 to bes pra tice ad ice in th Information

T ch olog Infasructure Library (ITIL), an , if this is agre d, oth r s an ards, methods an famew orks, such

as COBIT (C nt ol Objectiv s for IT)

A n w relate s an ard is bein d v lo e but is not y t publsh d: ISO/IEC TR 9 0 6: Guidelne o the

ap lcatio ofISO 90 0 1 to IT s ervice management T is n w s an ard wi be base on th 2 1 e ition of

ISO/IEC 2 0 0-1

A fur h r n w relate san ardis bein d v lo e but is not y t publsh d: ISO/IEC 2 013: Guidelnes o the

integrated implementatio ofISO/IEC 270 0 1 and ISO/IEC 20 0 0 0 -1 T e n w san ard wi be base onth 2 1

e ition of ISO/IEC 2 0 0-1

1.3 The author

T is b ok is write by Ly daC o er, th project e itor of ISO/IEC 2 0 0-1 who represe t th UK on th

ISO/IEC commit e resp nsible for th ISO/IEC 2 0 0 series Ly daalso sit on th BSI commit e that fr t

d v lo e BS 15 0 , w hich was fas-t a k d to become ISO/IEC 2 0 0-1 in 2 0 Sh has work d on comme t

resolution with BSI an ISO commit e s throu hout th fv y ar it has tak n to draf th 2 1 e ition an

k ow s e ery chan e an th reason for it Ly da is anin epe d nt consultant an tain r who is on of

th fr t peo le in th world to be q alfe to ITIL Mas er le el

2

Sh has sup ore man organiz tions to

impleme t service manag me t an to a hie e ISO/IEC 2 0 0 cerifc tion

1.4 Audience and intended use

T is publc tion is for th man organiz tions that hav e use th 2 0 e itionof ISO/IEC 2 0 0-1 as th

basis for service d lv ry It is also inte d d for peo le in olv dinth preparation for cer ifc tion, au it ,

self-as esme t an tainin It wi also be v ry useful for t ain r, consultant an manag r resp nsible

for contin al service improv me t, procureme t an sup ler manag me t Cer ifc tion b dies wi fn th

b ok useful for chan in th ir au it pra tice docume tation

T he targ t au ie ce also inclu es those w ho use ISO/IEC 2 0 0-1 w ith oth r s an ards, such as ISO 9 01 an

ISO/IEC 2 0 1 For this au ie ce, th re is informationab ut how th s an ard relates to th se oth r s an ards

T e user commu ity inclu es those who use bes pra tices to sup or th impleme tation of ISO/IEC 2 0 0-1,

inclu in ITIL T e b ok inclu es information ab ut how ITIL c n h lp th m to a hie e th re uireme t of

th s an ard, in A ppe dix A

2

ITIL ® is a regiser ed tademark f he Offce of Go ernment C m erce in the United Kin d m an other co nties

th 2 1 e ition as so n as p s ible, prov idin information to h lp th m to mak th t ansition simply

an smo thly;

• an over v iew – f or those who want a br oad view of h diff er ences betw ee th two e itions of h san ar d;

• a g id f or au itor – w ho n e to k ow th chan es to re uireme t an how this w il impa t th ev id nce

that is n e e d r in th au it pr oces ;

• an in ivid al purchase – for t ain r an consultant;

• an ins itutional purchase – for companies that use th s an ard

1.5 What changes ar e being compar ed in this book ?

T is b ok primariy compares th 2 0 e ition to th 2 1 e ition of ISO/IEC 2 0 0-1

Chapter 2 summarizes th k y chan es that hav be n mad f om th 2 0 to th 2 1 e itions Chapter 3

d scribes how to mak th t ansition to th secon e ition, w ithrefere ce to th rele ant clauses in

ISO/IEC 2 0 0-1 Chapter 4 provid s in-d pth g idance on th k y chan es mad

T e b ok uses th 2 0 e itionas th refere ce p int T e e ception is Ap e dix D, which uses th 2 1

e ition as th refere ce p int by providin a map in of th 2 1 e itionto th 2 0 e ition T e 2 1

e ition of th san ard is inclu e , in it e tirety, in A ppe dix E

Some read r w il only n e to readChapter 2, 3 an 4 to gain a broad u d r tan in of th difere ces

betw ee th tw o e itions T hose w ho re uire a map in an d taie k ow le g of th differe ces w il also

n e to read A ppe dix C (if th 2 0 e ition is th baseln of th read r) or A ppe dix D ( if th 2 1 e ition is

th baseln of th read r) T he d tais prov id din A ppe dix C an A ppe dix D comprise th same information

but f om adifere t baseln For ease of use, A ppe dix C an A ppe dix D are av aiable on th CD prov id d

T e int od ction of th 2 1 e ition sates ‘SO/IEC 2 0 0 is inte tionaly in epe d nt of specifc g idance

T e service provid r c n use acombinationof g n raly a cepte g idance an it ow n e perie ce T ere are

dif fere t g idance fameworks avaiable for service manag me t A service provid r may also use th ir ow n

methods an tech iq es to sup or th impleme tationof ISO/IEC 2 0 0-1 Ap e dix A giv es information

ab ut th relationship of th san ard with bes pra tice g idance As an e ample, it giv s ahig -le el

map in of th 2 1 e itionof ISO/IEC 2 0 0-1 an th 2 1 e ition of IT IL

T xt f om s an ards or oth r f amew orks is prese te in q otes

1.6 What is a k ey change?

T e k y q esion for those usin th 2 0 e ition of th s an ard an eith r consid rin movin to

th 2 1 v r ion, or in e d lo kin at th implc tions of movin , wi be: ‘what does it mean to me

f oman o erational service d lv ry per pectiv ?’

E per comme tary has be n ad e throu hout th b ok to su g s th p te tial impa t of chan es

on peo le, p lcy, proces an tech olog For e ample, consid r:

• th cur e t s ructures your organiz tion works with;

• th various rules put in pla e by p lcy;

• th o erational a tivities dictate by proces es; an of cour e,

• th consraint an o p r u ities afford d by tech olog

An chan e to th san ards by w hich th se comp n nt hav be n impleme te could hav an

impa t on on or more of th comp n nt

Inre iewin th chan es, a n mber of consid rations are imp r ant:

• impa t onth s atus q o (or cure t o erabi ty of th serv ices);

• cos of makin th chan es v rus th cos of not makin th m;

• risk of not makin th chan es an th impa t up n th abi ty to maintainad ere ce to th

s an ard;

• th cultural an o erational impa t up n th organiz tion

• n w re uireme t or oth r te t – te t is in th 2 1 e ition that was not in th 2 0 e ition;

• e itorial chan e – te t has chan e for e itorial reasons such as improv d E glshor chan e of terms; th

re uireme t or inte t of th sateme t has not chan e ;

• minor chan e – chan e to a re uireme t that is u lk ly to af fect an organiz tion’ s abi ty to a hie e

cer ifc tion or a chan e to tex t that is not a re uireme t but is more than an e itorial chan e;

• me ium chan e – chan e to a re uireme t that may af fect an organiz tion’ s abi ty to a hie e

cer ifc tion or a chan e that n e s to be as es e for impa t on th ex is in SMS;

• major chan e – fu dame tal chan e to are uireme t that wi hav a major impa t on an organiz tion’ s

abi ty to a hie e cerifc tion

• bet er sup or for service provid r that are usin th ITIL bes pra tice f amework to h lp th m to

a hie e th re uireme t of ISO/IEC 2 0 0-1;

• chan es to terminolog :

• to refect international usag ;

• more d fnitions, chan es to some d fnitions an remov al of two d fnitions, ‘service d sk’ an

‘chan e record’

• chan e of th term ‘manag me t sys em’ to ‘service manag me t sys em’ (SMS);

• an e planation that th Plan-Do-Ch ck-Act (PDCA) methodolog ap les to th SMS, which inclu es

th service manag me t proces es in Clauses 5 to 9, an th services T e SMS also inclu es oth r

comp n nt: th service manag me t p lcies, o jectiv s, plans, docume tation an resources;

• th ad ition of n w te t to e plain th ap lc tion of th san ard;

• th ad ition of n w re uireme t for d fnin th sco e of th SMS;

• th ad ition of n w re uireme t for th gov rnance of proces es o erate by oth r par ies, in

recog ition that mos organiz tions work with oth r par ies to d lv r serv ices;

• th ad ition of n w re uireme t to manag internal sup ler an cus omer a tin as sup ler;

• ad itional re uireme t for th manag me t of n w or chan e serv ices to brin th re uireme t into

th lfecycle earler to cov r plan in , d sig , d v elo me t an t ansition;

• chan es to al fg res;

• some chan es to roles an docume t

T ere are some terms that it is imp rant to u d r tan wh n consid rin how to mov to th n w e ition

T ese are d fn dinth s an ard an shown below

‘Service’ is a n wly d fn dterm that is d fn d as:

‘means of d lv rin valu for th cusomer by fa i tatin result th cus omer want to a hie e

NOT 1 Service is g n raly intan ible

NOT 2 A serv ice c n also be d lv re to th service provid r by asup ler, aninternal group or acus omer

a tin as asup ler

‘Service manag me t’ is an update d fnition d fn d as:

‘set of c pabi ties an proces es to direct an contol th service prov id r’ s a tivities an resources for th

d sig , t ansition, d lv ery an improv me t of services to fulfl th service re uireme t’

‘Service manag me t sys em’ is a n wly d fn d term that is d fn d as:

‘manag me t sys em to direct an cont ol th serv ice manag me t a tivities of th service provid r

NOT 1 A manag me t sysem is a set of interelate or intera tin eleme t to esablshp lcy an

o jectiv s an to a hie e those o jectiv s

NOT 2 T e SMS inclu es al service manag me t p lcies, o jectiv s, plans, proces es, docume tation

an resources re uire for th d sig , t ansition, d lv ry an improv me t of services an to fulfl th

re uireme t in this par of ISO/IEC 2 0 0

‘Service re uireme t’ is also a n wly d fn d term, which is d fn d as:

‘n e s of th cusomer an th user of th service, inclu in service lev el re uireme t, an th n e s of th

service provid r’

For organiz tions that are alread cerife to ISO/IEC 2 0 0-1:2 0 , th re wi be ad q ate time alowe

before th y n e to be cerife to th 2 1 e ition Ea h serv ice provid r wi n e to consid r an planfor

th mov to th n w e ition T e seps in3.3 below provid g idance on how to ap roa h this mat er Some

in esigation of th abi ty an d sire to conform to th big es areas of chan e is re uire frt T ese are:

• Clause 1.2 Ap lc tion;

• Clause 4.2 Gov rnance of proceses o erate by oth r paries;

• Clause 4.5.1 Defn sco e;

• Clause 5 Desig an t ansition of n w or chan e services

A gap analysis should be per orme an plans d v lo e , in ord r to u d r tan th ef for an timesc le

in olv d in th mov

Mos service provid r should mak chan es in s ag s It is not n ces ary to mak th mov to q ickly;

how ev r, plan in wi e sure that mome tum tow ards th n w s an ard is not los, an th chan es n e e

are u d r to d early on Service provid r should discus an agre th timetable with th ir au itor

T here are a n mber of ex aminations leadin to q alfc tions for in iv id als in ISO/IEC 2 0 0 T he q alfc tions

are at fou dation, pra tition r, au itor an oth r lev els T he q alfc tion sch me ow ner hav e alread update

th sch mes f or th 2 1 e ition an w il phase out th old sch mes as al n w c n idates lo k to be q alfe

f or th 2 1 e ition

3.3 Moving cer ifcation f r om the 2005 edition to the 2011 edition

Mov in th cer ifc tion of an organiz tion fom th 2 0 e ition to th 2 1 e ition n e s thorou h

plan in an th aloc tion of a resp nsible manag r withclear sco e an terms of refere ce T e manag r’ s

role is th foc l p int for al commu ic tion; h or sh should be a consummate commu ic tor, able to secure

th agre me t of e eryon in olv ed an be giv en th ap ro riate authority to e able th t ansition

T pic l a tiv ities to be u d r ak n are shown in Table 1 with refere ces to oth r chapter in this b ok for

more d tais, as wel as to clauses in Par s 1 (2 1 ) an 3 of ISO/IEC 2 0 0

Organiz tions should also refere ce ISO/IEC 2 0 0-2, Guidance o the ap lcatio ofs ervice management

s ys tems (wh n it is publsh d) an ISO/IEC TR 2 0 0-5, Ex mplar implementatio plan for ISO/IEC 20 0 0 0 -1

Please note that ISO/IEC TR 2 0 0-5 is base on th 2 0 e ition of ISO/IEC 2 0 0-1 but mos of th ad ice

remains rele ant to th 2 1 e ition

for chan es to fg res an 4.4 for chan es to

terminolog

2 If you also hav conformity to ISO 9 01 or

ISO/IEC 2 0 1, gain an aw are es of th

chan es mad to sup or alg me t with oth r

s an ards

1 Se Chapter 4, 4.8

3 Re isit th sco e of th cure t cerifc tion to

e sure that ISO/IEC 2 0 0-1 remains ap lc ble

to your organiz tion

1 Se Clause 1.2 of Par 1

2 Se Clause 5 of Par 3, 2 0 e ition

3 Se Chapter 4, 4.5.2

4 Id ntify proces es or pars of proceses an

ch ck that youc n satis y th re uireme t

for th gov rnance of proces es o erate by

oth r par ies, inclu in an proces es or pars

of proces es that are out ource to sup ler ,

internal groups or cusomer

1 Se Clauses 4.2, 6.1 an 7.2 of Par 1

2 Se Clause 5.2 of Par 3, 2 0 e ition

3 Se Chapter 4, 4.5.4

5 Re isit th d fnition of sco e 1 Se Clause 4.5.1 of Par 1

2 Se Clauses 5.3 an 6 of Par 3, 2 0 e ition

3 Se Chapter 4, 4.5.3

6 Ch ck that you c nsatis y th ad itional

re uireme t for n w or chan e services

1 Se Clauses 5 an 9.2 of Par 1

2 Se Chapter 4, 4.6

3 Se Ap e dix C an A ppe dix D for d taie

dif fere ces

7 C n uct an as esme t agains th 2 1 e ition

of ISO/IEC 2 0 0-1 an id ntify gaps

8 Prod ce anoutln plan an busin s c se to fl

th gaps an e sure conformity

9 Agre re ise sco e sateme t, pro ose

ap roa h, timesc les an bu g t with to

manag me t

10 Discus p sible sco e, ap roa h s an timin s

with th cerifc tionb d /au itor

1 If you are usin ITIL to sup or th cerifc tion,

gain an aware es of how th 2 1 e ition c n

sup or it use

1 Se Ap e dix A

12 Prod ce a d taie plan of a tion to gain

cer ifc tion to th 2 1 e ition

13 Ar an e an re uire ad itional t ainin in th

2 1 e ition

14 Update an impleme t th service manag me t

plan an th SMS g n ral re uireme t ,

inclu in re isitin th serv ice manag me t

p lcy an o jectiv s to e sure that th y are

rele ant to your sco e an service re uireme t

1 Se Clause 4 of Par 1

2 Se Ap e dix C an A ppe dix D for d taie

dif fere ces

15 Agre th chan e p lcy; update an impleme t

th d sig an t ansition of n w or chan e

services proces

1 Se Clauses 5 an 9.2 of Par 1

2 Se Chapter 4, 4.6

3 Se Ap e dix C an A ppe dix D for d taie

dif fere ces

16 Update an impleme t oth r plans an p lcies

as re uire

1 Se Clause 4.3 of Par 1 for re uireme t on

docume tation manag me t

2 Se Ap e dix C an A ppe dix D for d taie

dif fere ces

3 Se Chapter 4, 4.7 for chan es to docume t

Chapter 4, 4.7.

3 Se Ap e dix C an Ap e dix D for d taie

dif fere ces

18 Update role d scriptions, as ig authorities an

resp nsibi ties an e sure saf f are as ig e

with rele ant compete cies as re uire

1 Se Clause 4.4 of Par 1 for re uireme t on

resource manag me t

2 Se Chapter 4, 4.7 for chan es to roles an th

n e to asig authorities an resp nsibi ties

19 Un erak a pre-au it re iew to e sure that al

e id nce (docume t an records) is avaiable

an me t th re ise re uireme t , an to

e sure that th resource re uireme t fom

Clause 4.4 are inpla e with s af f able to answer

q esions ab ut th ir roles an a tivities

2 Re-cerifc tion

T his chapter prov id s d tais of th k y chan es mad , an differe ces betw ee , th 2 0 an th 2 1

e itions It c n be use to prov id in-d pthg idance T he d taie tables in A ppe dix C an A ppe dix D map

th tw o e itions an ls al th differe ces It w ould be adv isable at this time to consid r w hich chan es could

affect your organiz tion an w hich on s may be chale gin

For those w ho lk to w ork with n mber , h re are some met ics ab ut th tw o e itions

Number of pag s:

• th 2 0 e ition was 16 pag s lon ;

• th 2 1 e ition is 2 pag s lon ;

• four pag s are fom ane pan e Clause 1, a n w Clause 2 an ad itional d fnitions;

• two pag s are f om format in chan es, n w h adin s an e pan e bulete lss;

• four pag s are fom n w re uireme t

Number of re uireme t :

• th 2 0 e ition had 17 re uireme t (measure by n mber of oc ure ces of ‘shal );

• th 2 1 e ition has 2 6 re uireme t

A 5 per ce t increase sou ds larg , but in th 2 0 e ition th re w ere man se te ces that contain d on

‘shal but se eral re uireme t Althou h some si remain, man of th se hav be n brok n down into

simpler se te ces an more precise re uireme t in th 2 1 e ition

For e ample, th 2 0 e ition of Clause 6.3 contain d on ‘shal in th folowin se te ce: ‘Avaiabi ty an

service contin ity re uireme t shal be id ntife on th basis of busin s plans, S As an risk ases me t

In th 2 1 e ition, this has be nbrok n into thre se te ces an th re uireme t mad more precise to

contain thre ‘shals’

T e service provid r shal as es an docume t th risks to serv ice contin ity an avaiabi ty of

services T e service provid r shal id ntify an agre with th cus omer an interese par ies service

contin ity an avaiabi ty re uireme t T e agre d re uireme t shal tak into consid ration

ap lc ble busin s plans, service re uireme t , S As an risks

T is is a chan e to th s an ard that wi in olv e th in es me t of time an resources to ad res

A sold re uireme t-gath rin proces should be in pla e for service contin ity an avaiabi ty, with

th abi ty to as es an manag risks usin an agre d ap roa h T is wi meanthat b th busin s

an IT proces es wi n e to be more closely alg e to a s an ard that has th abi ty to c pture

b th cus omer an service provid r risks

T he serv ice manag r c n be inv aluable in e surin that th thre -w ay dialog e betw ee cusomer,

serv ice prov id r an tech ic l specialss is c rie out in a way that id ntifes an agre s b th

re uireme t an risks A dditionaly, th service manag r is usualy in contol of h prod ction

of erv ice lev el agre me t ( SLA s) an is id aly pla e to prov id g idance an sup or betw ee

p te tialy u reals ic cusomer d man s an p te tialy ov erly tech ic l re uir eme t f or inf ormation

In ord r to ju g conformity to th s an ard, on mus be e id ntialy au ite agains a set of

specifc re uireme t Ke per ormance in ic tor are es e tial h re an mus be measurable f om

an o erational per pectiv , as w el as agre d by al concern d par ies

T e 2 1 e ition of Par 1 contains a ln to a surv y in th int od ction T is is a n w initiativ to gath r

fe dba k T e fe dba k wi be analyse twice ea h y ar an w il fe d into th work of th ISO workin

group for th ISO/IEC 2 0 0 series Simiar surv y ln s wi also be put into oth r Par s of th san ardas th y

are publsh d

T e frt thin that a read r of th 2 1 e itionw il se is that th sructure has chan e T e g n ral

re uireme t for th SMS hav be n combin d tog th r into on clause A normativ clause has be n ad e

Release manag me t has be n mov d into th cont ol proces es – an early re u s e chan e to th 2 0

e ition T ere hav be n some title chan es to beter represe t th conte t an to h lp th user of th

s an ard that also use ITIL

Table 2 maps th s ructure of th 2 1 e ition with th 2 0 e ition, showin reasons for th chan es T is

table shows th titles an n mberin with n w clauses hig lg te in b ld It does not in ic te an chan es

to conte t

T ble 2 – Map in of P r 1 st ucture – 2 0 e ition map e to th 2 1 e ition

ISO/IEC 2 0 0-2 down to subclause lev el

2 T rms a dd fnitions 3 T rms an d fnitions Numberin chan e, no chan e to title

pule tog th r into on clause – Clause 4

Clauses 4.2 an 4.5.1 are n w subclauses

Oth r clauses an subclauses hav had n mberin

oth r par ies

Clause 4.2 is aset of n w re uireme t

3.2 Docume tation

r eq ireme ts

4.3 Docume tation

manag me t

Numberin chan e Title chan e to refect th

manag me t a tivities for docume tation

4.5.1 Defn s o e Clause 4.5.1 is a set of n w re uireme t

Numberin chan e Minor title chan e

Measureme t is si re uire in this subclause but

is not in th title in ord r to k ep titles shor

4.4 C ntin al

impr ov me t ( Act)

4.5.5 Maintain an

improv th SMS (Act)

Numberin chan e Title chan e bec use th

whole PDCA methodolog is ab ut contin al

improv me t, not jus ab ut improvin in th ‘Act’

T is clause has be n e pan e to inclu e d sig as

wel as plan in , d v lo me t an tansition T e

2 0 e ition had some eleme t of tansition but

this has be ne pan e in th 2 1 e itionan th

term ‘t ansition’ has be n int od ce

T e title has be n chan e to refect th n w

6.2 S rvice r ep r in 6.2 Service rep rin No chan e to title or n mberin

6.3 S rvice contin ity

a cou tin for services

Title chan e to remov ‘T’ to be consise t w ith

al oth r uses of th term ‘service’ which do not

‘Ge eral subclause remov d since it was only th re

to alg n mberin with 2 0 e ition of Par 2

T is le to an mberin chan e for th proces

12 A Guide to the new ISO/EC 20 0 0 0 -1

No chan e to title or n mberin

9.2 Ch n e ma a eme t 9.2 Chan e manag me t No chan e to title or n mberin

proces es’ clause (Clause 9)

Numberin chan e Title chan e to refect th

ad e emphasis on th d ployme t of releases

4.3 Changes to fgur es

4.3.1 Appr oach

Fig res are use in b th e itions of th s an ard to aid u d rtan in of th sco e of th s an ard Al th

fg res hav be n chan e

4.3.2 Figur e to show the s ope of the standar d

Fig re 1 fom th 2 0 e ition provid d a simplfe view of th proces es withinth s an ard Howe er, it

c use confusion bec use it did not inclu e th ‘plan in an impleme tin n w or chan e services’ proces

nor an ln to th ‘manag me t sysem’ or ‘plan in an impleme tin service manag me t’ proces es

Fig re 1, below, ap eare in Clause 1 of th 2 0 e ition an has be n repla e by Fig re 2 inClause 1 of

th 2 1 e ition

This p rt of ISO/IEC 2 0 0 defines the r eq irements for a service provider to delver managed

serv ic es of an ac c ept able q alt y for it s c ust omers

It ma b u ed:

a) b bu ines es t hat are goin out t o t en er for t heir serv ic es;

b) b bu ines es t hat req ire a c on ist ent a pro c b al serv ice prov iders in a s p ly c hain;

c ) b serv ice prov iders t o b n hmark t heir IT serv ic e managemen

d) as t he b sis for an in e en ent as es men

e) b an organizat ion w hic h ne d t o demon t rat e the a i t y t o prov ide serv ic es t hat me t c ust omer

req irements; an

f) b an organizat ion w hic aims t o improv e serv ic e t hrou h t he efec t iv e a plc at ion of proces es t o

monit or an improv e serv ic e q alt y

Fig re 1 — Serv ic ma a eme t proc s e

This p rt of ISO/ IEC 2 0 0 sp cifies a n mb r of c losely relat ed serv ic e management proces es, as s ow n in

Fig re 1

The relat ion hips b t w een t he proces es de en on the a plcat ion w it hin an organizat ion an are generaly

A Guide to the new ISO/EC 20 0 0 0 -1 13

T e fg re also shows, as does Fig re 1 in ISO 9 01, th relationship withth cusomer an interese par ies

who d fn th service re uireme t an receiv th services

ISO/ IEC 2 0 0- 1:2 1 (E)

Desi gn and transi o n o new o changed s ervic s

Res oluton p roc sses

Rel at ionshi p p ro e s se s

Inidnt ad s ervic re est

maaemet

P ro lem man ag men t

Busins relatio ship

man agmet

S upplier maaemet

Se vi ce del ive y p r oc eses

Capcity maaemet

Srvic cont iu ity &

Budg etin g &

ac oun t in for serv ics

Manage ment re p onsibi t y

Go ve rnance o f pro e sse s

op e r a te d b other p art ie s

Estab lish th SMS

Do cum entatio n manage ment

Re so urce m ana gement

Se vic Manag e m ent S stem (SMS)

Desi gn and transi o n o new o changed s ervic s

Res oluton p roc sses

Rel at ionshi p p ro e s se s

Inidnt ad s ervic re est

maaemet

P ro lem man ag men t

Busins relatio ship

man agmet

S upplier maaemet

Se vi ce del ive y p r oc eses

Capcity maaemet

Srvic cont iu ity &

Budg etin g &

ac oun t in for serv ics

Manage ment re p onsibi t y

Go ve rnance o f pro e sse s

op e r a te d b other p art ie s

Estab lish th SMS

Do cum entatio n manage ment

Re so urce m ana gement

Se vic Manag e m ent S stem (SMS)

Res oluton p roc sses

Rel at ionshi p p ro e s se s

Inidnt ad s ervic re est

maaemet

P ro lem man ag men t

Busins relatio ship

man agmet

S upplier maaemet

Se vi ce del ive y p r oc eses

Capcity maaemet

Srvic cont iu ity &

Budg etin g &

ac oun t in for serv ics

Manage ment re p onsibi t y

Go ve rnance o f pro e sse s

op e r a te d b other p art ie s

Estab lish th SMS

Do cum entatio n manage ment

Re so urce m ana gement

Se vic Manag e m ent S stem (SMS)

Al req irement s in t his p rt of ISO/IEC 2 0 0 are generic an are inten ed t o b a plca le t o al service

providers, regardles of t yp , size an t he nat ure of t he ser v ices delv ered Ex clu ion of an of t he

req irement s in Clau es 4 t o 9 is not ac e t able when a service prov ider claims conformity t o t his p rt of

ISO/IEC 2 0 0, iresp ct ive of t he nat ure of t he ser v ice prov ider's organization

Conformity t o the req irement s in Clau e 4 can only b demon t rat ed by a ser v ice prov ider s owin eviden e

of fulfi in al of the r eq irement s in Clau e 4 A ser vice prov ider can ot rely on ev iden e of t he governan e of

proces es o erated by ot her p rt ies for t he req irement s in Clau e 4

Conformity t o t he req irement s in Clau es 5 t o 9 can b demon t rat ed by the service provider s ow in

eviden e of fulfi in al req irement s A lt ernat iv ely, the service provider can s ow eviden e of fulfi in the

majority of t he req irement s t hemselv es an ev iden e of t he gov ernan e of proces es o erat ed by other

p rt ies for t hose proces es, or p rt s of proces es, t hat t he ser v ice provider do s not o erate direct ly

The s o e of t his p rt of ISO/IEC 2 0 0 ex clu es t he sp cification for a prod ct or t ool How ev er,

organizat ion can u e t his p rt of ISO/IEC 2 0 0 t o help them dev elo prod ct s or t ools t hat s p ort the

o eration of an SMS

NOT E ISO/IEC T R 2 0 0-3 prov id s g id n e o sc p d finit io a d a plc bi t y of t his p rt of ISO/ IEC 2 0 0

T his inc lu es furt her e pla atio a o t the g v ern n e of pro es es o erated b ot her p rt ies

The folowin referen ed doc ment s are in isp n a le for t he a plcat ion of t his doc men F r dated

referen es, only the edit ion cit ed a ples F r u dat ed referen es, t he lat est edition of t he referen ed

doc ment in lu in an amen ment s) a ples

No normat iv e referen es are cit ed This clau e is in lu ed in order t o en ure clau e n mb rin is ident ical

w it h ISO/IEC 2 0 0-2:—, Informatio techno lo y — Service ma a eme t — Part 2: Guida ce o th

a plcatio ofs ervice ma a eme t s ys tems

Fig r e 2: 2 1 e ition Fig re 2 – S rvice ma a eme t system

4.3.3 Figur e to show the appl cation of the PDCA methodology

Fig re 2 of th 2 0 e ition showe th PDCA methodolog with th input an output Fig re 2 ap eare

in Clause 4 of th 2 0 e ition an has be n repla e by Fig re 1 inth int od ction of th 2 1 e ition

Fig re 2 — Pla - Do- Ch ck - A ct methodolog for s rvic ma a eme t proc s e

The model s ow n in Fig re 2 i u t rat es t he proc es an proc es lnk ages present ed in c lau es 4 t o 10

4.1 Pla serv ic ma a eme t (Pla )

Objec t iv e: To plan t he implement at ion an delv ery of serv ice managemen

Serv ic e management s al b plan ed The plan s al at a minimum define:

a) t he sc op of t he serv ic e prov ider’s serv ice managemen

b) t he o ject iv es an req irement s t hat are t o b ac hiev ed b serv ic e managemen

c ) t he proces es t hat are t o b ex ec ut ed;

d) t he famew ork of management roles an resp n ibi t ies, inc lu in t he senior resp n ible ow ner, proc es

ow ner an management of s p lers;

e) t he int eraces b t w een serv ic e management proc es es an t he man er in w hic h t he ac t iv it ies are t o b

14 A Guide to the new ISO/EC 20 0 0 0 -1

Do

Act

Fig re 1 — PDCA methodology ap le to s rvic ma a eme t

This p rt of ISO/IEC 2 0 0 ena les a service provider t o int egrat e it s SMS wit h other management s st ems in

t he service prov ider's organizat ion The ado t ion of an int egr at ed proces a pro c an t he PDCA

met hodolog ena les t he serv ice prov ider to alg or fuly integrate mult iple management s st em st an ard

F r ex ample, an SMS can b int egrat ed wit h a q alty management s st em b sed on ISO 9 01 or an

informat ion sec rity management s st em b sed on ISO/IEC 2 0 1

ISO/IEC 2 0 0 is intentionaly in e en ent of sp cific g idan e The serv ice prov ider can u e a combination

of generaly ac e ted g idan e an it s own exp rien e

Users of an Int ernat ional St an ard are resp n ible for it s corect a plcat ion An Int ernat ional Stan ard do s

not purp rt t o in lu e al neces ar y st atut ory an reg lator y r eq irement s an cont ract ual o lgat ion of t he

serv ice provider Conformit y t o an Int ernat ional St an ard do s not of it self confer immu ity fom st at ut or y an

reg lat ory req irement s

For t he purp ses of rese r ch on serv ice management st an ard , u ers ar e en ouraged t o s are t heir v iew s

on ISO/IEC 2 0 0-1 an t heir priorities for c an es to t he rest of t he ISO/ IEC 2 0 0 series Clc on t he lnk

Fig r e 4: 2 1 e ition Fig re 1 – PDCA methodolog ap le to service ma a eme t

4.3.4 Figur e to show supply chain r elationships

Fig re 3 of th 2 0 e ition show edan e ample of th relationship betwe n service provid r an sup ler

T is fg re c use confusionab ut th use of th term ‘busin s ’ an th sub-conta te sup ler bein

show n as sup ler 4

Fig re 3 of th 2 0 e ition was inth sup ler manag me t clause in th 2 0 e ition an remains as

Fig re 3 in that clause inth 2 1 e ition

fe db c k fom reg lar c ust omer sat isfac t ion me s rement s A c t ion for improv ement ident ified d rin t his

proc es s al b rec orded an input int o a plan for improv in t he serv ic e

7.3 Suppl er ma a eme t

Objec t iv e: To manage s p lers t o en ure the prov ision of se mles , q alt y serv ic es

NOT 1 Th sc op of t his st an ard ex c lu es t he proc ureme t of t he su plers

NOT 2 Su plers ma b use b t he serv ic e prov id r for prov isio of some p rt of t he serv ic e It is t he serv ic e pro id r

who n e s t o d mo st rat e c nformit y t o t hese su pler ma a eme t pro es es Comple relat io ships ma b prese t as

d mo st rat ed in t he dia ram b low whic is use as a ex ample:

Fig re 3 — Ex ample of rela ons ip betwe n s rvic provid rs a d s pplers

The serv ic e provider s al hav e doc ument ed s p ler management proces es an s al name a c ont ract

manager resp n ible for e c h s p ler

The req irement s, sc op , lev el of serv ice an c ommu ic at ion proces es t o b prov ided b t he s p ler(s)

s al b doc ument ed in SLAs or ot her doc uments an agre d b al p rt ies

SLAs w it h t he s p lers s al b alg ed w it h t he SLA(s) w it h t he bu ines

The int eraces b t w een proc es es u ed b e c h p rty s al b doc ument ed an agre d

All roles an relat ion hips b t w een le d an s bc ont ract ed s p lers s al b c le rly doc ument ed L ad

s p lers s al b a le t o demon t rat e proces es t o en ure t hat s bcont ract ed s p lers me t c ont rac t ual

req irements

A proces s al b in plac e for a major rev iew of t he contrac t or formal agre ment at le st an ualy t o en ure

t hat bu ines ne d an c ont rac t ual o lgat ion are s l b in met

Chan es t o t he c ont rac t (s), if presen an SLA(s) s al folow fom t hese rev iew s as a pro riat e or at other

t imes as req ired Any c han es s al b s bject t o t he c han e management proc es

A proc es s al ex ist t o de l w it h c ont rac t ual disput es

A proc es s al b in plac e t o de l w it h t he ex pec t ed en of serv ic e, e rly en of t he servic e or t ran fer of

serv ic e t o anot her p rt y

Perorman e again t serv ic e lev el t argets s al b monit ored an rev iew ed Ac t ion for improv ement iden fied

d rin t his proc es s al b recorded an input int o a plan for improv in t he serv ic e

Fig re 5: 2 0 e ition Fig r e 3 — E ample of relationship betwe n service pr ovid rs a d sup lers

T e fg re has had minor re isions to chan e terminolog f om ‘busin s’ to ‘cusomer’ to clarify that th

service provid r is d lv rin a service to th cus omer as d fn d in th 2 1 e ition ‘B sin s ’ w as remov d

to be clear ab ut who is receivin th service, ie th busin s re uires th service to fulfl busin s n e s but

th cusomer are receivin it T e wordin ab ut ‘nternal or ‘e ternal has be n remov d f om th service

prov id r b x since this information is in th d fnition of ‘service provid r’ T e sub-cont a te sup ler has

be n re umbere as 3a to show that th re is a relationship w ithsup ler 3

Guidance o the ke chan es made to ISO/EC 20 0 0 0 -1

The service pr ovider may u e s p lers t o implement an o erat e some p rt s of t he service management

proces es An ex ample of s p ly c ain relation hips is i u t rat ed in Fig re 3

Fig re 3 — Ex ample of s p ly c ain rela on hips

For e c s p ler, t he service provider s al hav e a desig ated in iv id al w ho is resp n ible for managin t he

relation hip, t he cont ract an p rorman e of t he s p ler

The serv ice provider an t he s p ler s al agre a doc ment ed cont rac The cont ract s al contain or in lu e

a referen e t o:

a) s o e of t he ser v ices t o b delvered by t he s p ler;

b) de en en ies b tween ser v ices, proces es an the p rt ies;

c) req irement s t o b fulfi ed by the s p ler;

d) serv ice target s;

e) int eraces b tw een service management proces es o erat ed by t he s p ler an ot her p rt ies;

f) int egrat ion of t he s p ler's act ivities wit hin t he SMS;

g) w orklo d c aract eristic ;

h) cont ract ex e tion an how t hese w il b han led;

i) aut horit ies an resp n ibi ties of t he serv ice prov ider an t he s p ler;

j) re ort in an commu icat ion t o b provided by the s p ler;

k ) b sis for c argin ;

l) act ivities an resp n ibi ties for t he ex pect ed or e rly t erminat ion of t he contract an t he t ran fer of

serv ices t o a diferent p rty

Fig re 6: 2 1 e ition Fig r e 3 – E ample of sup ly ch in r elationships

4.4.1 Ge eral

T e 2 0 e ition contain d aminimal amou t of d fn d terms In c ses w here th san ard w as bein use

an tanslate by an international au ie ce, th re w ere multiple q es ions ab ut th meanin of terms T rms

hav e only be n d fn d if th y are not normal E glsh terms or phrases, or th y are bein use in a specifc

way In some c ses, d fnitions hav e be n ad e for consise cy w ith oth r san ards

For e ample, th term ‘tansition’ is d fn d in th Shor er Oxford E glsh Dictionary (SOED) as ‘th a tion or

proces of pas in or pasag fom on con ition, a tion, or (oc as.) pla e to anoth r; chan e’ T e way that

th term is use inth s an ard is v ry specifc an it has th refore be n d fn d as ‘a tivities in olv d in

movin a n w or chan e service to or fom th lv e vironme t’ Howev er, th term ‘d ployme t’ is not a

d fn d term bec use it is use as in th SOED d fnition of th a t of d ployin , wh re d ploy is d fn d as

‘brin into or p sition for ef fectiv a tion, mak go d use of’

In a cordance w ith ISO rules, th terms hav e be n alg e w ith those in oth r relate s an ards w here p s ible,

especialy ISO 9 0 , ISO/IEC 2 0 0 an ISO 310 0 Sometimes it has be n n cesary to adapt th d fnitionf om

anoth r International Stan ard to e sure that it is ap ro riate for serv ice manag me t

Table 3 shows th terms an d fnitions of th 2 1 e ition compare to th 2 0 e ition, with reasons for

th chan es

Oth r chan es hav be n mad to e sure consise cy of terminolog , to use more internationaly a ceptable

lan uag , to alg with oth r san ards an to ad ere to ISO directiv s

4.4.2 Changes to ge eral use of Engl sh and non-defne terms

T ere are chan es to th g n ral use of E glshthat hav be nmad throu hout th n w e ition of th

s an ard T ese hav not be n e plain d ev ery time th y oc ur, in this b ok T ese inclu e th folowin

• T he mix d an inconsis e t uses of th terms ‘busin s’ an ‘cus omer’ in th 2 0 e ition hav e now

be n cor ecte ‘Cus omer’ is use as in it d fnition as th receiv r of th service ‘B sin s ’ is use in

terms of n e s, plans, be eft or e vironme t, e.g busin s n e s T e busin s is that of th cus omer’ s

organiz tion

• To alg w ithISO 9 01, ‘roles an resp nsibi ties’ hav be n repla e throu hout by ‘authorities

an resp nsibi ties’ sometimes also usin th word ‘role’ wh re a specifc refere ce is re uire Se

Chapter 4, 4.7 for fur h r d tais ab ut chan es to roles

• Oth r par ies c n ot be a tion d as th y are not bein ask dto conform to th san ard, so re uireme t

that put ana tion on oth r paries hav be nchan e to put an a tion onth service provid r, e.g ‘Lead

sup ler shal be able to d mons rate proceses to e sure that subconta te sup ler me t cont a tual

re uireme t’ w as an a tion onth leadsup ler in th 2 0 e ition T is has be n chan e to put th

a tion on th service provid r in th 2 1 e ition: ‘T he service provid r shal v erify that lead sup ler are

managin th ir sub-cont a te sup ler to fulfl conta tual o lgations

• T he mix d an inconsis e t use of th terms ‘proces ’ an ‘proce ure’ has be n chan e Proceses specify

w hat to do an what shouldoc ur at th hig er le el Proce ures provid d tai on how to per orm

specifc a tivities an sit within a proces For e ample, th complaint proces in th 2 0 e ition has

be n chan e to be a complaint proce ure withinth busin s relationship manag me t proces in th

be min ful of th imp r ant role th se concept play in g t in th m movin tow ards a service-orie te

e vironme t

• Some terms hav be n chan e , e.g ‘sak hold r’ which was not a d fn d term, has be n repla e by

th d fn d term ‘nterese par ies’ New terms hav e be n int od ce , e.g ‘nternal group’

• Some chan es hav be nmad for consis e cy inth use of v rbs an oth r non-d fn dterminolog ,

e.g ‘plan, es ablsh, impleme t, o erate, monitor, re iew, maintain an improv anSMS’ is use as a

consise t ls of v rbs

• Activ ities that were specife as bein per orme ‘at leas an ualy’ hav be n repla e by ‘at plan e

intervals’ T is chan e was mad bec use it is ex pecte that th service provid r wi select th

ap ro riate intervals, an an as es or wi q es ion th intervals use T he n w e itionof Par 2 wi say

wh re this is recomme d d to be at leas an ualy

T is is a recog ition that organiz tions hav a natural rh thm an a fur h r recog ition that

sateme t such as ‘at leas an ualy’ do not n cesariy h lp a service provid r to per orm bet er, but

may in e d consrain th m into a f amework of rep r in or a tivities that does not h lp, but ad s

u n ces ary or inap ro riate a tivity periods

• Mos ls s are prece e by ‘shal inclu e at leas ’ T is in ic tes that th service provid r mus satis y al

th re uireme t inth ls but may ad fur h r items not ls e Howev er, th fur h r items would not

be par of th re uireme t for conformity T is is in recog ition of th fa t that conformity may not

n ces ariy be th fnal s ep on th road map, but that contin al service improv me t may be anon oin

o jectiv

• Notes hav be n mov d to th e d of clauses to me t ISO directiv s onp sition of notes

4.4.3 Changes to terms and defnitions

In International Stan ards, terms are d fn d usin lower -c se let er an this con e tion has be n use in

th table below Al oth r notes an comme tary in Table 3 use conv entional c pitalz tion

T ble 3 – Ch n es to terms a d d fnitions

s ate period of time

NOT Avaiabi ty is usualy

e prese as a ratio of th

time that th service is a tualy

avaiable for use by th busin s

to th agre d service hour

3.1

a aiabi ty

abi ty of a service or service

comp n nt to perorm it

re uire fu ction at an agre d

ins ant or ov r an agre d period

of time

NOT Avaiabi ty is normaly

e pres e as a ratio or

perce tag of th time that th

service or service comp n nt is

a tualy avaiable for use by th

cus omer to th agre d time that

th serv ice should be avaiable

compatible with th d fnition

an usag of this term T e note

refer to th ‘cus omer’ to be

consis e t withth d fnition

of ‘service’ which refer to

‘cusomer’ an not ‘busin s ’

Oth r chan es are for clarity in

th use of E glsh

or in ivid al confg ration items

at a p int in time (se 2.4)

formaly d sig ate at a specifc

time d rin a service or service

comp n nt’ s lfe

NOT 1 C nfg ration baseln s,

plus ap rov dchan es fom

those baseln s, cons itute

th cur e t confg ration

2 7 5:2 10, S s tems and s oftware

en ine rin — Vocab lary:

‘confg ration information

formaly d sig ate at aspecifc

time d rin a prod ct’ s or

prod ct comp n nt’ s lfe

NOT C nfg ration baseln s,

plus ap rov d chan es f om

those baseln s, consitute

th cure t confg ration

information

2.3

ch n e r ecor d

record containin d tais of

which confg rationitems

of Clause 9.2 ( ‘Chan e r ecords

shal be analy se re ular ly

to d tect incr easin levels of

chan es, f re u ntly r ecurr in

ty pes, emergin t e ds an oth r

relevant inf ormation.), which has

be n repla e in th 2 1 e ition

of Clause 9.2 with ‘Re u ss

f or chan e shal be analy se at

plan e inter v als to d tect t e ds

T his w as also use in th 2 0

e ition of Clause 10.1 ( ‘Release

manag me t proce ures shal

inclu e th updatin an

chan in of confg ration

inf ormation an chan e records.),

or an item which is, or wi

be, u d r th cont ol of

confg ration manag me t

NOT C nfg rationitems may

vary wid ly in comple ity, size

an type, ran in fom an e tire

sys eminclu in al hardware,

sofware an docume tation,

to a sin le mod le or a minor

hardware comp n nt

eleme t that n e s to be

cont ole in ord r to d lv r a

service or services

not refer to ‘confg ration’ as

this is circular T e refere ce

to a ‘comp n nt’ was remov d

as this was c usin confusion

with ‘service comp n nt’ T e

refere ce to inf asructure w as

remov d as this w as to specifc

as on type of CI

T e note was remov ed as it was

c usin confusion withth note

for service comp n nt, which says

‘A service comp n nt c nconsis

of on or more confg ration

datas ore use to record

at ributes of confg ration items,

an th relationships betwe n

confg ration items, throu hout

clear that th information is

to be for confg ration items

‘throu hout th ir lfecycle’

‘Data s ore’ is more g n ric than

‘database’ an c n mean on or

more databases, fe erate data

s ores or oth r types of s ore,

such as spreadsh et , for smal

amou t of dataor automate

recur in a tivity to increase

th abi ty to fulfl service

re uireme t

ISO 9 0 :2 0

T e inte t of th term

remains u chan e C ntin al

improv me t is a k y concept

inth s an ard as re uire in

Clause 4.1.2, which sates:

‘To manag me t shal e sure

u d sirable situations w ith th

services an service comp n nt

T e n w d fn dterm is

adapte f om th ISO 9 0 :2 0

d fnition:

‘3.6.5

corr ectiv action

a tionto elminate th c use of a

d tecte nonconformity or oth r

u d sirable situation’

T e adaptation has ad e in

‘or re uce th lk lho d of

recur e ce’ as it is not always

p sible to elminate th c use

‘Cus omer’ was use in th 2 0

e ition but not d fn d

3.7

customer

organiz tion or par of an

organiz tion that receiv s a

service or services

NOT 1 A cus omer c n be

internal or e ternal to th service

provid r’ s organiz tion

NOT 2 Adapte f om

ISO 9 0 :2 0

‘Cusomer’ has become a much

more imp rant term with

2 uses inth 2 0 e ition an

6 uses inth 2 1 e ition T e

service provid r is re uire to

agre man more eleme t with

th cusomer than prev iously

T is is d e to th hig er emphasis

on o tainin agre me t before

proce din witha tivities to

e sure that th cus omer an

th service provid r u d rtan

EXAMPLE C nsumer, cle t,

e d-user, retaier, be efciary an

purchaser

NOT E A cus omer c nbe internal

or ex ternal to th organiz tion

me ium

NOT 1 In this s an ard, records

(se 2.9) are disin uish d f om

EXAMPLES Polcies, plans,

proces d scriptions, proce ures,

docume t an records were

totaly separate In th 2 1

e ition, records are a special type

EXAMPLE Record, specifc tion,

proce ure docume t, drawin ,

rep r, s an ard

NOT 1 T e me ium c n be

paper, mag etic, electonic

or o tic l computer disc,

photograph or maser sample, or

a combination th reof

NOT 2 A set of docume t ,

for e ample specifc tions an

c n be dif fere t re uireme t

for specifc tions (e.g th

re uireme t to be re ision

cont ole ) an records (e.g th

re uireme t to be retie able)

‘Ef fectiv n s ’ was use in th

2 0 e ition but not d fn d

3.9

effectiv n s

e te t to which plan e a tiv ities

are realze an plan e result

s an ard o erationof a service

an which c uses or may c use an

inter uption to, or a re uction in,

of a service or an e e t that has

not y t impa te th service to

th cus omer

‘nformation security’ was use in

th 2 0 e itionbut not d fn d

3.1

information security

preservation of confd ntialty,

inte rity an a ces ibi ty of

information

NOT 1 In ad ition, oth r

pro er ies such as auth nticity,

a cou tabi ty, non-repu iation

an relabi ty c n also be

in olv d

NOT 2 T e term‘avaiabi ty’

has not be n use in this

d fnition bec use it is a d fn d

term in this par of ISO/IEC 2 0 0

w hich would not be ap ro riate

for this d fnition

NOT 3 Adapte f om

preservationof confd ntialty,

inte rity an avaiabi ty of

information

NOT In ad ition, oth r

pro er ies, such as auth nticity,

a cou tabi ty, non-repu iation,

an relabi ty c n also be

in olv d

A note has be n ad e to e plain

that th word ‘avaiabi ty’ in

ISO/IEC 2 0 0 has be n chan e

to ‘a cesibi ty’ bec use

‘avaiabi ty’ is a d fn d term in

ISO/IEC 2 0 0 w ith a dif fere t

meanin to that in information

security Se Chapter 4, 4.8.3 for

furh r d tais

‘Security incid nt’ was use in th

2 0 e ition but not d fn d

3.12

information security incid nt

sin le or aseries of u wante or

u e pecte information security

ev ent that hav e a sig ifc nt

pro abi ty of compromisin

busin s o erations an

threate in informationsecurity

ord r to dis in uish betwe n

‘ncid nt ’ an ‘nformation

security incid nt’ Information

security incid nt relate to th

proce ures, with a priority

ap ro riate to th information

security risks Se Chapter 4,

4.8.3 for furh r d tais

ins ead.

interes in th per ormance or

suc es of th service provid r’ s

a tivity or a tivities

EX AMPL ES Cusomer , owner s,

manag me t, peo le in th service

pr ovid r’s or ganiz tion, sup ler s,

bank er s, u ions or par tn r s

NOT 1 A group c n comprise

anorganiz tion, apar th reof,

or more than on organiz tion

NOT 2 A dapte f om

ISO 9 0 :2 0

T he n w d fn d term is adapte

f rom th ISO 9 0 :2 0 d fnition:

‘3.3.7

inter este par y

per on or group havin an

interes in th perormance or

suc es of anorganiz tion

EXAMPLE Cusomer , own r ,

peo le in an organiz tion,

sup ler, ban er , u ions,

par n r or society

NOT A group c n comprise an

organiz tion, a par th reof, or

more than on organiz tion

‘nternal group’ was not use in

NOT T e internal group is

out id th sco e of th service

provid r’ s SMS

New d fn d term ‘nternal

group’ is use in a specifc way

for service manag me t an th

normal E glsh d fnitions do not

matchthis

E amples of internal groups

are database groups, n twork

serv ices, project manag me t

groups or information security

re ucin or elminatin it impa t

on a service by workin arou d it

‘Known er or’ in th 2 0

e ition was use in th normal

E glsh meanin of ‘er or that

an aran eme t of esp nsibi ties,

authorities an relationships

EX AMPLES C mpan ,

corp ration, frm, e terprise,

insitution, charity, sole

tad r, asociation, or par s or

combination th reof

NOT 1 T e aran eme t is

g n raly ord rly

NOT 2 An organiz tion c n be

publc or private

[ISO 9 0 :2 0 ]

‘Prev entiv a tion’ was use in

th 2 0 e itionbut not d fn d

nonconformity or oth r p te tial

u d sirable situation

ISO 9 0 :2 0

T e inte t of th term remains

u chan e T e term ‘pre e tiv

a tion’ is use inth Act s ag

of th PDCA methodolog in

Clause 4.5 an in Clause 8.2,

‘Pro lem manag me t’

a tionto elminate th c use of a

p te tial nonconformity or oth r

u d sirable p te tial situation

NOT 1 T ere c n be more

thanon c use for a p te tial

nonconformity

NOT 2 Pre e tiv a tionis

tak n to prev ent oc ure ce

wh reas cor ectiv a tion is tak n

to pre e t recur e ce

T e adaptation is to inclu e

‘avoid or re uce th lk lho d

of oc ur e ce’ as it is not always

p sible to elminate th c use

on or more incid nt incid nt

NOT T e ro t c use is not

usualy k own at th time a

pro lem record is create an

th pro lem manag me t

proces is resp nsible for fur h r

in es igation

confusion especialy arou d

‘u k ownu d rlyin c use’ as

it w as diffcult to e plain how

somethin u k own coulde is

‘proce ure’ was use in th 2 0

NOT 2 W he a proce ure is

docume te , th term ‘write

proce ure’ or ‘docume te

proce ure’ is f e u ntly use

T e docume t that contains

a proce ure c nbe c le a

“proce ure docume t”

T e d fnitionan note are tak n

directly f om ISO 9 0 :2 0

Note 2 of ISO 9 0 :2 0 is not

re uire as proce ures are

always sate as docume te

inthis s an ard u les th y are

within aplanthat it elf has to be

set of inter elate or intera tin

a tivities which tans orms input

or providin ev id nce of a tivities

perorme

NOT 1 In this s an ard, records

are dis in uish df om docume t

by th fa t that th y fu ction as

ev id nce of a tivities, rath r than

ev id nce of inte tions

NOT 2 E amples of records

inclu e au it rep rs, re u s s

for chan e, incid nt rep r s,

in ivid al tainin records an

inv oices se t to cus omer

or providin e id nce of a tivities

per orme

[ISO 9 0 :2 0 ]

EX AMPLES Au it rep r s,

incid nt rep r s, t ainin records

or min tes of me tin s

th notes f or th term ‘docume t’

Adapte f om th ISO 9 0 :2 0

d fnition:

‘3.7.6

r ecord

docume t s atin result a hiev ed

or providin e id nce of a tivities

per orme

NOT E 1 Records c nbe use , for

ex ample, to docume t ta eabi ty

an to prov id e id nce of

v erifc tion, prev entiv e a tion an

cor ectiv e a tion

NOT 2 Ge eraly records n e

not be u d r re isioncont ol

2.10

rele se

colection of n w an /or chan e

confg ration items which are

tese an int od ce into th

lv e e vironme t tog th r

3.2

rele se

colection of on or more n w

or chan e confg ration

items d ploy d into th lv e

e vironme t as a result of on or

more chan es

Chan e to refect th use of th

v rb ‘d ployme t’ in th 2 1

e ition Clarife that th release

c n containon or more chan es

T s in has be n remov ed fom

th d fnition but remains inth

re uireme t

2.1

req est for ch n e

form or scre n use to record

d tais of a re u s for a chan e

to an confg ration itemw ithin

aservice or inf as ructure

3.2

req est for ch n e

pro osal for a chan e to be mad

to a service, service comp n nt or

th service manag me t sys em

NOT A chan e to a service

inclu es th provision of a n w

service or th removal of aservice

w hich is no lon er re uire

T e inte t of th term remains

bec use mos re u ss for

chan e refer to th se rath r

thanconfg ration items T e

confg ration items impa te by

th chan e are in es igate an

ases e as par of th chan e

manag me t proces

T e note ad s clarifc tion on

some critic l items that are

clase as chan es to a service

NOT 1 A n ef fect is a d viation

fom th e pecte — p sitiv

an /or n gativ

NOT 2 Objectiv s c n hav

differe t aspect (such as

fnancial h alth an safety, an

e vironme tal goals) an c n

ap ly at dif fere t le els (such

as s rate ic, organiz tion-wid ,

project, prod ct an proces )

means of d lv rin v alu for th

cus omer by fa i tatin result

th cus omer want to a hie e

NOT 1 Service is g n raly

intan ible

NOT 2 A service c n also be

d lv re to th service provid r

by a sup ler, an internal group

or a cus omer a tin as a sup ler

T e inte t of th term remains

u chan e ‘Service’ is use

ina specifc way for service

manag me t an th normal

E glsh d fnitions do not match

this

Serv ice is focuse on d lv ry to

th cusomer It is also clarife

that service c n be provid d to

th service prov id r f om oth r

sin le u it of a serv ice that wh n

combin d with oth r u it w il

d lv r a complete service

EXAMPLES Hardware,

sof w are, to ls, ap lc tions,

docume tation, information,

‘Serv ice comp n nt’ is use

ina specifc way for service

manag me t an th normal

E glsh d fnitions do not match

this

ev ent that could hav serious

impa t on aservice or serv ices

cus omer fa in sup or group

who do a hig pro orion of th

int od ctionto th 2 1 e ition

with ‘T e o erationof proceses

as specife in this par of

ISO/IEC 2 0 0 re uires peron el

to be wel organize an

co-ordinate

T his term w as also use inth

2 0 e ition of Clause 4.2 )

(‘managin th teams inclu in

serv ice d sk an o erations;),

docume te agre me t betw ee

th service provid r an cusomer

that id ntifes services an service

targ t

NOTE 1 A ser vice level agr eeme t

c n also be esablsh d betwee

th ser vice provid r an asup ler,

an inter nal group or a cusomer

a tin as asup ler

NOTE 2 A ser vice level agr eeme t

c n be inclu e in acontr act or

T e term ‘o erational le el

agre me t’ or ‘OLA’ is not use

in th s an ard but Note 1 alows

an S A betwe n various par ies

wh re we may e pect to se

an agre me t c le an OLA

T e term ‘OLA’ could be use in

pra tice but th au itor would

n e to be clear that this is an

S A as in Note 1 of th d fnition

th busin s re uireme t to direct an cont ol th serv ice

provid r’ s a tivities an resources

for th d sig , t ansition, d lv ery

‘service manag me t sys em’ was

not use in th 2 0 e ition T e

term ‘manag me t sysem’ w as

sys em is a set of interelate or

intera tin eleme t to esablsh

p lcy an o jectiv s an to

a hiev e those o jectiv s

NOT E 2 T he SMS inclu es al

serv ice manag me t p lcies,

o jectiv es, plans, proceses,

docume tationan resources

re uire f or th d sig , tansition,

d lv ery an improv eme t

of erv ices an to f ulfl th

Note 1 has be n ad e to prov id

clarity onth term ‘manag me t

sysem’ T e words are tak n

directly f om th ISO 9 0 :2 0

d fnitions of ‘sysem’ an

‘manag me t sysem’

Note 2 has be n ad e to prov id

clarity onth conte t of an SMS

NOT A cusomer c nbe

internal or e ternal to th service

provid r’ s organiz tion

T e inte t of th term remains

u chan e T e d fnition has

be n chan e to be more g n ric

as not al organiz tions usin this

s an ard wi aim to ‘a hie e’

cer ifc tion to th s an ard An

organiz tion may want to use

th s an ard for g idance or for

internal conformity only

ad ice, a ces to a service or a

pre-ap rov d chan e

E glshd fnitions do not match

this

A pr e-ap r oved chan e is not

me tion d in th san ard T his

is usualy a recur rin chan e

Re u s for a ces is closely

asociate with th information

refere ces in th san ard to

specifc types of re uireme t,

e.g c pa ity re uireme t an

avaiabi ty re uireme t

organiz tionthat is e ternal

to th service prov id r’ s

organiz tionan e ter into

a conta t with th service

provid r to contibute to th

d sig , t ansition, d lv ry an

improv eme t of a serv ice or

services or proces es

NOT Sup ler inclu e

d sig ate lead sup ler but not

organiz tions Internal groups

an cusomer a tin as sup ler

are manag d throu h th service

If a service prov id r wish s to

manag oth r par ies that are

not sup ler usin th sup ler

manag me t proces , this is

a ceptable as th re uireme t

are more srin e t than those for

managin oth r par ies throu h

resp nsible own r’ w ere also

use to mean ‘to manag me t’

3.3

peron or group of peo le who

direct an contol th service

provid r at th hig es le el

ISO 9 0 :2 0

T e inte t of th term remains

u chan e but it use was mix d

with oth r terms in th 2 0

e ition T ese oth r terms fom

th 2 0 e ition are not use in

per on or group of peo le

who direct an cont ols an

organiz tion at th hig es lev el

‘t ansition’ was not use in th

New d fn d term ‘Transition’ is

use in a specifc way for service

organiz tional le al an national b u daries as wel as dif fere t time zon s Almos al service provid r are

d pe d nt on a sup ly chain for th d lv ry of th ov ral service f om th sup ly of smal comp n nt to

complete services T e service provid r c n prov id a ran e of services to se eral dif fere t types of cusomer ,

b th internal an e ternal to it own organiz tion T is comple ity c n multiply e p n ntialy as on goes

furh r downth sup ly chain, ie th re may be sub-conta te sup ler down to man le els T is mak s

th d fnition of th sco e of th SMS, an th agre me t of th sco e sateme t, a comple sag in th

service provid r’ s use of ISO/IEC 2 0 0-1

T e 2 0 e ition contain d only on re uireme t on th d fnition of sco e in th plan in s ag of

Clause 4 Since this is acomple area in th preparation of d monsratin conformity to ISO/IEC 2 0 0-1, th

2 1 e itionhas be n e te d d to contain more re uireme t ab ut th ap lc bi ty of th san ard, th

d fnition of sco e an th gov rnance of proceses o erate by oth r paries T is information is in thre

pla es inth 2 1 e ition of ISO/IEC 2 0 0-1: Clauses 1.2, 4.2 an 4.5.1

Ad itionaly, th se areas are d scribe ind tai in th g idance docume t ISO/IEC TR 2 0 0-3, 2 0 e ition,

Informatio tech olo y — Service management — Par 3: Guidance o s co e defnitio and ap lcabi ty of

ISO/IEC 20 0 0 0 -1, which is in aluable to sup or th informationinthis chapter

4.5.2 Clause 1, ‘Scope’

Clause 1 of th san ard is title ‘S o e’ Clause 1.1 of th 2 1 e ition of ISO/IEC 2 0 0-1 giv s a g n ral

int od ctionto th sco e an purp se of th s an ard an it p te tial user, not to th sco e of th SMS

Ad itionaly, it i us rates th SMS in Fig re 2

Clause 1.2, ‘A pplc tion’ is aclause h adin fou dinman manag me t sysem san ards It purp se is

to provid information ab ut how th san ardc n or c n ot be ap le Clause 1.2 is a n w ad ition to

ISO/IEC 2 0 0-1

T e majority of national an International Stan ards are inte d d for use by man types of organiz tion

with differin s ructures For this type of s an ard, it is imp r ant to e sure that an organiz tiondoes not

become non-conformant if it reorganizes it internal s ructure fom a peo le, proces or e e a tech olog

per pectiv e Clause 1.2 of th 2 1 e ition cov r th types of organiz tions as folows: ‘A ll re uireme t in

this par of ISO/IEC 2 0 0 are g n ric an are inte d dto be ap lc ble to al service provid r, re ardles of

type, size an th nature of th services d lv re

T he sco e of an SMS c n be d fn d by serv ice prov id r name, serv ice prov id dan tech olog , e.g ap lc tion

manag me t only or inf as ructure manag me t only For th se reasons, fu ctions are not inclu e inth

san ard A lthou hth s an arddoes not me tion specifc fu ctions, it is recog ize that fu ctions w il ex is

an be perormin a tiv ities that are re uireme t u d r th au itable contol of th san ard

It should be note that Clause 1.2 in ISO/IEC 2 0 0-1 an th whole of ISO/IEC TR 2 0 0-3 consitute g idance,

not re uireme t

An organiz tionaimin to a hie e cerifc tion to ISO/IEC 2 0 0-1 should ad itionaly refer to th relev ant

cerifc tionsch me for it organiz tion

Table 4 shows th wordin in Clause 1.2 with acomme tary