About ISO 20000-Information Technology Service Management (ITSM)
IT (Information Technology) is very essential and on-demand on delivering on today's all types of business. However, some of the concerns are increasingly being raised about IT services, internal and outsourced, it is not aligned or compliant within the needs of businesses and customers.
A truly recognized solution to this issue is to practice an IT Service Management System (ITSMS) based on ISO/IEC 20000, the international standard for IT Service Management.
Certification to this standard enables every organization to independently demonstrate to every customers that the best practices are being met. ISO/IEC 20000 is based on and replaces BS 15000, the internationally recognized British Standard.
ITSM based on ISO/IEC 20000 defines the internationally accepted set of best practices for the implementation of an IT service management system in both large and small scale organizations.
ISO/IEC 20000 focuses on the Service Management System (SMS) - how your organization plans, operates, reviews, and improves the delivery of new and changed services that will add value for your customers and save money and effort.
Within the SMS, the organization will focus on an integrated process approach and the well-known and efficient Plan-Do-Check-Act (PDCA) methodology.
ISO/IEC 20000 is the standard for company certification and best practices in IT Service Management. Additionally ISO/IEC 20000 gives you the tools you need to manage the process you learned in the ITIL Foundations and Intermediate classes. With this in place you will be able to take advantage of the interrelationships between the processes so your organization can mature their processes faster. ISO/IEC 20000 also defines the level of governance you need so you can properly manage internal groups and third parties, giving you tangible money saving results.
Brief about the ISO standard
Primarily, ISO/IEC 20000 certification demonstrates that an organization has adequate controls and procedures in place to consistently deliver a cost effective, quality IT service.
The service management processes and/or procedures with the relationships between the processes and/or procedures can be fulfilled in several ways depends on the various service providers. The description or relationship between a service providers with the customer will impact on how the service management processes are being implemented.
The following services involved are as follows:
• Capacity Management
• Service Continuity & Availability Management
• Information Security Management
• Budgeting and Accounting for IT Services
• Service Delivery Processes
- Service Level Management
- Service Reporting
• Control Processes
- Configuration Management
- Change Management
• Release Processes
- Release Management
• Resolution Processes
- Incident Management
- Problem Management
• Relationship Processes
- Business Relationship Management
- Supplier Management
Adapted from the ISO standard: ISO 20000
ISO/IEC 20000 certification exhibits that an organization has an adequate controls and procedures in place to consistently deliver a very cost effective, quality IT service. IT service providers become more responsive to services which are business led rather than technology driven. External service providers can use ISO/IEC 20000 Certification as a differentiator and attain new business opportunities as it significantly becomes a contractual requirement for government entities. Enhances the organizations monitoring control and the advantage on the ability to select and manage external service providers more effectively. The organization will be provided an extra opportunities to improve the efficiency, reliability and consistency of IT services impacting to costs and services. Certification audits enable the regular evaluation of the service management processes, which helps every organization to maintain and improve effectiveness. The certification process can continously monitor and reduce the amount of supplier audits, thereby reducing costs as an additional benefits to the company. ISO/IEC 20000 is fully compatible with the ITIL (IT Infrastructure Library) framework of best practice guidance for ITSM processes.
ISO/IEC 20000 certification exhibits that an organization has an adequate controls and procedures in place to consistently deliver a very cost effective, quality IT service.
IT service providers become more responsive to services which are business led rather than technology driven.
External service providers can use ISO/IEC 20000 Certification as a differentiator and attain new business opportunities as it significantly becomes a contractual requirement for government entities.
Enhances the organizations monitoring control and the advantage on the ability to select and manage external service providers more effectively.
The organization will be provided an extra opportunities to improve the efficiency, reliability and consistency of IT services impacting to costs and services.
Certification audits enable the regular evaluation of the service management processes, which helps every organization to maintain and improve effectiveness.
The certification process can continously monitor and reduce the amount of supplier audits, thereby reducing costs as an additional benefits to the company.
ISO/IEC 20000 is fully compatible with the ITIL (IT Infrastructure Library) framework of best practice guidance for ITSM processes.
The Nbiz GO-AIM-HIGH methodology was developed to provide the continuous success for every clientle’s project. It represents the Nbiz Team Consultants activities during the involvement from the initial phase until the last phase to conclude the project successfully.
The acronyms on the GO-AIM-HIGH methodology are already tested, applied and proven methods by the Nbiz Team Consultants during the implementation of the project. These are the activities performed which represents the corresponding phases during the project implementation.
We are delighted to provide you the detailed explaination of our GO-AIM-HIGH Methodology on the below illustration.
G – Gathering of Data
The first step in the IMS Consultancy is gathering of data. In this, our consultants will be gathering all different types of relevant and existing records that are already with the client.
O – Organizational strength and weakness identification
The second step is aiming to identify the organizational strength and weaknessess.
A - Analyze and review documents, current processes and procedures
The third step in the IMS Consultancy is to conduct Gap Analysis of the current structure of the company which includes review of documents, processes and procedures in order to determine compliance to the required Management System standard. It is through this step that consultants and the company's key personnel can collaboratively formulate appropriate plan and activities to respond to gaps identified against the standard.
I-Improve, create and implement processes and procedures
The fourth step of the IMS consultancy is based on the gaps identified during step 1
Improvements and/or creation of documents meeting the requirements of the standard shall be initiated by the consultant in close coordination with the company’s key personnel. Documents shall include policies, manuals, procedures, forms/templates, instructions, etc. The documents created/improved shall be meeting the standard requirements and shall be suitable to the business activities and culture of the company. The company’s authorized representative shall review the documents and must be approved by the Top Management before issue. Additionally, Nbiz Infosol consultants shall guide companies to implement the set procedures and processes in order to comply with standard requirements. Appropriate trainings shall be provided to key personnel in order to provide or develop competence in the implementation of the system.
Once standard is established, Nbiz Infosol consultants shall guide companies to monitor performance as per the required standard through performance measurement, check compliance and conformances through audits and inspections. Nonconformance shall be identified, reported and recorded accordingly.
As part of the monitoring and checking, Nbiz Consultants shall assist companies in reviewing and re-assing their environmental aspects/impacts and occupational hazards and risks. The review and re-assessment shall be done on a regular basis or as per requirement of the ISO 14001:2004 and OHSAS 18001:2007 standards.
I-Implement corrective actions and recommendations
Once the nonconformities are identified, Nbiz Infosol consultants shall assist companies to identify root causes, implement corrections, corrective actions and preventive actions for nonconformance. Recommendations shall also be considered for continual improvement.
Reports shall be generated in all phases of the consultancy. Nbiz Infosol recognized that reports and records are essential to prove evidences of performed activities. Reports shall be properly channeled and submitted in correct and appropriate formats.
H-Head towards certification
Once, documents, procedures and processes are already established and implementation is considered adequate, Nbiz Infosol shall facilitate for the certification process of the companies. Nbiz Infosol consultants shall render support during all phases of the certification audits starting from planning with external auditors, during the actual audits, closing of the nonconformance and follow-up audits.
Scoping on the required scope of certification. The general information required for the application and scoping are as follows:
Initial System Study on the relevant field of certification applied and interested for, involved activities of the organization, no. of employees and the details on the available technical resources, any related subsidiary/entities.
Any related information within the organization that will effect on the requirements to fulfill the conformity related processes, consultations on the management system, and requirements on seeking the certifications.
Submission of the required and improved documents to obtain approval and certification from the authorized certification body.
- Coordinating Audit Plan – Our consultants will closely facilitate on the schedule communicated by the client. The audit plan will be prepared by the certification body and communicated to the client.
Submission of the required and improved documents to obtain approval and certification from the authorized certification body.
Facilitate to close NC’s – Our consultants will be assisting on developing and enhancing the identified non-conformances by the Auditor of the certification body.
Facilitate in submitting non-conformities to certification body – Upon the identification of non-conformities, the consultants will be facilitating on clearing and completing all the identified non-conformities of the client to be submitted to the certification body.
Co-ordination for approval of non-conformities and releasing of certificates from the certification body and providing the certificate the client.
Nbiz Infosol Certification is in co-ordination with many leading certification body which are internationally recognized to help our client on achieving any relevant ISO Standards.
The phases on the above diagram explains only the commonly used processes/activities in order to provide a clear summary explanation/objective during the certification process.
Our ISO Consultants Team will facilitate mostly on gathering the requirements, coordinating on the schedule, as well as submitting the requirements to the certification body.
Nbiz Infosol will not have any control/influence on the schedule/decision by any Certification Body.
Kindly note that there are extra phases involved on each relevant standards that the Certification Body Representative may add and apply whenever necessary.
1. Phase I - Application and Scoping on the required certification.
The general information required by the Certification Body Representative for the application and scoping are as follows:
- Any related information within the organization that will effect on the requirements to fulfill the conformity related processes, consultations on the management system, and requirements on seeking the certifications.
2. Phase II - Audit Planning
- Identification of Audit Criteria, scope and objectives.
- Audit Schedule preparation
- Co-ordination with clients regarding audit details and logistics.
- Preparation of checklists, audit formats, etc.
3. Phase III – Stage 1 - Certification Audit
The Certification Body Auditors will perform the following:
- Certification Body Representative will gather detail for the company’s background/information and reviewing the existing documents to understand and evaluate the company’s set objectives, policies and procedures.
- Assessing the processes in place and comparing on the set objectives is being facilitated by our consultants in order to know if it is aligned within the organizations objectives.
Phase III - Stage II – Audit (On-site)
- Opening Meeting
- Audit execution and identification of non-conformities
- Closing Meeting
- Follow-up Audit
- Audit Closure
4. Phase IV - Certification approval process is to validate the organizations system compliance and implementation. The certification can be a useful tool to boost the company’s credibility. This will also demonstrate that the products and services are being met along with the customers’ expectations. On every organization the certification is a legal or contractual requirement.
5. Phase V - Surveillance Audit - are being performed after a year of the certification. The purpose of the surveillance audit is to check if the standards are being implemented and maintained.
6. Phase VI – Re-scoping/Change of Scope – this is to continuously evaluate the continual fulfillment and improvement of all the required and relevant documents within the management system standard. In case there are changes to be implement on the new services/processes/products or regulatory authority’s requirements, changes required from the Top Management the Phase III – Certification Audit shall be applicable.
7. Phase VII – Certificate Renewal – the re-certification renewal demonstrates that the organization is continuously striving for improvement into the implemented Management System in order to achieve and meet the client’s satisfaction and regulatory authority’s requirements/expectations.
- Nbiz Infosol can assist your organization to acquire any relevant ISO certifications which is well-known internationally. It will generate additional business opportunities, exhibit the organizations compliance and commitment to the best-practices in any industries in order to be more competitive in today’s market.
- Nbiz Infosol consists of professionals which are high level and practically experienced and very senior Project Directors along with our well-experienced and knowledgeable Senior Consultants.
- Nbiz Infosol location advantage within the Emirates on the following: Abu Dhabi, Dubai, Al Ain, Sharjah, Ajman, Ras Al Khaimah and Fujairah (We have successfully completed many and different projects locally and also internationally).
- Nbiz Infosol strongly promotes and implements the facilitations on the relevant Management System not only for the sake of certification but to really make a difference in the processes and procedures that will be implemented throughout any organization.
- Nbiz Infosol consist of some project members which are also EFQM International Assessors this can add value to the assignment as Abu Dhabi government is highly recommending Organizational Excellence program across Abu Dhabi Emirate (and UAE).
- Nbiz Infosol prices are very competitive in the market without compromising our quality of service which in return provides our company’s commitment and to maintain repeated orders from our clients.
- Nbiz Infosol is driven by professional Senior Consultants with good cross functional knowledge of the other standards such as ISO 27001, ISO 38500 which will also add value to the project.
- Nbiz Infosol can be a good channel to assist the standardization within the organization. It will help to promote worldwide trading, encouraging rationalization, maintaining quality assurance and environmental protection, as well as improving the security and communication at all levels within the organization.
- Nbiz Consultants Team will work collaboratively and will be able to support the organization within the entire certification process.