iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC TR 38504:2016

(Main)

Governance of information technology — Guidance for principles-based standards in the governance of information technology

Governance of information technology — Guidance for principles-based standards in the governance of information technology

ISO/IEC TR 38504:2016 provides guidance on the information required to support principles-based standards in the area of governance and management of information technology. Guidance includes general recommendations, identification of elements and advice for their formulation. It does not describe the detail of specific principles or how they are aggregated into specific guidance to fulfil business objectives and achieve business outcomes from the use of IT.

Gouvernance des technologies de l'information — Lignes directrices pour des normes fondées sur des principes relatives à la gouvernance des technologies de l'information

General Information

Status
Published
Publication Date
11-Sep-2016
ICS
35.020 - Information technology (IT) in general
Technical Committee
ISO/IEC JTC 1/SC 40 - IT service management and IT governance
Drafting Committee
ISO/IEC JTC 1/SC 40/WG 1 - Governance of InformationTechnology
Current Stage
Ref Project

Buy Standard

ISO/IEC TR 38504:2016 - Governance of information technology -- Guidance for principles-based standards in the governance of information technologyISO/IEC TR 38504:2016 - Governance of information technology -- Guidance for principles-based standards in the governance of information technology
PreviousNext
Technical report
ISO/IEC TR 38504:2016 - Governance of information technology -- Guidance for principles-based standards in the governance of information technology
English language
8 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC TR 38504:2016 - Governance of information technology -- Guidance for principles-based standards in the governance of information technologyISO/IEC TR 38504:2016 - Governance of information technology -- Guidance for principles-based standards in the governance of information technology
PreviousNext
Technical report
ISO/IEC TR 38504:2016 - Governance of information technology -- Guidance for principles-based standards in the governance of information technology
English language
8 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/IEC TR
REPORT 38504
First edition
2016-09-15
Governance of information
technology — Guidance for principles-
based standards in the governance of
information technology
Gouvernance des technologies de l’information — Lignes directrices
pour des normes fondées sur des principes relatives à la gouvernance
des technologies de l’information
Reference number
ISO/IEC TR 38504:2016(E)
©
ISO/IEC 2016

---------------------- Page: 1 ----------------------
ISO/IEC TR 38504:2016(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TR 38504:2016(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Governance standards for information technology . 1
4.1 Purpose and focus of governance standards for information technology . 1
4.2 General recommendations for governance standards for information technology . 2
5 Principles-based guidance for governance of information technology .2
5.1 Use of principles-based standards . 2
5.2 System of governance . . 2
5.3 Set of principles . 2
5.4 Relationship between the adoption of principles and business outcomes. 2
6 Information required for each governance principle . 4
6.1 Information elements. 4
6.2 Name of the principle . 4
6.3 The statement of the principle . 4
6.4 Rationale for the principle . 5
6.5 Relationship with other principles . 5
6.6 Implications . 5
6.7 Desired outcomes . 5
6.8 Governance behaviours . 6
Bibliography . 8
© ISO/IEC 2016 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC TR 38504:2016(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment,
as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the
Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.
The committee responsible for this document is ISO/IEC JTC 1, Information technology, SC 40, IT service
management and IT governance.
iv © ISO/IEC 2016 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC TR 38504:2016(E)

Introduction
This document has been developed to give guidance on the information required to support principles-
based standards in the area of governance and management of information technology.
A principles-based approach to standardization is aimed at providing non-prescriptive guidance that is
applicable to all organizations, including public and private companies, government entities and not-for-
profit organizations of all sizes from the smallest to the largest, regardless of the extent of their use of IT.
The benefit of a principles-based standard is that it can identify the outcomes of applying the principles
without specifying explicit methodologies, structures, processes and techniques needed to achieve the
outcomes.
Within the International Standards arena, the definition of guidance in the area of governance of
information technology falls within the scope of ISO/IEC JTC 1/SC 40. The existing International
Standards in this area are ISO/IEC 38500, ISO/IEC TS 38501 and ISO/IEC TR 38502.
Experience with principles-based standards in the area of governance of IT has indicated that there
is a need to establish a common understanding of proposed principles and the expected outcomes of
applying the recommended principles as a basis for consensus. This requires a clear statement of the
rationale for the principles, the expected governance behaviours associated with the principle together
with the expected outcomes from their adoption.
In order for future standards and revisions of current standards to select the appropriate forms
of principle description and apply them in a consistent fashion, it is desired to develop a common
characterization of all of these forms of principle description. This document presents guidelines for the
general recommendations of principles-based governance standards and the description of principles
in terms of their format, content and level of prescription.
The intended audience for this document are the editors, working group members, reviewers and
other participants in the development of principles-based standards and technical reports as well
as governance of IT practitioners. An additional audience may be experts developing organizational
policies and standards. It is intended that they will select the elements suitable for their project from
those described in this document. It is further intended that, having selected the appropriate elements,
users of this document will apply them in a manner consistent with the guidance provided by this
document.
© ISO/IEC 2016 – All rights reserved v

---------------------- Page: 5 ----------------------
TECHNICAL REPORT ISO/IEC TR 38504:2016(E)
Governance of information technology — Guidance
for principles-based standards in the governance of
information technology
1 Scope
This document provides guidance on the information required to support principles-based standards
in the area of governance and management of information technology.
Guidance includes general recommendations, identification of elements and advice for their formulation.
It does not describe the detail of specific principles or how they are aggregated into specific guidance to
fulfil business objectives and achieve business outcomes from the use of IT.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 38500 and
ISO/IEC TR 38502 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at http://www.iso.org/obp
3.1
governance behaviour
actions of individuals and groups as part of an organization’s governance system
4 Governance standards for information technology
4.1 Purpose and focus of governance standards for information technology
A governance standard provides guidance on the system of directing and controlling for an organization
with respect to the business outcomes from the use of information technology.
Governance standards for IT may provide guidance on the role of the governing body within an
organization and its interactions with managers or what is required of a governance framework for IT
or all of these. Governance standards for information technology can either focus on all or part of the
use of information technology within an organization.
Guidance may include consideration of business strategy and IT strategy. It may also explore links
between governance behaviour, policy setting, management behaviour and business objectives and
outcomes.
The audience for such standards will include members of the governing body of organizations and the
executive managers responsible for high level oversight of the organizations.
© ISO/IEC 2016 – All rights reserved 1

---------------------- Page: 6 ----------------------
ISO/IEC TR 38504:2016(E)

4.2 General recommendations for governance standards for information technology
Governance standards for information technology
a) should be anchored in accepted fundamental concepts of governance, such as those of the
Organisation for Economic Co-operation and Development (OECD), and describe governance of
information technology as a subset of organizational governance;
b) should be written in a way that is readable by the target audience including the governing body and
executive managers;
c) should clearly describe the domain that they address, particularly when they involve a subset of the
domain of information technology;
d) should be principles based;
e) should conform to the model for governance of IT using Evaluate-Direct-Monitor as described in
ISO/IEC 38500;
f) should distinguish between the responsibilities and accountabilities of the governing body and
those of managers as outlined in ISO/IEC TR 38502;
g) should be able to be applied on a consistent basis without prescribing particular organizational
structures or processes;
h) unless otherwise specified, should be applicable to all sizes and types of organization.
5 Principles-based guidance for governance of information technology
5.1 Use of principles-based standards
The benefit of a principles-based standard is that such a standard can identif
...

TECHNICAL ISO/IEC TR
REPORT 38504
First edition
Governance of information
technology — Guidance for principles-
based standards in the governance of
information technology
Gouvernance des technologies de l’information — Lignes directrices
pour des normes fondées sur des principes relatives à la gouvernance
des technologies de l’information
PROOF/ÉPREUVE
Reference number
ISO/IEC TR 38504:2016(E)
©
ISO/IEC 2016

---------------------- Page: 1 ----------------------
ISO/IEC TR 38504:2016(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TR 38504:2016(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Governance standards for information technology . 1
4.1 Purpose and focus of governance standards for information technology . 1
4.2 General recommendations for governance standards for information technology . 2
5 Principles-based guidance for governance of information technology .2
5.1 Use of principles-based standards . 2
5.2 System of governance . . 2
5.3 Set of principles . 2
5.4 Relationship between the adoption of principles and business outcomes. 2
6 Information required for each governance principle . 4
6.1 Information elements. 4
6.2 Name of the principle . 4
6.3 The statement of the principle . 4
6.4 Rationale for the principle . 5
6.5 Relationship with other principles . 5
6.6 Implications . 5
6.7 Desired outcomes . 5
6.8 Governance behaviours . 6
Bibliography . 8
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE iii

---------------------- Page: 3 ----------------------
ISO/IEC TR 38504:2016(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment,
as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the
Technical Barriers to Trade (TBT) see the following URL: www.iso.org/iso/foreword.html.
The committee responsible for this document is ISO/IEC JTC 1, Information technology, SC 40, IT service
management and IT governance.
iv PROOF/ÉPREUVE © ISO/IEC 2016 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC TR 38504:2016(E)

Introduction
This document has been developed to give guidance on the information required to support principles-
based standards in the area of governance and management of information technology.
A principles-based approach to standardization is aimed at providing non-prescriptive guidance that is
applicable to all organizations, including public and private companies, government entities and not-for-
profit organizations of all sizes from the smallest to the largest, regardless of the extent of their use of IT.
The benefit of a principles-based standard is that it can identify the outcomes of applying the principles
without specifying explicit methodologies, structures, processes and techniques needed to achieve the
outcomes.
Within the International Standards arena, the definition of guidance in the area of governance of
information technology falls within the scope of ISO/IEC JTC 1/SC 40. The existing International
Standards in this area are ISO/IEC 38500, ISO/IEC TS 38501 and ISO/IEC TR 38502.
Experience with principles-based standards in the area of governance of IT has indicated that there
is a need to establish a common understanding of proposed principles and the expected outcomes of
applying the recommended principles as a basis for consensus. This requires a clear statement of the
rationale for the principles, the expected governance behaviours associated with the principle together
with the expected outcomes from their adoption.
In order for future standards and revisions of current standards to select the appropriate forms
of principle description and apply them in a consistent fashion, it is desired to develop a common
characterization of all of these forms of principle description. This document presents guidelines for the
general recommendations of principles-based governance standards and the description of principles
in terms of their format, content and level of prescription.
The intended audience for this document are the editors, working group members, reviewers and
other participants in the development of principles-based standards and technical reports as well
as governance of IT practitioners. An additional audience may be experts developing organizational
policies and standards. It is intended that they will select the elements suitable for their project from
those described in this document. It is further intended that, having selected the appropriate elements,
users of this document will apply them in a manner consistent with the guidance provided by this
document.
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE v

---------------------- Page: 5 ----------------------
TECHNICAL REPORT ISO/IEC TR 38504:2016(E)
Governance of information technology — Guidance
for principles-based standards in the governance of
information technology
1 Scope
This document provides guidance on the information required to support principles-based standards
in the area of governance and management of information technology.
Guidance includes general recommendations, identification of elements and advice for their formulation.
It does not describe the detail of specific principles or how they are aggregated into specific guidance to
fulfil business objectives and achieve business outcomes from the use of IT.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC 38500 and
ISO/IEC TR 38502 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at http://www.iso.org/obp
3.1
governance behaviour
actions of individuals and groups as part of an organization’s governance system
4 Governance standards for information technology
4.1 Purpose and focus of governance standards for information technology
A governance standard provides guidance on the system of directing and controlling for an organization
with respect to the business outcomes from the use of information technology.
Governance standards for IT may provide guidance on the role of the governing body within an
organization and its interactions with managers or what is required of a governance framework for IT
or all of these. Governance standards for information technology can either focus on all or part of the
use of information technology within an organization.
Guidance may include consideration of business strategy and IT strategy. It may also explore links
between governance behaviour, policy setting, management behaviour and business objectives and
outcomes.
The audience for such standards will include members of the governing body of organizations and the
executive managers responsible for high level oversight of the organizations.
© ISO/IEC 2016 – All rights reserved PROOF/ÉPREUVE 1

---------------------- Page: 6 ----------------------
ISO/IEC TR 38504:2016(E)

4.2 General recommendations for governance standards for information technology
Governance standards for information technology
a) should be anchored in accepted fundamental concepts of governance, such as those of the
Organisation for Economic Co-operation and Development (OECD), and describe governance of
information technology as a subset of organizational governance;
b) should be written in a way that is readable by the target audience including the governing body and
executive managers;
c) should clearly describe the domain that they address, particularly when they involve a subset of the
domain of information technology;
d) should be principles based;
e) should conform to the model for governance of IT using Evaluate-Direct-Monitor as described in
ISO/IEC 38500;
f) should distinguish between the responsibilities and accountabilities of the governing body and
those of managers as outlined in ISO/IEC TR 38502;
g) should be able to be applied on a consistent basis without prescribing particular organizational
structures or processes;
h) unless otherwise specified, should be applicable to all sizes and types of organization.
5 Principles-based guidance for governance of information technology
5.1 Use of principles-based standards
The benefit of a principles-based standard is that such a standard can identify the value and outcomes
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC TS 30105-9:2023(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 9: Guidelines on extending process capability assessment for digital transformation

This document specifies the essentials of digital transformations and illustrates the key drivers for enhancing the digital transformation capabilities of the organization, while taking account of different stakeholders’ interests. It describes elements that ITES-BPO organizations can include specifically for digital transformation when implementing the lifecycle processes in the ISO/IEC 30105 series, and which can assist the organization in achieving their desired process capability levels, hereafter "maturity levels", as defined by the stakeholders. It provides guidance on process capability assessment for digital transformation for ITES-BPO organizations. Additionally, this document: — covers IT enabled business processes that are outsourced; — is not intended to address the maturity and capability of the IT processes that support ITES-BPO, but identifies the IT capabilities needed to support the achievement of specific ITES-BPO capabilities; — is applicable to the service provider, not to the customer; — is applicable to all lifecycle processes of ITES-BPO; — provides guidelines to supplement the ISO/IEC 30105-2 process assessment model, enabling assessment of process capability of ITES-BPO organizations undergoing digital transformation.

  • Technical specification
    20 pages
    English language
    sale 15% off
  • Draft
    20 pages
    English language
    sale 15% off
  • Draft
    20 pages
    English language
    sale 15% off
ISO
ISO/IEC 30105-8:2022(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 8: Continual performance improvement (CPI) of ITES-BPO

This document specifies a continual performance improvement (CPI) methodology and its major elements, which extend the already-defined continual improvement process (TEN8) in ISO/IEC 30105-1. This document helps ITES-BPO service providers to improve their performance by assessing service delivery. This document does not define technologies and tools for implementing the CPI methodology.

  • Standard
    25 pages
    English language
    sale 15% off
ISO
ISO/IEC 30105-4:2022(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 4: Key concepts

The ISO/IEC 30105 series specifies the lifecycle process requirements performed by the IT enabled business process outsourcing service provider for the outsourced business processes. It defines the processes to plan, establish, implement, operate, monitor, review, maintain and improve its services. This document: — covers IT enabled business processes that are outsourced; — is not intended to cover IT services but includes similar, relevant process for completeness; — is applicable to the service provider, not to the customer; — is applicable to all lifecycle processes of ITES-BPO; — details the lifecycle of ITES-BPO and the relationship between ISO/IEC 30105-1, ISO/IEC 30105-2, ISO/IEC 30105-3, ISO/IEC 30105-5 and other relevant International Standards.

  • Standard
    21 pages
    English language
    sale 15% off
ISO
ISO/IEC 38503:2022(Main)
Information technology — Governance of IT — Assessment of the governance of IT

This document provides guidance on the assessment of governance of information technology (IT) based on the principles, definitions and model for the governance of IT outlined in ISO/IEC 38500 and ISO/IEC TR 38502 and the implementation considerations outlined in ISO/IEC TS 38501. This document includes approaches for conducting the assessment, the criteria against which the assessment can be made, guidance on the evidence that can be used for the assessment, as well as a method for determining the maturity of the organization’s governance of IT. This document is applicable to organizations of all sizes, regardless of the extent of their use of IT.

  • Standard
    24 pages
    English language
    sale 15% off
  • Draft
    24 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 20000-5:2022(Main)
Information technology — Service management — Part 5: Implementation guidance for ISO/IEC 20000-1

This document provides guidance for organizations on how to implement a service management system (SMS). Organizations can use this document to implement the entire SMS in order to conform to the requirements specified in ISO/IEC 20000-1, or parts of an SMS for a selected subset of requirements. This document illustrates a generic plan to manage implementation activities for an SMS. The intended users of this document are: a) organizations that require support on how to implement an SMS; b) consultants and advisors who support an organization during SMS implementation. This document can be used together with the other parts of ISO/IEC 20000 series.

  • Technical specification
    33 pages
    English language
    sale 15% off
  • Draft
    33 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 38505-3:2021(Main)
Information technology — Governance of data — Part 3: Guidelines for data classification

This document provides essential guidance for members of governing bodies of organizations and management on the use of data classification as a means to support the organization’s overall data governance policy and associated systems. It sets out important factors to be considered in developing and deploying a data classification system.

  • Draft
    17 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 30105-6:2021(Main)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 6: Guidelines on risk management

This document provides guidance on risk management practices for the IT enabled services-business process outsourcing (ITES-BPO) service provider for the outsourced business processes. It provides guidance for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and improving the risk management framework for the ITES-BPO services. This document: — covers IT enabled business processes that are outsourced; — is applicable to the service provider; — is applicable to all lifecycle processes of ITES-BPO; — is not intended to cover IT services. The guidelines in this document align to ISO 31000, elaborating the risk principles, risk management framework and risk management process from an ITES-BPO perspective.

  • Technical specification
    18 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 20000-11:2021(Main)
Information technology — Service management — Part 11: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: ITIL®

This document provides guidance on the relationship between ISO/IEC 20000–1 and a commonly used service management framework, ITIL 4. It can be used by any organization or person wishing to understand how ITIL can be used with ISO/IEC 20000–1, including: a) an organization that has claimed or demonstrated or intends to claim or demonstrate conformity to the requirements specified in ISO/IEC 20000–1 and is seeking guidance on the use of ITIL to establish and improve an SMS and the services; b) an organization that already uses ITIL and is seeking guidance on how ITIL can be used to support efforts to demonstrate conformity to the requirements specified in ISO/IEC 20000–1; c) an assessor or auditor who wishes to understand the use of ITIL as a support in achieving the requirements specified in ISO/IEC 20000–1. Clause 4 describes how ITIL can support the demonstration of conformity to ISO/IEC 20000–1. Clause 5 correlates the ITIL documents to requirements in ISO/IEC 20000–1. The tables in Annex A correlate terms and clauses in ISO/IEC 20000–1 to ITIL and vice versa; the tables in Annex B correlate clauses in ISO/IEC 20000-1 to the ITIL 4 publications and vice versa.

  • Technical specification
    53 pages
    English language
    sale 15% off
  • Draft
    53 pages
    English language
    sale 15% off
ISO
ISO/IEC 20000-2:2019/Amd 1:2020(Amendment)
Information technology — Service management — Part 2: Guidance on the application of service management systems — Amendment 1
  • Standard
    1 page
    English language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
ISO
ISO/IEC 30105-3:2016/Amd 1:2020(Amendment)
Information technology — IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes — Part 3: Measurement framework (MF) and organization maturity model (OMM) — Amendment 1
  • Standard
    3 pages
    English language
    sale 15% off