Information technology -- Service management

ISO/IEC TR 20000-5:2013 is an exemplar implementation plan providing guidance on how to implement a service management system (SMS) to fulfil the requirements of ISO/IEC 20000-1:2011. The intended users of ISO/IEC TR 20000-5:2013 are service providers, but it can also be useful for those advising service providers on how to implement an SMS. ISO/IEC TR 20000-5:2013 includes advice for service providers on a suitable order in which to plan, implement and improve an SMS using, as an example, a generic three-phased approach to manage the implementation. The service provider can choose their own sequence to implement the SMS. Also included is advice on the development of a business case, the project initiation and other activities that are recommended for the implementation to be successful. The phases described in ISO/IEC TR 20000-5:2013 do not include changes to the intended scope of the service provider's SMS. The scope itself is not subject to phased changes as a result of adopting the advice in ISO/IEC TR 20000-5:2013. Instead, each phase should improve the SMS in alignment with the service provider's agreed scope, building on the results of the previous phase. The main activities for the development of the business case and initiation of the implementation project are shown. The main activities to implement the SMS based on ISO/IEC 20000-1:2011, in three phases, are listed. Many of the activities described in ISO/IEC TR 20000-5:2013 are intended to be met by actions over more than one phase, with each phase building upon the achievements of the earlier phase. Once the final phase is completed, the service provider's organization can achieve the benefits of an SMS that meets the requirements in ISO/IEC 20000-1:2011. Supporting information for the SMS implementation project is also provided. Examples of policies to illustrate what a service provider can want to put in place are provided. Because policies depend on the organization and the strategy of the service provider, these example policies can be tailored to suit the organizational requirement. Guidance on documentation management is provided, and templates are included for some of the documents specified in ISO/IEC 20000-1:2011 that can be amended to suit individual circumstances.

Technologies de l'information -- Gestion des services

General Information

Status
Published
Publication Date
29-Oct-2013
Current Stage
9092 - International Standard to be revised
Start Date
19-May-2020
Ref Project

RELATIONS

Buy Standard

Technical report
ISO/IEC TR 20000-5:2013 - Information technology -- Service management
English language
41 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

TECHNICAL ISO/IEC
REPORT TR
20000-5
Second edition
2013-11-01
Information technology — Service
management —
Part 5:
Exemplar implementation plan for
ISO/IEC 20000-1
Technologies de l’information — Gestion des services —
Partie 5: Exemple de plan de mise en application pour l’ISO/CEI 20000-1
Reference number
ISO/IEC TR 20000-5:2013(E)
ISO/IEC 2013
---------------------- Page: 1 ----------------------
ISO/IEC TR 20000-5:2013(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2013

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form

or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior

written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of

the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2013 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC TR 20000-5:2013(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Benefits of a phased approach ............................................................................................................................................................... 1

5 Approach ....................................................................................................................................................................................................................... 2

5.1 Overview ...................................................................................................................................................................................................... 2

5.2 Key considerations .............................................................................................................................................................................. 3

5.3 Understanding ISO/IEC 20000-1:2011 ............................................................................................................................. 3

5.4 Scope and applicability .................................................................................................................................................................... 3

5.5 Changes to scope ................................................................................................................................................................................... 3

5.6 Project support and commitment .......................................................................................................................................... 4

5.7 Gap analysis ............................................................................................................................................................................................... 4

5.8 Developing the business case ..................................................................................................................................................... 5

5.9 Implementation ...................................................................................................................................................................................... 6

5.10 Project readiness ................................................................................................................................................................................... 6

5.11 Project team ............................................................................................................................................................................................... 7

6 Overview of implementation phases ............................................................................................................................................... 7

7 Taxonomy of each phase ............................................................................................................................................................................... 9

7.1 Summary of activities in each phase .................................................................................................................................... 9

7.2 Key characteristics and activities of each phase ........................................................................................................ 9

8 Post-implementation ....................................................................................................................................................................................12

8.1 Control of the SMS and improving service ...................................................................................................................12

8.2 Plan-Do-Check-Act ............................................................................................................................................................................12

8.3 Interfaces to projects for new and changed services ..........................................................................................13

Annex A (informative) Project initiation and business case development ................................................................14

Annex B (informative) Three phases of the implementation project..............................................................................16

Annex C (informative) Developing policies.................................................................................................................................................22

Annex D (informative) Documentation management......................................................................................................................25

Annex E (informative) Templates .........................................................................................................................................................................28

Bibliography .............................................................................................................................................................................................................................41

© ISO/IEC 2013 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC TR 20000-5:2013(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical

activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international

organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the

work. In the field of information technology, ISO and IEC have established a joint technical committee,

ISO/IEC JTC 1.

International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.

The main task of the joint technical committee is to prepare International Standards. Draft International

Standards adopted by the joint technical committee are circulated to national bodies for voting.

Publication as an International Standard requires approval by at least 75 % of the national bodies

casting a vote.

In exceptional circumstances, when the joint technical committee has collected data of a different kind

from that which is normally published as an International Standard (“state of the art”, for example), it

may decide to publish a Technical Report. A Technical Report is entirely informative in nature and shall

be subject to review every five years in the same manner as an International Standard.

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.

ISO/IEC TR 20000-5 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 7, Software and systems engineering.

This second edition cancels and replaces the first edition (ISO/IEC TR 20000-5:2010), which has been

technically revised. The major differences are changes in terminology to reflect international usage and

realignment to the second edition of ISO/IEC 20000-1:2011.

ISO/IEC 20000 consists of the following parts, under the general title Information technology —

Service management:
— Part 1: Service management system requirements
— Part 2: Guidance on the application of service management systems
— Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1
— Part 4: Process reference model [Technical Report]
— Part 5: Exemplar implementation plan for ISO/IEC 20000-1 [Technical Report]
The following parts are under preparation:

— Part 6: Requirements for bodies providing audit and certification of service management systems

— Part 8: Guidance on the application of service management systems for smaller organizations

— Part 9: Guidance on the application of ISO/IEC 20000-1 to the cloud
— Part 10: Concepts and terminology

— Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks

iv © ISO/IEC 2013 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC TR 20000-5:2013(E)
Introduction

ISO/IEC 20000-1:2011 specifies the requirements for a service management system (SMS) to design,

transition, deliver, manage and improve services. ISO/IEC 20000-1:2011 can be used by organizations of

all sizes, sectors, types and many different organizational structures or business models.

This part of ISO/IEC 20000 is an exemplar implementation plan providing guidance on how to implement

an SMS to fulfil the requirements specified in ISO/IEC 20000-1:2011. The intended users of this part of

ISO/IEC 20000 are service providers, but it can also be useful for those advising service providers on

how to implement an SMS.

This part of ISO/IEC 20000 includes advice for service providers on a suitable order in which to plan,

implement and improve an SMS using, as an example, a generic three-phased approach to manage the

implementation. The service provider may choose their own sequence to implement the SMS. Also

included is advice on the development of a business case, the project initiation and other activities that

are recommended for the implementation to be successful.

The phases described in this part of ISO/IEC 20000 do not include changes to the intended scope of

the service provider’s SMS. The scope itself is not subject to phased changes as a result of adopting the

advice in this part of ISO/IEC 20000. Instead, each phase should improve the SMS in alignment with the

service provider’s agreed scope, building on the results of the previous phase.

The main activities for the development of the business case and initiation of the implementation project

are shown in Annex A. A list of the main activities to implement the SMS based on the requirements

specified in ISO/IEC 20000-1:2011, in three phases, is shown in Annex B. Many of the activities described

in this part of ISO/IEC 20000 are intended to be met by actions over more than one phase, with each

phase building upon the achievements of the earlier phase. Once the final phase is completed, the service

provider’s organization can achieve the benefits of an SMS that fulfils the requirements specified in

ISO/IEC 20000-1:2011. Supporting information for the implementation project is also provided.

Annex C provides examples of policies to illustrate what a service provider can want to put in place.

Because policies depend on the organization and the strategy of the service provider, these example

policies can be tailored to suit the organizational requirement.

Annex D provides guidance on documentation management. Annex E includes templates for some of the

documents specified in ISO/IEC 20000-1:2011 that can be amended to suit individual circumstances.

© ISO/IEC 2013 – All rights reserved v
---------------------- Page: 5 ----------------------
TECHNICAL REPORT ISO/IEC TR 20000-5:2013(E)
Information technology — Service management —
Part 5:
Exemplar implementation plan for ISO/IEC 20000-1
1 Scope

This part of ISO/IEC 20000 provides guidance for an approach to implement an SMS that can fulfil the

requirements specified in ISO/IEC 20000-1:2011. This part of ISO/IEC 20000 illustrates a generic, three-

phased plan to manage implementation activities, taking into consideration the design, transition,

delivery, management and improvement of services. The service provider can tailor the phases to suit

its needs and constraints.

This part of ISO/IEC 20000 can be used together with the other parts of ISO/IEC 20000.

2 Normative references

The following documents, in whole or in part, are normatively referenced in this document and are

indispensable for its application. For dated references, only the edition cited applies. For undated

references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 20000-1:2011, Information technology — Service management — Part 1: Service management

system requirements
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO/IEC 20000-1:2011 apply.

4 Benefits of a phased approach

Although the demonstration of conformity to ISO/IEC 20000-1:2011 is only possible once all the

requirements of the standard are fulfilled, there can be many reasons to opt for a phased approach to

implementation. The phases are based on identification of a suitable sequence of improvements, each

designed to assist in fulfilling one or more of the requirements specified in ISO/IEC 20000-1:2011. This

can allow better and more efficient risk management than attempting to make all the improvements and

necessary changes in a single phase.

A phased approach can allow costs to be incurred over a longer period of time. This can make it easier

to fund the SMS implementation using operational budget instead of capital budget. It can also generate

benefits earlier, encouraging management commitment and funding of later phases.
Additional benefits can include:

a) allowing the service provider to gain experience with a smaller set of implementation activities,

rather than attempting everything in one big phase;

b) explaining each phase in a way that can be understood easily by all parties involved in or affected

by the changes;

c) planning the phased use of resources that can be scarce, expensive or already committed to

other projects;
d) allowing lessons learnt to be used in later phases of implementation;
© ISO/IEC 2013 – All rights reserved 1
---------------------- Page: 6 ----------------------
ISO/IEC TR 20000-5:2013(E)

e) enabling the service provider to build internal expertise to implement the project;

f) achieving key objectives of the SMS in a planned sequence.
5 Approach
5.1 Overview

To identify a suitable approach to fulfilling the requirements of ISO/IEC 20000-1:2011, the implementation

project should take into account some important factors. These factors can include the following:

Familiarity with ISO/IEC 20000

a) the understanding of ISO/IEC 20000-1:2011 principles, purpose and requirements;

b) the scope and applicability of ISO/IEC 20000-1:2011;
The customer perspective

c) the objectives and the needs of the business and customers using the services;

d) the users’ experience with the current services;
The service provider’s capabilities

e) the service provider’s business model, organizational structure and objectives;

f) the responsiveness and flexibility of the service provider when changes are necessary;

g) the expected major changes to be made by or made to the service provider;

h) other priorities of the service provider which can conflict with the requirements of

ISO/IEC 20000-1:2011;
i) the processes and contracts used to manage suppliers;
j) the service provider’s ability and readiness for the change;
The current situation
k) the support of top management;
l) the management of risks related to current and planned services;
m) the current status of the SMS;
n) the current effectiveness of service management processes;

o) the clarity and suitability of current accountabilities, authorities, roles and responsibilities;

p) the current status of the supporting service management technology;
q) the current status of participating personnel’s readiness for the change;
The expected situation
r) the need for both process and service improvement is established;

s) the financial and participating personnel’s availability for each phase or any constraints that can

affect the project;

t) the statutory and regulatory requirements and contractual obligations are known.

2 © ISO/IEC 2013 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/IEC TR 20000-5:2013(E)
5.2 Key considerations

The service provider should ensure that the SMS is implemented with the appropriate design, transition,

delivery, management and improvement structure to facilitate the delivery and management of services

that can fulfil the service requirements. The implementation of service management processes should

support the priorities of the service provider and customers.

To attain support and goodwill from the customer, the service provider should start by establishing and

implementing those processes where the customer or the service provider experiences difficulties or

can see the most immediate benefit. In addition, the service provider should consider the impact of the

organizational change on the personnel working with or supporting the SMS. For example, the service

provider should ensure that sufficient time is allocated for communication and training. There should be

sufficient time for people to understand how their day to day activities are to change and the long term

benefits of these changes for the organization. This cannot be achieved if the implementation of the SMS

relies mainly on the production of documents and procedure descriptions. However, documents and

procedure descriptions remain important to successful implementation.

One of the risks during implementation of the SMS is that the production of documents can be

considered more important than changing the way people work. The service provider should focus on

understanding the specific context and business needs of a particular organization when implementing

the SMS. Documents and records specified in ISO/IEC 20000-1:2011 should be considered as a tool that

can support and facilitate the changes to organizational practices. They should be appropriate to the

size and complexity of the service provider’s organization.

Each phase in this part of ISO/IEC 20000 builds on the achievements of the previous phase. Each

phase facilitates important and measurable evidence of achievements against the requirements

specified in ISO/IEC 20000-1:2011. The phases described in Clause 6 of this part of ISO/IEC 20000 are

recommended but can differ from organization to organization.
5.3 Understanding ISO/IEC 20000-1:2011

The success of an SMS implementation relies on the understanding of the service provider’s

personnel regarding:
a) requirements and guidance in ISO/IEC 20000;
b) service management objectives;
c) service requirements;

d) any new or changed practices, roles or organizational structure to support the SMS.

5.4 Scope and applicability

In the planning activity, the service provider should ensure that ISO/IEC 20000-1:2011 is applicable to

the service provider’s organization. This applicability should take into account the scope of the services,

activities and the contribution of suppliers.

The service provider should perform an initial analysis to identify and agree to a suitable scope for its

SMS, using the guidance on scope definition and applicability provided in ISO/IEC 20000-3:2012.

5.5 Changes to scope

A service provider can plan to implement an SMS based on the requirements specified in

ISO/IEC 20000-1:2011 for only part of its services. The service provider can decide in the future to

expand the scope of the SMS within the organization. It should be noted that the guidance in this part of

ISO/IEC 20000 is based on the defined scope being unchanged during all three phases, not on a phased

increase in scope of the SMS. When a service provider decides to increase the scope of the SMS, it can be

useful to again follow the guidance in this part of ISO/IEC 20000 from Phase 1 for the additional scope.

© ISO/IEC 2013 – All rights reserved 3
---------------------- Page: 8 ----------------------
ISO/IEC TR 20000-5:2013(E)

Implementation timeframes can be shortened in future improvement efforts as the service provider

gains practical experience and can extend what has already been done to the larger scope.

5.6 Project support and commitment

The successful implementation of an SMS is dependent on management commitment through all phases.

Establishing management support and commitment should be achieved as soon as possible. Based on

initial analysis, a business case can help clarify understanding and establish commitment. It can help

sustain support and commitment for each phase and therefore minimize the risks to the success of the

planned changes.

Management ensures a focus on service requirements and constraints, including statutory and

regulatory requirements and contractual obligations. Additionally, management should ensure

appropriate priorities are allocated. The service provider should aim to maintain the understanding

and the involvement of all interested parties during all phases, not just during the first phase.

5.7 Gap analysis

The service provider should perform a detailed analysis to evaluate the gap between the service

provider’s current organization and the requirements specified in ISO/IEC 20000-1:2011 for the defined

scope of the SMS. This should include the identification and review of:

a) management systems that have already been established and implemented, including the scope of each;

b) existence and quality of both documents and records, including:
1) policies;
2) service management plan;
3) service management processes;
4) procedures;
5) service level agreements (SLAs);
6) supplier contracts;

7) records of service improvement achievements by the service provider and suppliers;

c) actual working practices;
d) service reviews, internal audits, conformity assessments;
e) workload characteristics and actual achievement against service targets;
f) recent or current service improvement plans;
g) complexity of the organization structure;

h) accuracy of the definitions of roles, responsibilities and authorities of the staff;

i) skills and competencies of the staff;
j) service provider’s culture;

k) any major changes planned to the organizational structure, services and/or technology;

l) relevant statutory and regulatory requirements and contractual obligations.

The level of detail at which the gap analysis is conducted should be tailored to the needs of the service

provider and of the service provider’s customers.
4 © ISO/IEC 2013 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/IEC TR 20000-5:2013(E)

The outcome of the gap analysis exercise should be an assessment of the readiness of the service provider

to implement ISO/IEC 20000-1:2011 in terms of financial readiness, people readiness, risk readiness, etc.

5.8 Developing the business case
The business case for the SMS should include:

a) description of the business need and objectives the SMS is intended to fulfil;

b) proposed scope of the SMS;
c) constraints and assumptions affecting the SMS or the implementation;
d) qualitative and quantitative benefits of the SMS, including:

1) improvement to services or achieved service targets as a result of improved service

management processes;

2) changes to workloads, changes to processes, increased use of the service or proactive reduction

in support needs;

3) the ability to visibly support the business strategy, with opportunities to improve the efficiency

of services in all areas, leading to improvements in cost, quality and agility;

4) the ability to manage suppliers and partners more efficiently and effectively and to better

understand the dependencies, risks and interfaces of the supply chain;

5) the ability to be more responsive to customers, with services that are aligned with business

needs and customer requirements;

6) increased customer satisfaction of the delivered services demonstrating incremental improvement;

7) helping build a long term relationship between the service provider and customers and also

between the service provider and suppliers through their involvement through each phase;

8) potential cost savings, overall and unit costs;

9) direct or indirect benefits such as customer satisfaction, personnel satisfaction, reduced

business risks;
10) return on investment;
e) costs, including:
1) estimation of resources, including technology and people requirements;
2) costs and use of external resources;

f) risk assessment and recommendations for risk management covering organizational change,

financial and technical risks;

g) description of how the costs and benefits of the implemented SMS should be evaluated;

h) recommendations on formal, independent conformity assessment;
i) timescales;

j) interested parties who should be involved in or affected by the implementation;

k) proposed terms of reference;
l) project support, commitment and management.
© ISO/IEC 2013 – All rights reserved 5
---------------------- Page: 10 ----------------------
ISO/IEC TR 20000-5:2013(E)
5.9 Implementation

In order to ensure a successful implementation of the SMS, the service provider’s objectives and policies,

culture and structure should be understood. In addition, any other relevant standards, contractual obligations,

statutory and regulatory requirements that can impact the delivered services should be considered.

The appointment of a qualified project manager to lead the implementation of the SMS should be treated

as a critical aspect of a successful implementation. This person should have both appropriate project

management and service management expertise.

In addition, a group of people should be identified, including management representation, which should

have the responsibility to oversee the project, e.g. a project steering committee. The roles, authorities

and responsibilities of this group should be agreed before the project starts. Although this part of

ISO/IEC 20000 refers throughout to ‘the project’, in practice there can be several projects working

closely together during each phase of the implementation. The coordination and management of multiple

projects can be a part of this group’s responsibilities.

During the project, this group should be accountable for the implementation of the SMS.

It is important to ensure that at the end of each phase, lessons learnt are captured and provided for

the continual improvement of the SMS. Lessons learnt should be used to improve the work in the next

phase. After the last phase is completed, it is important to ensure the continual improvement of the

SMS is maintained. The group that had responsibility for the implementation of the SMS can become

responsible for the continual improvement of the established SMS or a new group can be created.

5.10 Project readiness

Based on the business case and gap analysis, the project manager should take into account the following

when developing the project plan:
a) scope of the SMS;
b) timeframe;
c) resource concerns such as:
1) skills and competence of the implementation project team;
2) accommodation, travel, facilities and tools to support the implementation;

d) funding sources for the implementation project and estimates including any known assumptions

and constraints on funding the implementation, e.g. capital expenditure not yet approved;

e) risks and issues that can cause conflicting priorities;

f) identification and early engagement of project interested parties that are recipients of the project

deliverables;
g) the service management maturity of the organization;

h) the receptiveness to change within the organization and the ability of the organization to absorb

and manage the changes successfully;
i) communication;
j) procurement;
k) review procedures for:
1) organizational and project
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.