Information technology -- Service management

This document specifies requirements for an organization to establish, implement, maintain and continually improve a service management system (SMS). The requirements specified in this document include the planning, design, transition, delivery and improvement of services to meet the service requirements and deliver value. This document can be used by: a) a customer seeking services and requiring assurance regarding the quality of those services; b) a customer requiring a consistent approach to the service lifecycle by all its service providers, including those in a supply chain; c) an organization to demonstrate its capability for the planning, design, transition, delivery and improvement of services; d) an organization to monitor, measure and review its SMS and the services; e) an organization to improve the planning, design, transition, delivery and improvement of services through effective implementation and operation of an SMS; f) an organization or other party performing conformity assessments against the requirements specified in this document; g) a provider of training or advice in service management. The term "service" as used in this document refers to the service or services in the scope of the SMS. The term "organization" as used in this document refers to the organization in the scope of the SMS that manages and delivers services to customers. The organization in the scope of the SMS can be part of a larger organization, for example, a department of a large corporation. An organization or part of an organization that manages and delivers a service or services to internal or external customers can also be known as a service provider. Any use of the terms "service" or "organization" with a different intent is distinguished clearly in this document.

Technologies de l'information -- Gestion des services

Le présent document spécifie les exigences destinées ŕ une organisation pour établir, implémenter, maintenir et améliorer continuellement un systčme de management des services (SMS). Les exigences spécifiées dans le présent document incluent la planification, la conception, la transition, la fourniture et l'amélioration des services afin de satisfaire aux exigences des services et créer de la valeur. Le présent document peut ętre utilisé par: a) un client attendant des services et exigeant une garantie de qualité pour ces services; b) un client exigeant une approche cohérente du cycle de vie des services de la part de tous ses fournisseurs de services, y compris ceux de la chaîne logistique; c) un organisme pour démontrer ses capacités en matičre de planification, de conception, de transition, de fourniture et d'amélioration des services; d) un organisme pour surveiller, mesurer et passer en revue son SMS et les services; e) un organisme pour améliorer la planification, la conception, la transition, la fourniture et l'amélioration des services par la mise en œuvre et le fonctionnement efficaces d'un SMS; f) un organisme ou un tiers menant des évaluations de conformité par rapport aux exigences spécifiées dans le présent document; g) un fournisseur de formation ou de conseil en gestion des services. Le terme «service» tel qu'il est utilisé dans le présent document se réfčre au service ou aux services compris dans le périmčtre d'application du SMS. Le terme «organisme» tel qu'il est utilisé dans le présent document se réfčre ŕ l'organisme compris dans le périmčtre d'application du SMS qui gčre et fournit les services aux clients. Dans le périmčtre d'application du SMS, l'organisme peut faire partie d'une organisation plus étendue comme peut l'ętre, par exemple, un département au sein d'une grande entreprise. Un organisme ou partie d'un organisme qui gčre et fournit un ou plusieurs services ŕ des clients internes ou externes peut ętre aussi dénommé fournisseur de service. Tout usage des termes «service» ou «organisme» n'ayant pas les significations susmentionnées sera clairement indiqué dans le présent document.

General Information

Status
Published
Publication Date
13-Sep-2018
Current Stage
6060 - International Standard published
Start Date
01-Jul-2018
Completion Date
14-Sep-2018
Ref Project

RELATIONS

Buy Standard

Standard
REDLINE ISO/IEC 20000-1:2018 - Information technology -- Service management
English language
31 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ISO/IEC 20000-1:2018 - Information technology -- Service management
English language
31 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ISO/IEC 20000-1:2018 - Technologies de l'information -- Gestion des services
French language
32 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO/IEC
STANDARD 20000-1
Redline version
compares Third edition to
Second edition
Information technology — Service
management —
Part 1:
Service management system
requirements
Technologies de l'information — Gestion des services —
Partie 1: Exigences du système de management des services
Reference number
ISO/IEC 20000-1:redline:2018(E)
ISO/IEC 2018
---------------------- Page: 1 ----------------------
ISO/IEC 20000-1:redline:2018(E)
IMPORTANT — PLEASE NOTE
This is a mark-up copy and uses the following colour coding:
Text example 1 — indicates added text (in green)
Text example 2 — indicates removed text (in red)
— indicates added graphic figure
— indicates removed graphic figure
1.x ... — Heading numbers containg modifications are highlighted in yellow in
the Table of Contents
DISCLAIMER

This Redline version provides you with a quick and easy way to compare the main changes

between this edition of the standard and its previous edition. It doesn’t capture all single

changes such as punctuation but highlights the modifications providing customers with

the most valuable information. Therefore it is important to note that this Redline version is

not the official ISO standard and that the users must consult with the clean version of the

standard, which is the official standard, for implementation purposes.
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2018

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 20000-1:redline:2018(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................vi

Introduction ................................................................................................................................................................................................................................ix

1 Scope ................................................................................................................................................................................................................................. 1

1.1 General ........................................................................................................................................................................................................... 1

1.2 Application ................................................................................................................................................................................................. 2

2 Normative references ...................................................................................................................................................................................... 3

3 Terms and definitions ..................................................................................................................................................................................... 3

3.1 Terms specific to management system standards .................................................................................................... 8

3.2 Terms specific to service management ...........................................................................................................................12

4 Context of the organization ....................................................................................................................................................................15

4.1 Understanding the organization and its context ....................................................................................................15

4.2 Understanding the needs and expectations of interested parties ...........................................................16

4.3 Determining the scope of the service management system .........................................................................16

4.4 Service management system....................................................................................................................................................16

5 Leadership ...............................................................................................................................................................................................................16

5.1 Leadership and commitment ..................................................................................................................................................16

5.2 Policy ............................................................................................................................................................................................................17

5.2.1 Establishing the service management policy .......................................................................................17

5.2.2 Communicating the service management policy ..............................................................................17

5.3 Organizational roles, responsibilities and authorities.......................................................................................17

4 6 Service management system general requirements Planning ...........................................................................17

4.1 6.1 Management responsibility Actions to address risks and opportunities...........................................17

4.1.1 Management commitment ...................................................................................................................................17

4.1.2 Service management policy ................................................................................................................................18

4.1.3 Authority, responsibility and communication .....................................................................................18

4.1.4 Management representative ...............................................................................................................................18

4.2 6.2 Governance of processes operated by other parties Service management objectives

and planning to achieve them .................................................................................................................................................19

6.2.1 Establish objectives ....................................................................................................................................................19

6.2.2 Plan to achieve objectives .....................................................................................................................................20

4.3 Documentation management ..................................................................................................................................................20

4.3.1 Establish and maintain documents ..............................................................................................................20

4.3.2 Control of documents ...............................................................................................................................................20

4.3.3 Control of records ........................................................................................................................................................21

4.4 Resource management ..................................................................................................................................................................21

4.4.1 Provision of resources ........................................................................................................................................... ...21

4.4.2 Human resources..........................................................................................................................................................21

4.5 6.3 Establish and improve the SMS Plan the service management system ...............................................21

4.5.1 Define scope ......................................................................................................................................................................21

4.5.2 Plan the SMS (Plan) ....................................................................................................................................................22

4.5.3 Implement and operate the SMS (Do) ........................................................................................................22

4.5.4 Monitor and review the SMS (Check) .........................................................................................................22

4.5.5 Maintain and improve the SMS (Act) ..........................................................................................................24

5 7 Design and transition of new or changed services Support of the service

management system ......................................................................................................................................................................................25

5.1 General ........................................................................................................................................................................................................25

5.2 7.1 Plan new or changed services Resources ......................................................................................................................25

5.3 7.2 Design and development of new or changed services Competence .......................................................26

7.3 Awareness ................................................................................................................................................................................................27

7.4 Communication ...................................................................................................................................................................................27

© ISO/IEC 2018 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 20000-1:redline:2018(E)

7.5 Documented information ............................................................................................................................................................27

7.5.1 General...................................................................................................................................................................................27

7.5.2 Creating and updating documented information .............................................................................27

7.5.3 Control of documented information ............................................................................................................28

7.5.4 Service management system documented information .............................................................28

5.4 7.6 Transition of new or changed services Knowledge ...............................................................................................28

6 Service delivery processes ......................................................................................................................................................................29

6.1 Service level management..........................................................................................................................................................29

6.2 Service reporting ................................................................................................................................................................................29

6.3 Service continuity and availability management ...................................................................................................30

6.3.1 Service continuity and availability requirements ............................................................................30

6.3.2 Service continuity and availability plans .................................................................................................30

6.3.3 Service continuity and availability monitoring and testing .....................................................30

6.4 Budgeting and accounting for services ...........................................................................................................................31

6.5 Capacity management ...................................................................................................................................................................31

6.6 Information security management .....................................................................................................................................32

6.6.1 Information security policy .................................................................................................................................32

6.6.2 Information security controls............................................................................................................................32

6.6.3 Information security changes and incidents ........................................................................................32

7 Relationship processes ...............................................................................................................................................................................33

7.1 Business relationship management ...................................................................................................................................33

7.2 Supplier management ....................................................................................................................................................................33

8 Resolution processes ....................................................................................................................................................................................34

8.1 Incident and service request management .................................................................................................................34

8.2 Problem management....................................................................................................................................................................35

9 8 Control processes Operation of the service management system ..................................................................36

8.1 Operational planning and control .......................................................................................................................................36

9.1 8.2 Configuration management Service portfolio ............................................................................................................36

8.2.1 Service delivery ..............................................................................................................................................................37

8.2.2 Plan the services ...........................................................................................................................................................37

8.2.3 Control of parties involved in the service lifecycle ..........................................................................37

8.2.4 Service catalogue management .......................................................................................................................38

8.2.5 Asset management ......................................................................................................................................................38

8.2.6 Configuration management .................................................................................................................................38

8.3 Relationship and agreement ....................................................................................................................................................38

8.3.1 General...................................................................................................................................................................................38

8.3.2 Business relationship management .............................................................................................................39

8.3.3 Service level management ....................................................................................................................................40

8.3.4 Supplier management ..............................................................................................................................................40

8.4 Supply and demand .........................................................................................................................................................................41

8.4.1 Budgeting and accounting for services .....................................................................................................41

8.4.2 Demand management ..............................................................................................................................................41

8.4.3 Capacity management ..............................................................................................................................................41

9.2 8.5 Change management Service design, build and transition .............................................................................41

8.5.1 Change management .................................................................................................................................................42

8.5.2 Service design and transition ............................................................................................................................43

8.5.3 Release and deployment management ......................................................................................................44

9.3 8.6 Release and deployment management Resolution and fulfilment ..........................................................45

8.6.1 Incident management ........................................................................................................................................... ....45

8.6.2 Service request management .................. ...........................................................................................................46

8.6.3 Problem management ..............................................................................................................................................46

8.7 Service assurance ..............................................................................................................................................................................47

8.7.1 Service availability management ....................................................................................................................47

8.7.2 Service continuity management ......................................................................................................................47

8.7.3 Information security management ...............................................................................................................47

iv © ISO/IEC 2018 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 20000-1:redline:2018(E)

9 Performance evaluation ............................................................................................................................................................................48

9.1 Monitoring, measurement, analysis and evaluation ............................................................................................48

9.2 Internal audit .........................................................................................................................................................................................49

9.3 Management review ........................................................................................................................................................................49

9.4 Service reporting ................................................................................................................................................................................50

10 Improvement .........................................................................................................................................................................................................50

10.1 Nonconformity and corrective action ..............................................................................................................................50

10.2 Continual improvement ...............................................................................................................................................................51

Bibliography .............................................................................................................................................................................................................................52

© ISO/IEC 2018 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC 20000-1:redline:2018(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical

activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international

organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the

work. In the field of information technology, ISO and IEC have established a joint technical committee,

ISO/IEC JTC 1.

International Standards areThe procedures used to develop this document and those intended for

its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different

approval criteria needed for the different types of document should be noted. This document was

drafted in accordance with the rules given ineditorial rules of the ISO/IEC Directives, Part 2 (see www

.iso .org/directives).

The main task of the joint technical committee is to prepare International Standards. Draft International

Standards adopted by the joint technical committee are circulated to national bodies for voting.

Publication as an International Standard requires approval by at least 75 % of the national bodies

casting a vote.

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following

URL: www .iso .org/iso/foreword .html.

This document was prepared by ISO/IEC JTC 1, Information technology, SC 40, IT Service Management

and IT Governance.

ISO/IEC 20000-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 7, Software and systems engineering. This secondthird edition cancels and replaces

the firstsecond edition (ISO/IEC 20000-1:20052011) which has been technically revised. The main

differences are as follows:
The main changes compared to the previous edition are as follows.
— closer alignment to ISO 9001;

— a) closer alignment to ISO/IEC 27001;Restructured into the high level structure used for all

management system standards (from Annex SL of the Consolidated ISO Supplement to the

ISO/IEC Directives Part 1). This has introduced new common requirements for context of the

organization, planning to achieve objectives and actions to address risks and opportunities.

There are some common requirements that have updated previous requirements, for example,

documented information, resources, competence and awareness.

— b) change of terminology to reflect international usage;Taken into account the growing trends in

service management including topics such as the commoditisation of services, the management of

multiple suppliers by an internal or external service integrator and the need to determine value of

services for customers.
vi © ISO/IEC 2018 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC 20000-1:redline:2018(E)

c) Removed some of the detail to concentrate on what to do and allow organizations the freedom of

how to meet the requirements.

— d) addition of many more definitions, updates to some definitions and removal of two

definitions;Included new features such as the addition of requirements about knowledge and

planning the services.

— e) introduction of the term “service management system”;Separated out clauses that were

previously combined for incident management, service request management, service continuity

management, service availability management, service level management, service catalogue

management, capacity management, demand management.

— combining Clauses 3 and 4 of ISO/IEC 20000-1:2005 to put all management system requirements

into one clause;

— clarification of the requirements for the governance of processes operated by other parties;

— f) clarification of the requirements for defining theRenamed “Governance of processes operated by

other parties” to “Control of parties involved in the service lifecycle” and updated the requirements

to include services and service components as well as processes. Clarified that the organization

cannot demonstrate conformity to the requirements specified in this document if other parties are

used to provide or operate all services, service components or processes within the scope of the

SMS;service management system (SMS).

g) Separated Clause 3 (Terms and definitions) into sub-clauses for management system terms and

service management terms. There are many changes to definitions. The key changes include:

1) some new terms have been added for Annex SL, e.g. “objective”, “policy”, and some have been

added specifically for service management, e.g. “asset”, “user”;

2) the term “service provider” has been replaced by “organization” to fit with the Annex SL

common text;

3) the term “internal group” has been replaced by “internal supplier” and the term “supplier” has

been replaced by “external supplier”;

4) the definition of “information security” has been aligned with ISO/IEC 27000. Subsequently

the term “availability” has been replaced by “service availability” to differentiate from the

term “availability” which is now used in the revised definition of “information security”.

— h) clarification that the PDCA methodology applies to the SMS, includingMinimised the required

documented information leaving only key documents such as the service management processes,

and the services;plan. Other documented information changes include:

1) removed requirement for documented capacity plan and replaced with requirement to plan

capacity;

2) removed requirement for documented availability plan and replaced with requirement to

document service availability requirements and targets;

3) removed requirement for a configuration management database and replaced with

requirements for configuration information;

4) removed requirement for a release policy and replaced with a requirement to define release

types and frequency;

5) removed requirement for a continual improvement policy and replaced with a requirement to

determine evaluation criteria for opportunities for improvement.

i) Updated and renumbered Figures 2 and 3 to Figures 1 and 2. Removed Figure 1 and references to

Plan-Do-Check-Act as this is not specifically used in Annex SL because many improvement methods

can be used with management system standards.
© ISO/IEC 2018 – All rights reserved vii
---------------------- Page: 7 ----------------------
ISO/IEC 20000-1:redline:2018(E)

— j) introduction of new requirements for the design and transition of new or changed servicesMoved

detailed reporting requirements from the service reporting clause into the clauses where the

reports are likely to be produced.

A list of all parts in the ISO/IEC 20000 series consists of the following parts, under the general titlecan

be found on the Information technology — Service management:I SO website.
— Part 1: Service management system requirements
— Part 2: Guidance on the application
...

INTERNATIONAL ISO/IEC
STANDARD 20000-1
Third edition
2018-09
Information technology — Service
management —
Part 1:
Service management system
requirements
Technologies de l'information — Gestion des services —
Partie 1: Exigences du système de management des services
Reference number
ISO/IEC 20000-1:2018(E)
ISO/IEC 2018
---------------------- Page: 1 ----------------------
ISO/IEC 20000-1:2018(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2018

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 20000-1:2018(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ..............................................................................................................................................................................................................................vii

1 Scope ................................................................................................................................................................................................................................. 1

1.1 General ........................................................................................................................................................................................................... 1

1.2 Application ................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 2

3 Terms and definitions ..................................................................................................................................................................................... 2

3.1 Terms specific to management system standards .................................................................................................... 2

3.2 Terms specific to service management .............................................................................................................................. 6

4 Context of the organization ....................................................................................................................................................................10

4.1 Understanding the organization and its context ....................................................................................................10

4.2 Understanding the needs and expectations of interested parties ...........................................................10

4.3 Determining the scope of the service management system .........................................................................10

4.4 Service management system....................................................................................................................................................10

5 Leadership ...............................................................................................................................................................................................................10

5.1 Leadership and commitment ..................................................................................................................................................10

5.2 Policy ............................................................................................................................................................................................................11

5.2.1 Establishing the service management policy .......................................................................................11

5.2.2 Communicating the service management policy ..............................................................................11

5.3 Organizational roles, responsibilities and authorities.......................................................................................11

6 Planning ......................................................................................................................................................................................................................12

6.1 Actions to address risks and opportunities ................................................................................................................12

6.2 Service management objectives and planning to achieve them ................................................................12

6.2.1 Establish objectives ....................................................................................................................................................12

6.2.2 Plan to achieve objectives .....................................................................................................................................13

6.3 Plan the service management system ..............................................................................................................................13

7 Support of the service management system .........................................................................................................................13

7.1 Resources ..................................................................................................................................................................................................13

7.2 Competence ............................................................................................................................................................................................14

7.3 Awareness ................................................................................................................................................................................................14

7.4 Communication ...................................................................................................................................................................................14

7.5 Documented information ............................................................................................................................................................14

7.5.1 General...................................................................................................................................................................................14

7.5.2 Creating and updating documented information .............................................................................15

7.5.3 Control of documented information ............................................................................................................15

7.5.4 Service management system documented information .............................................................15

7.6 Knowledge ...............................................................................................................................................................................................16

8 Operation of the service management system ...................................................................................................................16

8.1 Operational planning and control .......................................................................................................................................16

8.2 Service portfolio ..................................................................................................................................................................................16

8.2.1 Service delivery ..............................................................................................................................................................16

8.2.2 Plan the services ...........................................................................................................................................................16

8.2.3 Control of parties involved in the service lifecycle ..........................................................................17

8.2.4 Service catalogue management .......................................................................................................................17

8.2.5 Asset management ......................................................................................................................................................17

8.2.6 Configuration management .................................................................................................................................18

8.3 Relationship and agreement ....................................................................................................................................................18

8.3.1 General...................................................................................................................................................................................18

8.3.2 Business relationship management .............................................................................................................19

8.3.3 Service level management ....................................................................................................................................19

8.3.4 Supplier management ..............................................................................................................................................20

© ISO/IEC 2018 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 20000-1:2018(E)

8.4 Supply and demand .........................................................................................................................................................................21

8.4.1 Budgeting and accounting for services .....................................................................................................21

8.4.2 Demand management ..............................................................................................................................................21

8.4.3 Capacity management ..............................................................................................................................................21

8.5 Service design, build and transition ..................................................................................................................................21

8.5.1 Change management .................................................................................................................................................21

8.5.2 Service design and transition ............................................................................................................................23

8.5.3 Release and deployment management ......................................................................................................24

8.6 Resolution and fulfilment ...........................................................................................................................................................24

8.6.1 Incident management ........................................................................................................................................... ....24

8.6.2 Service request management .................. ...........................................................................................................25

8.6.3 Problem management ..............................................................................................................................................25

8.7 Service assurance ..............................................................................................................................................................................25

8.7.1 Service availability management ....................................................................................................................25

8.7.2 Service continuity management ......................................................................................................................26

8.7.3 Information security management ...............................................................................................................26

9 Performance evaluation ............................................................................................................................................................................27

9.1 Monitoring, measurement, analysis and evaluation ............................................................................................27

9.2 Internal audit .........................................................................................................................................................................................27

9.3 Management review ........................................................................................................................................................................28

9.4 Service reporting ................................................................................................................................................................................29

10 Improvement .........................................................................................................................................................................................................29

10.1 Nonconformity and corrective action ..............................................................................................................................29

10.2 Continual improvement ...............................................................................................................................................................29

Bibliography .............................................................................................................................................................................................................................31

iv © ISO/IEC 2018 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 20000-1:2018(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical

activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international

organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the

work. In the field of information technology, ISO and IEC have established a joint technical committee,

ISO/IEC JTC 1.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following

URL: www .iso .org/iso/foreword .html.

This document was prepared by ISO/IEC JTC 1, Information technology, SC 40, IT Service Management

and IT Governance.

This third edition cancels and replaces the second edition (ISO/IEC 20000-1:2011) which has been

technically revised.
The main changes compared to the previous edition are as follows.

a) Restructured into the high level structure used for all management system standards (from Annex

SL of the Consolidated ISO Supplement to the ISO/IEC Directives Part 1). This has introduced new

common requirements for context of the organization, planning to achieve objectives and actions to

address risks and opportunities. There are some common requirements that have updated previous

requirements, for example, documented information, resources, competence and awareness.

b) Taken into account the growing trends in service management including topics such as the

commoditisation of services, the management of multiple suppliers by an internal or external

service integrator and the need to determine value of services for customers.

c) Removed some of the detail to concentrate on what to do and allow organizations the freedom of

how to meet the requirements.

d) Included new features such as the addition of requirements about knowledge and planning the

services.

e) Separated out clauses that were previously combined for incident management, service request

management, service continuity management, service availability management, service level

management, service catalogue management, capacity management, demand management.

f) Renamed “Governance of processes operated by other parties” to “Control of parties involved in the

service lifecycle” and updated the requirements to include services and service components as well

as processes. Clarified that the organization cannot demonstrate conformity to the requirements

© ISO/IEC 2018 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC 20000-1:2018(E)

specified in this document if other parties are used to provide or operate all services, service

components or processes within the scope of the service management system (SMS).

g) Separated Clause 3 (Terms and definitions) into sub-clauses for management system terms and

service management terms. There are many changes to definitions. The key changes include:

1) some new terms have been added for Annex SL, e.g. “objective”, “policy”, and some have been

added specifically for service management, e.g. “asset”, “user”;

2) the term “service provider” has been replaced by “organization” to fit with the Annex SL

common text;

3) the term “internal group” has been replaced by “internal supplier” and the term “supplier” has

been replaced by “external supplier”;

4) the definition of “information security” has been aligned with ISO/IEC 27000. Subsequently

the term “availability” has been replaced by “service availability” to differentiate from the

term “availability” which is now used in the revised definition of “information security”.

h) Minimised the required documented information leaving only key documents such as the service

management plan. Other documented information changes include:

1) removed requirement for documented capacity plan and replaced with requirement to plan

capacity;

2) removed requirement for documented availability plan and replaced with requirement to

document service availability requirements and targets;
3) removed requirement for a configuration management database and replaced with
requirements for configuration information;

4) removed requirement for a release policy and replaced with a requirement to define release

types and frequency;

5) removed requirement for a continual improvement policy and replaced with a requirement to

determine evaluation criteria for opportunities for improvement.

i) Updated and renumbered Figures 2 and 3 to Figures 1 and 2. Removed Figure 1 and references to

Plan-Do-Check-Act as this is not specifically used in Annex SL because many improvement methods

can be used with management system standards.

j) Moved detailed reporting requirements from the service reporting clause into the clauses where

the reports are likely to be produced.
A list of all parts in the ISO/IEC 20000 series can be found on the ISO website.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/members .html.
vi © ISO/IEC 2018 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC 20000-1:2018(E)
Introduction

This document has been prepared to specify requirements for establishing, implementing, maintaining

and continually improving a service management system (SMS). An SMS supports the management of

the service lifecycle, including the planning, design, transition, delivery and improvement of services,

which meet agreed requirements and deliver value for customers, users and the organization delivering

the services.

The adoption of an SMS is a strategic decision for an organization and is influenced by the organization’s

objectives, the governing body, other parties involved in the service lifecycle and the need for effective

and resilient services.

Implementation and operation of an SMS provides ongoing visibility, control of services and continual

improvement, leading to greater effectiveness and efficiency. Improvement for service management

applies to the SMS and the services.

This document is intentionally independent of specific guidance. The organization can use a combination

of generally accepted frameworks and its own experience. The requirements specified in this document

align with commonly used improvement methodologies. Appropriate tools for service management can

be used to support the SMS.

ISO/IEC 20000-2 provides guidance on the application of service management systems including

examples of how to meet the requirements specified in this document. ISO/IEC 20000-10 provides

information on all of the parts of the ISO/IEC 20000 series, benefits, misperceptions and other related

standards. ISO/IEC 20000-10 lists the terms and definitions included in this document in addition to

terms not used in this document but used in other parts of the ISO/IEC 20000 series.

The clause structure (i.e. clause sequence), terms in 3.1 and many of the requirements are taken from

Annex SL of the Consolidated ISO Supplement to the ISO/IEC Directives Part 1, known as the common

high level structure (HLS) for management system standards. The adoption of the HLS enables an

organization to align or integrate multiple management system standards. For example, an SMS

can be integrated with a quality management system based on ISO 9001 or an information security

management system based on ISO/IEC 27001.

Figure 1 illustrates an SMS showing the clause content of this document. It does not represent a

structural hierarchy, sequence or authority levels. There is no requirement in this document for its

structure to be applied to an organization’s SMS. There is no requirement for the terms used by an

organization to be replaced by the terms used in this document. Organizations can choose to use terms

that suit their operations.

The structure of clauses is intended to provide a coherent presentation of requirements, rather than

a model for documenting an organization’s policies, objectives and processes. Each organization can

choose how to combine the requirements into processes. The relationship between each organization

and its customers, users and other interested parties influences how the processes are implemented.

However, an SMS as designed by an organization, cannot exclude any of the requirements specified in

this document.
© ISO/IEC 2018 – All rights reserved vii
---------------------- Page: 7 ----------------------
ISO/IEC 20000-1:2018(E)
Figure 1 — Service management system
viii © ISO/IEC 2018 – All rights reserved
---------------------- Page: 8 ----------------------
INTERNATIONAL STANDARD ISO/IEC 20000-1:2018(E)
Information technology — Service management —
Part 1:
Service management system requirements
1 Scope
1.1 General

This document specifies requirements for an organization to establish, implement, maintain and

continually improve a service management system (SMS). The requirements specified in this document

include the planning, design, transition, delivery and improvement of services to meet the service

requirements and deliver value. This document can be used by:

a) a customer seeking services and requiring assurance regarding the quality of those services;

b) a customer requiring a consistent approach to the service lifecycle by all its service providers,

including those in a supply chain;

c) an organization to demonstrate its capability for the planning, design, transition, delivery and

improvement of services;
d) an organization to monitor, measure and review its SMS and the services;

e) an organization to improve the planning, design, transition, delivery and improvement of services

through effective implementation and operation of an SMS;

f) an organization or other party performing conformity assessments against the requirements

specified in this document;
g) a provider of training or advice in service management.

The term “service” as used in this document refers to the service or services in the scope of the SMS.

The term “organization” as used in this document refers to the organization in the scope of the SMS that

manages and delivers services to customers. The organization in the scope of the SMS can be part of

a larger organization, for example, a department of a large corporation. An organization or part of an

organization that manages and delivers a service or services to internal or external customers can also

be known as a service provider. Any use of the terms “service” or “organization” with a different intent

is distinguished clearly in this document.
1.2 Application

All requirements specified in this document are generic and are intended to be applicable to all

organizations, regardless of the organization’s type or size, or the nature of the services delivered.

Exclusion of any of the requirements in Clauses 4 to 10 is not acceptable when the organization claims

conformity to this document, irrespective of the nature of the organization.

Conformity to the requirements specified in this document can be demonstrated by the organization

itself showing evidence of meeting those requirements.

The organization itself demonstrates conformity to Clauses 4 and 5. However, the organization can be

supported by other parties. For example, another party can conduct internal audits on behalf of the

organization or support the preparation of the SMS.
© ISO/IEC 2018 – All rights reserved 1
---------------------- Page: 9 ----------------------
ISO/IEC 20000-1:2018(E)

Alternatively, the organization can show evidence of retaining accountability for the requirements

specified in this document and demonstrating control when other parties are involved in meeting the

requirements in Clauses 6 to 10 (see 8.2.3). For example, the organization can demonstrate evidence of

controls for another party who is providing infrastructure service components or operating the service

desk including the incident management process.

The organization cannot demonstrate conformity to the requirements specified in this document if

other parties are used to provide or operate all services, service components or processes within the

scope of the SMS.

The scope of this document excludes the specification for products or tools. However, this document can

be used to help the development or acquisition of products or tools that support the operation of an SMS.

2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— IEC Electropedia: available at http: //www .electropedia .org/
— ISO Online browsing platform: available at https: //www .iso .org/obp
3.1 Terms specific to management system standards
3.1.1
audit

systematic, independent and documented process (3.1.18) for obtaining audit evidence and evaluating it

objectively to determine the extent to which the audit criteria are fulfilled

Note 1 to entry: An audit can be an internal audit (first party) or an external audit (second party or third party),

and it can be a combined audit (combining two or more disciplines).

Note 2 to entry: An internal audit is conducted by the organization (3.1.14) itself, or by an external party on

its behalf.
Note 3 to entry: “Audit evidence” and “audit criteria” are defined in ISO 19011.
3.1.2
competence
...

NORME ISO/IEC
INTERNATIONALE 20000-1
Troisième édition
2018-09
Technologies de l'information —
Gestion des services —
Partie 1:
Exigences du système de management
des services
Information technology — Service management —
Part 1: Service management system requirements
Numéro de référence
ISO/IEC 20000-1:2018(F)
ISO/IEC 2018
---------------------- Page: 1 ----------------------
ISO/IEC 20000-1:2018(F)
DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO/IEC 2018

Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette

publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,

y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut

être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.

ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
Fax: +41 22 749 09 47
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
ii © ISO/IEC 2018 – Tous droits réservés
---------------------- Page: 2 ----------------------
ISO/IEC 20000-1:2018(F)
Sommaire Page

Avant-propos ................................................................................................................................................................................................................................v

Introduction ............................................................................................................................................................................................................................viii

1 Domaine d'application ................................................................................................................................................................................... 1

1.1 Généralités .................................................................................................................................................................................................. 1

1.2 Application ................................................................................................................................................................................................. 1

2 Références normatives ................................................................................................................................................................................... 2

3 Termes et définitions ....................................................................................................................................................................................... 2

3.1 Termes spécifiques aux normes de systèmes de management ..................................................................... 2

3.2 Termes spécifiques à la gestion des services ................................................................................................................ 6

4 Contexte de l’organisme .............................................................................................................................................................................10

4.1 Compréhension de l’organisme et de son contexte ..............................................................................................10

4.2 Compréhension des besoins et attentes des parties intéressées .............................................................10

4.3 Détermination du périmètre d’application du système de management des services .........11

4.4 Système de management des services.............................................................................................................................11

5 Leadership ...............................................................................................................................................................................................................11

5.1 Leadership et engagement.........................................................................................................................................................11

5.2 Politique .....................................................................................................................................................................................................12

5.2.1 Établissement de la politique de gestion des services .................................................................12

5.2.2 Communication relative à la politique de gestion des services .................. ..........................12

5.3 Rôles, responsabilités et autorités au sein de l’organisme ............................................................................12

6 Planification ...........................................................................................................................................................................................................12

6.1 Actions à mettre en œuvre face aux risques et opportunités ......................................................................12

6.2 Objectifs de la gestion des services et planification des actions pour les atteindre ................13

6.2.1 Établissement des objectifs .................................................................................................................................13

6.2.2 Planification pour atteindre les objectifs .................................................................................................13

6.3 Planification du système de management des services ....................................................................................14

7 Support du système de management des services.........................................................................................................14

7.1 Ressources ...............................................................................................................................................................................................14

7.2 Compétences ..........................................................................................................................................................................................14

7.3 Sensibilisation ......................................................................................................................................................................................15

7.4 Communication ...................................................................................................................................................................................15

7.5 Informations documentées .......................................................................................................................................................15

7.5.1 Généralités .........................................................................................................................................................................15

7.5.2 Création et mise à jour des informations documentées .............................................................15

7.5.3 Maîtrise des informations documentées ..................................................................................................16

7.5.4 Informations documentées du système de management des services ..........................16

7.6 Connaissances.......................................................................................................................................................................................17

8 Fonctionnement du système de management des services ..................................................................................17

8.1 Planification et maîtrise opérationnelles ......................................................................................................................17

8.2 Portefeuille des services ..............................................................................................................................................................17

8.2.1 Fourniture des services ...........................................................................................................................................17

8.2.2 Planification des services ......................................................................................................................................17

8.2.3 Maîtrise des parties impliquées dans le cycle de vie du service..........................................18

8.2.4 Gestion du catalogue de services ....................................................................................................................18

8.2.5 Gestion des actifs ..........................................................................................................................................................18

8.2.6 Gestion des configurations ...................................................................................................................................19

8.3 Relations et accords .........................................................................................................................................................................19

8.3.1 Généralités .........................................................................................................................................................................19

8.3.2 Gestion des relations commerciales ............................................................................................................20

8.3.3 Gestion des niveaux de services ......................................................................................................................20

8.3.4 Gestion des fournisseurs........................................................................................................................................21

© ISO/IEC 2018 – Tous droits réservés iii
---------------------- Page: 3 ----------------------
ISO/IEC 20000-1:2018(F)

8.4 Offre et demande ................................................................................................................................................................................22

8.4.1 Budgétisation et comptabilisation des services ................................................................................22

8.4.2 Gestion de la demande ........................................................................................................................................... ..22

8.4.3 Gestion de la capacité ...............................................................................................................................................22

8.5 Conception, construction et transition du service ................................................................................................22

8.5.1 Gestion des changements ......................................................................................................................................22

8.5.2 Conception et transition du service .............................................................................................................24

8.5.3 Gestion des mises en production et de leur déploiement .........................................................25

8.6 Résolution et satisfaction ............................................................................................................................................................25

8.6.1 Gestion des incidents ................................................................................................................................................25

8.6.2 Gestion de la demande de services ...............................................................................................................26

8.6.3 Gestion des problèmes ............................................................................................................................................26

8.7 Garantie de services ........................................................................................................................................................................27

8.7.1 Gestion de la disponibilité des services ....................................................................................................27

8.7.2 Gestion de la continuité des services ..........................................................................................................27

8.7.3 Management de la sécurité de l'information ........................................................................................27

9 Évaluation des performances ...............................................................................................................................................................28

9.1 Surveillance, mesures, analyse et évaluation .............................................................................................................28

9.2 Audit interne ..........................................................................................................................................................................................29

9.3 Revue de direction ............................................................................................................................................................................29

9.4 Fourniture des rapports de service ....................................................................................................................................30

10 Amélioration ..........................................................................................................................................................................................................30

10.1 Non-conformité et actions correctives ............................................................................................................................30

10.2 Amélioration continue ...................................................................................................................................................................31

Bibliographie ...........................................................................................................................................................................................................................32

iv © ISO/IEC 2018 – Tous droits réservés
---------------------- Page: 4 ----------------------
ISO/IEC 20000-1:2018(F)
Avant-propos

L'ISO (Organisation internationale de normalisation) et l’IEC (Commission électrotechnique

internationale) forment le système spécialisé de la normalisation mondiale. Les organismes

nationaux membres de l'ISO ou de l’IEC participent au développement de Normes internationales

par l'intermédiaire des comités techniques créés par l'organisation concernée afin de s'occuper des

domaines particuliers de l'activité technique. Les comités techniques de l'ISO et de l’IEC collaborent

dans des domaines d'intérêt commun. D'autres organisations internationales, gouvernementales et non

gouvernementales, en liaison avec l'ISO et l’IEC, participent également aux travaux. Dans le domaine

des technologies de l'information, l'ISO et l’IEC ont créé un comité technique mixte, l'ISO/IEC JTC 1.

Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont

décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier de prendre note des différents

critères d'approbation requis pour les différents types de documents ISO. Le présent document a été

rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www

.iso .org/directives).

L'attention est appelée sur le fait que certains des éléments du présent document peuvent faire l'objet

de droits de propriété intellectuelle ou de droits analogues. L'ISO et l’IEC ne sauraient être tenues pour

responsables de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails

concernant les références aux droits de propriété intellectuelle ou autres droits analogues identifiés

lors de l'élaboration du document sont indiqués dans l'Introduction et/ou dans la liste des déclarations

de brevets reçues par l'ISO (voir www .iso .org/brevets).

Les appellations commerciales éventuellement mentionnées dans le présent document sont données

pour information, par souci de commodité, à l’intention des utilisateurs et ne sauraient constituer un

engagement.

Pour une explication de la nature volontaire des normes, la signification des termes et expressions

spécifiques de l'ISO liés à l'évaluation de la conformité, ou pour toute information au sujet de l'adhésion

de l'ISO aux principes de l’Organisation mondiale du commerce (OMC) concernant les obstacles

techniques au commerce (OTC), voir le lien suivant: www .iso .org/iso/fr/avant -propos .html.

Le comité chargé de l’élaboration du présent document est l’ISO/IEC JTC 1, Technologies de l'information,

sous-comité SC 40, IT Service Management et IT Governance (Gestion des services issus des technologies

de l’information et gouvernance des technologies de l’information).

Cette troisième édition annule et remplace la deuxième édition (ISO/IEC 20000-1:2011) qui a fait l'objet

d'une révision technique.

Les principales modifications par rapport à l’édition précédente sont les suivantes:

a) Contenu restructuré dans la structure de niveau supérieur utilisée pour toutes les normes de

systèmes de management (dans l’Annexe SL du Supplément ISO Consolidé aux Directives ISO/

IEC, Partie 1). Cela a entraîné de nouvelles exigences communes pour le contexte de l’organisme,

la planification pour atteindre les objectifs et les actions à mettre en œuvre face aux risques et

opportunités. Certaines exigences communes ont mis à jour des exigences existantes. Par exemple,

informations documentées, ressources, compétences et sensibilisation.

b) prise en compte des nouvelles tendances de la gestion des services qui abordent des thèmes comme

la banalisation des services, la gestion de plusieurs fournisseurs par un intégrateur de services

interne ou externe et la nécessité de déterminer la valeur des services pour les clients.

c) retrait d’un certain nombre de détails pour se concentrer sur ce qui doit être fait et laisser aux

organismes toute liberté pour décider comment répondre aux exigences.

d) nouveaux points ajoutés tels que les exigences relatives à la connaissance et à la planification des

services.
© ISO/IEC 2018 – Tous droits réservés v
---------------------- Page: 5 ----------------------
ISO/IEC 20000-1:2018(F)

e) articles séparés qui étaient au préalable associés à la gestion des incidents, de la demande de

services, de la continuité des services, de la disponibilité des services, des niveaux de services, du

catalogue des services, de la demande et de la capacité.

f) «gouvernance de processus opérés par d'autres parties» renommée et remplacée par «maîtrise des

parties impliquées dans le cycle de vie du service» et mises à jour des exigences pour inclure les

services et les composants de services ainsi que les processus. Précision sur le fait que l’organisation

ne peut pas démontrer sa conformité aux exigences spécifiées dans le présent document si d’autres

parties sont utilisées pour fournir ou opérer tous les services, les composants de services ou les

processus dans le périmètre du système de management des services (SMS).

g) Division de l’Article 3 (Termes et définitions) en paragraphes pour les termes relatifs au système de

management et ceux relatifs à la gestion des services. Les définitions ont été largement modifiées.

Les principaux changements sont les suivants:

1) de nouveaux termes ont été ajoutés à l’Annexe SL, par exemple «objectif», «politique», et

d'autres ont été ajoutés spécifiquement pour la gestion des services, par exemple «actif»,

«utilisateur»;

2) le terme «fournisseur de services» a été remplacé par le terme «organisme» pour une question

de cohérence avec le texte commun de l’Annexe SL;

3) le terme «groupe interne» a été remplacé par «fournisseur interne» et le terme «fournisseur» a

été remplacé par «fournisseur externe»;

4) la définition de «sécurité de l'information» a été alignée sur la norme ISO/IEC 27000. En

conséquence, le terme «disponibilité» a été remplacé par «disponibilité des services» pour le

différencier du terme «disponibilité» qui est dorénavant utilisé dans la définition révisée de

«sécurité de l'information».

h) les informations documentées requises ont été reduites, seuls les documents clés tels que le plan de

management des services ont été conservés. Les autres changements concernant les informations

documentées sont les suivants:

1) l’exigence concernant le plan documenté de capacité est retiré et remplacé par l’exigence de

planification de la capacité;

2) l’exigence concernant le plan documenté de disponibilité est retiré et remplacé par l’exigence

de documentation des exigences et des objectifs de disponibilité des services;

3) l'exigence concernant la base de données de gestion des configurations est retirée et remplacée

par une exigence d’information de configuration;

4) l'exigence portant sur une politique de mises en production est retirée et remplacée par une

exigence de définition des types de mises en production et de leur fréquence;

5) l'exigence portant sur une politique d’amélioration continue est retirée et remplacée par une

exigence visant à déterminer les critères d’évaluation pour les opportunités d’amélioration.

i) les Figures 2 et 3 sont mises à jour et renumérotées en tant que Figures 1 et 2. La Figure 1 et

les références à la roue de Deming sont retirées du fait que celles-ci ne sont pas spécifiquement

utilisées dans l’Annexe SL car de nombreuses méthodes d'amélioration peuvent être utilisées avec

les normes de systèmes de management.

j) les exigences détaillées relatives aux rapports, contenus dans l'article sur les rapports de services,

sont déplacées vers les articles normalement concernés par lesdits rapports.

Une liste de toutes les parties de la série de normes ISO/IEC 20000 peut être consultée sur le site web

de l’ISO.
vi © ISO/IEC 2018 – Tous droits réservés
---------------------- Page: 6 ----------------------
ISO/IEC 20000-1:2018(F)

Il convient que l’utilisateur adresse tout retour d’information ou toute question concernant le présent

document à l’organisme national de normalisation de son pays. Une liste exhaustive desdits organismes

se trouve à l’adresse www .iso .org/fr/members .html.
© ISO/IEC 2018 – Tous droits réservés vii
---------------------- Page: 7 ----------------------
ISO/IEC 20000-1:2018(F)
Introduction

Le présent document a été élaboré pour préciser des exigences en vue de l'établissement, de la mise en

œuvre, de la tenue à jour et de l'amélioration continue d'un système de management des services (SMS).

Un SMS est une aide à la gestion du cycle de vie des services, comprenant la planification, la conception,

la transition, la fourniture et l’amélioration des services, pour satisfaire aux exigences convenues et

créer de la valeur pour les clients, les utilisateurs et l’organisme fournisseur des services.

L’adoption d’un SMS constitue une décision stratégique pour un organisme et est généralement

influencée par les objectifs de l’organisme, l’organe de gouvernance, les autres parties impliquées dans

le cycle de vie du service et la nécessité d’obtenir des services efficaces et faisant preuve de résilience.

La mise en œuvre et le fonctionnement d’un SMS apportent une visibilité des opérations, un maîtrise

des services et une amélioration continue conduisant à une meilleure efficience et à une plus grande

efficacité. L’amélioration du management des services s’applique aux SMS et aux services.

Le présent document est volontairement indépendant de tout guide ou référentiel spécifique.

L’organisme peut utiliser une combinaison de référentiels généralement admis et sa propre expérience.

Les exigences spécifiées dans le présent document sont alignées sur les méthodologies d’amélioration

généralement utilisées. Des outils appropriés de management des services peuvent être utilisés pour

accompagner le SMS.

L’ISO/IEC 20000-2 fournit des recommandations relatives à l’application des systèmes de management

des services comprenant des exemples permettant de répondre au mieux aux exigences spécifiées dans

le présent document. L’ISO/IEC 20000-10 fournit des informations sur toutes les parties de la série de

normes ISO/IEC 20000, avantages, mésinterprétation et autres normes connexes. L’ISO/IEC 20000-

10 fournit une liste des termes et définitions inclus dans le présent document qui viennent s'ajouter

aux termes non utilisés dans le présent document mais utilisés dans d’autres parties de la série de

normes ISO/IEC 20000.

La structure (c'est-à-dire l'organisation des articles et des paragraphes), la terminologie en 3.1 et une

grande partie des exigences sont issues de l’Annexe SL du Supplément ISO Consolidé aux Directives ISO/

IEC, Partie 1, également dénommée structure de niveau supérieur (HLS) utilisée pour toutes les normes

de systèmes de management. L'adoption de la HLS permet à un organisme de s’aligner sur plusieurs

normes de système de management, ou de les intégrer. Par exemple, un SMS peut être intégré dans un

système de management de la qualité basé sur l'ISO 9001 ou dans un système de management de la

sécurité de l'information basé sur l’ISO/IEC 27001.

La Figure 1 représente un SMS montrant le contenu du présent document. Elle ne figure pas une

hiérarchie structurelle, une séquence ou des niveaux d’autorité. Le présent document n'exige pas

l'application de sa structure à un SMS de l’organisme. Il n'est pas exigé que les termes utilisés par un

organisme soient remplacés par les termes utilisés dans le présent document. Les organismes peuvent

choisir librement les termes correspondant le mieux aux opérations liées à leur activité.

La structure est destinée à fournir une présentation cohérente des exigences plutôt qu'un modèle pour

la documentation des politiques, des objectifs et des processus d'un organisme. Chaque organisme peut

choisir comment combiner les exigences au sein des processus. Les relations entre chaque organisme et

ses clients, utilisateurs et autres parties intéressées ont une influence sur le mode de mise en œuvre des

processus. Un SMS tel qu’il est désigné par un organisme ne peut toutefois exclure aucune des exigences

spécifiées dans le présent document.
viii © ISO/IEC 2018 – Tous droits réservés
---------------------- Page: 8 ----------------------
ISO/IEC 20000-1:2018(F)
Figure 1 — Système de management des services
© ISO/IEC 2018 – Tous droits réservés ix
---------------------- Page: 9 ----------------------
NORME INTERNATIONALE ISO/IEC 20000-1:2018(F)
Technologies de l'information — Gestion des services —
Partie 1:
Exigences du système de management des services
1 Domaine d'application
1.1 Généralités

Le présent document spécifie les exigences destinées à une organisation pour établir, implémenter,

maintenir et améliorer continuellement un système de management des services (SMS). Les exigences

spécifiées dans le présent document incluent la planification, la conception, la transition, la fourniture

et l'amélioration des services afin de satisfaire aux exigences des services et créer de la valeur. Le

présent document peut être utilisé par:

a) un client attendant des services et exigeant une garantie de qualité pour ces services;

b) un client exigeant une approche cohérente du cycle de vie des services de la part de tous ses

fournisseurs de services, y compris ceux de la chaîne logistique;

c) un organisme pour démontrer ses capacités en matière de planification, de conception, de

transition, de fourniture et d’amélioration des services;

d) un organisme pour surveiller, mesurer et passer en revue son SMS et les services;

e) un organisme pour améliorer la planification, la conception, la transition, la fourniture et

l'amélioration des services par la mise en œuvre et le fonctionnement efficaces d'un SMS;

f) un organisme ou un tiers menant des évaluations de conformité par rapport aux exigences

spécifiées dans le présent document;
g) un fournisseur de formation ou de conseil en gestion des services.

Le terme «service» tel qu’il est utilisé dans le présent document se réfère au service ou aux services

compris dans le périmètre d'application du SMS. Le terme «organisme» tel qu’il est utilisé dans le

présent document se réfère à l’organisme compris dans le périmètre d'application du SMS qui gère et

fournit les services aux clients. Dans le périmètre d'application du SMS, l’organisme peut faire partie

d’une organisation plus étendue comme peut l’être, par exemple, un département au sein d’une grande

entreprise. Un organisme ou partie d'un organisme qui gère et fournit un ou plusieurs services à des

clients internes ou externes peut être aussi dénommé fournisseur de service. Tout usage des termes

«service» ou «organisme» n'ayant pas les significations susmentionnées sera clairement indiqué dans

le présent document.
1.2 Application

Toutes les exigences spécifiées dans le présent document sont génériques et prévues pour s'appliquer à

tout organisme, quels que soient son type ou sa taille, ou la nature des services fournis. L'exclusion d’une

des exigences spécifiées dans les Articles 4 à 10 n'est pas acceptable lorsque l’organisme revendique la

conformité au présent document, indépendamment de sa nature.

L’organisme peut lui-même démontrer la conformité aux exigences spécifiées dans le présent document

en apportant la preuve qu'il satisfait à toutes ces exigences.
© ISO
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.