iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 20000-1:2018

(Main)

Information technology — Service management — Part 1: Service management system requirements

Information technology — Service management — Part 1: Service management system requirements

This document specifies requirements for an organization to establish, implement, maintain and continually improve a service management system (SMS). The requirements specified in this document include the planning, design, transition, delivery and improvement of services to meet the service requirements and deliver value. This document can be used by: a) a customer seeking services and requiring assurance regarding the quality of those services; b) a customer requiring a consistent approach to the service lifecycle by all its service providers, including those in a supply chain; c) an organization to demonstrate its capability for the planning, design, transition, delivery and improvement of services; d) an organization to monitor, measure and review its SMS and the services; e) an organization to improve the planning, design, transition, delivery and improvement of services through effective implementation and operation of an SMS; f) an organization or other party performing conformity assessments against the requirements specified in this document; g) a provider of training or advice in service management. The term "service" as used in this document refers to the service or services in the scope of the SMS. The term "organization" as used in this document refers to the organization in the scope of the SMS that manages and delivers services to customers. The organization in the scope of the SMS can be part of a larger organization, for example, a department of a large corporation. An organization or part of an organization that manages and delivers a service or services to internal or external customers can also be known as a service provider. Any use of the terms "service" or "organization" with a different intent is distinguished clearly in this document.

Technologies de l'information — Gestion des services — Partie 1: Exigences du système de management des services

Le présent document spécifie les exigences destinées à une organisation pour établir, implémenter, maintenir et améliorer continuellement un système de management des services (SMS). Les exigences spécifiées dans le présent document incluent la planification, la conception, la transition, la fourniture et l'amélioration des services afin de satisfaire aux exigences des services et créer de la valeur. Le présent document peut être utilisé par: a) un client attendant des services et exigeant une garantie de qualité pour ces services; b) un client exigeant une approche cohérente du cycle de vie des services de la part de tous ses fournisseurs de services, y compris ceux de la chaîne logistique; c) un organisme pour démontrer ses capacités en matière de planification, de conception, de transition, de fourniture et d'amélioration des services; d) un organisme pour surveiller, mesurer et passer en revue son SMS et les services; e) un organisme pour améliorer la planification, la conception, la transition, la fourniture et l'amélioration des services par la mise en œuvre et le fonctionnement efficaces d'un SMS; f) un organisme ou un tiers menant des évaluations de conformité par rapport aux exigences spécifiées dans le présent document; g) un fournisseur de formation ou de conseil en gestion des services. Le terme «service» tel qu'il est utilisé dans le présent document se réfère au service ou aux services compris dans le périmètre d'application du SMS. Le terme «organisme» tel qu'il est utilisé dans le présent document se réfère à l'organisme compris dans le périmètre d'application du SMS qui gère et fournit les services aux clients. Dans le périmètre d'application du SMS, l'organisme peut faire partie d'une organisation plus étendue comme peut l'être, par exemple, un département au sein d'une grande entreprise. Un organisme ou partie d'un organisme qui gère et fournit un ou plusieurs services à des clients internes ou externes peut être aussi dénommé fournisseur de service. Tout usage des termes «service» ou «organisme» n'ayant pas les significations susmentionnées sera clairement indiqué dans le présent document.

General Information

Status
Published
Publication Date
13-Sep-2018
ICS
03.080.99 - Other services
35.020 - Information technology (IT) in general
Technical Committee
ISO/IEC JTC 1/SC 40 - IT service management and IT governance
Drafting Committee
ISO/IEC JTC 1/SC 40/WG 2 - Service management – Information technology
Current Stage
9020 - International Standard under periodical review
Start Date
15-Jul-2023
Completion Date
15-Jul-2023
Ref Project

Relations

Revises
ISO/IEC 20000-1:2011 - Information technology — Service management — Part 1: Service management system requirements
Effective Date
23-Jan-2016

Buy Standard

REDLINE ISO/IEC 20000-1:2018 - Information technology -- Service managementREDLINE ISO/IEC 20000-1:2018 - Information technology -- Service management
PreviousNext
Standard
REDLINE ISO/IEC 20000-1:2018 - Information technology -- Service management
English language
31 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 20000-1:2018 - Information technology -- Service managementISO/IEC 20000-1:2018 - Information technology -- Service management
PreviousNext
Standard
ISO/IEC 20000-1:2018 - Information technology -- Service management
English language
31 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 20000-1:2018 - Technologies de l'information -- Gestion des servicesISO/IEC 20000-1:2018 - Technologies de l'information -- Gestion des services
PreviousNext
Standard
ISO/IEC 20000-1:2018 - Technologies de l'information -- Gestion des services
French language
32 pages
sale 15% off
Preview
sale 15% off
Preview

Related Packages

ISO/IEC 20000-1 / ISO/IEC 20000-2 - IT Service Management Systems Package
ISO/IEC 20000-1 / ISO/IEC 20000-2 - IT Service Management Systems Package
2 documents

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 20000-1
Redline version
compares Third edition to
Second edition
Information technology — Service
management —
Part 1:
Service management system
requirements
Technologies de l'information — Gestion des services —
Partie 1: Exigences du système de management des services
Reference number
ISO/IEC 20000-1:redline:2018(E)
©
ISO/IEC 2018

---------------------- Page: 1 ----------------------
ISO/IEC 20000-1:redline:2018(E)

IMPORTANT — PLEASE NOTE
This is a mark-up copy and uses the following colour coding:
Text example 1 — indicates added text (in green)
Text example 2 — indicates removed text (in red)
— indicates added graphic figure
— indicates removed graphic figure
1.x . — Heading numbers containg modifications are highlighted in yellow in
the Table of Contents
DISCLAIMER
This Redline version provides you with a quick and easy way to compare the main changes
between this edition of the standard and its previous edition. It doesn’t capture all single
changes such as punctuation but highlights the modifications providing customers with
the most valuable information. Therefore it is important to note that this Redline version is
not the official ISO standard and that the users must consult with the clean version of the
standard, which is the official standard, for implementation purposes.
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 20000-1:redline:2018(E)

Contents Page
Foreword .vi
Introduction .ix
1 Scope . 1
1.1 General . 1
1.2 Application . 2
2 Normative references . 3
3 Terms and definitions . 3
3.1 Terms specific to management system standards . 8
3.2 Terms specific to service management .12
4 Context of the organization .15
4.1 Understanding the organization and its context .15
4.2 Understanding the needs and expectations of interested parties .16
4.3 Determining the scope of the service management system .16
4.4 Service management system.16
5 Leadership .16
5.1 Leadership and commitment .16
5.2 Policy .17
5.2.1 Establishing the service management policy .17
5.2.2 Communicating the service management policy .17
5.3 Organizational roles, responsibilities and authorities.17
4 6 Service management system general requirements Planning .17
4.1 6.1 Management responsibility Actions to address risks and opportunities.17
4.1.1 Management commitment .17
4.1.2 Service management policy .18
4.1.3 Authority, responsibility and communication .18
4.1.4 Management representative .18
4.2 6.2 Governance of processes operated by other parties Service management objectives
and planning to achieve them .19
6.2.1 Establish objectives .19
6.2.2 Plan to achieve objectives .20
4.3 Documentation management .20
4.3.1 Establish and maintain documents .20
4.3.2 Control of documents .20
4.3.3 Control of records .21
4.4 Resource management .21
4.4.1 Provision of resources . .21
4.4.2 Human resources.21
4.5 6.3 Establish and improve the SMS Plan the service management system .21
4.5.1 Define scope .21
4.5.2 Plan the SMS (Plan) .22
4.5.3 Implement and operate the SMS (Do) .22
4.5.4 Monitor and review the SMS (Check) .22
4.5.5 Maintain and improve the SMS (Act) .24
5 7 Design and transition of new or changed services Support of the service
management system .25
5.1 General .25
5.2 7.1 Plan new or changed services Resources .25
5.3 7.2 Design and development of new or changed services Competence .26
7.3 Awareness .27
7.4 Communication .27
© ISO/IEC 2018 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 20000-1:redline:2018(E)

7.5 Documented information .27
7.5.1 General.27
7.5.2 Creating and updating documented information .27
7.5.3 Control of documented information .28
7.5.4 Service management system documented information .28
5.4 7.6 Transition of new or changed services Knowledge .28
6 Service delivery processes .29
6.1 Service level management.29
6.2 Service reporting .29
6.3 Service continuity and availability management .30
6.3.1 Service continuity and availability requirements .30
6.3.2 Service continuity and availability plans .30
6.3.3 Service continuity and availability monitoring and testing .30
6.4 Budgeting and accounting for services .31
6.5 Capacity management .31
6.6 Information security management .32
6.6.1 Information security policy .32
6.6.2 Information security controls.32
6.6.3 Information security changes and incidents .32
7 Relationship processes .33
7.1 Business relationship management .33
7.2 Supplier management .33
8 Resolution processes .34
8.1 Incident and service request management .34
8.2 Problem management.35
9 8 Control processes Operation of the service management system .36
8.1 Operational planning and control .36
9.1 8.2 Configuration management Service portfolio .36
8.2.1 Service delivery .37
8.2.2 Plan the services .37
8.2.3 Control of parties involved in the service lifecycle .37
8.2.4 Service catalogue management .38
8.2.5 Asset management .38
8.2.6 Configuration management .38
8.3 Relationship and agreement .38
8.3.1 General.38
8.3.2 Business relationship management .39
8.3.3 Service level management .40
8.3.4 Supplier management .40
8.4 Supply and demand .41
8.4.1 Budgeting and accounting for services .41
8.4.2 Demand management .41
8.4.3 Capacity management .41
9.2 8.5 Change management Service design, build and transition .41
8.5.1 Change management .42
8.5.2 Service design and transition .43
8.5.3 Release and deployment management .44
9.3 8.6 Release and deployment management Resolution and fulfilment .45
8.6.1 Incident management . .45
8.6.2 Service request management . .46
8.6.3 Problem management .46
8.7 Service assurance .47
8.7.1 Service availability management .47
8.7.2 Service continuity management .47
8.7.3 Information security management .47
iv © ISO/IEC 2018 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 20000-1:redline:2018(E)

9 Performance evaluation .48
9.1 Monitoring, measurement, analysis and evaluation .48
9.2 Internal audit .49
9.3 Management review .49
9.4 Service reporting .50
10 Improvement .50
10.1 Nonconformity and corrective action .50
10.2 Continual improvement .51
Bibliography .52
© ISO/IEC 2018 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC 20000-1:redline:2018(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
International Standards areThe procedures used to develop this document and those intended for
its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different
approval criteria needed for the different types of document should be noted. This document was
drafted in accordance with the rules given ineditorial rules of the ISO/IEC Directives, Part 2 (see www
.iso .org/directives).
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the national bodies
casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/iso/foreword .html.
This document was prepared by ISO/IEC JTC 1, Information technology, SC 40, IT Service Management
and IT Governance.
ISO/IEC 20000-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 7, Software and systems engineering. This secondthird edition cancels and replaces
the firstsecond edition (ISO/IEC 20000-1:20052011) which has been technically revised. The main
differences are as follows:
The main changes compared to the previous edition are as follows.
— closer alignment to ISO 9001;
— a) closer alignment to ISO/IEC 27001;Restructured into the high level structure used for all
management system standards (from Annex SL of the Consolidated ISO Supplement to the
ISO/IEC Directives Part 1). This has introduced new common requirements for context of the
organization, planning to achieve objectives and actions to address risks and opportunities.
There are some common requirements that have updated previous requirements, for example,
documented information, resources, competence and awareness.
— b) change of terminology to reflect international usage;Taken into account the growing trends in
service management including topics such as the commoditisation of services, the management of
multiple suppliers by an internal or external service integrator and the need to determine value of
services for customers.
vi © ISO/IEC 2018 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/IEC 20000-1:redline:2018(E)

c) Removed some of the detail to concentrate on what to do and allow organizations the freedom of
how to meet the requirements.
— d) addition of many more definitions, updates to some definitions and removal of two
definitions;Included new features such as the addition of requirements about knowledge and
planning the services.
— e) introduction of the term “service management system”;Separated out clauses that were
previously combined for incident management, service request management, service continuity
management, service availability management, service level management, service catalogue
management, capacity management, demand management.
— combining Clauses 3 and 4 of ISO/IEC 20000-1:2005 to put all management system requirements
into one clause;
— clarification of the requirements for the governance of processes operated by other parties;
— f) clarification of the requirements for defining theRenamed “Governance of processes operated by
other parties” to “Control of parties involved in the service lifecycle” and updated the requirements
to include services and service components as well as processes. Clarified that the organization
cannot demonstrate conformity to the requirements specified in this document if other parties are
used to provide or operate all services, service components or processes within the scope of the
SMS;service management system (SMS).
g) Separated Clause 3 (Terms and definitions) into sub-clauses for management system terms and
service management terms. There are many changes to definitions. The key changes include:
1) some new terms have been added for Annex SL, e.g. “objective”, “policy”, and some have been
added specifically for service management, e.g. “asset”, “user”;
2) the term “service provider” has been replaced by “organization” to fit with the Annex SL
common text;
3) the term “internal group” has been replaced by “internal supplier” and the term “supplier” has
been replaced by “external supplier”;
4) the definition of “information security” has been aligned with ISO/IEC 27000. Subsequently
the term “availability” has been replaced by “service availability” to differentiate from the
term “availability” which is now used in the revised definition of “information security”.
— h) clarification that the PDCA methodology applies to the SMS, includingMinimised the required
documented information leaving only key documents such as the service management processes,
and the services;plan. Other documented information changes include:
1) removed requirement for documented capacity plan and replaced with requirement to plan
capacity;
2) removed requirement for documented availability plan and replaced with requirement to
document service availability requirements and targets;
3) removed requirement for a configuration management database and replaced with
requirements for configuration information;
4) removed requirement for a release policy and replaced with a requirement to define release
types and frequency;
5) removed requirement for a continual improvement policy and replaced with a requirement to
determine evaluation criteria for opportunities for improvement.
i) Updated and renumbered Figures 2 and 3 to Figures 1 and 2. Removed Figure 1 and references to
Plan-Do-Check-Act as this is not specifically used in Annex SL because many improvement methods
can be used with management system standards.
© ISO/IEC 2018 – All rights reserved vii

---------------------- Page: 7 ----------------------
ISO/IEC 20000-1:redline:2018(E)

— j) introduction of new requirements for the design and transition of new or changed servicesMoved
detailed reporting requirements from the service reporting clause into the clauses where the
reports are likely to be produced.
A list of all parts in the ISO/IEC 20000 series consists of the following parts, under the general titlecan
be found on the Information technology — Service management:I SO website.
— Part 1: Service management system requirements
1)
— Part 2: Guidance on the application
...

INTERNATIONAL ISO/IEC
STANDARD 20000-1
Third edition
2018-09
Information technology — Service
management —
Part 1:
Service management system
requirements
Technologies de l'information — Gestion des services —
Partie 1: Exigences du système de management des services
Reference number
ISO/IEC 20000-1:2018(E)
©
ISO/IEC 2018

---------------------- Page: 1 ----------------------
ISO/IEC 20000-1:2018(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2018 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 20000-1:2018(E)

Contents Page
Foreword .v
Introduction .vii
1 Scope . 1
1.1 General . 1
1.2 Application . 1
2 Normative references . 2
3 Terms and definitions . 2
3.1 Terms specific to management system standards . 2
3.2 Terms specific to service management . 6
4 Context of the organization .10
4.1 Understanding the organization and its context .10
4.2 Understanding the needs and expectations of interested parties .10
4.3 Determining the scope of the service management system .10
4.4 Service management system.10
5 Leadership .10
5.1 Leadership and commitment .10
5.2 Policy .11
5.2.1 Establishing the service management policy .11
5.2.2 Communicating the service management policy .11
5.3 Organizational roles, responsibilities and authorities.11
6 Planning .12
6.1 Actions to address risks and opportunities .12
6.2 Service management objectives and planning to achieve them .12
6.2.1 Establish objectives .12
6.2.2 Plan to achieve objectives .13
6.3 Plan the service management system .13
7 Support of the service management system .13
7.1 Resources .13
7.2 Competence .14
7.3 Awareness .14
7.4 Communication .14
7.5 Documented information .14
7.5.1 General.14
7.5.2 Creating and updating documented information .15
7.5.3 Control of documented information .15
7.5.4 Service management system documented information .15
7.6 Knowledge .16
8 Operation of the service management system .16
8.1 Operational planning and control .16
8.2 Service portfolio .16
8.2.1 Service delivery .16
8.2.2 Plan the services .16
8.2.3 Control of parties involved in the service lifecycle .17
8.2.4 Service catalogue management .17
8.2.5 Asset management .17
8.2.6 Configuration management .18
8.3 Relationship and agreement .18
8.3.1 General.18
8.3.2 Business relationship management .19
8.3.3 Service level management .19
8.3.4 Supplier management .20
© ISO/IEC 2018 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 20000-1:2018(E)

8.4 Supply and demand .21
8.4.1 Budgeting and accounting for services .21
8.4.2 Demand management .21
8.4.3 Capacity management .21
8.5 Service design, build and transition .21
8.5.1 Change management .21
8.5.2 Service design and transition .23
8.5.3 Release and deployment management .24
8.6 Resolution and fulfilment .24
8.6.1 Incident management . .24
8.6.2 Service request management . .25
8.6.3 Problem management .25
8.7 Service assurance .25
8.7.1 Service availability management .25
8.7.2 Service continuity management .26
8.7.3 Information security management .26
9 Performance evaluation .27
9.1 Monitoring, measurement, analysis and evaluation .27
9.2 Internal audit .27
9.3 Management review .28
9.4 Service reporting .29
10 Improvement .29
10.1 Nonconformity and corrective action .29
10.2 Continual improvement .29
Bibliography .31
iv © ISO/IEC 2018 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 20000-1:2018(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/iso/foreword .html.
This document was prepared by ISO/IEC JTC 1, Information technology, SC 40, IT Service Management
and IT Governance.
This third edition cancels and replaces the second edition (ISO/IEC 20000-1:2011) which has been
technically revised.
The main changes compared to the previous edition are as follows.
a) Restructured into the high level structure used for all management system standards (from Annex
SL of the Consolidated ISO Supplement to the ISO/IEC Directives Part 1). This has introduced new
common requirements for context of the organization, planning to achieve objectives and actions to
address risks and opportunities. There are some common requirements that have updated previous
requirements, for example, documented information, resources, competence and awareness.
b) Taken into account the growing trends in service management including topics such as the
commoditisation of services, the management of multiple suppliers by an internal or external
service integrator and the need to determine value of services for customers.
c) Removed some of the detail to concentrate on what to do and allow organizations the freedom of
how to meet the requirements.
d) Included new features such as the addition of requirements about knowledge and planning the
services.
e) Separated out clauses that were previously combined for incident management, service request
management, service continuity management, service availability management, service level
management, service catalogue management, capacity management, demand management.
f) Renamed “Governance of processes operated by other parties” to “Control of parties involved in the
service lifecycle” and updated the requirements to include services and service components as well
as processes. Clarified that the organization cannot demonstrate conformity to the requirements
© ISO/IEC 2018 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC 20000-1:2018(E)

specified in this document if other parties are used to provide or operate all services, service
components or processes within the scope of the service management system (SMS).
g) Separated Clause 3 (Terms and definitions) into sub-clauses for management system terms and
service management terms. There are many changes to definitions. The key changes include:
1) some new terms have been added for Annex SL, e.g. “objective”, “policy”, and some have been
added specifically for service management, e.g. “asset”, “user”;
2) the term “service provider” has been replaced by “organization” to fit with the Annex SL
common text;
3) the term “internal group” has been replaced by “internal supplier” and the term “supplier” has
been replaced by “external supplier”;
4) the definition of “information security” has been aligned with ISO/IEC 27000. Subsequently
the term “availability” has been replaced by “service availability” to differentiate from the
term “availability” which is now used in the revised definition of “information security”.
h) Minimised the required documented information leaving only key documents such as the service
management plan. Other documented information changes include:
1) removed requirement for documented capacity plan and replaced with requirement to plan
capacity;
2) removed requirement for documented availability plan and replaced with requirement to
document service availability requirements and targets;
3) removed requirement for a configuration management database and replaced with
requirements for configuration information;
4) removed requirement for a release policy and replaced with a requirement to define release
types and frequency;
5) removed requirement for a continual improvement policy and replaced with a requirement to
determine evaluation criteria for opportunities for improvement.
i) Updated and renumbered Figures 2 and 3 to Figures 1 and 2. Removed Figure 1 and references to
Plan-Do-Check-Act as this is not specifically used in Annex SL because many improvement methods
can be used with management system standards.
j) Moved detailed reporting requirements from the service reporting clause into the clauses where
the reports are likely to be produced.
A list of all parts in the ISO/IEC 20000 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/members .html.
vi © ISO/IEC 2018 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/IEC 20000-1:2018(E)

Introduction
This document has been prepared to specify requirements for establishing, implementing, maintaining
and continually improving a service management system (SMS). An SMS supports the management of
the service lifecycle, including the planning, design, transition, delivery and improvement of services,
which meet agreed requirements and deliver value for customers, users and the organization delivering
the services.
The adoption of an SMS is a strategic decision for an organization and is influenced by the organization’s
objectives, the governing body, other parties involved in the service lifecycle and the need for effective
and resilient services.
Implementation and operation of an SMS provides ongoing visibility, control of services and continual
improvement, leading to greater effectiveness and efficiency. Improvement for service management
applies to the SMS and the services.
This document is intentionally independent of specific guidance. The organization can use a combination
of generally accepted frameworks and its own experience. The requirements specified in this document
align with commonly used improvement methodologies. Appropriate tools for service management can
be used to support the SMS.
ISO/IEC 20000-2 provides guidance on the application of service management systems including
examples of how to meet the requirements specified in this document. ISO/IEC 20000-10 provides
information on all of the parts of the ISO/IEC 20000 series, benefits, misperceptions and other related
standards. ISO/IEC 20000-10 lists the terms and definitions included in this document in addition to
terms not used in this document but used in other parts of the ISO/IEC 20000 series.
The clause structure (i.e. clause sequence), terms in 3.1 and many of the requirements are taken from
Annex SL of the Consolidated ISO Supplement to the ISO/IEC Directives Part 1, known as the common
high level structure (HLS) for management system standards. The adoption of the HLS enables an
organization to align or integrate multiple management system standards. For example, an SMS
can be integrated with a quality management system based on ISO 9001 or an information security
management system based on ISO/IEC 27001.
Figure 1 illustrates an SMS showing the clause content of this document. It does not represent a
structural hierarchy, sequence or authority levels. There is no requirement in this document for its
structure to be applied to an organization’s SMS. There is no requirement for the terms used by an
organization to be replaced by the terms used in this document. Organizations can choose to use terms
that suit their operations.
The structure of clauses is intended to provide a coherent presentation of requirements, rather than
a model for documenting an organization’s policies, objectives and processes. Each organization can
choose how to combine the requirements into processes. The relationship between each organization
and its customers, users and other interested parties influences how the processes are implemented.
However, an SMS as designed by an organization, cannot exclude any of the requirements specified in
this document.
© ISO/IEC 2018 – All rights reserved vii

---------------------- Page: 7 ----------------------
ISO/IEC 20000-1:2018(E)

Figure 1 — Service management system
viii © ISO/IEC 2018 – All rights reserved

---------------------- Page: 8 ----------------------
INTERNATIONAL STANDARD ISO/IEC 20000-1:2018(E)
Information technology — Service management —
Part 1:
Service management system requirements
1 Scope
1.1 General
This document specifies requirements for an organization to establish, implement, maintain and
continually improve a service management system (SMS). The requirements specified in this document
include the planning, design, transition, delivery and improvement of services to meet the service
requirements and deliver value. This document can be used by:
a) a customer seeking services and requiring assurance regarding the quality of those services;
b) a customer requiring a consistent approach to the service lifecycle by all its service providers,
including those in a supply chain;
c) an organization to demonstrate its capability for the planning, design, transition, delivery and
improvement of services;
d) an organization to monitor, measure and review its SMS and the services;
e) an organization to improve the planning, design, transition, delivery and improvement of services
through effective implementation and operation of an SMS;
f) an organization or other party performing conformity assessments against the requirements
specified in this document;
g) a provider of training or advice in service management.
The term “service” as used in this document refers to the service or services in the scope of the SMS.
The term “organization” as used in this document refers to the organization in the scope of the SMS that
manages and delivers services to customers. The organization in the scope of the SMS can be part of
a larger organization, for example, a department of a large corporation. An organization or part of an
organization that manages and delivers a service or services to internal or external customers can also
be known as a service provider. Any use of the terms “service” or “organization” with a different intent
is distinguished clearly in this document.
1.2 Application
All requirements specified in this document are generic and are intended to be applicable to all
organizations, regardless of the organization’s type or size, or the nature of the services delivered.
Exclusion of any of the requirements in Clauses 4 to 10 is not acceptable when the organization claims
conformity to this document, irrespective of the nature of the organization.
Conformity to the requirements specified in this document can be demonstrated by the organization
itself showing evidence of meeting those requirements.
The organization itself demonstrates conformity to Clauses 4 and 5. However, the organization can be
supported by other parties. For example, another party can conduct internal audits on behalf of the
organization or support the preparation of the SMS.
© ISO/IEC 2018 – All rights reserved 1

---------------------- Page: 9 ----------------------
ISO/IEC 20000-1:2018(E)

Alternatively, the organization can show evidence of retaining accountability for the requirements
specified in this document and demonstrating control when other parties are involved in meeting the
requirements in Clauses 6 to 10 (see 8.2.3). For example, the organization can demonstrate evidence of
controls for another party who is providing infrastructure service components or operating the service
desk including the incident management process.
The organization cannot demonstrate conformity to the requirements specified in this document if
other parties are used to provide or operate all services, service components or processes within the
scope of the SMS.
The scope of this document excludes the specification for products or tools. However, this document can
be used to help the development or acquisition of products or tools that support the operation of an SMS.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— IEC Electropedia: available at http: //www .electropedia .org/
— ISO Online browsing platform: available at https: //www .iso .org/obp
3.1 Terms specific to management system standards
3.1.1
audit
systematic, independent and documented process (3.1.18) for obtaining audit evidence and evaluating it
objectively to determine the extent to which the audit criteria are fulfilled
Note 1 to entry: An audit can be an internal audit (first party) or an external audit (second party or third party),
and it can be a combined audit (combining two or more disciplines).
Note 2 to entry: An internal audit is conducted by the organization (3.1.14) itself, or by an external party on
its behalf.
Note 3 to entry: “Audit evidence” and “audit criteria” are defined in ISO 19011.
3.1.2
competence
...

NORME ISO/IEC
INTERNATIONALE 20000-1
Troisième édition
2018-09
Technologies de l'information —
Gestion des services —
Partie 1:
Exigences du système de management
des services
Information technology — Service management —
Part 1: Service management system requirements
Numéro de référence
ISO/IEC 20000-1:2018(F)
©
ISO/IEC 2018

---------------------- Page: 1 ----------------------
ISO/IEC 20000-1:2018(F)

DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO/IEC 2018
Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette
publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,
y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut
être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.
ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
Fax: +41 22 749 09 47
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
ii © ISO/IEC 2018 – Tous droits réservés

---------------------- Page: 2 ----------------------
ISO/IEC 20000-1:2018(F)

Sommaire Page
Avant-propos .v
Introduction .viii
1 Domaine d'application . 1
1.1 Généralités . 1
1.2 Application . 1
2 Références normatives . 2
3 Termes et définitions . 2
3.1 Termes spécifiques aux normes de systèmes de management . 2
3.2 Termes spécifiques à la gestion des services . 6
4 Contexte de l’organisme .10
4.1 Compréhension de l’organisme et de son contexte .10
4.2 Compréhension des besoins et attentes des parties intéressées .10
4.3 Détermination du périmètre d’application du système de management des services .11
4.4 Système de management des services.11
5 Leadership .11
5.1 Leadership et engagement.11
5.2 Politique .12
5.2.1 Établissement de la politique de gestion des services .12
5.2.2 Communication relative à la politique de gestion des services . .12
5.3 Rôles, responsabilités et autorités au sein de l’organisme .12
6 Planification .12
6.1 Actions à mettre en œuvre face aux risques et opportunités .12
6.2 Objectifs de la gestion des services et planification des actions pour les atteindre .13
6.2.1 Établissement des objectifs .13
6.2.2 Planification pour atteindre les objectifs .13
6.3 Planification du système de management des services .14
7 Support du système de management des services.14
7.1 Ressources .14
7.2 Compétences .14
7.3 Sensibilisation .15
7.4 Communication .15
7.5 Informations documentées .15
7.5.1 Généralités .15
7.5.2 Création et mise à jour des informations documentées .15
7.5.3 Maîtrise des informations documentées .16
7.5.4 Informations documentées du système de management des services .16
7.6 Connaissances.17
8 Fonctionnement du système de management des services .17
8.1 Planification et maîtrise opérationnelles .17
8.2 Portefeuille des services .17
8.2.1 Fourniture des services .17
8.2.2 Planification des services .17
8.2.3 Maîtrise des parties impliquées dans le cycle de vie du service.18
8.2.4 Gestion du catalogue de services .18
8.2.5 Gestion des actifs .18
8.2.6 Gestion des configurations .19
8.3 Relations et accords .19
8.3.1 Généralités .19
8.3.2 Gestion des relations commerciales .20
8.3.3 Gestion des niveaux de services .20
8.3.4 Gestion des fournisseurs.21
© ISO/IEC 2018 – Tous droits réservés iii

---------------------- Page: 3 ----------------------
ISO/IEC 20000-1:2018(F)

8.4 Offre et demande .22
8.4.1 Budgétisation et comptabilisation des services .22
8.4.2 Gestion de la demande . .22
8.4.3 Gestion de la capacité .22
8.5 Conception, construction et transition du service .22
8.5.1 Gestion des changements .22
8.5.2 Conception et transition du service .24
8.5.3 Gestion des mises en production et de leur déploiement .25
8.6 Résolution et satisfaction .25
8.6.1 Gestion des incidents .25
8.6.2 Gestion de la demande de services .26
8.6.3 Gestion des problèmes .26
8.7 Garantie de services .27
8.7.1 Gestion de la disponibilité des services .27
8.7.2 Gestion de la continuité des services .27
8.7.3 Management de la sécurité de l'information .27
9 Évaluation des performances .28
9.1 Surveillance, mesures, analyse et évaluation .28
9.2 Audit interne .29
9.3 Revue de direction .29
9.4 Fourniture des rapports de service .30
10 Amélioration .30
10.1 Non-conformité et actions correctives .30
10.2 Amélioration continue .31
Bibliographie .32
iv © ISO/IEC 2018 – Tous droits réservés

---------------------- Page: 4 ----------------------
ISO/IEC 20000-1:2018(F)

Avant-propos
L'ISO (Organisation internationale de normalisation) et l’IEC (Commission électrotechnique
internationale) forment le système spécialisé de la normalisation mondiale. Les organismes
nationaux membres de l'ISO ou de l’IEC participent au développement de Normes internationales
par l'intermédiaire des comités techniques créés par l'organisation concernée afin de s'occuper des
domaines particuliers de l'activité technique. Les comités techniques de l'ISO et de l’IEC collaborent
dans des domaines d'intérêt commun. D'autres organisations internationales, gouvernementales et non
gouvernementales, en liaison avec l'ISO et l’IEC, participent également aux travaux. Dans le domaine
des technologies de l'information, l'ISO et l’IEC ont créé un comité technique mixte, l'ISO/IEC JTC 1.
Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont
décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier de prendre note des différents
critères d'approbation requis pour les différents types de documents ISO. Le présent document a été
rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www
.iso .org/directives).
L'attention est appelée sur le fait que certains des éléments du présent document peuvent faire l'objet
de droits de propriété intellectuelle ou de droits analogues. L'ISO et l’IEC ne sauraient être tenues pour
responsables de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails
concernant les références aux droits de propriété intellectuelle ou autres droits analogues identifiés
lors de l'élaboration du document sont indiqués dans l'Introduction et/ou dans la liste des déclarations
de brevets reçues par l'ISO (voir www .iso .org/brevets).
Les appellations commerciales éventuellement mentionnées dans le présent document sont données
pour information, par souci de commodité, à l’intention des utilisateurs et ne sauraient constituer un
engagement.
Pour une explication de la nature volontaire des normes, la signification des termes et expressions
spécifiques de l'ISO liés à l'évaluation de la conformité, ou pour toute information au sujet de l'adhésion
de l'ISO aux principes de l’Organisation mondiale du commerce (OMC) concernant les obstacles
techniques au commerce (OTC), voir le lien suivant: www .iso .org/iso/fr/avant -propos .html.
Le comité chargé de l’élaboration du présent document est l’ISO/IEC JTC 1, Technologies de l'information,
sous-comité SC 40, IT Service Management et IT Governance (Gestion des services issus des technologies
de l’information et gouvernance des technologies de l’information).
Cette troisième édition annule et remplace la deuxième édition (ISO/IEC 20000-1:2011) qui a fait l'objet
d'une révision technique.
Les principales modifications par rapport à l’édition précédente sont les suivantes:
a) Contenu restructuré dans la structure de niveau supérieur utilisée pour toutes les normes de
systèmes de management (dans l’Annexe SL du Supplément ISO Consolidé aux Directives ISO/
IEC, Partie 1). Cela a entraîné de nouvelles exigences communes pour le contexte de l’organisme,
la planification pour atteindre les objectifs et les actions à mettre en œuvre face aux risques et
opportunités. Certaines exigences communes ont mis à jour des exigences existantes. Par exemple,
informations documentées, ressources, compétences et sensibilisation.
b) prise en compte des nouvelles tendances de la gestion des services qui abordent des thèmes comme
la banalisation des services, la gestion de plusieurs fournisseurs par un intégrateur de services
interne ou externe et la nécessité de déterminer la valeur des services pour les clients.
c) retrait d’un certain nombre de détails pour se concentrer sur ce qui doit être fait et laisser aux
organismes toute liberté pour décider comment répondre aux exigences.
d) nouveaux points ajoutés tels que les exigences relatives à la connaissance et à la planification des
services.
© ISO/IEC 2018 – Tous droits réservés v

---------------------- Page: 5 ----------------------
ISO/IEC 20000-1:2018(F)

e) articles séparés qui étaient au préalable associés à la gestion des incidents, de la demande de
services, de la continuité des services, de la disponibilité des services, des niveaux de services, du
catalogue des services, de la demande et de la capacité.
f) «gouvernance de processus opérés par d'autres parties» renommée et remplacée par «maîtrise des
parties impliquées dans le cycle de vie du service» et mises à jour des exigences pour inclure les
services et les composants de services ainsi que les processus. Précision sur le fait que l’organisation
ne peut pas démontrer sa conformité aux exigences spécifiées dans le présent document si d’autres
parties sont utilisées pour fournir ou opérer tous les services, les composants de services ou les
processus dans le périmètre du système de management des services (SMS).
g) Division de l’Article 3 (Termes et définitions) en paragraphes pour les termes relatifs au système de
management et ceux relatifs à la gestion des services. Les définitions ont été largement modifiées.
Les principaux changements sont les suivants:
1) de nouveaux termes ont été ajoutés à l’Annexe SL, par exemple «objectif», «politique», et
d'autres ont été ajoutés spécifiquement pour la gestion des services, par exemple «actif»,
«utilisateur»;
2) le terme «fournisseur de services» a été remplacé par le terme «organisme» pour une question
de cohérence avec le texte commun de l’Annexe SL;
3) le terme «groupe interne» a été remplacé par «fournisseur interne» et le terme «fournisseur» a
été remplacé par «fournisseur externe»;
4) la définition de «sécurité de l'information» a été alignée sur la norme ISO/IEC 27000. En
conséquence, le terme «disponibilité» a été remplacé par «disponibilité des services» pour le
différencier du terme «disponibilité» qui est dorénavant utilisé dans la définition révisée de
«sécurité de l'information».
h) les informations documentées requises ont été reduites, seuls les documents clés tels que le plan de
management des services ont été conservés. Les autres changements concernant les informations
documentées sont les suivants:
1) l’exigence concernant le plan documenté de capacité est retiré et remplacé par l’exigence de
planification de la capacité;
2) l’exigence concernant le plan documenté de disponibilité est retiré et remplacé par l’exigence
de documentation des exigences et des objectifs de disponibilité des services;
3) l'exigence concernant la base de données de gestion des configurations est retirée et remplacée
par une exigence d’information de configuration;
4) l'exigence portant sur une politique de mises en production est retirée et remplacée par une
exigence de définition des types de mises en production et de leur fréquence;
5) l'exigence portant sur une politique d’amélioration continue est retirée et remplacée par une
exigence visant à déterminer les critères d’évaluation pour les opportunités d’amélioration.
i) les Figures 2 et 3 sont mises à jour et renumérotées en tant que Figures 1 et 2. La Figure 1 et
les références à la roue de Deming sont retirées du fait que celles-ci ne sont pas spécifiquement
utilisées dans l’Annexe SL car de nombreuses méthodes d'amélioration peuvent être utilisées avec
les normes de systèmes de management.
j) les exigences détaillées relatives aux rapports, contenus dans l'article sur les rapports de services,
sont déplacées vers les articles normalement concernés par lesdits rapports.
Une liste de toutes les parties de la série de normes ISO/IEC 20000 peut être consultée sur le site web
de l’ISO.
vi © ISO/IEC 2018 – Tous droits réservés

---------------------- Page: 6 ----------------------
ISO/IEC 20000-1:2018(F)

Il convient que l’utilisateur adresse tout retour d’information ou toute question concernant le présent
document à l’organisme national de normalisation de son pays. Une liste exhaustive desdits organismes
se trouve à l’adresse www .iso .org/fr/members .html.
© ISO/IEC 2018 – Tous droits réservés vii

---------------------- Page: 7 ----------------------
ISO/IEC 20000-1:2018(F)

Introduction
Le présent document a été élaboré pour préciser des exigences en vue de l'établissement, de la mise en
œuvre, de la tenue à jour et de l'amélioration continue d'un système de management des services (SMS).
Un SMS est une aide à la gestion du cycle de vie des services, comprenant la planification, la conception,
la transition, la fourniture et l’amélioration des services, pour satisfaire aux exigences convenues et
créer de la valeur pour les clients, les utilisateurs et l’organisme fournisseur des services.
L’adoption d’un SMS constitue une décision stratégique pour un organisme et est généralement
influencée par les objectifs de l’organisme, l’organe de gouvernance, les autres parties impliquées dans
le cycle de vie du service et la nécessité d’obtenir des services efficaces et faisant preuve de résilience.
La mise en œuvre et le fonctionnement d’un SMS apportent une visibilité des opérations, un maîtrise
des services et une amélioration continue conduisant à une meilleure efficience et à une plus grande
efficacité. L’amélioration du management des services s’applique aux SMS et aux services.
Le présent document est volontairement indépendant de tout guide ou référentiel spécifique.
L’organisme peut utiliser une combinaison de référentiels généralement admis et sa propre expérience.
Les exigences spécifiées dans le présent document sont alignées sur les méthodologies d’amélioration
généralement utilisées. Des outils appropriés de management des services peuvent être utilisés pour
accompagner le SMS.
L’ISO/IEC 20000-2 fournit des recommandations relatives à l’application des systèmes de management
des services comprenant des exemples permettant de répondre au mieux aux exigences spécifiées dans
le présent document. L’ISO/IEC 20000-10 fournit des informations sur toutes les parties de la série de
normes ISO/IEC 20000, avantages, mésinterprétation et autres normes connexes. L’ISO/IEC 20000-
10 fournit une liste des termes et définitions inclus dans le présent document qui viennent s'ajouter
aux termes non utilisés dans le présent document mais utilisés dans d’autres parties de la série de
normes ISO/IEC 20000.
La structure (c'est-à-dire l'organisation des articles et des paragraphes), la terminologie en 3.1 et une
grande partie des exigences sont issues de l’Annexe SL du Supplément ISO Consolidé aux Directives ISO/
IEC, Partie 1, également dénommée structure de niveau supérieur (HLS) utilisée pour toutes les normes
de systèmes de management. L'adoption de la HLS permet à un organisme de s’aligner sur plusieurs
normes de système de management, ou de les intégrer. Par exemple, un SMS peut être intégré dans un
système de management de la qualité basé sur l'ISO 9001 ou dans un système de management de la
sécurité de l'information basé sur l’ISO/IEC 27001.
La Figure 1 représente un SMS montrant le contenu du présent document. Elle ne figure pas une
hiérarchie structurelle, une séquence ou des niveaux d’autorité. Le présent document n'exige pas
l'application de sa structure à un SMS de l’organisme. Il n'est pas exigé que les termes utilisés par un
organisme soient remplacés par les termes utilisés dans le présent document. Les organismes peuvent
choisir librement les termes correspondant le mieux aux opérations liées à leur activité.
La structure est destinée à fournir une présentation cohérente des exigences plutôt qu'un modèle pour
la documentation des politiques, des objectifs et des processus d'un organisme. Chaque organisme peut
choisir comment combiner les exigences au sein des processus. Les relations entre chaque organisme et
ses clients, utilisateurs et autres parties intéressées ont une influence sur le mode de mise en œuvre des
processus. Un SMS tel qu’il est désigné par un organisme ne peut toutefois exclure aucune des exigences
spécifiées dans le présent document.
viii © ISO/IEC 2018 – Tous droits réservés

---------------------- Page: 8 ----------------------
ISO/IEC 20000-1:2018(F)

Figure 1 — Système de management des services
© ISO/IEC 2018 – Tous droits réservés ix

---------------------- Page: 9 ----------------------
NORME INTERNATIONALE ISO/IEC 20000-1:2018(F)
Technologies de l'information — Gestion des services —
Partie 1:
Exigences du système de management des services
1 Domaine d'application
1.1 Généralités
Le présent document spécifie les exigences destinées à une organisation pour établir, implémenter,
maintenir et améliorer continuellement un système de management des services (SMS). Les exigences
spécifiées dans le présent document incluent la planification, la conception, la transition, la fourniture
et l'amélioration des services afin de satisfaire aux exigences des services et créer de la valeur. Le
présent document peut être utilisé par:
a) un client attendant des services et exigeant une garantie de qualité pour ces services;
b) un client exigeant une approche cohérente du cycle de vie des services de la part de tous ses
fournisseurs de services, y compris ceux de la chaîne logistique;
c) un organisme pour démontrer ses capacités en matière de planification, de conception, de
transition, de fourniture et d’amélioration des services;
d) un organisme pour surveiller, mesurer et passer en revue son SMS et les services;
e) un organisme pour améliorer la planification, la conception, la transition, la fourniture et
l'amélioration des services par la mise en œuvre et le fonctionnement efficaces d'un SMS;
f) un organisme ou un tiers menant des évaluations de conformité par rapport aux exigences
spécifiées dans le présent document;
g) un fournisseur de formation ou de conseil en gestion des services.
Le terme «service» tel qu’il est utilisé dans le présent document se réfère au service ou aux services
compris dans le périmètre d'application du SMS. Le terme «organisme» tel qu’il est utilisé dans le
présent document se réfère à l’organisme compris dans le périmètre d'application du SMS qui gère et
fournit les services aux clients. Dans le périmètre d'application du SMS, l’organisme peut faire partie
d’une organisation plus étendue comme peut l’être, par exemple, un département au sein d’une grande
entreprise. Un organisme ou partie d'un organisme qui gère et fournit un ou plusieurs services à des
clients internes ou externes peut être aussi dénommé fournisseur de service. Tout usage des termes
«service» ou «organisme» n'ayant pas les significations susmentionnées sera clairement indiqué dans
le présent document.
1.2 Application
Toutes les exigences spécifiées dans le présent document sont génériques et prévues pour s'appliquer à
tout organisme, quels que soient son type ou sa taille, ou la nature des services fournis. L'exclusion d’une
des exigences spécifiées dans les Articles 4 à 10 n'est pas acceptable lorsque l’organisme revendique la
conformité au présent document, indépendamment de sa nature.
L’organisme peut lui-même démontrer la conformité aux exigences spécifiées dans le présent document
en apportant la preuve qu'il satisfait à toutes ces exigences.
© ISO
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC TS 20000-5:2022(Main)
Information technology — Service management — Part 5: Implementation guidance for ISO/IEC 20000-1

This document provides guidance for organizations on how to implement a service management system (SMS). Organizations can use this document to implement the entire SMS in order to conform to the requirements specified in ISO/IEC 20000-1, or parts of an SMS for a selected subset of requirements. This document illustrates a generic plan to manage implementation activities for an SMS. The intended users of this document are: a) organizations that require support on how to implement an SMS; b) consultants and advisors who support an organization during SMS implementation. This document can be used together with the other parts of ISO/IEC 20000 series.

  • Technical specification
    33 pages
    English language
    sale 15% off
  • Draft
    33 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 20000-11:2021(Main)
Information technology — Service management — Part 11: Guidance on the relationship between ISO/IEC 20000-1 and service management frameworks: ITIL®

This document provides guidance on the relationship between ISO/IEC 20000–1 and a commonly used service management framework, ITIL 4. It can be used by any organization or person wishing to understand how ITIL can be used with ISO/IEC 20000–1, including: a) an organization that has claimed or demonstrated or intends to claim or demonstrate conformity to the requirements specified in ISO/IEC 20000–1 and is seeking guidance on the use of ITIL to establish and improve an SMS and the services; b) an organization that already uses ITIL and is seeking guidance on how ITIL can be used to support efforts to demonstrate conformity to the requirements specified in ISO/IEC 20000–1; c) an assessor or auditor who wishes to understand the use of ITIL as a support in achieving the requirements specified in ISO/IEC 20000–1. Clause 4 describes how ITIL can support the demonstration of conformity to ISO/IEC 20000–1. Clause 5 correlates the ITIL documents to requirements in ISO/IEC 20000–1. The tables in Annex A correlate terms and clauses in ISO/IEC 20000–1 to ITIL and vice versa; the tables in Annex B correlate clauses in ISO/IEC 20000-1 to the ITIL 4 publications and vice versa.

  • Technical specification
    53 pages
    English language
    sale 15% off
  • Draft
    53 pages
    English language
    sale 15% off
ISO
ISO/IEC 20000-2:2019/Amd 1:2020(Amendment)
Information technology — Service management — Part 2: Guidance on the application of service management systems — Amendment 1
  • Standard
    1 page
    English language
    sale 15% off
  • Standard
    1 page
    French language
    sale 15% off
ISO
ISO/IEC 20000-3:2019(Main)
Information technology — Service management — Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1

This document includes guidance on the scope definition and applicability to the requirements specified in ISO/IEC 20000-1. This document can assist in establishing whether ISO/IEC 20000-1 is applicable to an organization's circumstances. It illustrates how the scope of an SMS can be defined, irrespective of whether the organization has experience of defining the scope of other management systems. The guidance in this document can assist an organization in planning and preparing for a conformity assessment against ISO/IEC 20000-1. Annex A contains examples of possible scope statements for an SMS. The examples given use a series of scenarios for organizations ranging from very simple to complex service supply chains. This document can be used by personnel responsible for planning the implementation of an SMS, as well as assessors and consultants. It supplements the guidance on the application of an SMS given in ISO/IEC 20000-2. Requirements for bodies providing audit and certification of an SMS can be found in ISO/IEC 20000-6 which recommends the use of this document.

  • Standard
    28 pages
    English language
    sale 15% off
  • Standard
    29 pages
    French language
    sale 15% off
ISO
ISO/IEC 20000-2:2019(Main)
Information technology — Service management — Part 2: Guidance on the application of service management systems

This document provides guidance on the application of a service management system (SMS) based on ISO/IEC 20000-1. It provides examples and recommendations to enable organizations to interpret and apply ISO/IEC 20000-1, including references to other parts of ISO/IEC 20000 and other relevant standards.

  • Standard
    63 pages
    English language
    sale 15% off
  • Standard
    70 pages
    French language
    sale 15% off
ISO
ISO/IEC 20000-10:2018(Main)
Information technology — Service management — Part 10: Concepts and vocabulary

This document describes the core concepts of ISO/IEC 20000 (all parts), identifying how the different parts support ISO/IEC 20000‑1:2018 as well as the relationships between ISO/IEC 20000-1 and other International Standards and Technical Reports. This document also includes the terminology used in all parts of ISO/IEC 20000, so that organizations and individuals can interpret the concepts correctly. This document can be used by: a) organizations seeking to understand the terms and definitions to support the use of ISO/IEC 20000 (all parts); b) organizations looking for guidance on how to use the different parts of ISO/IEC 20000 to achieve their goal; c) organizations that wish to understand how ISO/IEC 20000 (all parts) can be used in combination with other International Standards; d) practitioners, auditors and other parties who wish to gain an understanding of ISO/IEC 20000 (all parts).

  • Standard
    28 pages
    English language
    sale 15% off
  • Standard
    29 pages
    French language
    sale 15% off
ISO
ISO/IEC 20000-6:2017(Main)
Information technology — Service management — Part 6: Requirements for bodies providing audit and certification of service management systems

ISO/IEC 20000-6:2017 specifies requirements and provides guidance for certification bodies providing audit and certification of an SMS in accordance with ISO/IEC 20000‑1. It does not change the requirements specified in ISO/IEC 20000‑1. ISO/IEC 20000-6:2017 can also be used by accreditation bodies for accreditation of certification bodies. A certification body providing SMS certification is expected to be able to demonstrate fulfilment of the requirements specified in ISO/IEC 20000-6:2017, in addition to the requirements in ISO/IEC 17021‑1.

  • Standard
    13 pages
    English language
    sale 15% off
ISO
ISO/IEC DTS 20000-14(Main)
Information technology — Service management — Part 14: Guidance on the application of Service Integration and Management to ISO/IEC 20000-1

This TS aims to provide guidance to organizations that manage services in an environment that includes services sourced from multiple service providers through the incorporation of a service integration function and development of service integration and management ecosystem. Service integration and management can be applied to different sizes and types of organizations, and to different industry sectors.

  • Draft
    29 pages
    English language
    sale 15% off
  • Draft
    29 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 20000-5:2022(Main)
Information technology — Service management — Part 5: Implementation guidance for ISO/IEC 20000-1

This document provides guidance for organizations on how to implement a service management system (SMS). Organizations can use this document to implement the entire SMS in order to conform to the requirements specified in ISO/IEC 20000-1, or parts of an SMS for a selected subset of requirements. This document illustrates a generic plan to manage implementation activities for an SMS. The intended users of this document are: a) organizations that require support on how to implement an SMS; b) consultants and advisors who support an organization during SMS implementation. This document can be used together with the other parts of ISO/IEC 20000 series.

  • Technical specification
    33 pages
    English language
    sale 15% off
  • Draft
    33 pages
    English language
    sale 15% off
ISO
ISO/IEC 27013:2021(Main)
Information security, cybersecurity and privacy protection — Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to: a) implement ISO/IEC27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC27001 and ISO/IEC 20000-1 together; or c) integrate existing management systems based on ISO/IEC27001 and ISO/IEC 20000-1. This document focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1.

  • Standard
    60 pages
    English language
    sale 15% off
  • Draft
    57 pages
    English language
    sale 15% off