ISO/IEC TR 22564-1

TECHNICAL ISO/IEC TR
REPORT 22564-1
First edition
Information technology — Service
management of infrastructure —
Part 1:
Process reference model (PRM) for
data centre services
PROOF/ÉPREUVE
Reference number
ISO/IEC TR 22564-1:2020(E)
©
ISO/IEC 2020

---------------------- Page: 1 ----------------------
ISO/IEC TR 22564-1:2020(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2020
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC TR 22564-1:2020(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Overview of process reference model . 5
5 Process reference model . 7
5.1 Strategic development . 7
5.1.1 Strategic control . 7
5.1.2 Inherent innovation . 8
5.1.3 Sustainable development . 8
5.2 Operation assurance .10
5.2.1 Routine management .10
5.2.2 Service support .12
5.2.3 Service delivery .15
5.2.4 Safety management .18
5.2.5 Quality management .19
5.3 Organization management .21
5.3.1 Management framework .21
5.3.2 Organization risk .22
5.3.3 Improvement criteria . .23
Annex A (informative) Statement of conformity to ISO/IEC 33004 .25
Bibliography .27
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE iii

---------------------- Page: 3 ----------------------
ISO/IEC TR 22564-1:2020(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that
are members of ISO or IEC participate in the development of International Standards through
technical committees established by the respective organization to deal with particular fields of
technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other
international organizations, governmental and non-governmental, in liaison with ISO and IEC, also
take part in the work.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for
the different types of document should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC
list of patent declarations received (see http:// patents .iec .ch).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso .org/
iso/ foreword .html.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 40, IT Service Management and IT Governance.
A list of all parts in the ISO/IEC 22564 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
iv PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC TR 22564-1:2020(E)

Introduction
The purpose of this document is to facilitate the development of a process assessment model (PAM)
1)
described in ISO/IEC 22564-2 .
ISO/IEC 33002 describes the requirements for the conduct of an assessment. ISO/IEC 33004 describes
the requirements for process reference, process assessment and maturity models. ISO/IEC 33020
describes the measurement scale for assessing the process quality characteristic of process capability.
ISO/IEC 33001 describes the concepts and terminology used for process assessment. Annex A provides
the statement of conformity in accordance with the requirements of ISO/IEC 33004 concerning process
reference models.
A process reference model (PRM) is a model comprising definitions of processes described in terms of
process purpose and outcomes, together with an architecture describing the relationships between the
processes.
This PRM specified in this document describes the processes including the service
management particularly for a data centre. This PRM follows the management process of
ISO/IEC 20000-1, ISO/IEC 27001, ISO 22301 and other related International Standards for its data
centre background. Each process of this PRM is described in terms of a purpose and outcomes. The PRM
is particularly applicable for data centre and not intended to be used for a conformity assessment audit.
This document:
a) covers capability items that can reflect data centre service capability;
b) is applicable to any organization operating a data centre;
c) serves as a process reference model for data centres;
d) acts as a basis for the process assessment model.
The PRM consists of three capability domains and eleven capability sub-domains. It is illustrated in
Figure 1. Each capability sub-domain covers a diversity of capability items that enables a data centre to
manage, deliver, improve and administer IT-related activities and represents the ability of a data centre
to control these activities.
Figure 1 — Framework of the process reference model
1) To be published. Current stage 00.20.
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE v

---------------------- Page: 5 ----------------------
ISO/IEC TR 22564-1:2020(E)

Figure 2 illustrates the key interest and relationships involved in data centre services.
Data centre interest includes customers, suppliers and assessors.
Figure 2 — Data centre key interest
In this PRM, capability items are regarded as processes, and are interpreted as processes hereinafter.
Clause 3 briefly introduces the PRM.
Clause 4 describes the thirty-six processes in this PRM with their purpose and outcomes.
Annex A provides the statement of conformity in accordance with ISO/IEC 33004.
vi PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 6 ----------------------
TECHNICAL REPORT ISO/IEC TR 22564-1:2020(E)
Information technology — Service management of
infrastructure —
Part 1:
Process reference model (PRM) for data centre services
1 Scope
This document defines a process reference model (PRM) for the domain of service management in a
data centre to provide data centre services.
The model specifies a process architecture for the domain and comprises a set of processes. Each
process is described in terms of process purpose and outcomes. And a 22 to contain or imply aspects
of the process quality characteristic beyond the basic level of any relevant process measurement
framework conformant with ISO/IEC 33003.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
assessment
the process of estimating the effectiveness, utilization, and relevance of a service or facility
3.2
capability
ability of an object to realize an output that will fulfil the requirements for that output
[SOURCE: ISO 9000:2015, 3.6.12, modified — Note 1 to entry has been removed.]
3.3
capability domain
collection or combination of similar processes
Note 1 to entry: There are three capability domains for data centre services: strategy, operation, and organization.
3.4
capability sub-domain
associated processes within a capability domain (3.3)
3.5
compliance
production and operating activities of a data centre that fulfil specified requirements of the relevant
laws, regulations, standards and other contractual obligations
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE 1

---------------------- Page: 7 ----------------------
ISO/IEC TR 22564-1:2020(E)

3.6
data centre
organization that provides IT operation services consisting of computer room(s) with infrastructure,
personnel, information system hardware, software, information resources, and corresponding rules
and regulations, to provide IT services
Note 1 to entry: A computer room normally only includes server room(s).
Note 2 to entry: Information system hardware normally includes physical and virtual resources.
Note 3 to entry: Information resources normally include data.
3.7
data centre service
capabilities and resources of a data centre (3.6) that are used to deliver value for stakeholders
3.8
data centre service capability
capability of data centre (3.6) resources to deliver data processing and satisfy functional requirements
3.9
effectiveness
extent to which planned activities are realized and planned results achieved
[SOURCE: ISO/IEC 20000-1:2018, 3.1.7]
3.10
human resource management
management of people in organizations
Note 1 to entry: Human resource management can include talent management, employee relations and industrial
relations, separation, training and development, reward, compensation and other benefits, performance
management, grievance management, strategies, metrics, principles, policies decisions, operations, practices and
methods.
Note 2 to entry: Human resource management optimizes the contribution of people to support organizational
and stakeholder success.
[SOURCE: ISO 30400:2016, 4.6]
3.11
incident
unplanned interruption to a service, a reduction in the quality of a service or an event that has not yet
impacted the service to the customer or user
[SOURCE: ISO/IEC 20000-1:2018, 3.2.5]
3.12
maturity model
model derived from one or more specified process assessment model(s) that identifies the process sets
associated with the levels in a specified scale of organizational process maturity
[SOURCE: ISO/IEC 33001:2015, 3.3.7]
3.13
operation
job or task consisting of one or more work elements, usually done essentially in one location
[SOURCE: ISO 15531-43:2006, 3.1.21, modified — NOTE was removed.]
2 PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 8 ----------------------
ISO/IEC TR 22564-1:2020(E)

3.14
organization
person or group of people that has its own functions with responsibilities, authorities and relationships
to achieve its objectives
[SOURCE: ISO 9000:2015, 3.2.1, modified — Notes 1 and 2 to entry have been removed.]
3.15
organizational culture
collective beliefs, values, attitudes and behaviour of an organization that contribute to the unique social
and psychological environment in which it operates
[SOURCE: ISO 22316:2017, 3.3]
3.16
problem
cause of one or more actual or potential incidents
[SOURCE: ISO/IEC 20000-1:2018, 3.2.10]
3.17
process
set of interrelated or interacting activities that use inputs to deliver an intended result
[SOURCE: ISO 9000:2015, 3.4.1, modified — Notes 1 to 6 to entry have been removed.]
3.18
process assessment
disciplined evaluation of an organizational unit’s processes against a process assessment model
[SOURCE: ISO/IEC 33001:2015, 3.2.15]
3.19
process assessment model
model suitable for the purpose of assessing a specified process quality characteristic, based on one or
more process reference models
Note 1 to entry: Process assessment models addressing a specific process quality characteristic can include
the identification of the characteristic in the title; for example, a process assessment model addressing process
capability can be termed a “process capability assessment model”.
[SOURCE: ISO/IEC 33001:2015, 3.3.9]
3.20
process improvement
activity to enhance performance of a process
Note 1 to entry: The activity can be recurring or singular.
3.21
process outcome
observable result of the successful achievement of the process purpose
Note 1 to entry: An outcome statement describes one of the following: production of an artefact; a significant
change in state; meeting of specified constraints, e.g. requirements, goals, etc.
[SOURCE: ISO/IEC 33001:2015, 3.3.11]
3.22
process performance
extent to which the execution of a process achieves its purpose
[SOURCE: ISO/IEC 33001:2015, 3.4.7]
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE 3

---------------------- Page: 9 ----------------------
ISO/IEC TR 22564-1:2020(E)

3.23
process purpose
high level objective of performing the process and the likely outcomes of effective implementation of
the process
Note 1 to entry: The implementation of the process should provide tangible benefits to the stakeholders.
[SOURCE: ISO/IEC 33001:2015, 3.3.13]
3.24
process reference model
model comprising definitions of processes in a domain of application described in terms of process
purpose and outcomes, together with an architecture describing the relationships between the
processes
[SOURCE: ISO/IEC 33001:2015, 3.3.16]
3.25
project management
coordinated activities to direct and control the accomplishment of agreed deliverables
[SOURCE: ISO/TR 21506:2018, 3.61]
3.26
RPO
recovery point objective
point to which information used by an activity must be restored to enable the activity to operate on
service resumption
Note 1 to entry: Can also be referred to as “maximum data loss”
3.27
RTO
recovery time objective
period of time following an incident within which
a) a product or service must be resumed, or
b) an activity must be resumed, or
c) resources must be recovered
Note 1 to entry: For products, services and activities, the recovery time objective must be less than the time it
would take for the adverse impacts that would arise as a result of not providing a product/service or performing
an activity to become unacceptable
3.28
service request
request for information, advice, access to a service or a pre-approved change
[SOURCE: ISO/IEC 20000-1:2018, 3.2.25]
3.29
strategy
organization's overall plan of development, describing the effective use of resources in support of the
organization in its future activities
Note 1 to entry: involves setting objectives and proposing initiatives for action
[SOURCE: ISO/IEC/IEEE 24765:2017, 3.4001]
4 PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 10 ----------------------
ISO/IEC TR 22564-1:2020(E)

3.30
sufficiency
measure of the adequacy of native performance using a standard interchange format
[SOURCE: ISO/IEC 19795-4:2008, 4.17, modified — NOTES 1, 2 and 3 have been removed.]
3.31
suitability
degree to which a capability enabler meets stated and implied needs when used in a specified
context of use
3.32
SWOT
strengths, weaknesses, opportunities, and threats [A Guide to the Project Management Body of
Knowledge (PMBOK®Guide) - Fifth Edition]
[SOURCE: ISO/IEC/IEEE 24765:2017, 3.4070]
4 Overview of process reference model
ISO/IEC 33004 requires that each process in the PRM has the following descriptive elements
a) Name: the name of a process is a short noun phrase that summarizes the scope of the process,
identifying the principal concern of the process, and distinguishes it from other processes within
scope of the process reference model.
b) Purpose: the purpose of the process is a high level and overall goal for performing the process.
c) Outcomes: an outcome is an observable result of the successful achievement of the process
purpose. Outcomes are measurable, tangible, technical or business results that are achieved by a
process. They are observable and assessable.
Figure 3 shows process categories and processes in the Process Reference Model for Data Centre
Services.
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE 5

---------------------- Page: 11 ----------------------
ISO/IEC TR 22564-1:2020(E)

Figure 3 — Process categories and processes
The purpose of a process reference model is to define a set of processes that collectively can support
the primary aims of a community of interest. A process assessment model uses the same process
descriptions provided in the process reference model.
6 PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 12 ----------------------
ISO/IEC TR 22564-1:2020(E)

5 Process reference model
Explains the categories and subcategories.
5.1 Strategic development
There are three sub-areas in this category:
a) Strategic control;
b) Inherent innovation;
c) Sustainable development.
5.1.1 Strategic control
There are two processes in this category:
a) SD01: Strategic management;
b) SD02: Project management.
SD01 Strategic management
Process ID SD01
Name Strategic management
Purpose The purpose of strategic management is to ensure the data cen-
tre development and operation is planned in line with its policy
and is continually improved.
Outcomes As a result of successful implementation of this process:
a) A strategic plan is created;
b) A strategic plan is released;
c) A strategic plan is performed;
d) A strategic plan performance is reviewed.
SD02: Project management
Process ID SD02
Name Project management
Purpose The purpose of project management is to carry out project con-
trol in terms of scope, schedule, quality and cost based on the
strategy of a data centre to ensure effective implementation of
project and execution of strategic targets.
Outcomes As a result of successful implementation of this process:
a) Project charter is developed;
b) Project demands are identified;
c) Project plans are developed;
d) Project implementation is recorded and monitored;
e) Project delivery results are verified and evaluated.
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE 7

---------------------- Page: 13 ----------------------
ISO/IEC TR 22564-1:2020(E)

5.1.2 Inherent innovation
There are two processes in this category:
a) SD03: Knowledge management;
b) SD04: Innovation management.
SD03: Knowledge management
Process ID SD03
Name Knowledge management
Purpose The purpose of knowledge management is to ensure the accumu-
lation and inheritance of the knowledge of a data centre during
the period of service lifecycle via creation, sharing and applica-
tion of knowledge.
Outcomes As a result of the successful implementation of this process:
a) Knowledge management policy, including purpose, scope,
principles, classification is determined;
b) Knowledge is created, categorized, continuously updated,
and deleted if necessary;
c) Knowledge is used;
SD04: Innovation management
Process ID SD04
Name Innovation management
Purpose The purpose of innovation management is to ensure that the
innovation of new ideas, technologies and methodologies of a
data centre is appropriately managed and valuable outcomes are
achieved.
Outcomes As a result of successful implementation of this process:
a) Innovation management organization is established and the
roles for innovation management are assigned;
b) Innovation policies and principles are established;
c) Mechanism for innovation are established;
d) Management for each innovation step is implemented;
e) Innovation results are transformed and applied.
5.1.3 Sustainable development
There are three processes in this category:
a) SD05: Financial management;
b) SD06: Human resource management;
c) SD07: Architecture and technology management.
8 PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 14 ----------------------
ISO/IEC TR 22564-1:2020(E)

SD05: Financial management
Process ID SD05
Name Financial management
Purpose The purpose of the financial management process is to improve
return on investment (ROI) and perform activities of budget-
ing and accounting to ensure visibility and control of financial
resources for service provision.
Outcomes As a result of the successful implementation of this process:
a) Financial management policies are established;
b) Budgets are produced with cost estimates;
c) Budget status reports are produced;
d) Costs are monitored against budget;
e) Deviations from the budget are managed.
SD06: Human resource management
Process ID SD06
Name Human resource management
Purpose The purpose of human resource management is to ensure that
appropriate human resources are provided to meet the service
demands of a data centre.
Outcomes As a result of successful implementation of this process:
a) The demands for human resources are determined,
documented, allocated and maintained;
b) Understanding of roles and activities in achieving objectives
of a data centre is demonstrated by each person;
c) The human resources required by the data centre are
identified and accordingly staff are recruited and assigned
as needed;
d) Training and other actions are implemented to fill the gap
between demands and actual competencies. Related records
are documented;
e) HR policies and procedures are defined and implemented;
f) Feedback mechanisms are implemented to identify levels of
employee satisfaction and improvement;
SD07: Architecture and technology management
Process ID SD07
Name Architecture and technology management
Purpose The purpose of architecture and technology management is to
ensure that a data centre has the necessary architecture and
technology and support to meet business needs and service
requirements.
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE 9

---------------------- Page: 15 ----------------------
ISO/IEC TR 22564-1:2020(E)

Outcomes As a result of the successful implementation of this process:
a) An architecture and technology management policy is
determined;
b) Requirements of architecture and technology are identified,
recorded and implemented;
c) Technology is managed throughout its lifecycle, including
its procurement, introduction, application, maintenance and
decommissioning;
d) New architecture and technology are researched for
suitability and anticipated benefits, tested and applied as
planned;
e) Architecture and technology within the designated scope
are applied, specifications and standards of architecture and
technology are created and distributed;
f) Architecture and technology are maintained and updated
against the demands;
g) Obsolescent architecture and technology are
decommissioned.
5.2 Operation assurance
There are five sub-areas in this category:
a) Routine management;
b) Service support;
c) Service delivery;
d) Safety management;
e) Quality management.
5.2.1 Routine management
There are five processes in this category:
a) OA01: Monitoring control;
b) OA02: Duty management;
c) OA03: Routine operation management;
d) OA04: Operational planning;
e) OA05: Operational implementation and control.
10 PROOF/ÉPREUVE © ISO/IEC 2020 – All rights reserved

---------------------- Page: 16 ----------------------
ISO/IEC TR 22564-1:2020(E)

OA01: Monitoring control
Process ID OA01
Name Monitoring control
Purpose The purpose of monitoring control is to ensure that the monitor-
ing tools are suitable and appropriate to monitor the operation
of a data centre in real-time, and accordingly, unexpected events
are detected and responded appropriately, to meet the business
objectives.
Outcomes As a result of successful implementation of this process:
a) The policy for monitoring control is defined and the
requirements are determined and agreed;
b) Monitoring tools are deployed, operated and adjusted based
on the requirements;
c) The events can be detected and responded in time.
OA02: Duty management
Process ID OA02
Name Duty management
Purpose The purpose of duty management is to ensure that the duty work
is organized and managed via schedules, procedures and behav-
iours to meet operational requirements.
Outcomes As a result of successful implementation of this process:
a) The requirements of duty management are identified;
b) Duty plans are developed and executed;
c) Shifts of work are implemented with the handover of
records.
OA03: Routine operation management
Process ID OA03
Name Routine operation management
Purpose The purpose of routine operation management is to ensure
that the operation activities which are normalized or routi-
nized, are implemented in accordance with the requirements
of a data centre.
© ISO/IEC 2020 – All rights reserved PROOF/ÉPREUVE 11

---------------------- Page: 17 ----------------------
ISO/IEC TR 22564-1:2020(E)

Outcomes As a result of successful implementation of this process:
a) The requirements of routine operations are identified;
b) The routine operations are planned and implemented
accordingly;
c) The results and exceptions of operational performance are
recorded and reviewed;
d) The modifications to the operation plan are deployed if
necessary.
OA04: Operational planning
Process ID OA04
Name Operational planning
Purpose The purpose of operational planning is to define the characteris-
tics of all operational and organizational processes, and to plan
their execution.
Outcomes As a result of successful implementation of this process:
a) The characteristics and requirements of the management of
all operational and organizational processes are identified;
b) Methods for monit
...