Process for Achieving ISO 20000 Certification Effectively

The international standard for IT Service Management (ITSM) is known as ISO 20000 and in order to achieve it, there are various processes that must be put in place. Here is a typical process that can be employed:

Grasp the Standard: The structure of ISO 20000 has various sections, the main being ISO 20000-1 which defines the terms and requirements relevant to the IT Service Management System i.e. SMS.

Understand the layout of the standard, its requirements, and its deployment.

Conduct a Gap Analysis: Conduct an internal audit (gap analysis) to compare your current IT performance management system with ISO 20000 requirements.

Identify gaps and areas for improvement to meet the criteria of the standard.

Plan for the Development of Implementation Strategy: Formulate actions and processes that will enable the organization to be compliant with ISO 20000 by planning how the necessary changes will be made within the organization.

Establish goals, activities, and timelines for each step of the process’s execution.

Design and implementation of Service Management System (SMS): At this stage, you will implement the processes and practices required for ISO 20000 compliance. The main areas of focus are:

• Incident management: Ensures prompt restoration of IT services after incidents.
• Troubleshooting: Identify root causes of recurring problems.
• Change Management: Managing changes to IT systems in a controlled and predictable manner.
• Service Level Management: Educating, communicating with customers, and maintaining service levels.
• Continuous Improvement: Monitoring, testing, and improving IT services over time.

This phase may include the refinement of existing IT policies and processes, training of personnel, and implementation of software tools that support these processes.

Performance Monitoring and Measurement: It is imperative that the performance of the SMS is periodically assessed and measured in order to conform with the ISO 20000.

With each passing day, because the quality of every product as well as processes changes and improves, perform routine checks of the given effectiveness of your processes through audits, performance indicators, and management reviews.

Conduct of Internal Audits: Carry out internal audits to avail evidence for adherence to the standards laid in ISO 20000.

Highlight corrective actions and non-conformities in procedures as well as areas of improvement.

Performance Appraisal: Conduct standardized staff reviews to assess the effectiveness of the SMS and address any necessary corrections or setbacks.

Select the certificate body: Select an accredited certification body (third-party organization) to perform the external audit.

Ensure that the group is recognized by national and international accreditation bodies.

External Audit: The certification body will perform an external audit in two stages:

• Stage 1: Review of

ISO 20000 documents to ensure alignment with the standard's requirements.

• Stage 2: On-site audit to verify that the SMS is effectively implemented and running as intended.

If successful, the certification body will issue the ISO 20000 certificate.

Ongoing Enhancement and Re-qualification: For three years, ISO 20000 certification remains in effect. To avoid revocation of certification, your company must conduct regular surveillance audits, usually once every year.

Such audits ensure that there is sustained compliance and show areas of possible improvement. Again, at the end of the cycle of certification, a re-certification audit is carried out in order to sustain the 20000 certifications.

We are ISO consultants and industry leader in the global market for selling online ISO documentation kits as well as ISO system awareness and auditor training kits. With a presence in more than 36 countries,