• Business & Service Strategy Alignment
• Multi-Vendor Supplier Management
• ITIL
  • IT Infrastructure Library
  • One Year On
  • Service Lifecycle Approach
  • Starter Package
  • Bridging Package
  • Accreditation
  • Qualifications
  • Release Dates
  • ITIL v3 Wallchart
• COBIT
• Self Assessment Tool
• ISO/IEC 20000
  • ISO 20000 Assessment
  • Preparing for ISO 20000
  • ISO 20000 FAQs

Subscribe to receive our latest news & updates.

• Name:
• Email:

Please enter this anti-spam security code

•  
  
  Code:
• 

BS15000 & ISO20000 Frequently Asked Questions (FAQs)

Questions

1. What is BS15000?
2. What is ISO20000?
3. I have been working to achieve BS15000 – is this wasted effort?
4. I have a BS15000 consultant/auditor qualification - what happens to that?
5. Isn't ITIL Best Practice?
6. What is the impact of ITIL v3 on ISO20000?
7. How is conformance with ISO20000 demonstrated?
8. I Already Have ISO 9000 Certification So Why Do I Need ISO20000?
9. I Believe There Are Many Quality Standards and Frameworks Available. How Do They Compare and Overlap?
10. Will ISO20000 be readily understood by anyone with ITIL qualifications?
11. Our IT Is Distributed Around the UK (and even overseas). Can Sites Be Certified Separately?
12. What Are the Benefits of ISO20000 Certification?
13. Are customers already asking for BS15000 or ISO20000 in tender documents?
14. Why should I choose Fox IT to help my organisation with ISO20000?
15. How much will it cost and how long will it take?
16. How do I find out more?

Answers

1. What is BS15000?

BS15000 is the British Standard for IT Service Management. As of mid-December 2005, this was replaced by the international standard, ISO/IEC20000.
Top of page

2. What is ISO20000?

ISO20000, or ISO/IEC20000 to give its full title, is the International Standard for IT Service Management. This is based on the British Standard, BS15000, with minor but not significant changes. ISO20000 was published in mid December 2005. Now the international standard has been published, the British Standard is withdrawn.

There is an appetite for an International Standard. ISO20000 has become an accepted standard in many countries since certification became available in 2003. Companies currently accredited to ISO20000 are not only in Great Britain but also include India, most European countries, China, Japan, Korea, Australia and USA.

An assessment can be carried out by external auditors from a registered certification body to provide you with a conformance report and, if successful, a certificate for your organisation. ISO20000 provides a recognised accreditation against which an organisation can demonstrate to their customers that it's IT Service Management processes represent best practice.

The certification scheme for ISO20000 is run by itSMF and is due to be accredited by UKAS soon.
Top of page

3. I have been working to achieve BS15000 – is this wasted effort?

Because ISO20000 is so similar to BS15000, any preparation activities previously made for BS15000 will be equally valid for ISO20000. There are 16 changes to requirements in ISO20000, all of which are minor.
Top of page

4. I have a BS15000 consultant/auditor qualification - what happens to that?

BS15000 and ISO20000 only have minor differences so your current qualification will be equally useful in supporting organisations with certification for ISO20000. You now need to understand the differences between the 2 standards. BSI has published a booklet to accompany ISO20000 that details the exact changes between the two standards – see www.bsi-global.com.

All BS15000 auditor and consultant certificates will remain valid but for a small charge you may request a replacement from itSMF. You may describe yourself as having qualifications covering ISO/IEC 20000.
Top of page

5. Isn't ITIL Best Practice?

Yes, it is; and in fact ISO20000 incorporates many ITIL processes as well as some additional processes, including 2 management system processes.

ITIL is best practice guidance but it is not possible to be accredited as a company against ITIL. The standard is a specification which provides the company level accreditation to demonstrate the consistent use of best practice.

ISO20000 does not mandate the use of ITIL. However, demonstrating best practice in IT Service Management to achieve ISO20000 certification is, of course, far easier if it is underpinned by the use of ITIL.
Top of page

6. What is the impact of ITIL v3 on ISO20000?

In some ways, ITIL v3 has caught up with ISO20000 by incorporating some of the processes such as Information Security Management and Supplier Management. In other ways, ITIL v3 has moved ahead with other changes. However, it is important to remember that ITIL and ISO20000 have different purposes and they will never exactly mirror one another.

There is currently an exercise going on by the ISO committee to review ITIL v3 and make recommendations on proposed changes to the standard. Initial findings are that most of the changes in ITIL v3 are already at least partially covered in ISO20000 and any changes are likely to be minor. Decisions to be taken include, for example, ITIL v3 has extended Release Management to be called Release and Deployment Management – does this need to be reflected in ISO20000?

The table below summarises the differences between ITIL v3 and ISO20000.

Top of page

7. How is conformance with ISO20000 demonstrated?

Conformance can be demonstrated in various ways, both internally and externally.

• internal reviews can be used to assess on a more detailed level whether the current IT service management processes conform to the standard and establish areas for improvement. These reviews might be part of an existing Continuous Service Improvement Programme.
• external reviews tend to be less detailed but are likely to be seen as more objective and so carry greater weight than internal ones since they are both impartial and independent.

If a Registered Certification Body (RCB - commonly known as an external auditor) conducts the external review and you meet the certification criteria, your organisation can become certificated as part of the scheme: you can then display the ISO20000 certification logo. This demonstrates that you have been independently assessed as having adequate controls and procedures in place and that you are able to consistently deliver a quality service.

There is a list of accredited RCBs on the web site www.isoiec20000certification.com.

You can gain ISO20000 certification either with or independent of ISO9000.
Top of page

8. I Already Have ISO 9000 Certification So Why Do I Need ISO20000?

ISO9000 is a generally applicable quality management standard, which applies to many processes and is used by organisations in different sectors and industries. While it has many attributes and benefits that are valuable to your existing commercial relationship, it does not specifically assess your processes for IT Service Management best practice.

You should consider whether specific certification for the ITSM component of your business is important: if your organisation is within the IT service sector, then ISO20000 will provide differentiation from competitors and underpin Governance measures.

Your certification body will probably assess ISO9000 and ISO20000 together in order to be more efficient.
Top of page

9. I Believe There Are Many Quality Standards and Frameworks Available. How Do They Compare and Overlap?

Most Quality Management Systems and frameworks, by their very nature, overlap with each other. The most common overlap will be in the areas of quality management, training, documentation audit and conformance.

There are many quality methods available and being unsure which one to implement is understandable: for example, you may have heard of MOF, Cobit, CMM, TickIT, Six Sigma, ISO27001 and others. It is key to understand the scope and purpose of each one, and then to match this to what you are trying to achieve in your organisation.

ISO20000 is unique in that it is a standard for external corporate certification that mirrors ITIL Service Management principles:

• MOF, for instance, openly admits that it utilises ITIL principles, but also concentrates on the use of Microsoft products in its implementation.
• TickIT works in conjunction with ISO9000 and focuses on application development and project management.
• CoBIT focuses on corporate governance and can be used with ITIL and ISO20000.
• Six Sigma is a process improvement tool but is not specific to ITSM and can be used with ITIL and ISO20000.
• CMM is a maturity measure for primarily application development and project management processes.
• ISO27001 is the standard for Information Security management. The information security requirements of ISO20000 are a subset of this standard.

Top of page

10. Will ISO20000 be readily understood by anyone with ITIL qualifications?

ISO20000 and ITIL share common terminology so the short answer is yes. Remember that conformance is also based on demonstrating appropriate training and skills to deliver the services being accredited so ITIL training should form a significant part of your Best Practice programme.
Top of page

11. Our IT Is Distributed Around the UK (and even overseas). Can Sites Be Certified Separately?

Yes. Eligibility is based on demonstrating management control of all processes within the ISO20000 standard relative to the scope of certification. A certification may be scoped by specific sites, departments, customers, technology or services.
Top of page

12. What Are the Benefits of ISO20000 Certification?

Developing an ISO20000 compliant IT service organisation will take time and will often lead to some organisational change. However the benefits of having a proven, conformant best practice IT service provision are:

• A more competitive business
• Aligned IS/IT strategy with the overall business strategy
• Managed and reducing risk
• Managed and reducing costs
• Faster time to implement change
• Improved reliability and availability of service, leading to improved customer satisfaction
• Continual Improvement built into the processes
• Suppliers and partners will become more integrated and service focused
• Possibility of benchmarking with other organisations

Top of page

13. Are customers already asking for BS15000 or ISO20000 in tender documents?

Yes. We have seen a number of customers asking for statements of supplier conformance, accreditation plans and quality management policies: some are quoting BS15000/ISO20000 certification specifically as the service requirement. It is likely that this movement will grow and, quite simply, if a prospective supplier cannot demonstrate such conformance, they may not be considered during a tendering exercise.

Even if a customer doesn't ask for certification, your service is more likely to be chosen over that of a competitor who does not demonstrate ISO20000 certification, providing competitive advantage.
Top of page

14. Why should I choose Fox IT to help my organisation with ISO20000?

Fox IT has an integrated range of services covering training and consultancy to support you in moving your organisation towards ISO20000 accreditation. There are many ISO20000 training course options. To help you choose, click: Which ISO20000 course is right for you?

• ISO20000 Awareness course, a 1-day or half-day single organisation course
• ISO20000 Foundation course, a 3-day course for staff in ISO20000 certified organisations, leading to an accredited qualification
• ISO20000 for Consultants course, a 3-day course for consultants leading to an accredited qualification
• ISO20000 for Auditors course, a 2-day course for internal and external auditors leading to an accredited qualification
• ISO20000 Compliance assessment service
• foxPRISM for ISO20000 - a process modelling tool which will speed up your move to ISO20000
• Preparing for ISO20000 – a unique consultancy service which supports you from the initial business case through assessments to improvements and working with the audit body to gain accreditation

Fox IT is at the forefront of standards and best practice in IT Service Management. Vernon Lloyd is past chair of the itSMF ISO20000 Qualification and Certification Committee.

The consultancy and training offerings for ISO20000 are delivered by our consultants who are accredited and experienced in BS15000/ISO20000 and the underpinning best practice, ITIL.

Many companies moving towards BS15000 or ISO2000 have chosen Fox IT as their Best Practice partner for exactly those reasons.
Top of page

15. How much will it cost and how long will it take?

Every organisation is different so there can be no single answer. Your existing level of maturity in service management, the scope of the audit, the size of your company, the resources that can be dedicated to the certification programme will all impact on the time to gain ISO20000. For this reason, Fox will always recommend that organisations undertake an assessment of their current compliance before deciding on an accreditation plan: this produces a realistic and achievable approach which maximises the chance of early success.
Top of page

16. How do I find out more?

Contact us to arrange a visit to discuss your requirements.
Top of page