ITIL and ISO 20000
ISO 20000 [1] does not offer specific advice on how to design your processes. It is rather a set of requirements which must be met in order to qualify for certification.
This is where ITIL comes into play: ITIL (especially the new version 3) is strongly aligned with ISO 20000 and offers a rather detailed collection of best practices. As a result, ITIL V3 is a very good basis for developing ISO 20000 compliant processes.
On this Page:
- What is ISO 20000?
- The new Edition ISO/IEC 20000:2011
- Central Requirements of ISO 20000
- ITIL V3 as a Foundation for ISO 20000
- How much does ISO 20000 cost?
- Downloads & Additional Information on ISO 20000
What is ISO 20000?
ITIL provides guidance on what should be done in order to offer the clients of an IT organization adequate IT Services to support their business needs. ITIL qualifications are available for individuals but until recently there was no way for an IT organization to prove that it is working along the ITIL recommendations.
The ISO 20000 standard was conceived to fill this gap. Initiated by the two organizations itSMF and BSI (British Standards Institution), it is modeled upon the principles of ITIL, and for the first time offers IT organizations the possibility to become certified.
Organizations seeking to become certified against ISO 20000 must fulfill certain requirements, as outlined in ISO/IEC 20000:2005, Part 1: Specification – these are the mandatory requirements which must be fulfilled by organizations in order to be compliant with the standard.
There is also a second part of the standard (ISO/IEC 20000:2005, Part 2: Code of practice), which contains suggestions for organizations who want to become certified. The guidelines of the second part are not strictly mandatory.
The third part (ISO/IEC TR 20000:2005, Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1), introduced in 2009, provides guidance on scope definition, applicability and demonstration of conformity. ISO/IEC TR 20000-3 supplements the advice in ISO/IEC 20000-2.
The new Edition ISO/IEC 20000:2011
A new version of ISO/IEC 20000 Part 1: Service management system requirements (abbreviated to ISO/IEC 20000-1:2011) was published in April 2011.
The authors of the new version describe the main differences to the earlier edition (ISO/IEC 20000-1:2005) as follows:
- Closer alignment to both ISO 9001 and ISO/IEC 27001
- Clarification of existing definitions and addition of new definitions
- Introduction of the term "Service Management System" (SMS) and aligning the standard with the concept of a SMS
- Clarification of the requirements for the governance of processes operated by other parties
- Addition of requirements for the design and transition of new or changed services
The new version contains considerably more text than the previous one, but it does not provide detailed indications of what was added or changed. Overall, our impression is that many clarifications have found their way into the new edition, and that it has not necessarily become more difficult to achieve ISO 20000 certification.
Transition arrangements for ISO/IEC 20000:2005 to ISO/IEC 20000:2011
Under certain circumstances, the 2005 version of the ISO 20000 standard can still be used for a transitional period, so that organizations and trained individuals can adapt to the new edition.
The APM Group, which owns and operates the ISO/IEC 20000 certification and qualification schemes, states that
- If your organization has been certified to ISO 20000 before 1st June 2011, audits and re-certifications will be permitted using ISO/IEC 20000-1:2005 until 31st May 2013, while ISO/IEC 20000-1:2011 will be mandatory from 1st June 2013.
- If your organization submits a new application to become certified to ISO 20000 after 1st June 2011, ISO/IEC 20000-1:2011 will be applicable.
Central Requirements of ISO 20000
ISO 20000 promotes the “adoption of an integrated process approach to effectively deliver managed services to meet the business and customer requirements”.
ISO 20000 does not prescribe that its requirements must be met by following the ITIL recommendations, so there are many possible ways to achieve compliance. Introducing ITIL, however, is the most widely used approach for obtaining an ISO 20000 certificate.
It is also important to prove that IT processes are documented, actively managed, and continually improved.
ITIL V3 as a Foundation for ISO 20000
Comparison between ITIL and ISO 20000
One reason for creating a new ITIL version - ITIL V3 - was to achieve better alignment with the ISO 20000 standard. The principle of continual improvement has found its way into the ITIL books, and the processes of ITIL V3 and ISO 20000 are now very much in line (for example, there is now a Security Management process in ITIL V3, as required by ISO 20000).
As a result, ITIL V3 offers a broad range of best practice recommendations which are the perfect basis for developing ISO 20000 compliant processes for your organization - the implementation of ITIL V3 is the best available route towards ISO 20000 certification.
Save time and money with ISO 20000 compliant Reference Processes
Our ITIL V3 Reference Model - the ITIL Process Map V3 - makes the ITIL V3 knowledge instantly available for your ISO 20000 project.
The reference model contains easy to understand, fully adabtable process and document templates in popular formats like Microsoft Visio, Excel and Word. The ITIL - ISO 20000 Bridge links every single ISO 20000 requirement to one or several of these templates.
With these tools, designing and documenting ISO 20000 compliant processes boils down to modifying the professionally laid out templates of our reference model, and you get better results more quickly.
How much does ISO 20000 cost?
What's the overall Cost for achieving ISO 20000 Certification?
Unfortunately, this question is hard to answer.
The formal ISO 20000 audit itself is usually a very small proportion of the total cost that your organization will incur. In most cases, closing the gaps to become ISO 20000 compliant is by far the biggest part of a certification project.
As a result, the total cost heavily depends on
- the number of ITIL processes that are already implemented
- existing certificates, like e.g. ISO 9000
- the size of your IT organization
- the complexity of your services
Once the certificate is awarded it will be valid for an initial period of three years. This means that regular re-certification audits and intermittent ISO 20000 assessments are required, so there are also ongoing costs to be considered.
Can Expenses for external Consultants be avoided? Should we seek external Support?
External support will be necessary at least for the ISO 20000 certification audit, as the audit can only be performed by a Registered Certification Body.
In most cases it is also advisable to seek the help of an experienced consultant, who will know what typically attracts the attention of auditors. So while we would not recommend attempting an ISO 200000 certification without external expertise, the point here is to keep consulting expenditures as low as possible.
The ITIL Process Map V3 was designed with this in mind, as it enables you to acquire a large amount of ITIL and ISO 20000 knowledge before deciding where external help is needed.
Downloads & Additional Information on ISO 20000
| Live Demo | For a first introduction to the ITIL ISO 20000 Bridge, take a look at our live product demo. |
| Factsheet [.PDF] |
The factsheet on the ITIL Process Map ![[⇓]](/images/user_interface/icon_download.jpg "Download: Factsheet ITIL Process Map [.PDF]"){kind=icon} offers a description of our ISO 20000 compliant reference process model with its features, contents and use cases on two pages. |
| ISO 20000 and ITIL V3 | A comparison between ITIL and ISO 20000 in broad terms can be found in the ISO 20000 section of our IT Process Wiki |
| Introduction [.PDF] |
The PDF Introduction into ISO 20000 and the ITIL - ISO 20000 Bridge contains a comparison between ITIL and ISO 20000, advice on how to go about ISO 20000 certification, and details on how our ITIL - ISO 20000 Bridge supports your ISO 20000 initiative. |
[1] A new version ISO/IEC 20000:2011 was published in April 2011. This page, as well as the "ITIL - ISO 20000 Bridge" are based on ISO/IEC 20000:2005 - we will update both in the near future.
Home › Products › ISO 20000 Templates › ITIL & ISO 20000
© 2006-2012 IT Process Maps GbR
Legal Notice | GTC & Licence Conditions | Privacy | Disclaimer | About Us | Contact
Member of itSMF 
ITIL® is a Registered Trade Mark of the Cabinet Office in the United Kingdom and other countries. — IT Infrastructure Library® is a Registered Trade Mark of the Cabinet Office in the United Kingdom and other countries.
