ISO/IEC 20000 and ITIL®

ITIL represents the best practices to be adopted by an organisation seeking to operate its IT services in the most effective and efficient way.

However, organisations cannot realistically be assessed against ITIL best practice, at least not in a meaningful and consistent way since ITIL gives advice, is not prescriptive and very open to interpretation.

ISO/IEC 20000 was created because of this, as there was a perceived need in the market for a consistent standard that allowed comparison between organisations, differentiating those who had achieved what was defined as the minimum level of service management process to allow effective delivery of managed services.

Whilst there is actually quite a lot more to ITIL than Service Support and Service Delivery, these are the major process areas considered by most. Service Support includes the Service Desk along with the processes of Incident, Problem, Change, Release and Configuration Management, that is the short-term issues of supporting the infrastructure. Service Delivery is concerned more with the longer-term aspects and considers the processes of Service Level, Availability, Capacity, Finance and Service Continuity Management.

However, organisations cannot realistically be assessed against ITIL best practice, at least not in a meaningful and consistent way since ITIL gives advice, is not prescriptive and very open to interpretation. Two different assessor organisations would be likely to come up with two very different reports as to the 'degree of compliance' against ITIL.

ISO/IEC 20000 is the solution, as its introduction covered this perceived need in the market for a consistent standard that allows comparison between organisations, differentiating those who had achieved the minimum level of service management process to allow effective delivery of managed services.

ISO/IEC 20000 can be thought of as ISO9000 for IT Service Management. It describes the minimum requirements which an effective service management organisation will have in place and provides a set of requirements which can be audited against in a Quality Management system framework.

It is important to realise though that ISO/IEC 20000 certifies the management system supporting the provision of the services, it does not certify the services (or products) directly.