Free Downloads

ISO 20000: 2011
ITIL 2011 MMap

Request for Change (RFC) Template

Major Incident Report Template

ISO 20000/ITIL Timeline poster


Sponsored Links



Mar 14, 2008

ISO 20000 Rediscovered

"It is easier to do a job right than to explain why you didn't. "
- Martin Van Buren -

If we browse thru brief ITIL history, we can see that ITIL (or its basic concepts) was present in IT since the wheel invention. There lies the key to its popularity in IT service business. What can an IT business do to improve it's functioning, but turn to ITIL, or some of its derivatives, like MOF or ISO/IEC 20000? You educate and certify people, define your functions and processes and introduce tools for their automation. And then you are ITIL compliant. Or not?

ITIL is best practice guidance. In the V3 it becomes a bit more prescriptive, but still it stays a framework that basically tells us WHAT we SHOULD DO. In ITIL V3 there are some more ideas on HOW, but that's not its forte. You can define everything by ITIL recommendations, and it can help you a lot in your Service Management work, but you are still not ITIL compliant. Because there is no such thing as ITIL compliancy. You can measure your processes and report on them all you want, but no one guarantees that you made it there.

An international standard for IT Service Management, ISO/IEC 20000, is heavily based on ITIL. It deals with most important ITIL processes, but also adds some new. It defines requirements and code of practice for ITSM, and also provides the tools for assessment and audit of the system.

By ISO 20000, use of ITIL is not mandatory, but since 20000 is by its nature above ITIL in the pyramid, implementation and certification is much easier (read: “only possible”) if it is ITIL supported. ISO 20000 requirements are very short, not much juice there. HOWs and SHOULDs are in ITIL, SHALLs are in ISO 20000. So know your ITIL.

Also, it doesn't hurt if a company is ISO 90000 certified. You know, mindset and experience...

So, a possible path of implementing ITSM is combination of ITIL and ISO 20k: You define the phases of implementation with processes according the pain you feel in your processes. Also you implement ISO 20000 Plan-Do-Check-Act methodology and metrics for every considered process. Educate people, define the scope, processes and roles. Implement automation tools. Check. Act…

A tiny catch: ISO 20000 requires full frontal coverage, all processes have to be implemented. Scope can be limited only to a specific customer or part of organization. But you can keep your ITIL phased implementation, process by process, or in groups of processes. Apply what ITIL tells you, and implement what ISO20000 requires in each phase. In the end, you have a Service Management organization functioning on best practice principles and ready for ISO20000 certification.

ITSM pyramid

ITIL Qualification Scheme is for the people. Companies are not certified. Example: my company certified a bunch of people in ITIL Foundations 5 years ago. 95% of them left the company since then. In the meantime, we recognized the cost of repetitious certification of new employees. So we developed internal informal ITIL training, to support our business needs and processes. Only higher positioned people get formal ITIL certificates. We created internal support policies, procedures and work instructions, some of them included in our ISO9000 QMS, some external.

Now, ISO/IEC 20000 provides certification on a company level. External auditor (Registered Certification Body) conducts the review, and if the company meets the certification criteria, it can be certified and display the logo.

So if a company wants to be competitive, and introduce order and best practices in their service business, it should definitely think about ISO/IEC 20000 certification.

doesn’t introduce much overhead, it just tells you in advance what things shall be done eventually, and keeps you from wandering in the dark. If implemented right, certificate should be a bonus, not the target.

Mar 13, 2008

ITIL - ISO/IEC 20000 Compared

General Comparisson
ISO 20000
Best Practice
Best Practice
Standard & Code of Practice
Individual Certification
Individual Certification
Certification of a Service Provider Organization and individuals (lately)
Best practice guidance, detailed description and implementation guidance
Best practice guidance, detailed description and implementation guidance slightly more prescriptive then V2
High-level requirements
Defines process and function roles and responsibilities
Defines process and function roles and responsibilities
Org. structure independant, defines few mandatory roles
Process based, 10 processes & 1 function
Service Lifecycle Based, 26 processes, 4 functions
Continual improvement based, 16 processes, no functions
Processes & Functions
ISO 20000
Planning to Implement Service Management Continual Svc. Improvement Planning and Implementing Service Management
Service Delivery Svc. Strategy, Svc. Design, Continual Svc. Improvement Service Delivery
Service Level Management Service Level Management Service Level Management
Service Reporting - Reporting from SLM - Service Reporting
Financial Management Financial Management Budgeting and Accounting for IT Services
IT Service Continuity Management IT Service Continuity Management Service Continuity and Availability Management 
Availability Management Availability Management
Capacity Management Capacity Management Capacity Management
- demand management from Capacity Management) - Demand Management -
Security Management Information Security Management Information Security Management
Service Support Svc. Operation Resolution Processes
Incident Management Event Management, Request Fulfilment, Incident Management Incident Management
Service Desk Service Desk - No functions in ISO 20k -
  Svc. Transition, Svc. Operation Controll Processes
Configuration Management Service Asset and Configuration Management Configuration Management
Change Management Change Management Change Management
  Service Transition Release Processes
Release Management Release and Deployment Management Release Management
  Svc. Design Relationship Processes
- Supplier Management Supplier Management
  Svc. Strategy, Svc.Design, Svc. Improvement  
  Parts of Service Portfolio Management, Service Level Management and Continual Service Improvement Business Relationship Management

Mar 3, 2008

ITIL V3 Foundation Syllabus Change?

In a post ITIL Foundations Exam Go/No-Go from Oct. 27. 2008. I said something about the possible and needed changes in ITIL V3 Foundation syllabi.

For now, nothing has been announced officialy.
There is a new version of Interim ITIL V3 Foundation Certificate Syllabus, version 3.1 from 07. Feb. 2008.

In change comments it says that the reason for new version is updating the Copyright Statement with Crown Copyright. But also, several points of the syllabus are in red bold print, and I haven't seen the explanation for that.

Marked points are mostly from Service Strategy, and most people agree that it was over-emphasized in first V3 exams. ITIL Foundations exams in February indeed had fewer questions from Service Strategy then before.

So, risking to be completely off-target here, I presume that some change is gonna come and someone will inform us officially about it some day.

If someone spots an info on this somewhere, please point it out here. People all around are preparing for ITIL Foundations and it would be nice if they knew what to focus on.

Related posts: ITIL V3 Qualification Scheme : ITIL Foundations Exam - Go/No Go?


OK folks, here is an update: After a long review process, on 01.05.2009, there are new syllabi available for ITIL V3 exams:

ITIL V3 Foundation Syllabus
Link to the new V4.2 ITIL Foundation Syllabus

ITIL V3 Foundation Bridging Course Syllabus
Link to the new V4.1 Bridging V2/V3 ITIL Foundation Syllabus

ITIL V3 Managers Bridge Course Syllabus
Managers Bridge Syllabus V3.3