Free Downloads

ISO 20000: 2011
ITIL 2011 MMap

Request for Change (RFC) Template

Major Incident Report Template

ISO 20000/ITIL Timeline poster


Sponsored Links



Mar 14, 2008

ISO 20000 Rediscovered

"It is easier to do a job right than to explain why you didn't. "
- Martin Van Buren -

If we browse thru brief ITIL history, we can see that ITIL (or its basic concepts) was present in IT since the wheel invention. There lies the key to its popularity in IT service business. What can an IT business do to improve it's functioning, but turn to ITIL, or some of its derivatives, like MOF or ISO/IEC 20000? You educate and certify people, define your functions and processes and introduce tools for their automation. And then you are ITIL compliant. Or not?

ITIL is best practice guidance. In the V3 it becomes a bit more prescriptive, but still it stays a framework that basically tells us WHAT we SHOULD DO. In ITIL V3 there are some more ideas on HOW, but that's not its forte. You can define everything by ITIL recommendations, and it can help you a lot in your Service Management work, but you are still not ITIL compliant. Because there is no such thing as ITIL compliancy. You can measure your processes and report on them all you want, but no one guarantees that you made it there.

An international standard for IT Service Management, ISO/IEC 20000, is heavily based on ITIL. It deals with most important ITIL processes, but also adds some new. It defines requirements and code of practice for ITSM, and also provides the tools for assessment and audit of the system.

By ISO 20000, use of ITIL is not mandatory, but since 20000 is by its nature above ITIL in the pyramid, implementation and certification is much easier (read: “only possible”) if it is ITIL supported. ISO 20000 requirements are very short, not much juice there. HOWs and SHOULDs are in ITIL, SHALLs are in ISO 20000. So know your ITIL.

Also, it doesn't hurt if a company is ISO 90000 certified. You know, mindset and experience...

So, a possible path of implementing ITSM is combination of ITIL and ISO 20k: You define the phases of implementation with processes according the pain you feel in your processes. Also you implement ISO 20000 Plan-Do-Check-Act methodology and metrics for every considered process. Educate people, define the scope, processes and roles. Implement automation tools. Check. Act…

A tiny catch: ISO 20000 requires full frontal coverage, all processes have to be implemented. Scope can be limited only to a specific customer or part of organization. But you can keep your ITIL phased implementation, process by process, or in groups of processes. Apply what ITIL tells you, and implement what ISO20000 requires in each phase. In the end, you have a Service Management organization functioning on best practice principles and ready for ISO20000 certification.

ITSM pyramid

ITIL Qualification Scheme is for the people. Companies are not certified. Example: my company certified a bunch of people in ITIL Foundations 5 years ago. 95% of them left the company since then. In the meantime, we recognized the cost of repetitious certification of new employees. So we developed internal informal ITIL training, to support our business needs and processes. Only higher positioned people get formal ITIL certificates. We created internal support policies, procedures and work instructions, some of them included in our ISO9000 QMS, some external.

Now, ISO/IEC 20000 provides certification on a company level. External auditor (Registered Certification Body) conducts the review, and if the company meets the certification criteria, it can be certified and display the logo.

So if a company wants to be competitive, and introduce order and best practices in their service business, it should definitely think about ISO/IEC 20000 certification.

doesn’t introduce much overhead, it just tells you in advance what things shall be done eventually, and keeps you from wandering in the dark. If implemented right, certificate should be a bonus, not the target.


Abhijit Mandavkar said...

Hi Blogger, This is an excellent blog. Keep it going. You can visit my ITIL Best Practices site for more information.

Jonathan said...

Nice explanation - well done. We have free access to a module of our new ISO2000 online course which also shows the certification process -


ITIL Trainer said...


ITIL does not claim to be Best Practice. It claims to be a source of Good Practice, along with such other sources of Good Practice as local standards and proprietary knowledge held by organisations or individuals.

Best Practice is formally defined and recognised in ISO/IEC 20000, which has been through a process of rigorous international expert review and approval.

doctor said...

Correction, dear ITIL Trainer. OGC claims that ITIL is the best practice, hence the official site is named Best Management Practice, go have a look at

Of course, ISO20k-2 is formally called Code of Practice and it claims to define best practices for Service Management processes which are again mostly derived from ITIL.

I wouldn't lose more time on good/best/code of practice terminology. While ISO and ITIL claim to define best practice, each of us should see what is good/best in every particular case.


ITIL Trainer said...

Hi there. Yes indeed - you are right - ITIL describes itself as best practice.

I have now found that it's actually defined in the ITIL Glossary: "Best Practice: Proven activities or processes that are successfully used by multiple organisations."

I must find out why my organisation differs on this point. More importantly, I must correct my training material to avoid misleading the students.

So, that was a useful discussion.


doctor said...

Glad if I was useful ;-)

Read an amusing skeptical view on ITIL best practices here.


ITIL Trainer said...

Looks like my organisation wrote that article! :)

The site appears to be a good one to stay tuned to. So, thanks again for the good info.

doctor said...

You're welcome, Trainer. Keep up the good work.

Ashwini said...

Hi Doctor!
Its an informative piece. I am planning to take up my Foundation shortly. I need some help. Could I have ur emailid?

doctor said...

You can mail me at ITSMDOC(at sign)

Hope I can help...

SBL - BPO Services said...

I have seen many sites before and most of them do not look this good.  Thanks for the excellent content......

SBL - BPO Services

doctor said...

Oh c'mon SBL, I'm sure you say that to everyone ;-)

Anonymous said...

Does anyone know when ISO/IEC are going to issue an updated version of the ISO/IEC 200000 standard that maps fully over ITIL V3?

I saw mention of this on the EXIN site (I think it was), but there was no release date given.

It's pretty messy at the moment, as Doctor's tables demonstrate so well.

(I passed the EXIN ISO 200000 exam yesterday - feeling good!)

ITIL Trainer

doctor said...

Congrats on your exam!

As for FULL compliance of ISO20k with ITIL V3, I don't think that's going to happen any time soon ;-)

ITIL V3 is soo blown up, and that makes it difficult to create a rational and practical standard with audit critheria and all...

Regards, Doc

Anonymous said...

Hi people,

Can someone throw insights on the benefits of ITIL v3 to production support projects? (I mean the application maintenance projects)


IT Consulting

doctor said...

Hi Shiva,

You a mindreader?

You guessed the headline of my next post :-)

Anonymous said...

Hello doctor,

Would you pls. provide the benefits (ROI) on ITIL to app maintenance projects.


IT Consluting

Anonymous said...

Nice blg! I see you've not posted anymore. Have you started written anywhere else ? Thank you!

doctor said...

Well, dear Giovanni,

where does it say that I have to post every year :-))) ?

I am still very much in ITIL, but found myself in an transaction app management project which has eaten all of my spare time for the last year.

It's beggining to look better now, so I will start posting soon.

Thanx for asking,


Marc said...

Very helpful site. Those mmaps are really useful and permanent on my lapttop. Thanks for the hard work ;)

doctor said...

Thanks, Marc. Have a good life!

service management software said...

Very helpful site. Those mmaps are really Help Ful For me .


Outbound call center said...

excellent explainations.keep it up.

Market Research Services said...

I appreciate the labor you have put in developing this blog. Nice and informative.

benefits management said...

I like the way of writing. Very Good Explanation of ITIL Best practices.The ISO structure define in the post is very understandable.


Anonymous said...

Nice post and this post helped me alot in my college assignement. Thank you on your information.

manajemen said...
This comment has been removed by a blog administrator.