CSA ISO/IEC 20000-1
Information technology — Service management — Part 1: Service management system requirements
|Publication Date:||1 January 2019|
|ICS Code (Other services):||03.080.99|
|ICS Code (Information technology (IT) in general):||35.020|
This document specifies requirements for an organization to establish, implement, maintain and continually improve a service management system (SMS). The requirements specified in this document include the planning, design, transition, delivery and improvement of services to meet the service requirements and deliver value. This document can be used by:
a) a customer seeking services and requiring assurance regarding the quality of those services;
b) a customer requiring a consistent approach to the service lifecycle by all its service providers, including those in a supply chain;
c) an organization to demonstrate its capability for the planning, design, transition, delivery and improvement of services; d) an organization to monitor, measure and review its SMS and the services;
e) an organization to improve the planning, design, transition, delivery and improvement of services through effective implementation and operation of an SMS;
f) an organization or other party performing conformity assessments against the requirements specified in this document;
g) a provider of training or advice in service management.
The term "service" as used in this document refers to the service or services in the scope of the SMS. The term "organization" as used in this document refers to the organization in the scope of the SMS that manages and delivers services to customers. The organization in the scope of the SMS can be part of a larger organization, for example, a department of a large corporation. An organization or part of an organization that manages and delivers a service or services to internal or external customers can also be known as a service provider. Any use of the terms "service" or "organization" with a different intent is distinguished clearly in this document.
All requirements specified in this document are generic and are intended to be applicable to all organizations, regardless of the organization's type or size, or the nature of the services delivered. Exclusion of any of the requirements in Clauses 4 to 10 is not acceptable when the organization claims conformity to this document, irrespective of the nature of the organization.
Conformity to the requirements specified in this document can be demonstrated by the organization itself showing evidence of meeting those requirements.
The organization itself demonstrates conformity to Clauses 4 and 5. However, the organization can be supported by other parties. For example, another party can conduct internal audits on behalf of the organization or support the preparation of the SMS.
Alternatively, the organization can show evidence of retaining accountability for the requirements specified in this document and demonstrating control when other parties are involved in meeting the requirements in Clauses 6 to 10 (see 8.2.3). For example, the organization can demonstrate evidence of controls for another party who is providing infrastructure service components or operating the service desk including the incident management process.
The organization cannot demonstrate conformity to the requirements specified in this document if other parties are used to provide or operate all services, service components or processes within the scope of the SMS.
The scope of this document excludes the specification for products or tools. However, this document can be used to help the development or acquisition of products or tools that support the operation of an SMS.