scope:

This International Standard provides guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for those organizations that are intending to either a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa, b) implement both ISO/IEC 27001 and ISO/IEC 20000-1 together, or c) integrate existing management systems based on ISO/IEC 27001 and ISO/IEC 20000-1. This International Standard focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1. In practice, ISO/IEC 27001 and ISO/IEC 20000-1 can also be integrated with other management system standards, such as ISO 9001 and ISO 14001.