ISO 20000-1 CERTIFICATION

ISO/IEC 20000-1 “Information technology – Service management – Part 1: Service management system requirements” is the benchmark standard for defining the requirements that a service provider must possess to deliver high-quality IT services.

The standard specifies the requirements for establishing, implementing, maintaining, and continually improving a Service Management System (SMS). This includes the planning, design, transition, delivery, and improvement of services to meet service requirements and deliver value.

The standard allows organizations to demonstrate that they possess an IT Service Management System and are capable of delivering such services while ensuring compliance with the Service Level Agreements (SLAs) agreed upon with their customers.

The benefits are numerous and produce positive effects throughout the entire value chain:

• Quality Assurance for customers: It reassures clients that the services provided meet high, certified quality standards.

• Uniformity in the supply chain: It allows for a standardized approach throughout the service lifecycle and involves all suppliers within the supply chain.

• Demonstration of operational capability: It certifies the organization’s ability to plan, design, manage, and improve IT Services.

• Internal development: It promotes interaction between different business areas and, through internal and external audits, improves the efficiency and effectiveness of IT Services.

• Reduction in the number of audits: ISO 20000-1 Certification can reduce the number of second-party audits (those carried out by customers), resulting in significant cost savings.

The adoption of an IT Service Management System by companies is voluntary.
However, it is highly recommended for organizations that must contractually guarantee specific availability standards and recovery times, namely Service Level Agreements (SLAs).

Furthermore, it serves as an ideal framework to demonstrate resilience and prompt incident management in accordance with the requirements of new European directives and for supply chain management.

The certification path consists of 4 stages

Certification Request

All the economic aspects and the auditors’ activities related to the certification process may be agreed at this stage. The finalization of a contract concludes this part. Indeed the process for certification depends on the contract stipulated between the company and the certification body.
Generally, it is valid for three years.

Preliminary Audit (optional and possibly requested by the customer)

It is an initial assessment of the current company’s management system.
The preliminary audit is not involved in the normal process for certification and any possible improvement thus is intended to be nothing but a suggestion and it is not included in the official audit report.

Certification Audit – Stage 1

The audit is held in the company office. In this stage, the auditor gathers all the informations and evaluates the documents referring to the management system that must be certified. The auditor analyses the compulsory and voluntary standards. This is a preparatory step for the second stage of the Certification Audit.

Certification Audit – Stage 2

In this stage, the auditor will ascertain that the company complies with the management system. At the end of this process, the auditor will submit the ISO issue request to the certification body, if a significant nonconformity does not occur.