ISO 20000-1 Clause 8 – Unpacking the Standard

ISO 200001 clause 8 unpacking the standard


This is the second of a series of blogs, relating to Clause 8 of the new ISO20000-1:2018, designed to unpack the requirements of the standard and remove that air of mystery that can so often form around standards. In this Blog we are looking at everything in clause 8.2 of the standard.

 Service portfolio

This is a new section in the standard but does draw together in a more coherent way some of the old requirements often overlooked in the old standard. It is helpful here to look at the note from the standard:

‘A service portfolio is used to manage the entire lifecycle of all services including proposed services, those in development, live services defined in the service catalogue(s) and services that are to be removed. The management of the service portfolio ensures that the service provider has the right mix of services. Service portfolio activities in this document include planning the services, control of parties involved in the service lifecycle, service catalogue management, asset management and configuration management.’

Simply put; your organisation should know what services it is providing, which ones are coming to the end of life and those that are in the pipeline for launching; without this knowledge it is difficult for any organisation to establish an effective Service Management System.


Planning Services

Planning services is a never-ending cycle and when your organisation comes to implement a Service Management System against the requirements of ISO20000-1:2018 it will find that processes will probably be in place that may either meet the requirements of the standard or need minor developments to bring in line with new requirements. Clause 8.2.2 helps your organisation to align its existing services to meet the requirements of the standard and should be used as a sign-post out to other parts of the standard e.g. 8.5 Design, build and transition.

Your organisation should understand its service management lifecycle clearly; how do new services get identified and brought into the live environment; how are existing services managed and changed whilst they are live and what is the process for bringing a service to end-of-life. Good gated-project management that covers the full life cycle of a service is potentially an ideal method for managing this element.

Once your organisation understands its cycle, it can then define the criteria and requirements of existing services, new services and changes to services: this is a documented information requirement in the standard.

When determining the criticality of services there are many influences that need to be taken into consideration as there may be different interested parties’ needs that must be understood, including your organisation itself, customers, third parties and suppliers.

There may be changes required to your organisation’s working practices so that the service management system isn’t at odds with the service management policy and service management objectives. The standard says that known limitations and risks must be considered when setting up the Service Management System. Known limitations is a term that often bemuses organisations but there are no hidden meanings here; simply, look at the service and determine what could limit the delivery of the service – people resources; equipment resources; skills; site accessibility times; travel or specific limitations recorded in the service contract with customers.

If your organisation conducts a SWOT and PESTLE (or similar) this may help to identify ‘Known Limitations’ and risks to the services being delivered.

Any changes in your organisation must be prioritised; further information on this will be given in a later blog.


Control of parties involved in the service lifecycle

This replaces the Governance of processes operated by other parties in the 2011 standard and from the outset the requirements are much clearer than before with regards the need of your organisation with ISO20000-1:2018 must be accountable for all components of the management system irrespective of which party is delivering it.

Put simply, when a service is defined, your organisation will determine who will deliver each element of the service and set appropriate SLAs and OLAs to ensure that there is a co-ordinated and effective approach towards the delivery of the service to the customer

The Relationship diagram in the standard demonstrates how your organisation should co-ordinate the delivery of the service from suppliers to customers:


When suppliers are selected there must be clear criteria in place for that selection process to ensure that the supplier can deliver an effective and reliable service; this should also extend to a criteria for acceptable degrees of ‘sub-contracting’ (remember that the further a task is sub-contracted away from the original supplier the more difficult it can become to deliver that service to acceptable quality levels). Typically, organisations add to contracts that if a service is to be sub-contracted by the supplier then appropriate approvals must be gained from your organisation co-ordinating the delivery of the service.

Criteria for selection might include:

  • Ability to deliver on time
  • Effective Business/Service Continuity plans
  • Appropriate certifications
  • Cost
  • Effective service reporting
  • Right to audit

When determining the measurement and evaluation of performance and effectiveness of services it is important to ensure that the results will give meaningful data; this is achieved by understanding what information you need from the results to enable improvements to be made.


We will continue to break down clause 8 in next weeks’ blog. Do you need assistance with ISO 20000-1? We’d be happy to help, simply contact us at:


ISO Download

Download the ISO Standards Blueprint

A step-by-step checklist for getting ISO certified

Share this post: