How to build assurance into IT services
Not satisfied with just achieving certification to ISO 9001, this IT Services company is certified to
- Quality – ISO 9001
- Information Security – ISO 27001
- Service Management – ISO 20000
- Environmental Management – ISO 14001
- Secure shredding standards
As a Quality Manager with responsibility for looking after the Management System, Damian highlights in the ISO Show Podcast this week:-
- Benefits ISO 9001 – Some people struggle with the term ;Quality’ and prefer ‘Customer’ requirements
- How standards are used to run an IT business
- How to focus on what is important and not using standards as a ‘tick-box’ exercise
- How ISO Standards can be used as a great communication tool – making everything transparent and not hidden form employees.
- Approaches to Leadership commitment at XFM – How the ‘Big conversation’ provides areas for employees to focus on (objectives) and provide an update on changes.
- As an employer of 500 people, how an IT firm reduces its environmental impact through an Environmental Management System (ISO 14001).
- How the Service Management Team have embraced high standards by introducing ISO 20000 and how this compares with the other ISO’s
- Two top tips for overcoming challenges – Focus on communication and Top Management commitment.
To find out more about XMA, visit their Website.
If you would like to find out more about ISO 20000, we have a free webinar available to watch on demand.
We’d love to hear your views and comments about the ISO Show, here’s how:
- Share the ISO Show on twitter or Linkedin
- Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.
- Also available on Spotify and YouTube
This is the second of a series of blogs, relating to Clause 8 of the new ISO 20000-1:2018, designed to unpack the requirements of the standard and remove that air of mystery that can so often form around standards. This week we’ll continue to look at clause 8.2 of the standard.
Service catalogue management
The Service Catalogue is often undervalued in service management systems, but it has a critical part to play in communicating to customers exactly what you can provide, and, above all, it should be used by Sales when selling services to a customer. If anyone sells anything that is not in the catalogue it is not the responsibility of your organisation to bend your processes to meet that service agreement. First, Sales should go back to the customer and advise them that the service cannot be delivered and second, the proposal put forward by Sales could be passed through the Design, Build and Transition process to produce a new service.
Sometimes it helps to see that Service Catalogue as something like an ‘Argos’ catalogue where all the wares for sale are recorded, but the customer doesn’t have to buy everything; they may choose to just by Incident Management or Service Request Management, but the catalogue will show them clearly how they might develop that service in the future.
The catalogue does not have to have the service prices printed in it as this will be part of the Sales discussion. One way of making the catalogue available to all interested parties is to put in on the company website or in a ‘customers only’ area of the website.
Don’t look at Asset Management as purely being related to customer assets as the standard clearly states that ‘the organization shall ensure that assets used to deliver services are managed…’ So, a good asset management system can help here (if you are certified to ISO55001, much of the work will have been completed). What are the assets that should be considered?
– Service Desk tools (Service Now etc)
– Vehicles to get engineers and equipment to a customer site
– IT equipment
This isn’t by any means an exhaustive list but just listing 4 items can show how broad this small clause can be. But don’t run away with the idea that you need to create a new job role to manage assets, instead look for where these are managed naturally in the business; staff by HR; Vehicles by facilities; Service Desk tools and IT equipment by the IT department; Spares by Procurement and Logistics. All these teams might be providing reports to the Service Delivery Manager/Director about the availability of the assets in their control.
Focus on Customer Assets takes place here. First, we need to understand what is meant by a Configuration Item (CI) – a CI is an asset that makes up part of the service.
The service itself could be a Configuration Item and all the assets used to deliver that service could all be classed as configuration items; but the main point of configuration management is to ensure that your organisation only services equipment under contract.
For every service established it is key to understand the exact equipment to be serviced; this can be determined through Model Numbers, Serial Numbers and or Asset Numbers (see below). This will enable the Service Desk staff to know what equipment is under contract and which equipment should be subject to a Service Charge. Without this you will end up servicing equipment that is not under contract
The standard is quite specific about what information should be recorded for each Configuration Item:
– Unique identification (serial number, asset number)
– Type of CI (the item or model number)
– Description of the CI (detailed description of the item)
– Relationship with other CIs (does this CI have any dependencies on or for other items; if changes are made will other CIs be affected?)
– Status (is the CI still live or obsoleted in the service contract).
A configuration management list will be produced for each customer, but it is important that the list is reviewed at planned intervals (add this to the audit schedule) and audited to ensure that changes to the configuration estate have been captured. It is useful to ensure that a step in the Change Management process includes a review of the customer’s configuration list.
Need assistance with ISO 20000-1? We’d be happy to help, simply contact us at: firstname.lastname@example.org
This is the second of a series of blogs, relating to Clause 8 of the new ISO20000-1:2018, designed to unpack the requirements of the standard and remove that air of mystery that can so often form around standards. In this Blog we are looking at everything in clause 8.2 of the standard.
This is a new section in the standard but does draw together in a more coherent way some of the old requirements often overlooked in the old standard. It is helpful here to look at the note from the standard:
‘A service portfolio is used to manage the entire lifecycle of all services including proposed services, those in development, live services defined in the service catalogue(s) and services that are to be removed. The management of the service portfolio ensures that the service provider has the right mix of services. Service portfolio activities in this document include planning the services, control of parties involved in the service lifecycle, service catalogue management, asset management and configuration management.’
Simply put; your organisation should know what services it is providing, which ones are coming to the end of life and those that are in the pipeline for launching; without this knowledge it is difficult for any organisation to establish an effective Service Management System.
Planning services is a never-ending cycle and when your organisation comes to implement a Service Management System against the requirements of ISO20000-1:2018 it will find that processes will probably be in place that may either meet the requirements of the standard or need minor developments to bring in line with new requirements. Clause 8.2.2 helps your organisation to align its existing services to meet the requirements of the standard and should be used as a sign-post out to other parts of the standard e.g. 8.5 Design, build and transition.
Your organisation should understand its service management lifecycle clearly; how do new services get identified and brought into the live environment; how are existing services managed and changed whilst they are live and what is the process for bringing a service to end-of-life. Good gated-project management that covers the full life cycle of a service is potentially an ideal method for managing this element.
Once your organisation understands its cycle, it can then define the criteria and requirements of existing services, new services and changes to services: this is a documented information requirement in the standard.
When determining the criticality of services there are many influences that need to be taken into consideration as there may be different interested parties’ needs that must be understood, including your organisation itself, customers, third parties and suppliers.
There may be changes required to your organisation’s working practices so that the service management system isn’t at odds with the service management policy and service management objectives. The standard says that known limitations and risks must be considered when setting up the Service Management System. Known limitations is a term that often bemuses organisations but there are no hidden meanings here; simply, look at the service and determine what could limit the delivery of the service – people resources; equipment resources; skills; site accessibility times; travel or specific limitations recorded in the service contract with customers.
If your organisation conducts a SWOT and PESTLE (or similar) this may help to identify ‘Known Limitations’ and risks to the services being delivered.
Any changes in your organisation must be prioritised; further information on this will be given in a later blog.
Control of parties involved in the service lifecycle
This replaces the Governance of processes operated by other parties in the 2011 standard and from the outset the requirements are much clearer than before with regards the need of your organisation with ISO20000-1:2018 must be accountable for all components of the management system irrespective of which party is delivering it.
Put simply, when a service is defined, your organisation will determine who will deliver each element of the service and set appropriate SLAs and OLAs to ensure that there is a co-ordinated and effective approach towards the delivery of the service to the customer
The Relationship diagram in the standard demonstrates how your organisation should co-ordinate the delivery of the service from suppliers to customers:
When suppliers are selected there must be clear criteria in place for that selection process to ensure that the supplier can deliver an effective and reliable service; this should also extend to a criteria for acceptable degrees of ‘sub-contracting’ (remember that the further a task is sub-contracted away from the original supplier the more difficult it can become to deliver that service to acceptable quality levels). Typically, organisations add to contracts that if a service is to be sub-contracted by the supplier then appropriate approvals must be gained from your organisation co-ordinating the delivery of the service.
Criteria for selection might include:
- Ability to deliver on time
- Effective Business/Service Continuity plans
- Appropriate certifications
- Effective service reporting
- Right to audit
When determining the measurement and evaluation of performance and effectiveness of services it is important to ensure that the results will give meaningful data; this is achieved by understanding what information you need from the results to enable improvements to be made.
We will continue to break down clause 8 in next weeks’ blog. Do you need assistance with ISO 20000-1? We’d be happy to help, simply contact us at: email@example.com
ISO20000-1:2018 – International Standard’s best-kept secret.
The ISO 20000-1 IT service management standard is often overlooked by organisations and has become the ‘best kept secret’
in the world of management system certification. This is now set to change with ISO20000-1:2018 being welcomed into the fold of the High-Level Standard (HLS) framework.
Whether your service is IT, Transport, providing Health-Related Day Care services, or any kind if Service Management that involves service planning and helpdesk activities, ISO20000-1 is the ideal tool for helping your organisation to establish the systems and processes necessary for achieving improved service planning and implementation, cost-effective delivery of service and customer satisfaction through continual improvement. Furthermore, ISO20000-1 lends itself to enhancing other standards such as ISO9001:2015; ISO27001:2013 and can be supported by ISO22301:2012.
This webinar was held on the 15th of November and covers the following:-
- What is ISO 20000-1:2018?
- Who should implement ISO20000-1?
- What’s the difference between the 2011 and 2018 standards?
- What are the benefits of ISO 20000-1:2018?
- How ISO20000-1:2018 can enhance existing ISO certifications
- How Blackmores can help you to achieve ISO 20000-1 certification
Need assistance with ISO 20000-1? Contact us on: firstname.lastname@example.org
Our 7 Steps to Success
The Blackmores ISO Roadmap is a proven path to go from idea to launching your ISO Management System.
Whether you choose to work with one of our isologist consultants or work your own way through the process on our isology Hub, we’re certain you’ll achieve certification in no time!
What our clients have to say
The support and advise I get from our assigned auditors is immense. Forward planning for the following year is great and they are flexible and always willing to help.
“Blackmores have assisted us almost since the start of our adoption of the ISO 9001 quality standard. Their input has improved our processes since the start, and enabled our goal of continuous improvement to be achieved. The people are also extremely easy to get on with, and they really understand our business, giving us a great deal of confidence in their advice.”
“Blackmores are the perfect bridge between working on your ISO as an individual or company, to being audited each year. We find that any queries we have are covered and we feel sure that we have everything as needs be before going into an external audit.”
“We have been extremely impressed with the service and support provided by Blackmores. There knowledge and assistance through out our ISO journey has been amazing!”
“Blackmores have really kept us on our toes with the broad scope and level of detail they apply to our internal audit schedule. They always stay abreast of ISO standard changes and help us to adapt our processes and documents to embrace these changes accordingly. Having Blackmores shadow our external audits provides invaluable confidence and peace of mind – would highly recommend their services!”
“Our ISO 27001 certification project has gone so well, that there was no doubt in who we were going to ask to help us with our aspirations of becoming ISO 14001 certified. It’s been an absolute pleasure working with Blackmores, and we are really looking forward to working with them for the foreseeable future.”
Trusted by leading organisations across all sectors, we support companies of all sizes in any location.
Listen to our Podcast
Welcome to the ISO Show podcast, dispelling myths and sharing tips for success to improve your business with ISO Standards. Join us to hear interviews with successful business leaders as they share their ISO journey with you.
Get top tips via audio master classes “ISO Steps to Success” on the most popular ISO Standards.