ISO 20000-1:2018 is the long-awaited standard to be transitioned into the High Level Standard (HLS) framework so that companies will now find it easier to integrate standards such as ISO 9001:2015 and ISO 27001:2013 in an effective integrated management system.
As an international standard for Service Management, ISO 20000-1:2018 is often an overlooked or unknown standard and companies are not always aware of the benefits it can bring to service improvement and customer satisfaction; especially as an enhancement to quality and information security standards.
Companies often have specific departments that provide service support, whether IT, Facilities, or Maintenance, either to internal departments of external customers. This means that certification could be scoped purely to a specific internal department for its internal services, or alternatively to the services being provided to external customers.
Often companies struggle to use ISO 9001 to drive continual improvement and customer satisfaction in service management, but it doesn’t naturally lend itself to type of discipline. What makes ISO 20000-1:2018 unique and much more suitable to service management is that it is aligned to the ITIL framework and companies that use this standard will quickly reap the benefits of improved processes; service delivery and customer satisfaction.
The benefits of implementing this standard can vary depending upon where the organisation is in its journey of providing services; but it is critical that there is Senior Management support and buy-in to this standard if the benefits are to be felt in the following ways:
Now that ISO 20000-1:2018 has been published in the High Level Standard format it is easily adaptable to other standards, not least ISO 9001, ISO 27001 and ISO 22301. This means that Clauses 4-7 and 9-10 in each standard are relatively similar and Clause 8 contains the unique elements of each specific standard. This enables management systems from different subject areas to be combined across the similar elements to complement each other as a truly integrated management system.
There are direct links between ISO 20000-1 and ISO 27001 & ISO 22301; whilst there are implied links to ISO 9001. Therefore, an organisation will find it easy to implement ISO 20000-1 if it already has some, or all, of the other standards in place. However, it is not a pre-requisite to have any of these other standards before being certified to ISO 20000-1.
For example, ISO 9001 refers to the provision of quality product and services as the end goal, which means that the elements from Clause 8 of ISO 20000-1 can be used to fulfil those service requirements.
Likewise, because ISO 20000-1 has a strong association to IT and a clause requirement for information security, it readily lends itself to ISO 27001 information security; not just in terminology but through the fact that security is drawn out as a specific sub-clause in section 8 of the standard.
Similarly, there is a Service Continuity and Availability sub-clause in ISO 20000-1 which fits easily with the requirements of ISO 22301
Diagram showing the interrelationship of the four standards:
The service that an organisation gives to a customer is often the front-line image of that business; therefore, to get it wrong could cause loss of, and/or damage to, reputation; but to get it right can lead to ongoing recommendations for new business.
This is the unique selling point of ISO 20000-1 that it sets clear criteria and framework for the quality of service management to be delivered and can be adapted to all services and linked with other standards.