1 / 25

Experience from implementation of ISO 20000:2005

Experience from implementation of ISO 20000:2005. Viktorija Donceva Trajkovski & Partners Management Consulting. Ohrid, May 2009. Contents. Introduction Law regulation from the National bank of the Republic of Macedonia ISO 20000:2005 standard requirements

bbergeron
Download Presentation

Experience from implementation of ISO 20000:2005

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Experience from implementation of ISO 20000:2005 Viktorija Donceva Trajkovski & Partners Management Consulting Ohrid, May 2009

  2. Contents • Introduction • Law regulation from the National bank of the Republic of Macedonia • ISO 20000:2005 standard requirements • Practical experience from implementation of ISO 20000:2005

  3. Introduction

  4. What is ISO 20000? • First worldwide standard specifically aimed at IT Service Management • Describes processes for delivery of services • Aligned with and complementary to the process approach defined within ITIL • ISO/IEC 20000 consists of two parts: • ISO/IEC 20000-1, the formal Specification • ISO/IEC 20000-2, the Code of Practice • Formerly British Standard 15000, adopted by ISO in December, 2005

  5. IT Service Management standards and best practice framework

  6. ISO 20000 Structure • Introduction and overview • Scope, terms and definitions • Requirements for a management system • Planning and implementing ITSM • Planning and implementing new or changed IT services • Process groupings

  7. ISO 20000 Processes Control processes Configuration management Change management

  8. Law regulation from the National bank of the Republic of Macedonia

  9. Decisions from NBRM • DECISION on the bank's information system security ("Official Gazette of the Republic of Macedonia" No. 31/2008) • DECISION on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 78/08) • DECISION on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 31/2009)

  10. Requirements for outsourcing companies • Outsourcing company of the bank with main activity of managing data processing system and which based on written agreement manages and stores bank data while performing bank or financial activities. • The outsourcing company shall obligatorily be certified in accordance with the international standard ISO/IEC 20000.

  11. ISO 20000:2005 standard requirements

  12. Requirements for the management system To provide a management system, including polices and a framework to enable the effective management and implementation of all IT services

  13. Documents required by the standard • Policies • Service management and improvement policy, Budgeting and accounting policy, Release policy etc. • Plans • Service management plan, Service improvement plan, Capacity plan etc. • Processes • Improvement process, supplier management process, Change management process etc.

  14. Documents required by the standard • Procedures • Document control, Incident management, Problem management etc. • Records • Service level agreements, Management review report, Proposal for new or changed services, Risk Assessments, Configuration management database (CMDB)etc.

  15. Practical experience from implementation of ISO 20000:2005

  16. Clients’ starting situation • Implemented QMS based on ISO 9001:2000 • Implemented ISMS based on ISO 27001:2005 • Implementing ITSMS based on ISO 20000:2005 • The Scope of the IT Service Management System are all the services that the organization provides for its customers and for the internal users. • ITSMS Framework + ITSM processes • Connections and overlaps between the management systems

  17. Connections and overlaps between the management systems

  18. ITSMS Framework • Introduction • Service Management and Improvement Policy • IT Service Management System Overview • Management Responsibility • Organization for Service Management • ITSMS Documentation • Services overview • Planning and implementing service management • Planning and implementing new or changed services • Service Management Process Model

  19. ITSMS Processes • Defined 13 processes based on ISO 20000:2005 standard • Service Improvement • Planning and implementing new or changed services • Service level management and reporting • Service continuity and availability management • Budgeting and accounting for IT services • Capacity management • Business Relationship management • Supplier management • Incident management • Problem management • Configuration management • Change management • Release management

  20. ISO 20000 key processes • Service Level Management ISO20000-1:2005 ref. number: 6.1 • Service Level Management Goal • To maintain and improve IT Service quality, through a constant cycle of agreeing, monitoring and reporting upon IT Service Achievements. • Service Level Management objective • To define, agree, record and manage levels of service

  21. Service Level Management overview

  22. Service catalog (1/2) • List of all services IT provides to Customers • Provides a clear explanation of the services, Customers/Users, descriptions and costs • Essential to any service provider business in order to define products and services • Managed and updated by the Business Development Department

  23. Service catalog (2/2) • Separate catalogs for services provided to clients and internal services • Each service separately described through the following information: • Service name, Status of service, Description of service, Standard and additional service features, Frequency of service delivery, Service availability, Client technical requirements for using the service, Service support (description and hours), Service owner, Standard and additional Tariff costs, Service delivery level

  24. What goes into an SLA? • Services included/excluded • Service hours • Availability / Reliability targets • Throughput, transaction response times, batch turnaround times • Support arrangements / targets • Change targets • Security Plan • IT Service Continuity Plan • Service costs and charges • Reviews and reporting • Penalties and Incentives

  25. Questions? Thank you for your attention!

More Related