ISO/IEC 20000-1:2011 | Part 1 : Service Management System Requirements
|ISO 20000 is a service management system (SMS) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements.
ISO 20000 can be used by :
- It increases response to services provided by IT service providers
- More opportunities to improve the efficiency, reliability and consistency of IT services impacting costs and service
- Provides a benchmark
- Gives you the ability to select and manage external service providers more effectively
- Supports “Interchanging” of service providers and staff by virtue of the creation of inter-enterprise operational processes
- The certification process can reduce the amount of supplier audits, thereby reducing costs
- Information security protects information from a wide range of threats in order to ensure business continuity, minimize business damage and maximize return on investment and business opportunities
- Every organization will have a differing set of requirements in terms of control requirements and the level of confidentiality, integrity and availability
- Comforts customers, employees, trading partners and stakeholders – in the knowledge that your management information and systems are secure.
- Demonstrates credibility and trust.
- Can lead to cost savings. Even a single information security breach can involve significant costs.
- Establishes that relevant laws and regulations are being met.
- Ensures that a commitment to Information Security exists at all levels throughout an organization
- Asset Management
|It can be applicable to all organization that is having information like software companies, commercial enterprises, government agencies, non-profit organizations|