Service Management Blog

Introduction to ISO/IEC 20000

4 minute read
Stephen Watts

IT service management, or ITSM, is a concept closely linked with ITIL and ISO, all common enterprise methodologies. The International Organization for Standardization, or ISO, is a globally recognized standard-setting agency. They’ve created a widely adopted best-practices framework, called ISO/IEC 20000.

ISO 20000 is an international best practice guide that managers can apply to evaluate their service levels, service delivery, and other components of the service management lifecycle.

In this article, we’ll look at ISO/IEC 20000 while exploring the following:

  • The IT service management definition;
  • A summary of ISO/IEC 20000; and
  • How to apply this enterprise methodology to your business.

If your service managers are using ISO/IEC 20000 best practices, or you’d like them to be, this content is invaluable. So, keep reading to learn all about ISO/IEC 20000.

IT Service Management

IT service management is a term that groups the steps and actions enterprise IT managers and stakeholders take to design, plan, implement, organize, control, and maintain the entirety of enterprise information technology.

The practice relies on a system where operations teams and other stakeholders flush out requirements, that, once defined, are subject to the best practices framework, namely ISO/IEC 20000, serving as the international universal standard.

What is ISO/IEC 20000

ISO/IEC 20000 is one broadly used method for successful IT service management, from design to implementation. The guide offers international standardization of best practices providing a framework for success, applying to all types of enterprises.

ISO/IEC 20000 is a robust methodology that can’t be concentrated into one single blog, but we’ll do our best. Below are a few standouts about ISO/IEC and why its important to businesses around the globe:

ITIL & ISO 20000

We’ve previously addressed the common ground between ITIL and ISO. ITIL is the most widely used IT service management framework. ISO and ITIL aren’t necessarily at odds, however, because the two sets of guidelines complement one another. ISO 20000-1 provides important guidelines that must be followed for successful IT service management.

That’s a little different than ITIL, which offers best practices that can be applied as needed. However, ISO 20000-2 provides the basis for a very similar best practice framework. So, why do businesses need both?

Here are some common ways that ITIL and ISO complement each other in enterprise IT service management:

  • ITIL can be a gateway to ISO: Sometimes businesses start with ITIL to solve a specific operational issue. Along the way, they uncover new issues they solve with ITIL. When issues emerge, ITIL may be the go-to. As an enterprise gets comfortable working in the culture created by ITIL, they may opt to pursue ISO 20000 certification.
  • Special consideration for small companies: ITIL offers special consideration for small companies, and as such, it may be more appealing initially. But as a company grows they may consider ISO.
  • ISO is more structured: Because ISO 20000-1 offers system requirements that must be completed, it offers a good starting point for businesses who may be hesitant to dive right into IT service management otherwise.

There are a number of reasons an organization may choose one or the other, but the bottom line is that using both ITIL & ISO/IEC 20000 may benefit your organization.

Five Standard Parts

The standard use of ISO/IEC has five primary parts.

  • Part 1 System Requirements: The system requirements are one of the key differentiators that set ISO/IEC 20000 apart from ITIL. It’s the “must-dos” of the guidelines that are important for the global standardization that ISO seeks to achieve.
  • Part 2 Guidance on the Application of Service Management Systems: Offers a comprehensive best practices framework for planning, design, transition, delivery, and improvement.
  • Part 3 Guidance on Scope Definition and Applicability of ISO/IEC 2000-1: This section offers flexible guidance on how to define a project’s scope and whether or not it’s applicable to ISO best practices.
  • Part 4 Process Reference Model: The process reference model offers a framework for how things should operate in an enterprise organization.
  • Part 5 Exemplar Implementation Plan for ISO/IEC 20000-1: This is the framework for successfully implementing ISO/IEC 20000 in your business.

The comprehensive guide offers flexible applications and methodologies for each part of your IT service management strategy.

ISO/IEC 20000 & Your Business

If you’re starting on the path to enhancing your enterprise business with ISO/IEC certification, you’re probably eager to get started. There are a number of benefits to achieving this certification, and while it’s rigorous, it’s definitely worth it. Benefits include:

  • Increased credibility with consumers and business partners;
  • Higher levels of customer service and satisfaction;
  • Greater business objective transparency and understanding;
  • Design and development of innovative capabilities;
  • Opportunity to put some ITIL framework principles to use in a way that leads to a prestigious certification;
  • A culture of continuous improvement; and so much more.

If you’re already using ITIL to solve issues within your enterprise business, you are part the way there!

It’s not uncommon for enterprises who are already applying ITIL methodologies to adopt ISO gradually for its many benefits. If your enterprise business is new to all of this modeling, it may make sense to start with the core books addressing the ITIL Lifecycle Publication Suite before moving on to ISO.

You don’t have to dive into ITIL headfirst; instead, you can choose the parts of ITIL that make the most sense for your business. As you gain a mastery of ITIL principles, you are in a good position to start ISO 20000 and work toward certification.

If you think your organization is ready for the certification, here’s how you can start:

  • Partner with the certification body offering training services.
  • The company wanting to certify must fill out a request for proposal.
  • Based on the form information, the certifying body will make a determination on how many days is required for the audit.
  • After this is finalized, the audit occurs. An audit plan is created for phase 1 and phase 2.
  • When the audit is passed, enterprises obtain a certificate.
  • The certification is good for three years, pending successful audits during that time.
  • Finally, businesses must recertify every three years.

Elite enterprises strive to become certified on these globally recognized standards.

Access the 2020 Gartner Magic Quadrant for ITSM

The Gartner Magic Quadrant for ITSM is the gold-standard resource helping you understand the strengths of major ITSM software vendors, insights into platform capabilities, integration opportunities, and many other factors to determine which solution best fits your needs.


These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing blogs@bmc.com.

BMC Bring the A-Game

From core to cloud to edge, BMC delivers the software and services that enable nearly 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise.
Learn more about BMC ›

About the author

Stephen Watts

Stephen Watts (Birmingham, AL) has worked at the intersection of IT and marketing for BMC Software since 2012.

Stephen contributes to a variety of publications including CIO.com, Search Engine Journal, ITSM.Tools, IT Chronicles, DZone, and CompTIA.