7. What is ISO 20000? First worldwide standard specifically aimed at IT Service Management Describes processes for delivery of services Aligned with and complementary to the process approach defined within ITIL ISO/IEC 20000 consists of two parts: ISO/IEC 20000-1, the formal Specification ISO/IEC 20000-2, the Code of Practice Formerly British Standard 15000, adopted by ISO in December, 2005 14.07.2009 4
15. ISO 20000 Processes 14.07.2009 7 Control processes Configuration management Change management
16. Law regulation from the National bank of the Republic of Macedonia 14.07.2009 8
17. Decisions from NBRM DECISION on the bank's information system security ("Official Gazette of the Republic of Macedonia" No. 31/2008) DECISION on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 78/08) DECISION on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 31/2009) 14.07.2009 9
18. Requirements for outsourcing companies Outsourcing company of the bank with main activity of managing data processing system and which based on written agreement manages and stores bank data while performing bank or financial activities. The outsourcing company shall obligatorily be certified in accordance with the international standard ISO/IEC 20000. 14.07.2009 10
20. Requirements for the management system To provide a management system, including polices and a framework to enable the effective management and implementation of all IT services 14.07.2009 12
21. Documents required by the standard Policies Service management and improvement policy, Budgeting and accounting policy, Release policy etc. Plans Service management plan, Service improvement plan, Capacity plan etc. Processes Improvement process, supplier management process, Change management process etc. 14.07.2009 13
22. Documents required by the standard Procedures Document control, Incident management, Problem management etc. Records Service level agreements, Management review report, Proposal for new or changed services, Risk Assessments, Configuration management database (CMDB)etc. 14.07.2009 14
24. Clients’ starting situation Implemented QMS based on ISO 9001:2000 Implemented ISMS based on ISO 27001:2005 Implementing ITSMS based on ISO 20000:2005 The Scope of the IT Service Management System are all the services that the organization provides for its customers and for the internal users. ITSMS Framework + ITSM processes Connections and overlaps between the management systems 14.07.2009 16
26. ITSMS Framework Introduction Service Management and Improvement Policy IT Service Management System Overview Management Responsibility Organization for Service Management ITSMS Documentation Services overview Planning and implementing service management Planning and implementing new or changed services Service Management Process Model 14.07.2009 18
41. ISO 20000 key processes Service Level Management ISO20000-1:2005 ref. number: 6.1 Service Level Management Goal To maintain and improve IT Service quality, through a constant cycle of agreeing, monitoring and reporting upon IT Service Achievements. Service Level Management objective To define, agree, record and manage levels of service 14.07.2009 20
43. Service catalog (1/2) List of all services IT provides to Customers Provides a clear explanation of the services, Customers/Users, descriptions and costs Essential to any service provider business in order to define products and services Managed and updated by the Business Development Department 14.07.2009 22