Proposalsamplefromcapgemini 13316039760571 Phpapp02 120312211734 Phpapp02
experiencefromimplementationofiso20000final-090714020327-phpapp02
Transcript of experiencefromimplementationofiso20000final-090714020327-phpapp02
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
1/25
Viktorija Donceva
Trajkovski & Partners Management Consulting
Ohrid, May 2009
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
2/25
Ifyoud
ontwantt
ohelp
yourself,no
one
can
Introduction
Law regulation from the National bank of the
Republic of Macedonia
ISO 20000:2005 standard requirements
Practical experience from implementation of
ISO 20000:2005
07.09.2013 2
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
3/25
Ifyoud
ontwantt
ohelp
yourself,no
one
can
07.09.2013 3
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
4/25
Ifyoud
ontwantt
ohelp
yourself,no
one
can
First worldwide standard specifically aimed
at IT Service Management
Describes processes for delivery of services
Aligned with and complementary to the
process approach defined within ITIL
ISO/IEC 20000 consists of two parts:
ISO/IEC 20000-1, the formal Specification
ISO/IEC 20000-2, the Code of Practice
Formerly British Standard 15000, adopted by
ISO in December, 2005
07.09.2013 4
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
5/25
Ifyoud
ontwantt
ohelp
yourself,no
one
can
07.09.2013 5
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
6/25
Ifyoud
ontwantt
ohelp
yourself,no
one
can
Introduction and overview
Scope, terms and definitions
Requirements for a management system
Planning and implementing ITSM
Planning and implementing new or changed
IT services
Process groupings
07.09.2013 6
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
7/25
Ifyoud
ontwantt
ohelp
yourself,no
one
can
07.09.2013 7
Overall management system
Planning and implementing service management
Planning and implementing new/changed services
Service delivery processes
Capacity management
Service continuity and
availabilitymanagement
Service level
management
Service reporting
Information security
management
Budgeting andaccounting for IT
services
Release processesRelease management
Resolution processesIncident management
Problem management
Relationship
processesBusiness relationship
management
Supplier management
Control processesConfiguration management
Change management
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
8/25
Ifyoudontwantt
ohelp
yourself,no
one
can
07.09.2013 8
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
9/25
Ifyoudontwantt
ohelp
yourself,no
one
can
DECISION on the bank's information system
security ("Official Gazette of the Republic of
Macedonia" No. 31/2008)
DECISION on amending the Decision on thebank's information system security ("Official
Gazette of RM" No. 78/08)
DECISION on amending the Decision on the
bank's information system security ("Official
Gazette of RM" No. 31/2009)
07.09.2013 9
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
10/25
Ifyoudontwanttohelp
yourself,no
one
can
Outsourcing company of the bank with main
activity of managing data processing system
and which based on written agreement
manages and stores bank data while
performing bank or financial activities.
The outsourcing company shall obligatorily
be certified in accordance with theinternational standard ISO/IEC 20000.
07.09.2013 10
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
11/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
07.09.2013 11
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
12/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
To provide a management system,
including polices and a frameworkto enable the effective
management and implementation
of all IT services
07.09.2013 12
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
13/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Policies
Service management and improvement policy,
Budgeting and accounting policy, Release policy
etc.
Plans Service management plan, Service improvement
plan, Capacity plan etc.
Processes
Improvement process, supplier management
process, Change management process etc.
07.09.2013 13
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
14/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Procedures
Document control, Incident management,
Problem management etc.
Records
Service level agreements, Management review
report, Proposal for new or changed services,
Risk Assessments, Configuration managementdatabase (CMDB)etc.
07.09.2013 14
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
15/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
07.09.2013 15
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
16/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Implemented QMS based on ISO 9001:2000
Implemented ISMS based on ISO 27001:2005
Implementing ITSMS based on ISO 20000:2005
The Scope of the IT Service Management Systemare all the services that the organization
provides for its customers and for the internal
users.
ITSMS Framework + ITSM processesConnections and overlaps between the
management systems
07.09.2013 16
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
17/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
ISO/IEC 20000-1:2005 ISO 9001:2008 ISO/IEC 27001:2005
1 Scope 1 1
2 Terms & definitions 3 3
3 Requirements for a
management system4 4, A.6.1
4 Planning and implementingservice management
7.1 A.6
5 Planning and implementing
new or changed services7.2 A.10.3, A.12.1
6 Service delivery process 7.2
7 Relationship processes 7.2.3/4.1 4.1, 4.2, A.10.8
8 Resolution processes 8.5 A.10.10
9 Control processes 7.5.1 A.12.2
10 Release management 7.3
07.09.2013 17
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
18/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
1. Introduction
2. Service Management and Improvement Policy
3. IT Service Management System Overview
4. Management Responsibility
5. Organization for Service Management6. ITSMS Documentation
7. Services overview
8. Planning and implementing service
management9. Planning and implementing new or changed
services
10. Service Management Process Model
07.09.2013 18
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
19/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Defined 13 processes based on ISO 20000:2005standard
Service Improvement Planning and implementing new or changed
services Service level management and reporting
Service continuity and availability management Budgeting and accounting for IT services Capacity management Business Relationship management Supplier management
Incident management Problem management Configuration management Change management Release management
07.09.2013 19
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
20/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Service Level Management
ISO20000-1:2005 ref. number: 6.1
Service Level Management Goal
To maintain and improve IT Service quality,
through a constant cycle of agreeing,
monitoring and reporting upon IT Service
Achievements. Service Level Management objective
To define, agree, record and manage levels of
service
07.09.2013 20
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
21/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
07.09.2013 21
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
22/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
List of all services IT provides to Customers
Provides a clear explanation of the services,
Customers/Users, descriptions and costs
Essential to any service provider business inorder to define products and services
Managed and updated by the Business
Development Department
07.09.2013 22
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
23/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Separate catalogs for services provided to
clients and internal services
Each service separately described through
the following information:
Service name, Status of service, Description of
service, Standard and additional service
features, Frequency of service delivery, Service
availability, Client technical requirements for
using the service, Service support (descriptionand hours), Service owner, Standard and
additional Tariff costs, Service delivery level
07.09.2013 23
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
24/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Services included/excluded
Service hours
Availability / Reliability targets
Throughput, transaction response times, batch
turnaround times
Support arrangements / targets
Change targets
Security Plan
IT Service Continuity Plan Service costs and charges
Reviews and reporting
Penalties and Incentives
07.09.2013 24
-
7/29/2019 experiencefromimplementationofiso20000final-090714020327-phpapp02
25/25
Ifyoudontwanttohelp
yourse
lf,no
one
can
Questions?
Thank you for your
attention!