|
There are plenty of organsations who are now ramping up their capability in this area by training staff, but what are the key areas organisations need to consider before embarking on achieving certification? |
| MikeD14/05/2007 3:47:37 PM |
One thing that many service providers don't realise is that the scope of ISO/IEC 20000 is significantly larger than the Service Support and Service Delivery books in ITIl V3. In addition to the Relationship processes and Information Security Management, the overall management and planning framework needs to be established. How are people tackling this? |
| Lene22/05/2007 4:23:20 PM |
Hi Mike, What you'll find as with many other processes, is that you actually do some of it but don't have it doented to the standard. The Scope for ISO 20000 is open to interpretation and as long as you meet the standard, you p and your organisation and clients will benefit from them. For example, under security managment, you may already have security controls in place, like regular pword changes etc. Cheers. |
| MikeD28/05/2007 8:53:55 AM |
Hi Lene
Many organisations will certainly have something in place to deal with security issues and, if they have a quality management system, will also be addressing many of the doentation and competences, awareness and training requirements of Section 3 of 20K.
However, section 4 is often missing. I do not see many formal ITSM plans and evidence of regular review when I ess organisations. |
