The Presentation Will Begin At 12PM EST Mark Sherry Director of Marketing, Stroma Service Consulting, Inc. Using ISO/IEC to Implement Any Process

2 2 Mark Sherry Partner Stroma, Inc. ISO/IEC 20000

3 3 © Stroma, 2009 Introduction Mark Sherry IT Service Management Consultant ITIL Service Manager ITIL Expert (v3) ISO/IEC Certified Consultant ITIL Trainer MBA, MA, Comm.

4 4 © Stroma, 2009 Presentation Goals Introduce ISO/IEC Part 1 of the Standard The Processes Part 2 of the Standard ISO/IEC key messages and Top 10 tips

5 5 © Stroma, 2009 “Insanity: Doing the same thing over and over again and expecting different results.” … Albert Einstein or “ “Doing different things over and over and expecting to get the same result” …Mark Sherry

6 6 © Stroma, 2009 ISO/IEC 20000: WHEN? Published December 2005 Adopted from the original British Standard (BS15000) BS15000 first published in 2000

7 7 © Stroma, 2009 ISO/IEC 20000: WHAT? First international standard for ITSM Integrated collection of management processes Aligned with and complementary to ITIL “A common reference standard for any enterprise offering IT services” Part 1: Specification – “shall do” Part 2: Code of Practice – “should do”

8 8 © Stroma, 2009 Scope This part of ISO/IEC defines the requirements for a service provider to deliver managed services of an acceptable quality for its customers. …con’t

9 9 © Stroma, 2009 Scope, con’t It may be used: By businesses that are going out to tender for their services; By businesses that require a consistent approach by all service providers in a supply chain; By service providers to benchmark their IT service management; As the basis for an independent assessment; By an organization which needs to demonstrate the ability to provide services that meet customer requirements; and, By an organization which aims to improve service through the effective application of processes to monitor and improve service quality.

10 © Stroma, 2009 Business Results Customer Satisfaction More Effective and Efficient Processes New Changed Services Improved Employee Morale Results Methodology for Service Management Processes Dr. Edwards Deming’s Cycle of Continual Service Improvement DO Implement CSI ACT Modify CSI Management Responsibility CHECK Monitor, Measure & review CSI PLAN CSI Business Requirements Requests for New Services Service and Process Measurement External Requirements Security Requirements Drivers

11 © Stroma, 2009 TEN Sections Scope Terms & Definitions Planning and Implementing Service Management Requirements for a Management System Planning & Implementing New or Changed Services Service Delivery Processes Relationship Processes Control Processes Resolution Processes Release Process

12 © Stroma, 2009 Scoping Statement Who is the service provider? What services are provided? Locations? Technologies? Customers? Suppliers? Sub-contractors? Management control of outsourced processes

13 © Stroma, 2009 Planning & Implementing Service Management Plan Service Management (Plan) Implement Service Management and Provide the Services (Do) Monitoring, measuring and reviewing (Check) Continual Improvement (Act)

14 © Stroma, 2009 Plan Service Management (Plan) The plans shall, at a minimum, define: The scope of the service provider’s service management; The objectives and requirements that are to be achieved by service management; The processes that are to be executed; The framework of management roles and responsibilities, including the senior responsible owner, process owner and management of suppliers; The interfaces between service management processes and the manner in which the activities are to be coordinated; …con’t

15 © Stroma, 2009 Plan Service Management (Plan), con’t The plans shall, at a minimum, define: The approach to be taken in identifying, assessing and managing issues and risks to the achievement of the defined objectives; The approach for interfacing to projects that are creating or modifying services; The resources, facilities and budget necessary to achieve the defined objectives; Tools as appropriate to support the processes; and, How the quality of the service will be managed, audited and improved.

16 © Stroma, 2009 Implement Service Management & Provide the Services (Do) The service provider shall implement the service management plan to manage and deliver the services, including: Allocation of funds and budgets; Allocation of roles and responsibilities; Documenting and maintaining the policies, plans, procedures and definitions for each process or set of processes; Identification and management of risks to the service; Managing teams, e.g. recruiting and developing appropriate staff and managing staff continuity; Managing facilities and budget; Managing the teams including service desk and operations; Reporting progress against the plans; and, Co-ordination of service management processes.

17 © Stroma, 2009 Management shall conduct reviews at planned intervals to determine whether the service management requirements: Conform with the service management plan and to the requirements of this standard; and, Are effectively implemented and maintained. Monitoring, Measuring & Reviewing (Check)

18 © Stroma, 2009 Continual Improvement (Act) Policy Management of improvements Activities

19 © Stroma, 2009 Requirements for a Management System Management Responsibility Documentation Requirements Competence, Awareness and Training

20 © Stroma, 2009 Management Responsibility Management shall: Establish the service management policy, objectives and plans; Communicate the importance of meeting the service management objectives and the need for continual improvement; Ensure that customer requirements are determined and are met with the aim of improving customer satisfaction; Appoint a member of management responsible for the co-ordination and management of all services; …con’t

21 © Stroma, 2009 Management Responsibility, con’t Management shall: Determine and provide resources to plan, implement, monitor, review and improve service delivery and management e.g. recruit appropriate staff, manage staff turnover; Manage risks to the service management organization and services; and, Conduct reviews of service management, at planned intervals, to ensure continuing suitability, adequacy and effectiveness.

22 © Stroma, 2009 Documentation Requirements Service providers shall provide documents and records to ensure effective planning, operation and control of service management. This shall include: Documented service management policies and plans; Documented service level agreements; Documented processes and procedures required by this standard; and, Records required by this standard.

23 © Stroma, 2009 Competence, Awareness & Training All service management roles and responsibilities shall be defined and maintained together with the competencies required to execute them effectively. Staff competencies and training needs shall be reviewed and managed to enable staff to perform their role effectively. Top management shall ensure that its employees are aware of the relevance and importance of their activities and how they contribute to the achievement of the service management objectives.

24 © Stroma, 2009 Planning & Implementing New or Changed Services Objective: To ensure that new services and changes to services will be deliverable and manageable at the agreed cost and service quality. Proposals for new or changed services shall consider the cost, organizational, technical and commercial impact that could result from service delivery and management. The implementation of new or changed services, including closure of a service, shall be planned and approved through formal change management. The planning and implementation shall include adequate funding and resources to make the changes needed for service delivery and management.

25 Service Delivery Processes Capacity Management Service Continuity & Availability Management Service Level Management Service Reporting Information Security Management Budgeting and Accounting Release Process es Release Managem ent Resolution Processes Incident Management Problem Management Relations hip Processe s Business Relations hip Managem ent Supplier Manage ment Control Processes Configuration Management Change Management Management system Planning and implementing service management Planning and implementing new and changed services ISO / IEC Scope ISO/IEC 20000

26 © Stroma, 2009 Service Delivery Processes Service Level Management Service Reporting Service Continuity and Availability Management Budgeting and Accounting for IT Services Capacity Management Information Security Management

27 © Stroma, 2009 Relationship Processes Business Relationship Management Supplier Management

28 © Stroma, 2009 Resolution Processes Incident Management Problem Management

29 © Stroma, 2009 Control Processes Configuration Management Change Management

30 © Stroma, 2009 Release Processes Release Management

31 © Stroma, 2009 Part 2 of the Standard Same layout as part one Only difference is that you do not need to do any of part two until after certification Once ISO certified, use Part 2 to show continuous improvement

32 © Stroma, 2009 Service Level Management, Part 1 Objective: To define, agree, record and manage levels of service. The full range of services to be provided together with the corresponding service level targets and workload characteristics shall be agreed by the parties and recorded. Each service provided shall be defined, agreed and documented in one or more service level agreements (SLAs). SLAs, together with supporting service agreements, supplier contracts and corresponding procedures, shall be agreed by all relevant parties and recorded. …con’t

33 © Stroma, 2009 Service Level Management, Part 1, con’t The SLAs shall be under the control of the change management process. The SLAs shall be maintained by regular reviews by the parties to ensure that they are up-to-date and remain effective over time. Service levels shall be monitored and reported against targets, showing both current and trend information. The reasons for non-conformance shall be reported and reviewed. Actions for improvement identified during this process shall be recorded and provide input into a plan for improving the service.

34 © Stroma, 2009 Service Level Management, Part 2 The SLM process should manage and coordinate contributors of the service levels, to include: Agreement of the service requirements and expected service workload characteristics; Agreement of service targets; Measurement and reporting of the service levels achieved, workloads and an explanation if the agreed targets are not met; Initiation of corrective action; and, Input to a plan for improving the service.

35 © Stroma, 2009 ISO/IEC 20000: WHO? Registered Certification Body (RCB):  Registered by the itSMF  Have permission to operate under ISO20k scheme  Grant certification on behalf of the itSMF itSMF  Administers formal ISO20k certification worldwide

36 © Stroma, 2009 ISO/IEC 20000: WHY? (1) To qualify for competitions / RFPs To enter global markets To improve documentation To gain competitive advantage ‘Practice what you preach’ - Source: ISO/IEC20000: An Introduction, Van Haren

37 © Stroma, 2009 ISO/IEC 20000: WHY? (2) Reduce risk, cost and time to market Services become business-led (not technology driven) Your service more likely to be chosen over non- certified competitor Certification audits educate and raise awareness for employees Services become more reliable and consistent - Source:

38 © Stroma, 2009 ISO/IEC 20000: WHY? (3) Business and customers are more dependent on IT services and more demanding IT service management represents the lifecycle stage that consumes approximately 80% of the total IT spend Increased momentum for establishment of industry IT service delivery norms Need for improved consistency in quality of service Framework for measuring and improving Easier inter-changeability of staff and service providers

39 © Stroma, 2009 ISO/IEC 20000: HOW MANY?

40 © Stroma, 2009 ISO/IEC 20000: WHERE?

41 © Stroma, 2009 ISO/IEC 20000: HOW? The certification process involves seven steps: 1.Questionnaire 2.Application for assessment 3.Optional pre-audit 4.Initial audit (stage 1) 5.Certification audit (stage 2) 6.Surveillance audits 7.Re-certification audit

42 © Stroma, 2009 The Challenges Tools People Process Current tools not integrated or process oriented Inconsistent processes applied Differing requirements & priorities Reactive Culture Distribution Silo based Teams Inconsistent & disparate toolsets

43 © Stroma, 2009 ISO/IEC Key Messages Follow process because it is how we are supposed to work - not simply for ISO certification Internal audits performed by staff are valuable - higher awareness and education are gained Work on the premise: “If you can’t prove it, don’t do it”

44 © Stroma, 2009 Top 10 Tips for Achieving ISO/IEC Use an integrated ITSM tool. 2.Record everything. 3.All agreed policies/processes shall be followed. 4.Communicate, communicate, communicate. 5.Sell benefits of great job your team does.

45 © Stroma, 2009 Top 10 Tips for Achieving ISO/IEC Honesty is the best policy. 7.If you can’t prove it, you don’t do it. 8.Apply intelligently. 9.Invest in your people. 10. Make it a strategic decision.

46 © Stroma, 2009 Web Sites itSMF International: itSMF US: itSMF Canada:

Join Us For Lunch Every Tuesday At 12PM! Phone: