Viktorija Donceva

Trajkovski & Partners Management Consulting

Ohrid, May 2009

 Introduction

If you dont want to help yourself, no one can

Law

regulation from the National bank of the Republic of Macedonia

ISO

20000:2005 standard requirements

Practical

experience from implementation of ISO 20000:2005

07.09.2013

If you dont want to help yourself, no one can

3
07.09.2013

 First

worldwide standard specifically aimed at IT Service Management

If you dont want to help yourself, no one can

Describes processes for delivery of services

Aligned

with and complementary to the process approach defined within ITIL 20000 consists of two parts:
ISO/IEC 20000-1, the formal Specification ISO/IEC 20000-2, the Code of Practice

ISO/IEC

Formerly

British Standard 15000, adopted by ISO in December, 2005

07.09.2013

If you dont want to help yourself, no one can

5
07.09.2013

 Introduction

and overview
If you dont want to help yourself, no one can

Scope,

terms and definitions

for a management system

Requirements

Planning
Planning

and implementing ITSM

and implementing new or changed IT services groupings

07.09.2013

Process

Overall management system

Planning and implementing service management Planning and implementing new/changed services Service delivery processes
Capacity management Service continuity and availability management Service level management Service reporting Information security management Budgeting and accounting for IT services

If you dont want to help yourself, no one can

Configuration management Change management

Control processes

Release processes
Release management

Resolution processes
Incident management Problem management

Relationship processes
Business relationship management Supplier management
07.09.2013

If you dont want to help yourself, no one can

8
07.09.2013

 DECISION

on the bank's information system security ("Official Gazette of the Republic of Macedonia" No. 31/2008) on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 78/08)

If you dont want to help yourself, no one can

DECISION

DECISION

on amending the Decision on the bank's information system security ("Official Gazette of RM" No. 31/2009)
07.09.2013

 Outsourcing

company of the bank with main activity of managing data processing system and which based on written agreement manages and stores bank data while performing bank or financial activities. outsourcing company shall obligatorily be certified in accordance with the international standard ISO/IEC 20000.

If you dont want to help yourself, no one can

The

07.09.2013

10

If you dont want to help yourself, no one can

11
07.09.2013

If you dont want to help yourself, no one can

To provide a management system, including polices and a framework to enable the effective management and implementation of all IT services

07.09.2013

12

 Policies

Service management and improvement policy, Budgeting and accounting policy, Release policy etc.

If you dont want to help yourself, no one can

Plans

Service management plan, Service improvement plan, Capacity plan etc. Improvement process, supplier management process, Change management process etc.

Processes

07.09.2013

13

 Procedures

Document control, Incident management, Problem management etc.

If you dont want to help yourself, no one can

Records

Service level agreements, Management review report, Proposal for new or changed services, Risk Assessments, Configuration management database (CMDB)etc.

07.09.2013

14

If you dont want to help yourself, no one can

15
07.09.2013

 Implemented Implemented Implementing

QMS based on ISO 9001:2000 ISMS based on ISO 27001:2005 ITSMS based on ISO 20000:2005
If you dont want to help yourself, no one can

The Scope of the IT Service Management System are all the services that the organization provides for its customers and for the internal users. ITSMS Framework + ITSM processes

Connections

and overlaps between the management systems

07.09.2013

16

ISO/IEC 20000-1:2005 1 Scope 2 Terms & definitions 3 Requirements for a management system 4 Planning and implementing service management 5 Planning and implementing new or changed services

ISO 9001:2008 1 3 4 7.1 7.2

ISO/IEC 27001:2005 1 3 4, A.6.1 A.6 A.10.3, A.12.1

If you dont want to help yourself, no one can

6 Service delivery process 7 Relationship processes

8 Resolution processes 9 Control processes 10 Release management

7.2 7.2.3/4.1
8.5 7.5.1 7.3

4.1, 4.2, A.10.8

A.10.10 A.12.2

07.09.2013

17

1. 2.

3.
4. 5. 6. 7. 8.

9.
10.

Introduction Service Management and Improvement Policy IT Service Management System Overview Management Responsibility Organization for Service Management ITSMS Documentation Services overview Planning and implementing service management Planning and implementing new or changed services Service Management Process Model
07.09.2013

If you dont want to help yourself, no one can

18

Defined 13 processes based on ISO 20000:2005 standard Service Improvement Planning and implementing new or changed services Service level management and reporting Service continuity and availability management Budgeting and accounting for IT services Capacity management Business Relationship management Supplier management Incident management Problem management Configuration management Change management Release management
07.09.2013

If you dont want to help yourself, no one can

19

 Service

Level Management
ISO20000-1:2005 ref. number: 6.1

If you dont want to help yourself, no one can

Service

Level Management Goal

To maintain and improve IT Service quality, through a constant cycle of agreeing, monitoring and reporting upon IT Service Achievements.

Service

Level Management objective

To define, agree, record and manage levels of service

07.09.2013

20

If you dont want to help yourself, no one can

21
07.09.2013

 List

of all services IT provides to Customers

If you dont want to help yourself, no one can

Provides

a clear explanation of the services, Customers/Users, descriptions and costs to any service provider business in order to define products and services and updated by the Business Development Department

Essential

Managed

07.09.2013

22

 Separate

catalogs for services provided to clients and internal services

If you dont want to help yourself, no one can

Each

service separately described through the following information:

name, Status of service, Description of service, Standard and additional service features, Frequency of service delivery, Service availability, Client technical requirements for using the service, Service support (description and hours), Service owner, Standard and additional Tariff costs, Service delivery level

Service

07.09.2013

23

Services included/excluded Service hours Availability / Reliability targets Throughput, transaction response times, batch turnaround times Support arrangements / targets Change targets Security Plan IT Service Continuity Plan Service costs and charges Reviews and reporting Penalties and Incentives

07.09.2013

If you dont want to help yourself, no one can

24

If you dont want to help yourself, no one can

Questions?
Thank you for your attention!

07.09.2013

25