When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.
You may be aware that the ISO/IEC 27001 information security standard was revised in 2013 for the first time since 2005 and many of the changes were to bring it in line with what the ISO calls “Annex SL”. This is ISO’s attempt to standardise the management system elements of its popular standards to a common framework so that organisations can run a single system across multiple standards rather than having to piece individual ones together.
The ISO22301 business continuity standard was the first to adopt Annex SL when it was launched in 2012. The question is “will ISO revise the ISO/IEC 20000 standard early to adopt Annex SL too?”. At a recent event I had the chance to talk to one of the leading lights on the ISO/IEC 20000 standard committee and ask this question.
The general view seems to be that the ISO/IEC 20000 standard will be reviewed according to the normal timeframe for such standards. Officially this is every five years but experience has shown that it can often be two or three years longer than that. When it does come out it will be in the structure of Annex SL but the approach in terms of service management content is very much one of evolution rather than revolution and so the changes will be kept to a minimum where possible (unless the IT landscape changes in a big way before then which many would say is quite likely).
So if you are working to ISO/IEC 20000:2011 at the moment you can have some confidence that it will be a while before you will need to get to grips with the next version.
CertiKit is a provider of ISO toolkits, consultancy and internal auditing services, and has helped more than 4000 organizations worldwide with their compliance.
For more guidance on implementing the ISO20000:2018 standard, we’ve put together a list of our best free resources including sample documents, blogs and downloadable documents.