It’s still update season at CertiKit and following on from our recent launch of version 7 of our ISO/IEC 27001 toolkit and version 3 of the ISO22301 product, we have now completed our update of the ISO/IEC 20000 toolkit to version 6. Existing customers will receive this as part of their 12 month update subscription provided as part of their original purchase. ISO20000 deals comprehensively with the subject of IT service management and is used by many organizations to show that they have adopted the principles of a Service Management System (SMS) and ITIL.
A fuller explanation of what we do to find out what our customers want is included in our ISO/IEC 27001 version 7 announcement but basically we’ve spent the last 12 months listening to our customers via direct discussions, email questions, feedback surveys and our own experience to identify the changes and improvements they wanted to make to the ISO20000 toolkit even better. Thanks to everyone that contributed to that discussion and we hope we did your comments justice.
The previous version (version 5) of the ISO20000 toolkit was a major upgrade in terms of the content of process and policy documents so this time we thought we’d focus on a more general enhancement of all documents, adding new ones where we felt they were useful. We have amended the naming convention of documents to make it clearer which items are documents and which are forms, improved the labelling of tables and figures and removed the odd cosmetic item that proved unpopular.
Key documents such as the Risk Assessment and Treatment Process have been enhanced to give more context to risk assessments and provide a single process for service continuity and information security purposes. The corresponding reports have been developed in line with this revised process.
Internal auditing has been revamped with several new documents in this area, including an Internal Audit Checklist which gives an auditor a good starting point for what questions to ask during audit meetings. More detail has been added about what happens during an audit, including the types of nonconformity that may be raised.
A few documents that were peripheral to the requirements of the ISO20000 standard have been removed so that it’s clear what is necessary for certification.
All documents have been reviewed and any small faults found (or previously reported by customers) and out of date references have been fixed.
New documents added in Version 6 include:
The intention of this release is to make it even easier to achieve certification to the ISO/IEC 20000 standard by making the toolkit simpler to follow and more focussed on what needs to be done and we have tried to remove any distractions from this purpose. Customer feedback about the changes we made in version 5 was great and we’ve made sure we haven’t removed or altered anything that our customers particularly liked. Hopefully version 6 will build on this success and help many more organizations improve their IT service management and gain certification at the first attempt.