Skip main navigation
Certification ISO 20000 for IT Service Management Systems
Certification ISO 20000 for IT Service Management Systems

Certification ISO 20000 for IT Service Management Systems

Certification ISO 20000 for IT Service Management Systems

Requirements necessary to provide services related to IT aligned with the needs and objectives of the business, with quality, security and added value for clients and stakeholders


Standard UNE-ISO/IEC 20000-1:2018 promotes the adoption of an integrated process approach for the effective provision of managed IT services, which satisfies the requirements of the business and its clients through continuous improvement.

The implementation of the UNE-ISO/IEC 20000-1 ensures that the services IT are aimed at the business, in other words, the basic and fundamental objective of the operation/ production department is to provide a service with the utmost quality and security either to the organisation itself or to its external clients, considering IT risks.

The Code of Good Practices is the second part of ISO/IEC 20000-2 Standard and represents the set of best practices adopted and accepted by the industry in this regard.

Main changes in the new 2018 version:

It has been adapted to the high-level ISO structure used for all management system standards.

  • Emerging market trends have been taken into account in services management, such as:
    • Cloud,Agile – Devops Servitisation (adaptation of services to new businesses).
       
    • Managing multiple suppliers by an internal or external service integrator.

    • The need to determine the value of services for clients and stakeholders.
  • There are changes in the denomination of certain concepts; for instance "service provider" for "organisation"; Configurations Database (CMDB) as "configuration information".
  • The previously combined sections on incident management, service requests, service continuity, service availability, service levels, service catalogue, capacity and demand have been separated.
  • Certain requirements have been simplified and the required information documented, leaving only key documents on the Management System.

Benefits for your company:

  • Aligning IT services to business needs.
  • Providing adequate management of the quality of the IT service offered.
  • Maximising the quality and efficiency of the IT service.
  • Reducing the risks associated to IT services.
  • Reducing costs and increasing customer and supplier satisfaction
  • Suitable management of multiple external or internal suppliers; as well as value for stakeholders.
  • Clear vision of the capacity of IT departments.
  • Minimise the time of the incident and change cycle and improve metric-based results.
  • Decision-making based on key performance and IT indicators.
  • Provide an added value of trust, improving its image amongst other companies, becoming a factor of distinction from the competition.
  • The standard is a commodity for the IT production/operations areas because it is a pragmatic and industrialisable methodology.
  • It takes into account new trends, such as Cloud, Agile-Devops, servitisation, etc.


Any organisation of any sector whose IT department provides services IT either to the organisation itself or to external organisations. In other words, all business sectors that have an internal or external Data Processing Centre. (on-premise; outsourcing/cloud).

Thanks to its structure, it can easily be integrated with the UNE-ISO/IEC 27001 Information Security Management Systems, given that UNE-ISO/IEC 20000-1 has an Information Security Management process. And, in short, with any process management system like UNE-EN ISO 9001. It can also take into account the DEVOPS function (Agile methodologies).

Once the audit process has been successfully completed, if the implemented system meets the requirements of the ISO/IEC 20000-1 standard, the organisation will obtain:  

  • The AENOR IT Management Services Certificate.
  • Licence to use the AENOR IT Services Management mark.
  • The IQNet Certificate, passport for international access of its certification. With it, its AENOR certificate will be recognised by leading certification entities all over the world.
  • A licence to use the IQNet mark. 

Furthermore, organisations with management systems certified by AENOR have free access to the AENORnet and a subscription to the AENOR monthly magazine.

AENOR Mark for IT Service Management

AENOR Management Mark
ICT Services

IQNet Mark MANAGEMENT SYSTEM

IQNet Mark
MANAGEMENT SYSTEM​

​ 

Among the companies in possession of this certificate are: El Corte Inglés internal Data Processing Centre, Telefónica Solutions external Data Processing Centre, several financial entities and organisations such as CEPSA, INDRA, IECISA, BURO DE CREDITO (Mexico), TELEFONICA Soluciones, BANCO DE LA NACIÓN (Peru), etc. AENOR has issued over 200 UNE-ISO/IEC 20000-1 Information Technology Service certificates.