1、PD ISO/IEC TR 20000-12:2016 Information technology Service management Part 12: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: CMMI-SVC BSI Standards Publication WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06PD ISO/IEC TR 20000-12:2016 PUBLISHED
2、 DOCUMENT National foreword This Published Document is the UK implementation of ISO/ IEC TR 20000-12:2016. The UK participation in its preparation was entrusted to Technical Committee IST/60/2, IT Service Management. A list of organizations represented on this committee can be obtained on request to
3、 its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2016. Published by BSI Standards Limited 2016 ISBN 978 0 580 90990 0 ICS 03.080.99; 35.020 Compliance with a B
4、ritish Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 October 2016. Amendments/corrigenda issued since publication Date Text affectedInformation technology Service management Part 12
5、: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: CMMI-SVC Technologies de linformation Gestion des services Partie 12: Directives sur la relation entre lISO/IEC 20000-1:2011 et les cadres de management du service: CMMI-SVC TECHNICAL REPORT ISO/IEC TR 200
6、00-12 First edition 2016-10-01 Reference number ISO/IEC TR 20000-12:2016(E) ISO/IEC 2016 PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E) ii ISO/IEC 2016 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in Switzerland All rights reserved. Unless otherwise specified, no
7、 part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs membe
8、r body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso.org PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E)Foreword iv Introduction v 1 Scope . 1 2 Normati
9、ve references 1 3 T erms and definitions . 2 4 Use of ISO/IEC 20000-1:2011 and CMMI-SVC . 2 4.1 Introduction to ISO/IEC 20000-1:2011 2 4.2 Introduction to CMMI-SVC 4 4.3 Relationships between ISO/IEC 20000-1:2011 and CMMI-SVC . 6 5 Correlation of CMMI-SVC to ISO/IEC 20000-1:2011 . 6 Annex A (informa
10、tive) Correlation of ISO/IEC 20000-1:2011 to CMMI-SVC Terms and definitions .15 Annex B (informative) Summary correlation of ISO/IEC 20000-1:2011 to CMMI-SVC 28 Bibliography .31 ISO/IEC 2016 All rights reserved iii Contents Page Foreword ISO (the International Organization for Standardization) and I
11、EC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with
12、particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have
13、established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of document should be note
14、d. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for iden
15、tifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is information given for the conven
16、ience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformit y assessment, as well as information about ISOs adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see
17、the following URL: www.iso.org/iso/foreword.html. The committee responsible for this document is ISO/IEC JTC 1, Information technology, SC 40, IT Service Management and IT Governance. A list of all parts in the ISO/IEC 20000 series can be found on the ISO website and in the Introduction of this docu
18、ment. PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E) iv ISO/IEC 2016 All rights reserved PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E) Introduction This document can assist readers in relating the requirements specified in ISO/IEC 20000-1:2011 to supporting text in one of the most
19、 commonly used service management frameworks, CMMI-SVC. Service providers can refer to this guidance as a cross-reference between the two documents to help them to plan and implement a service management system (SMS). ISO/IEC 20000-1:2011 is the International Standard for service management and spec
20、ifies requirements that can be used as the basis of a conformity assessment. ISO/IEC 20000-1:2011 can be used in different ways, including: a) as a source of requirements for service providers on the design, transition, delivery and improvement of services and service management capabilities; b) to
21、establish a consistent approach for an organization to use with all of its service providers, including those in its supply chain; c) as an unbiased basis to assess, measure and report service delivery and management capabilities including performance of specific service management processes; d) as
22、a set of criteria for audit and assessment of a service providers SMS, including service management processes. ISO/IEC 20000-1:2011 specifies an integrated process approach when the service provider plans, establishes, implements, operates, monitors, reviews, maintains and improves an SMS. The servi
23、ces can be delivered to internal or external customers. In ISO/IEC 20000-1:2011, a service is defined as a means of delivering value for the customer by facilitating results that the customer wants to achieve. The definition further notes that a service is generally intangible and that a service can
24、 also be delivered to the service provider by a supplier, an internal group or a customer acting as a supplier. The Capability Maturity Model Integration for Services (CMMI-SVC) draws on concepts and practices from other CMMI models and other service-focused frameworks and models. The CMMI-SVC model
25、 covers the activities required to establish, deliver, and manage services. As defined in the CMMI context, a service is an intangible, non-storable product. The CMMI-SVC model has been developed to be compatible with this broad definition. Service providers can implement and improve the SMS using t
26、he requirements specified in ISO/IEC 20000-1, the guidance in the other parts of the ISO/IEC 20000 series and CMMI-SVC. Both the ISO/IEC 20000 series and CMMI-SVC provide guidance to identify, plan, design, deliver, and improve services that deliver value to the business and its customers. ISO/IEC 2
27、0000 consists of the following parts, under the general title Information technology Service management: Part 1: Service management system requirements Part 2: Guidance on the application of service management systems Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 Part 4:
28、Process reference model Technical Report Part 5: Exemplar implementation plan for ISO/IEC 20000-1 Technical Report Part 6: Requirements for bodies providing audit and certification of service management systems 1) Part 9: Application of ISO/IEC 20000-1 to cloud services Technical Report 1) To be pub
29、lished. ISO/IEC 2016 All rights reserved v Part 10: Concepts and terminology Technical Report Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: ITIL 2)Technical Report Part 12: Guidance on the relationship between ISO/IEC 20000-1:2011 and service m
30、anagement frameworks: CMMI-SVC 3)Technical Report 2) ITIL is a registered trademark of AXELOS. 3) CMMI and CMMI-SVC are registered trademarks of the CMMI Institute. PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E) vi ISO/IEC 2016 All rights reserved TECHNICAL REPORT PD ISO/IEC TR 20000-12:201
31、6 ISO/IEC TR 20000-12:2016(E) Information technology Service management Part 12: Guidance on the relationship between ISO/IEC 20000- 1:2011 and service management frameworks: CMMI-SVC 1 Scope This document provides guidance on the relationship between ISO/IEC 20000-1:2011 and CMMI-SVC V1.3 (through
32、Maturity Level 3). Service providers can refer to this guidance as a cross-reference between the two documents to help them to plan and implement an SMS. An organization employing the practices in the indicated CMMI-SVC process areas can conform to many of the associated ISO/IEC 20000-1 requirements
33、. The guidance in Clause 4 describes how CMMI-SVC can support the demonstration of conformity to ISO/IEC 20000-1:2011. A description of the purpose and content of both publications in 4.1 and 4.2 is followed by Clause 5, which relates process areas in CMMI-SVC to clauses in ISO/IEC 20000-1:2011. The
34、 tables in Annexes A and B relate terms, clauses, and paragraphs in ISO/IEC 20000-1:2011 to CMMI- SVC. Table B.1 is a simplified summary of the correlation seen in Table 3 for those readers who want an overview. The tables indicate those aspects of ISO/IEC 20000-1:2011 and CMMI-SVC that represent th
35、e greatest link between the two sets of documents, from the perspective of a service provider. This document can be used by any organization or person who wishes to understand how CMMI-SVC can be used with ISO/IEC 20000-1:2011, including the following: a) a service provider that intends to demonstra
36、te conformity to the requirements of ISO/IEC 20000- 1:2011 and is seeking guidance on the use of CMMI-SVC to establish and maintain the SMS and the services; b) a service provider that has demonstrated conformity to the requirements of ISO/IEC 20000-1:2011 and is seeking guidance on ways to use CMMI
37、-SVC to improve the SMS and the services; c) a service provider that already uses CMMI-SVC and is seeking guidance on how CMMI-SVC can be used to support efforts to demonstrate conformity to the requirements specified in ISO/IEC 20000-1:2011; d) an appraiser or assessor who wishes to understand the
38、use of CMMI-SVC as support for the requirements specified in ISO/IEC 20000-1:2011. This document can also be used with the other parts of the ISO/IEC 20000 series. 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes r
39、equirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 20000-1:2011, Information technology Service management Part 1: Service management system requirements
40、 ISO/IEC 2016 All rights reserved 1 3 T erms a nd definiti ons For the purposes of this document, the terms and definitions given in ISO/IEC 20000-1:2011 and ISO/IEC/TR 20000-10:2015 apply. ISO and IEC maintain terminological databases for use in standardization at the following addresses: IEC Elect
41、ropedia: available at http:/ /www.electropedia.org/ ISO Online browsing platform: available at http:/ /www.iso.org/obp 4 Use of ISO/IEC 20000-1:2011 and CMMI-SVC 4.1 Introduction to ISO/IEC 20000-1:2011 ISO/IEC 20000-1:2011 specifies the general requirements for an SMS in Clause 4. In ISO/IEC 20000-
42、1:2011, Clauses 5 to 9, it specifies the service management processes, as shown in Table 1. Table 1 Service management processes in ISO/IEC 20000-1:2011 Process group Clause Process 5 Design and transition of new or changed services Service delivery processes 6 Service level management Service repor
43、ting Service continuity and availability management Budgeting and accounting for services Capacity management Information security management Relationship processes 7 Business relationship management Supplier management Resolution processes 8 Incident and service request management Problem managemen
44、t Control processes 9 Configuration management Change management Release and deployment management ISO/IEC 20000-1:2011 requires the application of the methodology known as “PlanDoCheckAct” (PDCA) to all parts of the SMS and the services. Figure 1 illustrates how the PDCA methodology can be applied
45、to the SMS, including the service management processes specified in ISO/IEC 20000-1:2011, Clauses 5 to 9 and the services. The PDCA methodology can be briefly described as follows: Plan: establishing, documenting and agreeing the SMS. The SMS includes the policies, objectives, plans and processes to
46、 fulfil the service requirements. Do: implementing and operating the SMS for the design, transition, delivery and improvement of the services. Check: monitoring, measuring and reviewing the SMS and the services against the policies, objectives, plans and service requirements and reporting the result
47、s. Act: taking actions to continually improve performance of the SMS and the services. PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E) 2 ISO/IEC 2016 All rights reserved PD ISO/IEC TR 20000-12:2016 ISO/IEC TR 20000-12:2016(E) Services Service management processes Service management system Pl
48、an Check Do Act Figure 1 PDCA methodology applied to service management Figure 2 illustrates an SMS, including the service management processes. The service management processes and the interfaces between the processes can be implemented in different ways by different service providers. The nature o
49、f the relationship between a service provider and the customer, the service management objectives, and the scope of the SMS will influence how the service management processes are implemented. Figure 2 Service management system ISO/IEC 20000-1:2011 supports the integration of an SMS with other management systems in the service providers organization. The adoption of an integrated process approach and the PDCA methodology enables the
