ISO 20000 scope

ISO 20000 itself is not clear on scoping. It says, simply, that it defines ‘the requirements for a service provider to deliver managed services of an acceptable quality for its customers.’ This statement is so broad that it might appear that virtually any organization that delivers managed services to customers would be eligible for ISO 20000 certification.
It is necessary to turn to the additional, published guidance on ISO 20000 scoping to clarify the requirements. Clause 1 of these guidelines says: “in order for a Service Provider organization to achieve certification under the ISO/IEC 20000 scheme it must be able to demonstrate that it has ‘management control’ of all the processes defined within the ISO/IEC 20000 standard. For this purpose, ‘management control’ of a process consists of:

• Knowledge and control of inputs;
• Knowledge, use and interpretation of outputs;
• Definition and measurement of metrics;
• Demonstration of objective evidence of accountability for process functionality in conformance to the ISO/IEC 20000 standard; and
• Definition, measurement and review of process improvements.”