Join Suzanne Van Hove for an in-depth discussion in this video Critical terms, part of ISO20000.
- Hello and welcome to the fourth module in this series, and it's entitled, "Critical Terms". In this module we want to look at some of the common terms that are being used in 20000, and how they might conflict with some of the other service management frameworks that you may be used to. Let's pay close attention here and make sure that we have the right definition going in through the rest of these videos and as you think about ISO 20000.
First critical term here, and I think the most critical one, is management, the standard measures management. Management activities, not performance capabilities, but, management activities. Your organization, if you choose to go for that 20000 certificate, must show evidence of management. That means that you have policies and plans and objectives that we've measured, and we can show the ongoing measurement and improvement of those objectives or the actions that allow us to meet the objectives.
Again, this is about management, not actual IT performance from a "bits and a bytes" perspective. There are several other key terms, and this is found in chapter three of dash one, that these terms very much differ than the same terms or similar terms that you would find within ITIL. The first two, certification and compliance. ITIL will talk about compliance.
They will talk about making sure that you follow the process activities and the roles. You cannot get certified to ITIL. You cannot be, you know I almost kind of hate to say ITIL compliant as well. That kind of gives me shivers up my backbone as well. You can be certified to the ISO 20000 standard, meaning that you've met all of the shell statements, or the requirements.
You can be compliant to some of the best practices within ITIL. To get certification in 20000, of course, you have to comply to the requirements within 20000. Compliance and certification are not the same thing. You cannot be ITIL certified. Many individuals will say, "Oh, I've completed ' X ITIL class', I'm ITIL certified." No, you've taken a class, you've passed the exam, that's it.
You may have earned a certificate, which you have, but that doesn't mean that you're ITIL certified. It's just goofy language. So, let's just be very clear there. It may be clear, it may not be, but you can only earn a certificate as an organization to ISO 20000. Okay, and then you would be compliant the rest of the way. Compliant to a process, compliant to a standard. Okay, corrective action. Corrective action, action to eliminate the cause or to reduce the likelihood of an event.
In ITIL terms, we would call that a workaround. Here it's called a corrective action. Preventative action, an action to avoid or eliminate. So this is a proactive kind of a piece. We call it preventative action here. In the standard, the customer receives services. In ITIL, "customer" is the senior manager who has the authority and the budget to "purchase" services. And then the user uses or receives those services.
So, be very clear here, customer. We don't even have the user, other than, again, using the services, but that customer kind of spans the entire globe. Service provider manages and delivers a service. Information security within 20000, confidentiality, integrity, and accessibility of information. In ITIL, it's availability, so you have that CIA perspective . The interested parties within 20000, in ITIL terms, these are our stakeholders.
Okay, so, interested parties who would be involved or want to have more information, or understand how the service provider is delivering services. Service component is another one that differs a little bit. Single unit of service when combined with others creates a service. In ITIL we would say that's a CI, a configuration item. We have a service component here. And then top management, this is the phrase that is going to be our leadership. They're going to direct and control the service provider at the highest level, so we're going to talk about top management.
When you think about an international standard, it has to be "agreeable" to all cultures, all nations, all users. So if we said, "the CIO, the CEO, the director, "the manager", those phrases, or roles, may not translate into other cultures. So, the best phrasing that they could come up with, and this is very generic is, top management. When you see that, just think within your organizational structure, as highest as you can go.
Three other terms here that are very important and the first two, if your organization is going to go for certification, you have to be able to discriminate between the two. One is a document. The other is a record. A document shows intent. A plan is a document. A policy is a document. A record shows action or the evidence of some action.
The record is actually saying, "This is what we've done." The records would be what we are going to use to show that we have met a document, met the policy, met the plan. Document and record. Could a specific document be both a document and a record? Yes, and we'll show you that as we go on. There's a specific place for it later on. Really keep those two separate as you think about it.
The documents show intent. Records shows evidence of action, that we've met some intent, or some policy, or some plan. The last one is effectiveness, and this is one that I've struggled with for a number of years, in just trying to get that good, solid definition of, "What does it mean to be effective?" It's the extent that the planned results were achieved. In other words, what we thought was going to happen, did it, and how well did it do it? It's the extent that what was expected actually was achieved.
That's the effectiveness of some process or some service. Now, in your handout packet, you actually have an extract of chapter three, which is the terms and definitions. In the standard itself, there's actually 37 terms that are defined, and we've given you a third of them in the handout. Some of them are the most critical or the most used within this foundation level. I encourage you to make sure that you look at that handout and make sure that you understand the definitions that are provided to you in that handout.
As you move forward, and then use that, as we go through and talk about the various processes. Again, so when we think about ISO 20000, we're going to continue to come back to this diagram, because it is process oriented, that we have customers or other interested parties, stakeholders, that provide service requirements. It comes into the service provider organization, who's being dictated by a service management system, and have processes in place for managing service delivery, the design and transition of newer changed services.
How we control, how we resolve, and how we manage our relationships, that we have a defined outcome of services that meet the expectations and the requirements that were defined before they went into our process by our customers or other interested parties. Again, this is ISO 20000. In our next module, we're going to spend a great deal of time, or some very concerted time looking at that service management system.
We now have an understanding of, "What is service management?" "What is a service?" Some of the terms that are associated within 20000, that may differ from ITIL, as well as terms that are specific to 20000, as well as some of the other service management frameworks. Now we're going to get into the nitty-gritty in our next module, about the service management system.