ISO 20000 and ISO 17025 Compatability - Implementing both standards

W

wooster

#1
Hi

Could anyone give me some advice or experience feedback ?
We already have ISO 9001-2008 for 3 years now.

Our CEO wants to go further and to obtain the ISO 17025. I'm happy with that, since I understood that ISO17025 included most of ISO 9001 requirements, and section 5 , on metrology, is our core activity.

The problem is that he also wants to get the ISO 20000 at the same time.

I'm not sure of the comptability between 20000 and 17025.
Does anyone have any suggestions ?
Thx:thanx: in advance
 
Elsmar Forum Sponsor
#2
Re: ISO 20000 and ISO 17025

Bon jour, Wooster:

For your business, it seems that the 'jump' from ISO 9001 to ISO/IEC 17025 wouldn't be too great. I'm not certain how ISO 20000 would fit your business, since it's about IT services...does your boss know this?

To try to implement two Management System requirements (standards) at the same time is possibly going to be a big nightmare. Certainly there are going to be common elements (even if 20K is useful) but I'd suggest that since different organizations are going to be involved, it could become a real pain to manage. Best check for applicability of 20K to the business, get a gap assessment done for both and work out what's common, then implement them in a phased approach with 17025 first...
 

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#3
Your profile says you're in Numeric Services Monitoring Tools, so I assume this is software development. Please correct me if I'm wrong and let us know specifically what your company does. How does ISO 17025 fit in the picture?

Implementing integrated management systems isn't a big deal. Start wth a comparison matrix and go from there. For example: Integrated Management System QMS, EMS & OHSAS

See:

Integration

and

Management Systems

Don't over think the whole thing.
 
W

wooster

#4
Thank you (both of you ) for your reply.

My company is providing SaaS monitoring tools for all numeric services : Our monitoring infrastructure audit the performance of applications which convey data, voice or television/video over the IP network.
The results provided are showing the end user perception in terms of availibility, performance, and quality (streaming, voice) (our website: ip-label .com)

We are working with regulations authorities for european countries , the equivalent of the FCC in the USA.
We are providing the infrastructure necessary to monitor services from 80 points worldwide.

To demonstrate our ability to perform these measurements and tests, we have been advised to try the 17025 accreditation.
So far, we have not applied for the accreditation, but the COFRAC (accredittion organisation) told me that IT activities are in the scope of 17025.

Thanks again.
 
#5
I think COFRAC have it wrong. You are much more the ISO 20000 and ISO 27000 type of organization. Maybe they were confusing 27001 for 17025?
 
W

wooster

#6
Hmm .. I don't know: 27000 is for Security (definitely not our concern) and 20000 for processes. 20000 may be relevant, but not on our testing activities.
They think that 17025 could be appropriate because we are performing tests on numeric devices and services...
 

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#7
Are these mechanical numeric devices? Or is it software and you're using software tools? Never mind. Just caught your last post.
 

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#9
Wikipedia reference-linkISO/IEC_20000

ISO/IEC 20000 is the first international standard for IT Service Management. It was developed in 2005, by ISO/IEC JTC1 SC7. It is based on and intended to supersede the earlier, BS 15000.

Formally: ISO/IEC 20000-1 ('part 1') "promotes the adoption of an integrated process approach to effectively deliver managed services to meet the business and customer requirements". It comprises ten sections:

* Scope
* Terms & Definitions
* Planning and Implementing Service Management
* Requirements for a Management System
* Planning & Implementing New or Changed Services
* Service Delivery Processes
* Relationship Processes
* Control Processes
* Resolution Processes
* Release Process.

ISO/IEC 20000-2 ('part 2') is a 'code of practice', and describes the best practices for service management within the scope of ISO/IEC 20000-1. It comprises the same sections as 'part 1' but excludes the 'Requirements for a Management system' as no requirements are imposed by 'part 2'.

ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework, although it equally supports other IT Service Management frameworks and approaches including Microsoft Operations Framework and components of ISACA's COBIT framework. It comprises two parts: a specification for IT Service Management and a code of practice for service management. The differentiation between ISO/IEC 20000 and BS 15000 has been addressed by Jenny Dugmore.

The standard was first published in December 2005.

Also see: The ITIL, BS15000 & ISO 20000 User Group - This is a small forum with a bit of information.
 

harry

Super Moderator
#10
This is from the ISO website: ISO/IEC 20000-1:2005

ISO/IEC 20000-1:2005 defines the requirements for a service provider to deliver managed services. It is based on BS 15000-2, which has been superseded.

It may be used

1. by businesses that are going out to tender for their services;
2. to provide a consistent approach by all service providers in a supply chain;
3. to benchmark IT service management;
4. as the basis for an independent assessment;
5. to demonstrate the ability to meet customer requirements;
6. to improve services.


ISO/IEC 20000-1:2005 promotes the adoption of an integrated process approach to effectively deliver managed services to meet business and customer requirements. For an organization to function effectively it has to identify and manage numerous linked activities. Co-ordinated integration and implementation of the service management processes provides the ongoing control, greater efficiency and opportunities for continual improvement.
 
Thread starter Similar threads Forum Replies Date
A Implementing ISO 20000-1 - Where to start Other ISO and International Standards and European Regulations 2
R ISO 20000 requirement about the Change Management Policy IT (Information Technology) Service Management 3
S Sample document for integrated ISO 20000 & ISO 27001 Other ISO and International Standards and European Regulations 3
A ISO/IEC process of revising the ISO IEC 20000 standards - Your chance to have a say IT (Information Technology) Service Management 1
S Integrating ISO 20000 and ISO 31000 with ISO 9001 IT (Information Technology) Service Management 2
N ISO 20000 Implementation Guide and Compliance Checklist wanted IT (Information Technology) Service Management 2
A ISO/IEC 20000 Toolkit For Academic Purpose IT (Information Technology) Service Management 6
T Capability Level Relationship with ISO/IEC 20000 Achievement IT (Information Technology) Service Management 2
T ISO 20000 Mapping to ITIL and COBIT IT (Information Technology) Service Management 4
Z ISO/IEC 20000 Checklist and/or Implementation Road Map IT (Information Technology) Service Management 11
J Comparison table between ISO 20000 and ISO 9001 IT (Information Technology) Service Management 7
S Combining (aka "Bridging") ISO 9001:2008 and ISO 20000 IT (Information Technology) Service Management 5
P ISO 20000 Sample Procedures and Formats IT (Information Technology) Service Management 10
J ISO 20000 Revisions for 2011 Standard Version IT (Information Technology) Service Management 2
M ITIL vs. ISO 20000 Change Management Requirements IT (Information Technology) Service Management 3
M A few Questions on ISO 20000 - IT Service Management System (ITSMS) IT (Information Technology) Service Management 8
Marc New Forum - ISO/IEC 20000 - 7 June 2010 IT (Information Technology) Service Management 0
I ISO 20000 Checklist for Gap Analysis and Internal Audit Other ISO and International Standards and European Regulations 2
P Has anyone compared ISO 19011:2002 to ISO 20000-2 (Service Management)? Internal Auditing 4
N ISO/IEC 20000-1 (IT Managed Services) Configuration Management Database? Other ISO and International Standards and European Regulations 2
I ISO 20000 IT Service Management Standard published - Based on BSI standard BS 15000 Other ISO and International Standards and European Regulations 0
V Certification Agency (Company) for BS 15000 - Now ISO 20000 IT (Information Technology) Service Management 18
chris1price Archiving of paper records - ISO 9001 7.5.3.1b Records and Data - Quality, Legal and Other Evidence 2
M Transferring ISO 17025 from one company to another ISO 17025 related Discussions 1
D Common practices in ISO 9001 deployment ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
B ISO 17025:2017 risk management Risk Management Principles and Generic Guidelines 0
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
M Label Making & Printing Standards ISO / ASTM ISO 13485:2016 - Medical Device Quality Management Systems 5
Sidney Vianna Interesting Discussion Should ISO 9004 be changed from a guidance standard to a requirements standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Ed Panek ISO 13485:2016 Section 5.5.3 ISO 13485:2016 - Medical Device Quality Management Systems 3
Q Do these certificates of calibration meet ISO 9001 requirements for traceability to NIST? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
ebrahim QMS as per ISO 13485, Clause 4.2 Requirements for regulatory purposes for Medical Devices Authorized Representatives. ISO 13485:2016 - Medical Device Quality Management Systems 3
S ISO 2768-mk print call out Other ISO and International Standards and European Regulations 11
T ISO 17024, clauses 4.3.8. and 5.1.1. Other ISO and International Standards and European Regulations 4
C ISO 14001:2015 6.1.3 Compliance Obligations - Legal requirements monitoring ISO 14001:2015 Specific Discussions 0
C Requirement to link Quality Manual to ISO 9001 clause numbers? ISO 13485:2016 - Medical Device Quality Management Systems 13
D ISO 13485 scope (implantable) - Polymers for dental application EU Medical Device Regulations 9
W First time being audited (ISO 9001), asking for advice ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
John C. Abnet ISO 26262 ISO 26262 - Road vehicles – Functional safety 3
Marc ISO 26262- Road vehicles – Functional safety ISO 26262 - Road vehicles – Functional safety 0
John C. Abnet ISO 26262 IATF 16949 - Automotive Quality Systems Standard 0
A ISO/DIS 15223-1:2020 - Country of manufacture label (IEC 60417 No. 6049) - Which national law requires this symbol? Other Medical Device Related Standards 0
P ISO 14644 Class 8 Cleanroom Air Filter Requirements Other Medical Device Related Standards 4
K PDCA cycle and ISO processes alternative model Quality Management System (QMS) Manuals 14
N ISO 13485 7.3.9 Change control in medical device software ISO 13485:2016 - Medical Device Quality Management Systems 6
A ISO 13485 procedure change and reflect to legacy manufacture items ISO 13485:2016 - Medical Device Quality Management Systems 2
D ISO 13485 & CE Certification for Surgical Gloves CE Marking (Conformité Européene) / CB Scheme 0
S ISO 11137- Simulated product vs SIP Other Medical Device Related Standards 2
D Which ISO Standard to purchase? ISO 13485:2016 - Medical Device Quality Management Systems 7

Similar threads

Top Bottom