ISO/IEC 20000-1 (IT Managed Services) Configuration Management Database?

N

nomisd

#1
I have been tasked with looking at gaining certification to ISO/IEC 20000-1 (IT Managed Services).

One of the biggest sticking points we currently have is that we cannot agree on what a Configuration Management Database (CMDB) should be for. The clause in the standard states that "All configuration items shall be uniquely identifiable and recorded a CMDB......The CMDB shall be actively managed and verified to ensure its reliability and accuracy. The status of configuration items, their versions, locations, related changes and problems and associated documentation shall be visible to those who require it".

In the group that has been tasked with looking at implementation we currently have two schools of thought as to what this means. The first is saying this only to applies to internal information and systems, ie how we record this information about our own systems etc. The other is arguing that this should be for information about the managed services that we are providing to the customer, ie what equipment and in what configurations etc. My own personal view is a third way that it should be both of these, ie information about own own systems etc and information about what a customer has.

I have done back ground reading (on which my opinion is based), however the group have also done the same background reading (I supplied them with the references) but they are all interpreting this in information in different ways. Does anybody have any idea as to what the answer this is?
 
Elsmar Forum Sponsor

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#2
Can anyone in the Configuration Management community help out wth this?
 
Thread starter Similar threads Forum Replies Date
A ISO/IEC process of revising the ISO IEC 20000 standards - Your chance to have a say IT (Information Technology) Service Management 1
A ISO/IEC 20000 Toolkit For Academic Purpose IT (Information Technology) Service Management 6
T Capability Level Relationship with ISO/IEC 20000 Achievement IT (Information Technology) Service Management 2
Z ISO/IEC 20000 Checklist and/or Implementation Road Map IT (Information Technology) Service Management 11
Marc New Forum - ISO/IEC 20000 - 7 June 2010 IT (Information Technology) Service Management 0
A ISO/DIS 15223-1:2020 - Country of manufacture label (IEC 60417 No. 6049) - Which national law requires this symbol? Other Medical Device Related Standards 0
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
T Relationship between ISO 9001 and ISO – IEC BS EN 870079- 34 2020 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
T Help with BS EN ISO - IEC 80079-34 2020 (Explosive atmospheres QMS) Other ISO and International Standards and European Regulations 0
C ISO/IEC 17021-1 clause 7.1.2 - Determination of competence criteria Document Control Systems, Procedures, Forms and Templates 2
C ISO/ IEC 17021 Resource requirement (need help) Document Control Systems, Procedures, Forms and Templates 5
T ISO/IEC 17065 certification scheme Help Other ISO and International Standards and European Regulations 7
R Who is the customer in the ISO/IEC 17025:2017? ISO 17025 related Discussions 1
M Risk Analysis Flow - Confusion between ISO 14971 and IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 8
I Approved Suppliers ISO/IEC 17025:2017 and used test equipment ISO 17025 related Discussions 6
S The (E) in ISO/IEC 17025:2017(E) ISO 17025 related Discussions 3
MDD_QNA QR Code Standard ISO/IEC 15417:2007 - Does anyone use it? Other Medical Device Related Standards 3
DuncanGibbons Who are ISO/IEC 17065 and 17025 applicable to? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
V IS/ISO/IEC 17025:2017 Clause 7, sub clause 7.11 Control of data and information management ISO 17025 related Discussions 1
V IS/ISO/IEC 17025:2017 Clause 4.1 Impartiality ISO 17025 related Discussions 3
P Risk acceptability alignment between ISO 14971 and IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 6
S Relationship between IEC 62304 problem resolution and ISO 13485 IEC 62304 - Medical Device Software Life Cycle Processes 8
S When is the last date for transition to ISO/IEC 80079-34:2018? Other ISO and International Standards and European Regulations 0
M Informational ISO TC 210 IEC SC 62A JWG 1 Medical device risk management – São Paulo meeting 2019 Medical Device and FDA Regulations and Standards News 6
M Medical Device News ISO TC 210 IEC SC 62A JWG 1 Medical device risk management – São Paulo meeting 2019 Medical Device and FDA Regulations and Standards News 0
D Laboratory Manual ISO/IEC 17025 Example wanted ISO 17025 related Discussions 2
Douglas E. Purdy ISO/IEC 17025:2017 3rd Ed. Changes from 2nd Ed. ISO 17025 related Discussions 6
Douglas E. Purdy ISO/IEC 17025:2017 Clause 8 & Annex B ISO 17025 related Discussions 9
Le Chiffre Is ISO/IEC 27001 appropriate for most small businesses? IEC 27001 - Information Security Management Systems (ISMS) 2
D IEC 60601-1 and ISO 14971 Assessment IEC 60601 - Medical Electrical Equipment Safety Standards Series 25
L What are the rules on significance of digits in numbers in IEC/ISO standards? IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
A ISO/IEC 27001 - Issue during implementation of system IEC 27001 - Information Security Management Systems (ISMS) 3
C Data Matrix and DPM (direct part marking) UDI Standards - ISO/IEC TR 29158 Other US Medical Device Regulations 2
T Is there any requirement to be compliant with IEC 62304 while implementing ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 5
Ajit Basrur Informational ISO/IEC 17025:2017 Published - November 2017 ISO 17025 related Discussions 8
G Effect of ISO9001 2015 transition on ISO IEC 80079-34 Other ISO and International Standards and European Regulations 3
Richard Regalado ISMS Auditing Guideline V2 (based from ISO/IEC 27001:2013) IEC 27001 - Information Security Management Systems (ISMS) 7
B Our NB says that IEC 62304 is an ISO 14971 Requirement ISO 14971 - Medical Device Risk Management 1
B Clarification on interpretation of some EN ISO 14971:2012 & IEC 62304:2006 req's ISO 14971 - Medical Device Risk Management 46
H ISO 14971 vs. IEC 62304 vs. 98/79/EC vs. ISO 13485 (Software Medical Device) ISO 14971 - Medical Device Risk Management 1
M Does Calibration to ISO/IEC 17025 conform to Z540.3? ISO 17025 related Discussions 1
K ISO/IEC 27000, ISO 15408 and the DSS security clearance (FCL) -- Oh, My IEC 27001 - Information Security Management Systems (ISMS) 0
M IEC 62304, ISO 14971 and FDA Medical Device SW Guidance 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
Richard Regalado ISO/IEC 27001:2016 Overview and Vocabulary - FREE! IEC 27001 - Information Security Management Systems (ISMS) 3
K ISO 14971 and IEC 62304 - Medical Device Software House ISO 14971 - Medical Device Risk Management 9
Richard Regalado ISO/IEC 27001 Mandatory Documentation Checklist IEC 27001 - Information Security Management Systems (ISMS) 1
P Where to start to helping other companies to get ISO IEC 27000? Consultants and Consulting 1
Richard Regalado Sharing a Statement of Applicability (SOA) for ISO/IEC 27001:2013 IEC 27001 - Information Security Management Systems (ISMS) 2
D ISO/IEC 17025 Implementation Workshop Ideas ISO 17025 related Discussions 2
M ISO 14971, IEC 60601 Satisfy 98/37/EC, 2006/95/EC, 2004/108/EC Directives? Other ISO and International Standards and European Regulations 3

Similar threads

Top Bottom