top of page

ISO 20000-1 Certification and IT Service Management Systems

What is ISO 20000-1?

ISO 20000-1 is an internationally recognised standard for IT service management systems (ITSMS). It provides a structured framework to help organisations deliver consistent, reliable, and high-quality IT services.

The standard focuses on:

  • Designing, delivering, and improving IT services

  • Aligning IT services with business and client requirements

  • Managing service performance and service levels

  • Controlling risks and service disruptions

  • Driving continual improvement in service delivery

 

It is particularly relevant for organisations delivering IT services internally or to external clients.

What Does ISO 20000-1 Involve?

Implementing ISO 20000-1 involves establishing a management system that governs how IT services are planned, delivered, monitored, and improved.

This typically includes:

  • Defining the scope of IT services within the management system

  • Establishing service management policies and objectives

  • Defining roles, responsibilities, and governance structures

  • Managing service level agreements (SLAs) and performance targets

  • Implementing incident and service request management processes

  • Managing problems and root cause analysis

  • Controlling changes to services and infrastructure

  • Managing configuration and asset information

  • Managing suppliers and third-party service providers

  • Ensuring service continuity and availability

  • Monitoring, measuring, and reporting on service performance

  • Conducting internal audits

  • Completing management reviews

  • Driving continual improvement

 

The objective is to create a structured, consistent approach to IT service delivery that is aligned to both business needs and customer expectations.

Benefits of ISO 20000-1

ISO 20000-1 provides both operational and commercial advantages:

  • Improved consistency and reliability of IT service delivery

  • Enhanced customer satisfaction and service experience

  • Better control of incidents, changes, and service risks

  • Clearer governance and accountability within IT functions

  • Increased credibility when tendering for IT service contracts

  • Alignment with other standards such as ISO 27001

 

It demonstrates that your organisation can deliver IT services in a controlled and professional manner.

Who is ISO 20000-1 Suitable For?

ISO 20000-1 is suitable for organisations that:

  • Provide IT services to external clients or internal stakeholders

  • Need certification to win or retain IT service contracts

  • Want to improve service quality, consistency, and control

  • Operate service desks, managed services, or support functions

  • Are aligning IT delivery with recognised best practice frameworks such as ITIL

 

It is widely used across IT service providers, SaaS organisations, managed service providers (MSPs), and internal IT departments.

How Certification is Achieved

Certification is carried out by a UKAS-accredited certification body and typically follows these stages:

  • Gap analysis (optional)

  • Definition of ITSMS scope and service catalogue

  • Development of service management processes and controls

  • Implementation across the organisation

  • Internal audit and management review

  • Stage 1 audit (readiness assessment)

  • Stage 2 audit (certification audit)

 

Certification audits assess both documented processes and the effectiveness of service delivery in practice.

Once certified, organisations are subject to annual surveillance audits to maintain certification.

Certification Support

We support clients through the full certification process, including audit preparation and coordination with certification bodies.

Certification itself is carried out by independent UKAS-accredited certification bodies, ensuring impartial assessment. A list of UKAS-accredited certification bodies can be found here.

We recommend that you engage with a UKAS-accredited certification body early in the process as each have different processes and lead times can vary.

How Long Does It Take?

Timescales depend on:

  • The size and complexity of the organisation

  • The number and type of IT services delivered

  • The maturity of existing service management processes

 

Typical timeframe:

  • 3–9 months

  • Shorter where structured service management processes already exist

  • Longer where processes and controls need to be developed from scratch

 

Implementation can be more complex due to the need to align multiple service management processes.

Common Misconceptions

  • ISO 20000-1 is not just an IT policy framework

  • It is not limited to large IT organisations

  • It is not solely documentation-based; service delivery must be effective in practice

  • It does not replace ITIL but can align with it

  • It is not a one-off project; ongoing management is required

  • A well-designed system should improve service delivery, not create unnecessary bureaucracy

How We Support You

We provide practical, hands-on support to help you achieve and maintain ISO 20000-1 certification.

Our services include:

  • Gap analysis and service management reviews

  • Support with defining ITSMS scope and service catalogue

  • Development of tailored service management processes

  • Alignment with ITIL or existing frameworks

  • Implementation support aligned to your operations

  • Internal audits

  • Ongoing compliance and system maintenance

 

Our approach is proportionate, pragmatic, and commercially focused, ensuring your system is effective, auditable, and aligned to your service delivery objectives.

bottom of page