ISO/IEC 20000-1

Information technology – Service management – Part 1: Requirements for service management system


ISO/IEC 20000-1 is the first standard specifically focused on IT service management. This document sets out the requirements for organizations in establishing, implementing, maintaining and continuously improving service management systems (SMS). The requirements set out in this document include planning, designing, transitioning, delivering, and improving services to meet service requirements. Information technology (IT) is the use and utilization of computers to store, retrieve, and transmit data or information, primarily for the needs of companies. In modern business, regardless of where the company’s headquarters are, IT services must be reliable, cost-effective, sustainable and efficient, regardless of whether they are internal IT services or the provision of IT services is part of the company’s business.

ISO/IEC 20000-1 helps organizations to efficiently manage IT services and deliver quality service using a comprehensive process approach.
Enables easy integration with existing management systems and provides greater efficiency in maintaining and auditing management systems.


Implementation of ISO/IEC 20000-1 achieves many benefits, such as:

  • Keeping confidential information,
  • Providing customers and interested parties with confidence in risk management in IT,
  • Enabling secure exchange of information,
  • Achieving compliance with regulations,
  • Improving competitiveness,
  • Ensuring consistency in the delivery of a service or product,
  • Reducing the occurrence of business risks,
  • Builds a security culture,
  • Protects organization, property and interested parties.

ISO/IEC 20000-1 certification brings many advantages, such as:

  • Harmonization of information technology services and business strategy of the organization,
  • Providing comparisons with best practices,
  • Creating a competitive advantage through the promotion of consistent and economical services,
  • Management responsibility and responsibility at all levels, which creates a more advanced level of service,
  • Improving the reputation of the organization,
  • Improving the connection between different sectors through better definition, clearer responsibilities and distribution of goals,
  • Creating a stable framework for training and service management.
  • Prerequisite for working with foreign clients,
  • Prerequisite for cooperation with large systems,
  • Increasing the trust of service users,
  • Reduction of information compromise,
  • Raising awareness and culture of employees about the importance of information security,
  • Reduction of risk and costs of recovery from incidents,
  • Implementation of adequate technical, organizational and personnel measures.