Readiness Consulting
GRC Certification ISMS - ISO 27000 series
GRC Certification ITSMS - ITIL / ISO 20000
GRC Certification BCMS - BS 25999
IT Security Training
HISP GRC Certification
GRC Certification Controls Framework Development
GRC Certification Governance, Risk and Compliance (GRC)
IT Security Training
HISP GRC Certification
Independent Assessment
GRC Certification Compliance/Readiness Assessment
GRC Certification Integrated Assessment
GRC Certification Maturity Assessment
GRC Certification Management System Maintenance
GRC Certification Data Security Audit
GRC Certification Shared Assessment Audit
GRC Certification Internal Audit
GRC Certification Mock Audit
IT Security Training
HISP GRC Certification
Case Studies
GRC Certification

IT Security Training
HISP GRC Certification
GRC Certification
Readiness Consulting - ITSMS - ITIL / ISO 20000
GRC Certification

What is ITIL / ISO 20000?

ITIL: The Information Technology Infrastructure Library (ITIL) is a set of concepts and practices for managing Information Technology (IT) services (ITSM), IT development and IT operations.

ITIL gives detailed descriptions of a number of important IT practices and provides comprehensive checklists, tasks and procedures that any IT organization can tailor to its needs. ITIL is published in a series of books, each of which covers an IT management topic. The names ITIL and IT Infrastructure Library are registered trademarks of the United Kingdom's Office of Government Commerce (OGC).

ITIL v3 is comprised of Five volumes, published in May 2007:

1. Service Strategy
2. Service Design
3. Service Transition
4. Service Operation
5. Continual Service Improvement

ISO/IEC 20000: ISO/IEC 20000 is the first international standard for IT Service Management. It was developed in 2005, by the BSI Group. It is based on and intended to supersede the earlier BS 15000.

Formally: ISO/IEC 20000-1 ('part 1') "promotes the adoption of an integrated process approach to effectively deliver managed services to meet the business and customer requirements".

It comprises ten sections:

Terms & Definitions
Planning and Implementing Service Management
Requirements for a Management System
Planning & Implementing New or Changed Services
Service Delivery Processes
Relationship Processes
Control Processes
Resolution Processes
Release Process

ISO/IEC 20000-2 ('part 2') is a 'code of practice', and describes the best practices for service management within the scope of ISO/IEC 20000-1. It comprises the same sections as 'part 1' but excludes the 'Requirements for a Management system' as no requirements are imposed by 'part 2'.

ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework, although it equally supports other IT Service Management frameworks and approaches including Microsoft Operations Framework and components of ISACA's COBIT framework. It comprises two parts: a specification for IT Service Management and a code of practice for service management. The standard was first published in December 2005.

Why adopt ITIL / ISO 20000?/

ISO/IEC 20000:2005 defines an integrated process approach for delivery of managed services and offers substantive benefits. Importantly, it aligns with ITIL, the globally adopted IT Infrastructure Library, which offers individual certifications (as opposed to the organizational certification offered by ISO standards).

ISO/IEC 20000:2005 is ideal for any organization looking to deliver consistent quality and cost effective IT Service Management by using a well-planned and documented IT Service Management System.

Aligning processes and procedures is accomplished in the planning and implementation phase.

The methodology, known as Plan-Do-Check-Act (PDCA), can be applied to all processes, as follows:

Plan: Establish the objectives and processes necessary to deliver results in accordance with customer requirements and the organization's policies.
Do: Implement the processes.
Check: Monitor and measure processes and services against policies' objectives and requirements and report the results.
Act: Take actions on the differences and continually improve process performance.

Source: Wikipedia

How can eFortresses assist?

ITIL Implementation

eFortresses assists organizations desiring ITIL adoption by providing value added services, including:

Gap Analysis / Compliance Roadmap
ITIL Implementation

ISO/IEC 20000:2005 Certification

eFortresses offers cost-effective consulting service for organizations seeking ISO/IEC 20000 certification, including:

eFortresses assists organizations desiring ISO/IEC 27002 compliance by providing value added services, including:

Compliance/Readiness Assessment / Remediation Plan / Certification Roadmap
Early Selection of Accredited Certification Body
Scoping Exercise including Scope Document, Statement of Applicability development
Integration of ITSMS with ISO/IEC 27000, COBIT, COSO, ITIL etc
Mock ITSMS Audit to simulate Internal and/or External audit process
Internal ITSMS Audit; Desktop review of Documentation, Control Objectives and Control Evidence
IT Steering Committee development
Preventative and Corrective Action Plan development
Facilitation of ITSMS Pre-Assessment, Stage I and Stage II Audit
ITSMS Maintenance including Corrective Actions, Continuous Improvement, Metrics, Surveillance Audit

For more information, please contact us by filling out this form

Name *  
Title *  
Email *  
Telephone *  
Job Title *  
Company *  
Address *  
City *  
State/Province *  
Postal/Zip *  
Country *  

Security image:

Verification (Type what you see (case-sensitive)):
Comments *  
GRC Certification

GRC Certification
GRC Certification
IT Security Training
GRC Certification HISP GRC Certification
Bookmark and Share