ISO 20000
Due to the development of society, the status quo of the IT industry has undergone tremendous changes. The focus of IT industry development has shifted from the stage of large-scale construction to the stage of in-depth integration of applications and information system and service provision. In many organizations, the development phase has basically ended, and service management has been become a major task. ISO 20000 is the first international standard in the field of Information Technology Service Management (ITSM). The ISO 20000 ITSM system standard represents the basis of widely recognized principles for evaluating ITSM processes. The standard defines a comprehensive and closely related set of service management processes. Internationally, the certification of ISO 20000 is growing rapidly. Enterprises, governments and other organizations recognize the certification of ISO 20000 as a passport to improved quality of information technology services, reduced service costs, higher customer satisfaction and achievement of high-quality services. However, in China, the current service management market is still facing a very serious problem: how to carry out standardized, scientific and professional information technology service management has become an important issue that constrains the development of domestic services.
1.ISO/IEC 20000 certification
ISO 20000 certification means that the information technology service management established by the organization conforms to the ISO 20000 standard, thus it is granted the ISO 20000 certification. ISO/IEC 20000 conformity certification activities are provided to organizations based on their applications. If the requirements in the current standard are met, relevant certificates will be issued to the organization.
2.Service management training
The goal of establishing an IT service management system is to establish a set of effective, customer-centered and self-improvement system for an organization. With the implementation of ISO/IEC 20000 based management system, a self-improvement cycle is established in each process and at each position, and a system for work planning, execution, check, and continuous problem finding and improvement is also established. Each employee becomes aware of any problem, consciously identify the problems in their own work, and solve the problems one by one using systematic problem-solving methods. By implementing the IT service management system, IT service providers can obtain the following benefits:
1. Keep service objectives aligned with the organization’s business objectives and effectively support business strategies
2. Establish standardized service processes and improve the efficiency of information technology services and operation
3. Integrate and leverage IT resources such as information, infrastructure, applications, and people effectively and efficiently
4. Establish a continuously improving service management mechanism to respond fast to market needs and increase customer satisfaction
5. Align with international benchmarks, enhance market competitiveness, improve organizational reputation and increase return on investment
6. Control IT risks and related costs, improve and control IT service quality, and reduce long-term service costs
7. Respond to different compliance audit requirements from customers, certification bodies, internal institutions, etc., flexibly to increase investor confidence
A documented service management system in accordance with the requirements of ISO/IEC 20000-1:2018 has been established by the applicant organization. The internal audit and management review has been completed before the application, and the service management system has been fully and effectively operated for more than three months. The organization shall provide CEPREI Certification Body with sufficient information on the operation of the information technology service management system. For multiple sites, the certification scope, address and personnel distribution of each site shall be stated. CEPREI Certification Body will conduct the audit on a sampling basis.
The certification is divided into two stages: The stage 1 audit mainly includes the review the documents and confirming the readiness for the stage 2 audit. The stage 2 audit is mainly to evaluate the conformity and effectiveness of the system and make the recommended conclusion of the on-site audit.
The certificate is valid for 3 years, and surveillance is carried out once a year after the certification is granted.
In case of any change in the service management system of the organization, or any major change that affects the conformity of the service management system, CEPREI shall be notified in a timely manner. CEPREI Certification Body will conduct special audits as appropriate to maintain the validity of the certificate.
CEPREI Certification Body is one of the largest certificationbodies covering the widest business scope in China.
As a Class-I unit involved with state secrets, CEPREI ensuresinformation security when providing services for governments and enterprises.
As a supportive research institution directly under the Ministryof Industry and Information Technology of the PRC, CEPREI has long been engagedin tracking and studying the up-to-date international standards and technicaltrends as well as making them applicable to enterprises and organizations inChina.
As a member of IT Service Standard Committee, CEPREIparticipates in formulating national IT service standards.
It is an APMG authorized body for ITIL V3 training andexamination.
CEPREI currently owns over 30 service management auditors,including 3 with doctoral degrees and over 20 with master’s degrees. Most ofthe auditors have obtained professional certificates like ITIL, CISA and CISSP.
By far, CEPREI has successfully provided training, riskassessment and certification services of information security management systemfor customers from industries like finance, IT, telecommunications, high-endmanufacturing and electric power including Neusoft, Inspur Group, Amway(China), Nikoyo (China), Jiangxi Telecom, Potevio Guomai, GZPS, State GridHeilongjiang Electric Power Co., Ltd., CRRC Zhuzhou Institute, Rural CreditBanks Funds Clearing Center, Shanghai Tobacco Group, GRGBanking, GuangdongPetroChina and Liaoning Mobile.