ISO 20000 Certification Process

Preparing for ISO 20000 Certification: The Pre-Audit Readiness Checklist

The complete pre-certification readiness checklist — mandatory documented information, service management plan completion, practice implementation evidence, internal audit completion, management review, and the specific evidence that Stage 1 auditors review first.

Explore Resource

Selecting a Certification Body for ISO 20000: A Practical Evaluation Guide

How to evaluate and select an accredited certification body for ISO 20000 — KAN accreditation, IAF multilateral recognition, multi-standard CB selection, auditor competence in IT service management, and the commercial considerations that affect the right CB choice for Indonesian organizations.

Explore Resource

Stage 1 Audit: What Happens, What Auditors Look For, and How to Prepare

What happens at Stage 1 — the auditor's review of the SMS scope, service management plan, documented information, practice maturity, and service portfolio — and the documentation gaps that most commonly generate Stage 1 findings preventing Stage 2 progression.

Explore Resource

Stage 2 Audit: Demonstrating That the SMS Is Genuinely Operational

The Stage 2 audit process — what auditors test in an SMS implementation audit, service management practice operation, SLA performance evidence, customer satisfaction, incident and change management records, interview subjects, and how to demonstrate that the SMS is genuinely operational rather than documented only.

Explore Resource

The 12 Most Common ISO 20000 Audit Nonconformities — and How to Prevent Them

The most frequently raised nonconformities in ISO 20000 certification audits — from scope gaps and missing service management plans through inadequate configuration management and SLA performance that cannot be evidenced — with prevention and remediation guidance for each.

Explore Resource

Surveillance Audits and Recertification: Maintaining ISO 20000 Certification

The 3-year certification cycle for ISO 20000 — annual surveillance audit scope, the interim SMS activities that must be evidenced, service performance trends that auditors examine at surveillance, and the recertification process with updated scope and service portfolio.

Explore Resource

Multi-Standard Certification: Running ISO 20000 and ISO 27001 Together

How to run combined ISO 20000 + ISO 27001 certification audits — shared audit program, combined audit team, integrated audit scope, and the efficiency and coverage benefits of integrated auditing for Indonesian IT service organizations pursuing both certifications.

Explore Resource

Preparing for ISO 20000 Certification: The Pre-Audit Readiness Checklist

Selecting a Certification Body for ISO 20000: A Practical Evaluation Guide

Stage 1 Audit: What Happens, What Auditors Look For, and How to Prepare

Stage 2 Audit: Demonstrating That the SMS Is Genuinely Operational

The 12 Most Common ISO 20000 Audit Nonconformities — and How to Prevent Them

Surveillance Audits and Recertification: Maintaining ISO 20000 Certification

Multi-Standard Certification: Running ISO 20000 and ISO 27001 Together

ISO 20000 Foundations

What Is ISO 20000 and Why It Matters

The ISO 20000 Standard Structure

Key Definitions and Core Concepts

ISO 20000 and ITIL: Understanding the Relationship

The SMS Lifecycle: Plan–Do–Check–Act

Who Needs ISO 20000 and When

ISO 20000 Requirements

Clause 4: Understanding the Organization and Its Context

Clause 5: Leadership and Commitment

Clause 6: Planning — SMS Objectives, Risk Management, and the Service Management Plan

Clause 7: Support — Resources, Competence, Awareness, and Documented Information

Clause 8.1: SMS Operations — Operational Planning and Control

Clause 8.2–8.3: Service Portfolio and Relationship Management

Clause 8.4–8.5: Supply Chain Management and Service Design, Build, and Transition

Clause 8.6–8.7: Resolution Practices and Service Assurance

ISO 20000 Implementation Process

ISO 20000 Implementation Roadmap: A Phased 12-Month Program

Scoping the SMS: Which Services, Which Boundaries, Which Customers

Gap Assessment and Remediation Planning: Finding and Fixing the Gaps

Designing the Service Management Plan: The Governing Document of the SMS

Implementing Incident, Problem, and Service Request Management

Implementing Change, Release, and Configuration Management

Implementing Availability, Capacity, and Service Continuity Management

Integrating ISO 20000 with ISO 27001 and ISO 22301: Building an Integrated Management System

ISO 20000 Certification Process

Preparing for ISO 20000 Certification: The Pre-Audit Readiness Checklist

Selecting a Certification Body for ISO 20000: A Practical Evaluation Guide

Stage 1 Audit: What Happens, What Auditors Look For, and How to Prepare

Stage 2 Audit: Demonstrating That the SMS Is Genuinely Operational

The 12 Most Common ISO 20000 Audit Nonconformities — and How to Prevent Them

Surveillance Audits and Recertification: Maintaining ISO 20000 Certification

Multi-Standard Certification: Running ISO 20000 and ISO 27001 Together

ISO 20000 SMS Operations and Service Management Practices

Service Level Management and SLA Design: Building Agreements That Work

Incident Management in Practice: From Logging to Closure

Problem Management: Building a Culture of Root Cause Resolution

Change Management and the Change Advisory Board: Controlling the Service Environment

Configuration Management and the CMDB: Building the Foundation of Service Knowledge

Continual Improvement in the SMS: From Aspiration to Discipline

Customer Satisfaction and Service Review: Keeping the SMS Customer-Centred

ISO 20000 in the Indonesian Context

ISO 20000 and OJK IT Governance: Demonstrating Compliance Through SMS

ISO 20000 for Indonesian Managed Service Providers: Market Positioning and Implementation

ISO 20000 for Cloud Service Providers: Managing Services at Scale

ISO 20000 for Government and Public Sector IT in Indonesia

ISO 20000 and UU PDP: Integrating Personal Data Protection into Service Management

Building a Compliance-Ready SMS: The Integrated Indonesian Compliance Architecture

ISO 20000 and Government Procurement: Winning and Retaining Public Sector IT Contracts