Contents

• A Brief introduction to BSi

• Recent Developments with BS7799 ISO/IEC 17799 and BS15000

• A Personal View on Outsourcing

• Service Management

• Relationship between BS 15000 and ITIL

• Differences between BS 15000 and ITIL

• BS 15000 certification

DEFINITION

The BSI Group is about improving the quality of life through the application of best practice to everything we do.

• We set innovative standards that are used throughout the globe.

• We provide all the information relating to standardization that businesses need to succeed in their competitive markets.

• Businesses rely on us to keep improving the way they run with good management processes.

OBJECTIVES

BSI’s Royal Charter defines these as:

• Facilitate, sell and distribute standards

• Register, approve and affix marks

• Market and sell

- Systems assessment services

- Product and materials inspection

- Testing and Certification

- Training

BSI GROUP TODAY

• A well established global Service Business

• Presence in over 110 countries

• 5,500+ staff worldwide with 75% based outside the UK

No 1 National

Standards Body

No 1 ISO

Registration

No 3 Inspection

Company

BRITISH STANDARDS

• World’s oldest National Standards Body (NSB)

• 15,000 subscribing members

• 2,000 standards published p.a.

• 24,000 current British Standards

• 7,000 current standards projects

• 2,500 committees

• 23,000 committee members

BSI MANAGEMENT SYSTEMS

• World's largest management systems registration body with over 44,000 registered clients in 100 countries

• Major products include:-

- ISO 9000 - Quality Management series

– QS 9000/ TS 16949 - Automotive Management

– ISO 14000 - Environmental Management

– BS 7799 - Information Technology Security

– OHSAS 18001 - Health & Safety Management

– BS15000 - IT Service Management

BSI MANAGEMENT SYSTEMS

• Management Systems Assessment and Certification

• Training

• Four main operational hubs:

Recent Developments

BS7799 ISO/IEC 17799

BS15000

Current Product News ISO/IEC 17799 and BS 7799

• Revised ISO17799:2005 published this month

– ISO17799:2000 version will be withdrawn

– 17 new controls – Now 134 in total (other controls have eitther been merged or deleted)

– 11 chapters (one more)

– Will become ISO 27002 in April 2007

• BS7799 Part 2 to become ISO27001 end of 2005 (November)

– BS7799 Part 2 will be withdrawn

• BS7799-3 (Risk Management)

– due for publication December 05.

– Will be submitted to ISO using the fast track route.

Current Product News ISO/IEC 17799 and BS 7799

ISO/IEC Standard Description

27000 Vocabulary and definitions

27001 Specification (BS7799-2)

27002 Code of Practice (ISO17799:2005)

27003 Implementation Guidance

27004 Metrics and Measurement

27005 Risk Management

(BS 7799-3)

Current Product News BS 15000

• Current BS15000 Certifications

– Extension to ISO 90001

– BSi Certification scheme

– itSMF BS15000 certification scheme

• BS 15000 to become ISO/IEC 20000 4Q 2005 or 1Q 2006

– BS15000 will be withdrawn

Outsourcing

Service Management

A personal view

What can go wrong with Outsourcing?

• IT is often seen by CEOs and CFOs as “not core to the business”

– IT is outsourced because the company doesn’t want to be in the business of running an IT department.

– IT is an “overhead” and a drain on resources / profits.

– IT is seen as “too difficult to understand” and not deliver what’s wanted when it’s wanted.

• IT is outsourced to save money!

Why does outsourcing cause problems?

• Outsource contracts are written by legal / contracts with little involvement from IT.

– Then negotiated!

• Roles and Responsibilities between the two companies are often not clear.

• If IT staff are moved, moral is low.

– Staff are no longer working to the same goals and in the same culture in their new company.

• Contracts are ambiguous and not sufficiently detailed.

• The Outsource company will deliver to the contracts, everything else is extra!

• Insufficient (and too junior) management in place within the company to manage the outsource contract.

IT Service Management

BS15000

ITIL

Definitions

IT Service Management

The management of IT Services to support one or

more business areas

BS 15000

The first worldwide standard aimed specifically at IT

Service Management

BS 15000

• Part 1 – Specification for Service Management.

BS 15000-1: 2002

• Part 2 – Code of practice for Service Management

BS 15000-2:2003

History

• UK Government launches IT Infrastructure Library (ITIL) in 1989

• ITIL defines ‘best practice’ processes and procedures

• ITSMF formed in 1991 to further develop best practice

• ITSMF approaches BSI to develop a standard

• BS 15000 first published in 2000 as a specification (Revised in 2002)

Drivers

• Move from investing in tools to develop software to managing the quality of these systems once “live”

• The need to deliver cost effective service delivery

• Lack of guidance and accepted standards

• Raising the profile of the IT department

• UK Government / ITIL / ITSMF

BS 15000 BS 7799:2

Product Fit

ISO 9001:2000ISO 9001:2000

ISO 9001/2/3:1994ISO 9001/2/3:1994

Objectives of BS 15000

• ‘To promote the adoption of an integrated process approach to deliver managed services to meet the business and customer requirements’

BS 15000-1:2002

• Enable the understanding of best practices , objectives benefits and possible problems of service management

• To help organizations generate revenue or be cost effective via professional service management

Product Benefits

• Implementation provides control, greater efficiency and opportunities for improvement

• Turn technology focused departments into ones with a service focus

• Ensure IT services are aligned with and satisfy business needs

• Improve system reliability and availability

• Provide a basis to agree levels of service and the ability to measure IT service quality

PDCA - IT Service Management

CHECKMonitor,

measure andreview

CHECKMonitor,

measure andreview

DOImplement

Service Management

DOImplement

Service Management

ACTContinuous

Improvement

ACTContinuous

Improvement

Management ResponsibilityManagement Responsibility

Manage ServicesBusiness Requirements

Business Requirements

Customer Requirements

Customer Requirements

Request for new/changed service

Request for new/changed service

Other processese.g business, supplier, customer

Other processese.g business, supplier, customer

Service DeskService Desk

Other teams e.g.Security, IT Operations

Other teams e.g.Security, IT Operations

Business resultsBusiness results

Customer Satisfaction

Customer Satisfaction

New or changedservice

New or changedservice

Other processes e.g. business,supplier, customer

Other processes e.g. business,supplier, customer

Team and people satisfaction

Team and people satisfaction

PLANPlan serviceManagement

PLANPlan serviceManagement

The Service Management process

Service Delivery Processes

Resolution Processes

Release Process

Relationship Processes

Control Processes

Relationship and Differences Between BS 15000 and ITIL

Relationship Between BS 15000 and ITIL

In-house procedures/work instructions

ITIL Best Practice

Manager’s Guide

(BIP 0005)

BS 15000

Relationship Between BS 15000 and ITIL

• ITIL and BS 15000 serve different purposes

– BS 15000 provides an independent standard suitable for third-party certification

– ITIL provides best practices in IT Service Management

It is not a requirement to adopt ITIL to achieve compliance with BS 15000, but it will

make it much easier and more robust

Difference between BS 15000 and ITIL

• BS 15000 13 Service Management processes are divided into 5 groups of processes

• Organization structure is not a requirement of BS 15000

• PDCA is a fundamental component

• BS 15000 includes business relationships and supplier management

• BS 15000 Service Reporting is a separate process

Difference between BS 15000 and ITIL

• Service Continuity and Availability Management are separate in ITIL

• ITIL covers financial management, whereas BS 15000 covers budgeting and accounting

• BS 15000 includes Information Security Management (BS 7799 (ISO/IEC 17799) for security requirements

• ITIL includes Software Asset Management – Asset Management is covered by Configuration Management in BS 15000

Implementation of BS 15000

The IT Service Management kit

BS 15000-1:2002Specification for Service Management

BS 15000-2:2002Code of Practice for Service Management

Management Guidance Booklet

ITIL Best Practices

All based on foundation of the IT Infrastructure Library (ITIL). The only comprehensive documentation of best practice for Service Management

PD 0005

Drivers for BSI

• Cost savings via improved processes

• Better working relationship between IT and business users

• Opportunity to increase company image and competitive advantage

– Via eventual BS 15000 compliance

Results - BSI

• 7% reduction in total incidents handled

• 580% reduction in major incidents handled

– Due to improved recognition of linked incidents

• 15% reduction in SAP related incidents

– Via targeted problem management

• Customer satisfaction high

Useful steps

• Avoid dependence on technical personnel

• There is no ‘best way’ to implement BUT:

– A logical / pragmatic approach may help

– Focus on current problem areas

– Map problems to the relevant ITIL / BS 15000 component

– Tackle the problem

• Timescales will vary!

Possible Implementation Problems

• Bureaucracy - Pre-occupation with mechanics rather than end product

• Failure to get management and/or staff commitment – Not sold to the organization

• Lack of resource and skills – untrained staff

• Culture - Not in learning mode

Certification to BS 15000

Certification

• BS 15000 is increasingly seen as the quality standard for IT Service Management

• Many companies striving to adopt for its benefits to them and to also help qualify and choose suppliers and partner organizations

• Only a formal certification scheme provides independent verification of compliance

• Raises internal profile

Certification schemes

• BSI BS 15000-1:2002 Certification

– Stand alone certification

– Extension to scope certification

• BS 15000 IT Service Management Scheme

– Provided by itSMF

Certification schemes

BSI BS 15000-1:2002 Certification

• Standalone certification

– Launched October 2003

– Global delivery

– Training course offering

Certification schemes

BSI BS 15000-1:2002 Certification

• Extension to scope certification

– Launched May 2003

– Assessment as extension to ISO 9001:2000 certification

– Covers the additional requirements of BS 15000

– Global delivery

BS 15000 – The Future

• ISO status for BS 15000-2 expected during 1Q 2006

• Predicted BS 15000-1 will move into an ISO standard

• IT Service Management sector beginning to demonstrate increasing demand for BS 15000-1:2002 certification

• Certification will become a key market differentiator and pivotal in the selection of supplier and partner organizations

Summary

• IT Service management represents a fast growing discipline

• BS 15000 is strongly aligned with the IT Infrastructure Library

• BS 15000 consists of a auditable specification and a code of practice

• BS 15000 will increasingly be seen as the quality standard for IT Service Management

• Certification will become a key differentiator in the provision of IT Service management