Course Description:
Clients request that their (internal or external) IT Service Providers can prove that they are able to provide the required service quality and have appropriate service management processes in place.

Based on processes, ISO/IEC20000 is an internationally recognized standard for IT Service Management that specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements.

ISO/IEC20000 certification is awarded after audits conducted by Registered Certification Bodies, which ensure that a service provider designs, implements and manages an IT Service Management system in line with the requirements of the standard.

The purpose of the ISO/IEC 20000 Auditor course is to provide sufficient understanding of ITSM generally and knowledge of the contents and requirements of the ISO/IEC 20000 standard to be able to perform audits against the standard.

The course covers the second edition of the standard (ISO/IEC 20000-1:2011) which cancels and replaces the first edition (ISO/IEC 20000-1:2005).

Some of the main differences are as follows:

  • closer alignment to ISO 9001
  • closer alignment to ISO/IEC 27001
  • change of terminology to reflect international usage
  • clarification of the requirements for the governance of processes operated by other parties
  • clarification of the requirements for defining the scope of the SMS
  • clarification that the PDCA methodology applies to the SMS, including the service management processes, and the services
  • introduction of new requirements for the design and transition of new or changed services

Students who have attended this course are suitably prepared to successfully take the associated ISO/IEC 20000 Auditor certification test.

Course and Learning Objectives:
At the end of this course the student will be able to understand the principles of ITSM and the requirements of the ISO/IEC 20000 standard, how it is used in a typical IT service provider organization, together with the main elements of the certification Scheme.

Specifically, the student will understand:

  • The background to ISO/IEC 20000
  • The scope and purpose of Parts 1, 2, 3 and 5 of ISO/IEC 20000 and how these can be used during auditing and certification
  • The key terms and definitions used
  • ITSM general principles
  • The structure and application of ISO/ IEC 20000-1
  • The requirements of ISO/IEC 20000-1
  • Applicability and scope definition requirements
  • The purpose of internal and external audits, their operation and the associated terminology
  • The operation of the APMG Certification
  • The relationship with best practices and related standards  specifically ITIL, ISO 9001 and ISO/IEC 27001
  • Course Approach:
    The 2-day ISO/IEC20000 Auditor Course provides an effective learning environment for anyone interested in learning how to conduct the ISO/IEC20000 process audit. The course introduces both theoretical and practical knowledge to course participants. They will learn how to conduct ISO/IEC20000 process audits on their own IT organization as well as provide knowledge support within their own IT organization.
  • Course Student Material:
    Students will receive a ISO/IEC 20000 Auditor classroom workbook containing all of the presentation materials, course notes and sample exams.
  • Reference Materials:
    Additional reference materials are not required for this course.
  • Prerequisites:
    Candidates are required to have a minimum of three years experience of auditing in an IT environment since the course does not cover generic principles of Management System auditing.

Target Audience:
This course is aimed at existing third-party or internal auditors who wish to understand the specific requirements of auditing IT Service Management Systems for conformance with the ISO/IEC 20000 standard.