a. What are the differences between ISO27001 and IS02000?
b. If an organisation is ISO27001 certified and intend to go for ISO2000 certification
1. what are the additional areas needed and to prepare?
2. Generally how long will it take to be ISO20000 certified?
3. How should one advise them on what is needed for the ISO20000?
Answers:
Point a: ISO 27001 establishes requirements for an Information Security Management System, and ISO 20000 establishes requirements for an Service Management System, so ISO 27001 is related to Information Security, and ISO 20000 is related to IT service management.
Point b.1: There are many things, because the objective of both standards is different. For example, in ISO 20000 you need a Configuration management process, or business relationship management process, or service level management process, etc.
Point b.2: It depends on the company, but between 8-12 months
Point b.3: If you want to implementation the ISO 20000, we have free resources, for example ISO 20000 implementation diagram: https://info.advisera.com/20000academy/free-download/iso-20000-implementation-diagram/. Also you can use our toolkit: https://advisera.com/20000academy/iso-20000-documentation-toolkit/ you can see a free version of each document if you click on Free Demo tab
Comment as guest or Sign in
Jan 12, 2016