Setelah sekian tahun ditunggu akhirnya minggu kemarin perubahan ISO 20000-1:2018 dirilis, lalu bagaimana perubahannya ? Mari kita simak penjelasan berikut ini.
Kerangka ISO 20000:1-2011
Kerangka ISO 20000:1-2018
Seperti yang terlihat dari perbedaan kerangka diatas pada ISO 20000-1:2018 mengikuti standar kerangka ISO yang lain seperti ISO 9001 dan ISO 27001.
Baca juga : 9 Kebijakan Integral untuk Perkuat Pertahanan Cyber
Bagaimana dengan klausul-klausulnya? Berikut daftar perbedaan klausul antara versi 2011 dengan versi 2018
ISO 20000-1:2011 | ISO 20000-1:2018 | ||
4 | Service Management System General Requirement | 4 | Context of the Organization |
4.1 | Management responsibility | 4.1 | Understanding the organization and its context |
4.1.1 | Management commitment | 4.2 | Understanding the need and expectations of interested parties |
4.1.2 | Service Management Policy | 4.3 | Determining the scope of the service management system |
4.1.3 | Authority, Responsibility and Communication | 4.4 | Service management system |
4.1.4 | Management Representative | 5 | Leadership |
4.2 | Governance Of Processes Operated By Other Parties | 5.1 | Leadership and commitment |
4.3 | Documentation Management | 5.2 | Policy |
4.3.1 | Establish and Maintain Documents | 5.2.1 | Establishing the service management policy |
4.3.2 | Control of Documents | 5.2.2 | Communicating the service management policy |
4.3.3 | Control of Records | 5.3 | Organizational roles, responsibilities and authorities |
4.4 | Resource Management | 6 | Planning |
4.4.1 | Provision Of Resources | 6.1 | Action to address risks and opportunities |
4.4.2 | Human Resources | 6.2 | Service management objectives and planning to achieve them |
4.5 | Establish and Improve The SMS | 6.2.1 | Establish objectives |
4.5.1 | Define Scope | 6.2.2 | Plan to achieve objectives |
4.5.2 | Plan The SMS (Plan) | 6.3 | Plan the service management system |
4.5.3 | Implement and Operate The SMS (Do) | 7 | Support of the service management system |
4.5.4 | Monitor and Review The SMS (Check) | 7.1 | Resources |
4.5.4.1 | General | 7.2 | Competence |
4.5.4.2 | Internal Audit | 7.3. | Awareness |
4.5.4.3 | Management Review | 7.4 | Communication |
4.5.5 | Maintain and Improve The SMS (Act) | 7.5 | Documented information |
4.5.5.1 | General | 7.5.1 | General |
4.5.5.2 | Management Of Improvement | 7.5.2 | Creating and updating documented information |
5 | Design and transition of new or changed services | 7.5.3 | Control of documented information |
5.1 | General | 7.5.4 | Service management system documented information |
5.2 | Plan new or changed services | 7.6 | Knowledge |
5.3 | Design and development of new or changed services | 8 | Operation of the service management system |
5.4 | Transition of new or changed services | 8.1 | Operational planning and control |
6 | Service delivery processes | 8.2 | Service portfolio |
6.1 | Service level management | 8.2.1 | Service delivery |
6.2 | Service reporting | 8.2.2 | Plan the services |
6.3 | Service continuity and availability management | 8.2.3 | Control of parties involved in the service lifecycle |
6.3.1 | Service continuity and availability requirements | 8.2.4 | service catalog management |
6.3.2 | Service continuity and availability plans | 8.2.5 | asset management |
6.3.3 | Service continuity and availability monitoring and testing | 8.2.6 | Configuration management |
6.4 | Budgeting and accounting for services | 8.3 | Relationship and agreement |
6.5 | Capacity management | 8.3.1 | General |
6.6 | Information security management | 8.3.2 | Business relationship management |
6.6.1 | Information security policy | 8.3.3 | Service level management |
6.6.2 | Information security control | 8.3.4 | Supplier management |
6.6.3 | Information security changes and incidents | 8.3.4.1 | Management of external suppliers |
7 | Relationship processes | 8.3.4.2 | Management of internal suppliers and customers acting as a supplier |
7.1 | Business relationship management | 8.4 | Supply and demand |
7.2 | Supplier management | 8.4.1 | Budgeting and accounting for services |
8 | Resolution processes | 8.4.2 | Demand management |
8.1 | Incident and service request management | 8.4.3 | Capacity management |
8.2 | Problem management | 8.5 | Service design, build and transition |
9 | Control processes | 8.5.1 | Change management |
9.1 | Configuration management | 8.5.1.1 | Change management policy |
9.2 | Change management | 8.5.1.2 | Change management initiation |
9.3 | Release and deployment management | 8.5.1.3 | Change management activities |
8.5.2 | Service design and transition | ||
8.5.2.1 | Plan new or change services | ||
8.5.2.2 | Design | ||
8.5.2.3 | Build and transition | ||
8.5.3 | Release and deployment management | ||
8.6 | Resolition and fulfilment | ||
8.6.1 | Service request management | ||
8.6.2 | Problem management | ||
8.7 | Service assurance | ||
8.7.1 | service availibility management | ||
8.7.2 | Service continuity management | ||
8.7.3 | Information security management | ||
8.7.3.1 | Information security policy | ||
8.7.3.2 | Information security control | ||
8.7.3.3 | Information security incidents | ||
9 | Performance Evaluation | ||
9.1 | Monitoring, measurement, analysis, and evaluation | ||
9.2 | Internal Audit | ||
9.3 | Management Review | ||
9.4 | Service Reporting | ||
10 | Improvement | ||
10.1 | Nonconformity and corrective action | ||
10.2 | Continual Improvement |
Kesimpulan :
Jika kita melihat tabel perbedaan klausul-klausul diatas versi 2018 ini terlihat lebih banyak dari versi sebelumnya, akan tetapi sebenarnya versi 2018 ini tidak banyak perubahan dibandingkan dengan versi sebelumnya hanya penambahan proses PDCA yang mengikuti standar versi ISO/IEC yang lain seperti, ISO/IEC 9001 dan ISO/IEC 27001.