ISO 20000 Consultancy


Many organisations are aware that their information service delivery capability service could be better.

Providing superior levels of service to your customer, whether they be internal or external, is a challenge that many organisations strive for, yet few attain. Those that provide a superior service reap the positive financial benefits of:

  • better employee morale
  • better employee retention
  • improved customer retention
  • increased market share
  • satisfied customers
  • superior reputation.

They are also aware that their business expectations are not always met and that cost pressures mean that simply meeting Service Level Agreements (SLAs) are no longer sufficient. Some of the issues that cause these failures may be due to:

  • a culture that simply doesn’t see the value of adhering to laid down disciplines, processes and procedures
  • a poor performing Service Desk;
  • failure to fully test new products and services
  • failure to involve your customer in the design, development and production processes
  • failure to meet your customer’s requirements
  • inadequate systems management
  • the inability to accurately forecast future capacity requirements
  • the way that the developers deliver new or enhanced services and infrastructure without due regard for the production requirements
  • weak processes exist.

ISO 20000 is the first worldwide standard specifically aimed at IT Service Management. It describes an integrated set of management processes for the effective delivery of services to the business and its customers. It is increasingly seen as ‘the quality standard’ for IT Service Management.

ISO 20000 is aligned with, and complementary to, the process approach defined within the IT Infrastructure Library (ITIL) from the Office of Government Commerce (OGC) in the UK.

Service Offering

A-GRC has developed its own methodology based on ISO 20000 / ITIL that contains a Service Management Policy and all of the processes, procedures and plans that are required to develop a Service Management System (SMS) based on the Deming cycle of:

  • Plan
  • Do
  • Check
  • Act

that all of the major management systems standards have adopted, though Annex SL no longer mandates them.


A-GRC has developed a standard approach to assist you in implementing ISO 20000 and achieving certification:

  • defining the context of the organisation
  • understanding the business, its drivers, needs and expectations of the interested parties
  • determining the scope of IT service management and the SMS
  • establishing the SMS
  • establishing management commitment throughout the organisation
  • embedding service management in the business
  • planning for the SMS, including defining service management objectives and how to achieve them
  • defining supporting metrics and KPIs
  • ensuring appropriate support processes and procedure are in place
  • performing gap analysis
  • documenting procedures
  • implementing awareness training
  • implementing supporting service management procedures, interfacing with other standards as appropriate
  • monitoring, measuring and reviewing the SMS
  • defining your service improvement plan
  • auditing the SMS
  • management reviews of the SMS
  • continuous improvement of the SMS
  • assistance in gaining an ISO 20000 Certificate of Registration.

A-GRC has experience in implementing ISO 20000 for its Clients and taking a number of them through to certification.


The A-GRC approach builds operational resilience by:

  • allowing you to make contractual bids, where if you were not certified, you may be precluded
  • assuring management and customers of service delivery levels in place
  • bringing your organization to compliance with legal, regulatory, and statutory requirements
  • providing a certification recognised internationally
  • demonstrating superiority over your competitors
  • demonstrating compliance verified by a third-party Conformance Assessment Body
  • helping to align and integrate your IT Services with the overall business strategy
  • increasing overall organizational efficiency and operational performance
  • increasing and strengthening vendor status of your organization
  • increasing customer confidence in your products and services
  • managing and treating significant risks to reduce them to an acceptable level in line with risk appetite
  • minimizing internal and external risks to service continuity
  • providing a process for Information Technology Governance
  • providing assurance to stakeholders and more importantly, to your customers, for the management of IT services
  • providing the organization a platform to organize current IT services into a formal framework.