Over deze norm
|Commissie||IT Service Management and IT Governance|
ISO/IEC-TR 20000-7 provides guidance on the integrated implementation of a service management system (SMS) as specified in ISO/IEC 20000-1 with a quality management system (QMS) as specified in ISO 9001 and an information security management system (ISMS) as specified in ISO/IEC 27001. It is aimed at those organizations that are intending to either: a) implement ISO 9001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa; c) implement both ISO 9001 and ISO/IEC 20000-1 together, or implement both ISO/IEC 27001 and ISO/IEC 20000-1 together; d) implement ISO/IEC 20000-1, ISO 9001 and ISO/IEC 27001 together; or e) integrate existing management systems based on ISO/IEC 20000-1, ISO 9001 and ISO/IEC 27001. In practice, an SMS, QMS or ISMS can also be integrated with other management system standards (MSS), such as ISO 22301 or ISO 55001. Clause 4 provides an introduction to ISO/IEC 20000-1, the HLS of MSS specified in ISO/IEC Directives Part 1 and considerations for the integration of an MSS. Clause 5 provides an introduction to ISO 9001, commonalities and differences with ISO/IEC 20000-1 and considerations for the integration of an SMS with a QMS. Clause 6 provides an introduction to ISO/IEC 27001, commonalities and differences with ISO/IEC 20000-1 and considerations for the integration of an SMS with an ISMS. Clause 7 looks at considerations for the integration of an SMS, a QMS, and an ISMS. This document also provides correlation information for the terms and definitions of ISO/IEC 20000-1 with ISO 9001 and ISO/IEC 27001 in Annex A. Correlation of the clauses of ISO/IEC 20000-1 with ISO 9001 is shown in Annex B. Correlation of the clauses of ISO/IEC 20000-1 with ISO/IEC 27001 is shown in Annex C.
|Engelse titel||Information technology - Service management - Part 7: Guidance on the integration and correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013|