📦 Standard Overview

ISO/IEC 20000-2 – IT Service Management Systems Guidance

Comprehensive guidance for implementing ISO/IEC 20000-1 requirements, providing practical advice for establishing, implementing, and improving IT service management systems.

Get ISO 20000-1 Certified Speak to an Expert
Published: 2019 (latest edition)
Type: Guidance Standard
Status: Non-certifiable
Companion to: ISO/IEC 20000-1

Key Characteristics

Provides practical implementation guidance, explanations, and recommendations for interpreting and applying ISO/IEC 20000-1 requirements in real-world IT service management contexts.

ITSM Guidance Best Practices ITIL Alignment Implementation

What is ISO/IEC 20000-2?

ISO/IEC 20000-2 is a guidance document that accompanies ISO/IEC 20000-1, the certifiable IT service management system standard.

While ISO/IEC 20000-1 specifies requirements for service management systems, Part 2 provides detailed guidance on how to interpret and implement those requirements. It offers practical advice, examples, and recommendations based on industry best practices, including alignment with ITIL frameworks.

This guidance standard helps organizations understand what auditors expect, how to structure service management processes, and how to demonstrate compliance with ISO/IEC 20000-1 requirements during certification audits.

📦 Implementation Guidance

Detailed explanations of each ISO/IEC 20000-1 requirement with practical implementation advice and examples.

🔍 Interpretation Support

Clarifies ambiguous requirements and explains auditor expectations for certification assessments.

🔧 Process Design

Guidance on structuring ITSM processes including incident, problem, change, and service level management.

📊 Documentation Examples

Recommendations for documented information, policies, procedures, and records required for compliance.

🔄 ITIL Alignment

Explains how ISO/IEC 20000 relates to ITIL best practices and frameworks used in IT service management.

✓ Audit Readiness

Prepares organizations for certification audits by explaining what evidence auditors look for.

Who Should Use ISO/IEC 20000-2?

Organizations implementing or preparing for ISO/IEC 20000-1 certification should reference this guidance standard.

Target Organizations

  • IT service providers pursuing ISO 20000-1 certification
  • Internal IT departments implementing service management systems
  • Managed service providers (MSPs) and cloud service providers
  • IT consulting firms advising on ITSM implementations
  • Organizations transitioning from ITIL to ISO 20000 certification
  • Certification bodies and auditors conducting ISO 20000-1 audits

Key Roles That Benefit

  • IT service managers and ITSM coordinators
  • Service delivery managers and operations teams
  • Internal auditors and compliance professionals
  • Consultants implementing ISO 20000-1
  • Process owners (incident, change, problem management)
  • IT governance and quality assurance teams
  • Certification auditors and assessors

Key Guidance Areas

ISO/IEC 20000-2 provides detailed guidance across all clauses of ISO/IEC 20000-1.

Service Management System

  • SMS scope definition and boundaries
  • Policy and objective setting
  • Integration with organizational governance
  • Documentation structure and control

Service Delivery Processes

  • Service level management (SLAs, OLAs)
  • Service catalog management
  • Capacity and availability management
  • Service continuity planning

Relationship Processes

  • Customer relationship management
  • Supplier management and contracts
  • Business relationship processes
  • Complaint handling procedures

Resolution Processes

  • Incident management workflow
  • Problem management root cause analysis
  • Service request fulfillment
  • Knowledge management integration

Control Processes

  • Change management and CAB
  • Configuration management (CMDB)
  • Release and deployment management
  • Service asset management

Performance & Improvement

  • Monitoring and measurement systems
  • Internal audit programs
  • Management review processes
  • Continual improvement initiatives

How to Use This Guidance

Organizations should:

  • Use Part 2 as a companion when implementing Part 1 requirements
  • Reference guidance when designing service management processes
  • Consult examples when preparing documentation for certification
  • Review interpretations before certification audits
  • Align guidance with ITIL practices where applicable

Note: ISO/IEC 20000-2 is not certifiable. Organizations must implement ISO/IEC 20000-1 to achieve certification.

Benefits of Using ISO/IEC 20000-2

🎯 Faster Implementation

Accelerate ISO 20000-1 implementation with clear guidance, reducing trial-and-error and rework.

✓ Audit Confidence

Understand auditor expectations and certification requirements, increasing first-time certification success rates.

📋 Documentation Clarity

Create appropriate documented information with examples of policies, procedures, and records that satisfy requirements.

🔄 ITIL Integration

Bridge ITIL practices with ISO 20000 requirements, leveraging existing ITSM investments and knowledge.

💡 Best Practice Insights

Access industry best practices and proven approaches for IT service management implementation.

💰 Cost Efficiency

Reduce consulting costs and implementation time with comprehensive guidance available in the standard.

Common Implementation Challenges

Process Integration

Integrating multiple ITSM processes (incident, problem, change, release) into a cohesive service management system without creating silos or overlaps.

Tool Configuration

Configuring ITSM tools (ServiceNow, Jira, etc.) to support ISO 20000 requirements while maintaining usability and adoption.

Cultural Adoption

Driving adoption of formal ITSM processes in organizations accustomed to informal or ad-hoc IT support approaches.

Scope Definition

Defining appropriate SMS scope boundaries when IT services span multiple departments, locations, or third-party providers.

Related Standards

ISO/IEC 20000-2 supports implementation of related IT and information security management standards.

ISO/IEC 20000-1

IT Service Management Systems
The certifiable requirements standard that Part 2 provides guidance for implementing.

Learn more →

ISO/IEC 27001

Information Security Management
Integrate ITSM with information security controls for secure service delivery and incident response.

Learn more →

ISO 9001

Quality Management Systems
Align IT service quality management with broader organizational quality systems and customer satisfaction goals.

Learn more →

ISO 22301

Business Continuity Management
Coordinate IT service continuity with enterprise business continuity and disaster recovery planning.

Learn more →

ISO 31000

Risk Management (guidance)
Apply enterprise risk management principles to IT service risks and service delivery assurance.

Learn more →

Ready to implement ISO/IEC 20000-1?

Explore our ISO 20000-1 certification services including ITSM implementation, gap analysis, process design, and certification support.

View Certification Services Get a Quote