Information technology - Service management - Part 1: Service management system requirements

1.1 General

This document specifies requirements for an organization to establish, implement, maintain and

continually improve a service management system (SMS). The requirements specified in this document

include the planning, design, transition, delivery and improvement of services to meet the service

requirements and deliver value. This document can be used by:

a) a customer seeking services and requiring assurance regarding the quality of those services;

b) a customer requiring a consistent approach to the service lifecycle by all its service providers,

including those in a supply chain;

c) an organization to demonstrate its capability for the planning, design, transition, delivery and

improvement of services;

d) an organization to monitor, measure and review its SMS and the services;

e) an organization to improve the planning, design, transition, delivery and improvement of services

through effective implementation and operation of an SMS;

f) an organization or other party performing conformity assessments against the requirements

specified in this document;

g) a provider of training or advice in service management.

The term “service” as used in this document refers to the service or services in the scope of the SMS.

The term “organization” as used in this document refers to the organization in the scope of the SMS that

manages and delivers services to customers. The organization in the scope of the SMS can be part of

a larger organization, for example, a department of a large corporation. An organization or part of an

organization that manages and delivers a service or services to internal or external customers can also

be known as a service provider. Any use of the terms “service” or “organization” with a different intent

is distinguished clearly in this document.

1.2 Application

All requirements specified in this document are generic and are intended to be applicable to all

organizations, regardless of the organization’s type or size, or the nature of the services delivered.

Exclusion of any of the requirements in Clauses 4 to 10 is not acceptable when the organization claims

conformity to this document, irrespective of the nature of the organization.

Conformity to the requirements specified in this document can be demonstrated by the organization

itself showing evidence of meeting those requirements.

The organization itself demonstrates conformity to Clauses 4 and 5. However, the organization can be

supported by other parties. For example, another party can conduct internal audits on behalf of the

organization or support the preparation of the SMS.

Alternatively, the organization can show evidence of retaining accountability for the requirements

specified in this document and demonstrating control when other parties are involved in meeting the

requirements in Clauses 6 to 10 (see 8.2.3). For example, the organization can demonstrate evidence of

controls for another party who is providing infrastructure service components or operating the service

desk including the incident management process.

The organization cannot demonstrate conformity to the requirements specified in this document if

other parties are used to provide or operate all services, service components or processes within the

scope of the SMS.

The scope of this document excludes the specification for products or tools. However, this document can

be used to help the development or acquisition of products or tools that support the operation of an SMS.