ISO 20000 service management is the discipline of running IT services against a certifiable, internationally recognised standard, ISO/IEC 20000-1:2018, which specifies the requirements for a service management system (SMS). Rather than describing “good practice” in the abstract, the standard sets out what an organisation must plan, do, check and improve to deliver, operate and continually improve IT services that meet agreed requirements.
This guide explains what the standard covers, how its processes fit together, how it differs from ITIL, and how to approach conformance. Where a specific clause number, control count or edition detail matters, treat the figures qualitatively and verify the current version before you act on it.
What ISO 20000 service management actually is
ISO/IEC 20000-1:2018 is the requirements part of the ISO/IEC 20000 family. It defines the SMS an organisation must establish, implement, maintain and continually improve. Crucially, it is certifiable: an accredited body can audit your SMS and issue certification, giving customers independent assurance that your service management is under control.
The 2018 edition follows the ISO Harmonized Structure (formerly Annex SL) shared across modern management-system standards such as ISO 9001 and ISO/IEC 27001. That common structure covers organisational context, leadership, planning, support, operation, performance evaluation and improvement, which makes integrating ISO 20000 with other management systems considerably easier.
The core processes of ISO 20000 service management
The standard groups its requirements around a set of service management activities. The exact clause numbering should be verified against your copy of the standard, but the practical process areas are consistent and well understood.
| Process area | Purpose | Typical outputs |
|---|---|---|
| Service planning | Define the service portfolio, demand, capacity and resource plans | Service plans, capacity plans |
| Service design & build | Design new or changed services to meet requirements | Design specifications, acceptance criteria |
| Service transition | Control change, release and deployment into live operation | Change records, release plans, CMDB updates |
| Service delivery | Manage service levels, availability, continuity, capacity and budgeting | SLAs, availability and continuity plans |
| Relationship management | Manage business and supplier relationships | Supplier agreements, review meetings |
| Resolution processes | Handle incidents, service requests and problems | Incident/problem records, workarounds |
| Control processes | Manage configuration, change and knowledge | Configuration items, change approvals |
| Continual improvement | Measure, evaluate and improve the SMS over time | Improvement register, corrective actions |
These are not isolated silos. A change flows through transition, is delivered against agreed service levels, and generates data that feeds continual improvement. The SMS is the connective tissue that keeps them coordinated.
Service level agreements
SLAs sit at the heart of the standard. ISO 20000 service management requires that services are delivered against documented, agreed service levels and that performance against those targets is measured and reviewed. An SLA turns a vague expectation (“the service should be fast”) into a measurable commitment that both sides can hold each other to.
Continual improvement
The standard is explicit that the SMS must improve over time. Organisations define improvement criteria, measure against them, and act on the results, whether through corrective action after a nonconformity or proactive enhancement identified during management review.
ISO 20000 vs ITIL: a common point of confusion
People often use “ISO 20000” and “ITIL” interchangeably. They are related but fundamentally different in status. ISO/IEC 20000-1 is a certifiable standard against which an organisation can be audited. ITIL is a best-practice framework and body of guidance; it helps you design and run processes, but an organisation is not “ITIL certified” in the same auditable sense.
| Aspect | ISO/IEC 20000-1:2018 | ITIL |
|---|---|---|
| Type | Certifiable requirements standard | Best-practice framework / guidance |
| Certification | Organisation can be certified by an accredited body | Individuals can hold qualifications; not an org certification |
| Tells you | What must be in place | How you might do it |
| Relationship | Sets the auditable bar | Complements and supports conformance |
In practice the two work well together: ITIL guidance can help you build processes that satisfy ISO/IEC 20000-1 requirements, while the standard provides the certifiable structure and independent assurance.
How to approach ISO 20000 service management conformance
- Define scope and context. Establish which services, sites and customers the SMS covers, and the internal and external issues that affect it.
- Secure leadership commitment. Top management must own the service management policy and objectives.
- Plan the SMS. Address risks and opportunities, set objectives, and plan resources.
- Operate the processes. Run service delivery, resolution, relationship and control processes with documented information.
- Evaluate performance. Monitor, measure, audit internally and hold management reviews.
- Improve continually. Correct nonconformities and drive planned improvement.
Certification is then pursued through an accredited certification body, typically involving a documentation review followed by an on-site assessment. Verify current requirements and timelines with your chosen body.
For the authoritative scope and current status of the standard, consult the official listing from the International Organization for Standardization: ISO/IEC 20000-1 on iso.org.
Frequently asked questions
Is ISO 20000 the same as ITIL?
No. ISO/IEC 20000-1:2018 is a certifiable standard for an IT service management system, while ITIL is complementary best-practice guidance. ITIL can help you meet the standard, but only ISO 20000 offers organisational certification.
Can a company be certified to ISO 20000?
Yes. An organisation can achieve certification of its SMS against ISO/IEC 20000-1:2018 through an accredited certification body, giving customers independent assurance.
What is a service management system (SMS)?
The SMS is the set of policies, objectives, processes and resources an organisation uses to direct and control its service management activities and deliver value to customers.
How many clauses does ISO 20000-1 have?
The standard follows the ISO Harmonized Structure covering context, leadership, planning, support, operation, performance evaluation and improvement. For the exact clause numbering, verify against the current version of the standard.

Related guides
- ISO 20000 IT service management: a complete guide
- ISO 20000 requirements checklist for implementation
- The ISO 20000 certification process explained
Ready to move from theory to implementation? Our editable ISO/IEC 20000-1:2018 toolkit gives you ready-to-adapt policies, process documents, SLAs and audit templates to build your SMS faster. Explore the ISO 20000 Toolkit and start your journey toward certification today.

