ISO/IEC JTC 1/SC 40 explained

ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC JTC 1/SC 40 develops and facilitates the development of international standards, technical reports, and technical specifications within the fields of IT service management and IT governance, with a focus in IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance.[1] The international secretariat of ISO/IEC JTC 1/SC 40 is Standards Australia (SA), located in Australia.[2]

History

ISO/IEC JTC 1/SC 40 was formed at the November 2013, 28th JTC 1 Plenary held in Perros-Guirec, France. The subcommittee was established via Resolution 21 from this meeting, and its scope, secretariat, and possible liaisons determined.[3] The new subcommittee combines the work of ISO/IEC JTC 1/WG 8 Governance of IT, ISO/IEC JTC 1/SC 7/WG 25 IT service management, and ISO/IEC JTC 1/SC 7/WG 27 IT enabled services/BPO (ITES/BPO).[1]

Scope

The scope of ISO/IEC JTC 1/SC 40 is:[3] [4] [5] [6]

"Standardization of IT Service Management and IT Governance"

Develop standards, tools, frameworks, best practices and related documents for IT Service Management and IT Governance, including areas of IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance, but excluding subject matter covered under the scope and existing work programs of JTC 1/SC 27 and JTC 1/SC 38.

The work will initially cover:

Structure

ISO/IEC JTC 1/SC 40 is made up of three working groups (WGs), three study groups (SGs), and one advisory group (AG), each of which carries out specific tasks in standards development within the field of IT Service Management and IT Governance. The focus of each working group is described in the group’s terms of reference. The working groups, study groups, and advisory group of ISO/IEC JTC 1/SC 40 are:[7]

Working Group Title
ISO/IEC JTC 1/SC 40/WG 1 Governance of Information Technology
ISO/IEC JTC 1/SC 40/WG 2 IT Service Management
ISO/IEC JTC 1/SC 40/WG 3 IT Enabled Services - Business Process Outsourcing
ISO/IEC JTC 1/SC 40/SG 1 General Study Group on Future Work
ISO/IEC JTC 1/SC 40/SG 2 Study Group on Service Maintenance (complete)
ISO/IEC JTC 1/SC 40/SG 3 Study Group on the governance and service management of IT and IT-enabled business services provided by multiple service providers
ISO/IEC JTC 1/SC 40/CAG 1 Chairman Advisory Group

Collaborations

ISO/IEC JTC 1/SC 40 works in close collaboration with a number of other organizations or subcommittees, both internal and external to ISO or IEC, in order to avoid conflicting or duplicative work. Organizations internal to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 40 include:[8]

Organizations external to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 40 include:

Member countries

Countries pay a fee to ISO to be members of subcommittees.[9] [10]

The 28 "P" (participating) members of ISO/IEC JTC 1/SC 40 are: Australia, Brazil, Canada, China, Côte d'Ivoire, Denmark, Finland, France, Germany, India, Italy, Japan, Republic of Korea, Luxembourg, Netherlands, New Zealand, Peru, Poland, Portugal, Romania, Russian Federation, Rwanda, Singapore, South Africa, Spain, Sweden, United Kingdom, and United States of America[2]

The 10 "O" (observing) members of ISO/IEC JTC 1/SC 40 are: Argentina, Austria, Belgium, Czech Republic, Hong Kong, Islamic Republic of Iran, Ireland, Kenya, Switzerland, and Uruguay.

Standards

ISO/IEC JTC 1/SC 40 currently has 11 published standards, as well as various other standards or technical reports under development within the field of IT service-management and IT governance. These include:[11] [12]

data-sort-type="number" width="14%" ISO/IEC StandardTitleStatusDescription
data-sort-value="20000-01"ISO/IEC 20000-1 Information technology – Service management – Part 1: Service management system requirements Published (2011) Specifies the requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain, and improve a service management system (SMS)[13]
data-sort-value="20000-02"ISO/IEC 20000-2 Information technology – Service management – Part 2: Guidance on the application of service management systems Published (2012) Provides guidance on the application of SMS based on the requirements of ISO/IEC 20000-1[14]
data-sort-value="20000-03"ISO/IEC 20000-3 Information technology – Service management – Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 Published (2012) Provides guidance on scope definition, applicability and demonstration of conformity to the requirements in ISO/IEC 20000-1. Guidance on the different types of conformity assessment and assessment standards is included. [15]
data-sort-value="20000-04"ISO/IEC TR 20000-4 Information technology – Service management – Part 4: Process reference model Published (2010) The purpose of ISO/IEC TR 20000-4:2010 is to facilitate the development of a process assessment model according to ISO/IEC 15504 process assessment principles. [16]
data-sort-value="20000-05"ISO/IEC TR 20000-5 Information technology – Service management – Part 5: Exemplar implementation plan for ISO/IEC 20000-1 Published (2013) Provides guidance on how to implement an SMS to fulfill the requirements of ISO/IEC 20000-1[17]
data-sort-value="20000-06"ISO/IEC 20000-6 [18] Information Technology -- Service Management -- Part 6: Requirements for bodies providing audit and certification of service management systems Under Development Part 6: Requirements for bodies providing audit and certification of service management systems
data-sort-value="20000-08"ISO/IEC 20000-8 [19] Information technology -- Service management -- Part 8: Guidance on the application of service management systems for smaller organizations Under Development Part 8: Guidance on the application of service management systems for smaller organizations
data-sort-value="20000-09"ISO/IEC TR 20000-9 Information technology – Service management – Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services Published (2015) Provides guidance on the use of ISO/IEC 20000‑1:2011 for service providers delivering cloud services[20]
data-sort-value="20000-10"ISO/IEC TR 20000-10 Information technology – Service management – Part 10: Concepts and terminology Published (2013) Provides an overview of the concepts and terminology of ISO/IEC 20000 and establishes a common framework for helping organizations understand the purpose of the parts of ISO/IEC 20000 and the relationships between the parts[21]
data-sort-value="20000-11"ISO/IEC TR 20000-11 [22] Information technology -- Service management -- Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks Under Development Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks
data-sort-value="20000-12"ISO/IEC TR 20000-12 [23] Information technology -- IT Service management -- Part 12: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: CMMI-SVC Under Development Part 12: Guidance on the relationship between ISO/IEC 20000-1:2011 and service management frameworks: CMMI-SVC
data-sort-value="30105-01"ISO/IEC 30105-1IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Published (2016) Part 1: Process Reference Model (PRM)
data-sort-value="30105-02"ISO/IEC 30105-2 IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Published (2016) Part 2: Process Assessment Model
data-sort-value="30105-03"ISO/IEC 30105-3 IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Published (2016) Part 3: Process measurement framework and organization maturity model
data-sort-value="30105-04"ISO/IEC 30105-4IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Published (2016) Part 4: Terms and concepts
data-sort-value="30105-05"ISO/IEC 30105-5 IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Published (2016) Part 5: Guidelines
data-sort-value="30121"ISO/IEC 30121 System and software engineering – Information technology – Governance of digital forensic risk framework Published (2015) Provides a framework for governing bodies of organizations on the best way to prepare an organization for digital investigations, before they occur[24]
data-sort-value="38500"ISO/IEC 38500[25] Information Technology – governance of IT – For the Organization Published (2015) Provides guiding principles for members of governing bodies of organizations on the effective, efficient, and acceptable use of information technology (IT) within their organizations
data-sort-value="38501"ISO/IEC TS 38501[26] Information Technology – Corporate Governance of IT Implementation Guide Published (2015) Provides guidance on how to implement arrangements for effective governance of IT within an organization
data-sort-value="38502"ISO/IEC TR 38502 Information technology – Governance of IT – Framework and model Published (2014) provides guidance on the nature and mechanisms of governance and management together with the relationships between them, in the context of IT within an organization[27]
data-sort-value="38505-1"ISO/IEC 38505-1 Information Technology -- Governance of IT -- Part 1: The application of ISO/IEC 38500 to the governance of data Under Development Part 1: The application of ISO/IEC 38500 to the governance of data
data-sort-value="38503"ISO/IEC TR 38503 [28] Information technology -- governance of IT -- Guidance on the audit of the governance of IT Under Development
data-sort-value="38504"ISO/IEC TR 38504 [29] Information technology -- The structure of principles-based standards in the governance of IT Under Development

See also

External links

Notes and References

  1. Web site: ISO/IEC JTC 1 Holds 28th Plenary Meeting in France. 2013-12-30. 2013-12-20. ANSI.
  2. Web site: 2013-12-30. ISO. ISO/IEC JTC 1/SC 40.
  3. ISO/IEC JTC 1. Resolutions Adopted at the 28th Meeting of ISO/IEC JTC 1, 4-9 November 2013 in Perros-Guirec, France. 2013-11-13. 2013-12-30. 8.
  4. Web site: ISO/IEC JTC 1/SC 40. 2013-12-30.
  5. Web site: ISO/IEC JTC 1/SC 40 Scope. 2013-12-30. IEC.
  6. 2013-2014 Business Plan. ISO/IEC JTC 1/SC 40. 2014-10-13.
  7. Web site: ISO/IEC JTC 1/SC 40 Structure. ISO. 2015-07-20.
  8. Web site: ISO/IEC JTC 1/SC 40. 2013-12-30.
  9. ISO Membership Manual. 17–18. III. What Help Can I Get from the ISO Central Secretariat?. ISO. June 2012. 2013-07-12. ISO.
  10. Web site: ISO/IEC JTC 1/SC 40 Participation. ISO. 2015-07-20.
  11. Web site: Standards Catalogue (Published): ISO/IEC JTC 1/SC 40. 2013-12-30. ISO.
  12. Web site: 2014-01-02. ISO. Standards Catalogue (Under Development): ISO/IEC JTC 1/SC 40.
  13. Web site: ISO. ISO/IEC 20000-1:2011. 2. 2013-12-30. 2011-04-12.
  14. Web site: ISO. ISO/IEC 20000-2:2012. 2012-02-14. 2013-12-30. 2.
  15. Web site: ISO. ISO/IEC 20000-3:2012. 2012-08-14. 2015-07-20. 1.
  16. Web site: ISO. ISO/IEC 20000-4:2010. 2014-02-24. 2015-07-20. 1.
  17. Web site: ISO. ISO/IEC TR 20000-5:2013. 2013-12-30. 2013-10-30. 2.
  18. Web site: ISO/IEC CD 20000-6. ISO. 2015-08-26.
  19. Web site: ISO/IEC WD 20000-8. ISO. 2015-08-26.
  20. Web site: ISO/IEC TR 20000-9:2015. 2015-02-16. 2015-07-20. ISO. 1.
  21. Web site: ISO/IEC TR 20000-10:2013. 2013-10-30. 2013-12-30. ISO. 1.
  22. Web site: ISO/IEC TR 20000-11. ISO. 2015-08-26.
  23. Web site: ISO/IEC TR 20000-12. ISO. 2015-08-26.
  24. Web site: ISO/IEC 30121:2015. 2015-07-20. ISO. 2015-03-17. 2.
  25. Web site: ISO/IEC 38500. 2015-07-20. ISO. 2015-02-11. 2.
  26. Web site: ISO/IEC TR 38501. 2015-07-20. ISO. 2015-04-20. 2.
  27. Web site: ISO/IEC TR 38502. 2015-07-20. ISO. 2014-01-21. 1.
  28. Web site: ISO/IEC TR 38503. ISO. 2015-08-26.
  29. Web site: ISO/IEC TR 38504. ISO. 2015-08-26.