Foundation Bridge in IT Service Management (ITSM) according to ISO/IEC 20000
Specification Sheet
ISO/IEC 20000 Foundation Bridge
TÜV SÜD Akademie
Table of Contents
1 Reading aid ... 4
2 ISO/IEC 20000 - Introduction ... 4
3 Aim of the qualification ... 4
4 Benefit of the qualification ... 5
5 Target group of the qualification ... 5
6 ISO/IEC 20000 qualification scheme structure ... 6
7 Specification of the exam ... 7
7.1 Exam name... 7
7.2 Exam format ... 7
7.3 Exam prerequisites ... 7
7.4 Exam content ... 7
7.4.1 Weight of exam content ... 7
7.4.2 Detailed content ... 8
7.5 Exam terms... 10
8 Description of the training ... 11
8.1 Training name ... 11
8.2 Training format... 11
8.3 Prerequisites for admission to training ... 11
8.4 Training content ... 11
8.5 Requirements for training institutes ... 11
8.6 Requirements for trainers ... 11
8.7 Requirements for training ... 12
8.8 Requirement for practical assignments ... 12
8.9 Description of the training ... 13
9 Glossary ... 14
10 Further applicable information ... 15
10.1 Certification ... 15
10.2 Exam matrix/taxonomy & literature references ... 15
10.3 Other applicable documents ... 17
10.4 Revision history ... 17
Annex 1 - Exam terms ... 18
Copyright © 2012 TÜV SÜD Akademie GmbH
The qualification program in IT service management based on ISO/IEC 20000 is owned, developed and mai n- tained by TÜV SÜD Akademie GmbH, Certification Body for Persons, Germany.
All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing system or circulated in any form by print, photo print, microfilm or any other means without written permission by TÜV SÜD Akademie GmbH.
The International Organization for Standardization (ISO) is a non -governmental organization which is a network of the national standards institutes of 163 countries.
ISO is the owner of the ISO/IEC 20000 and the ISO/IEC 27000 standard series.
ITIL® is a registered trade mark of the Cabinet Office.
IT Infrastructure Library® is a registered trade mark of the Cabinet Office.
The Swirl logo™ is a Trade Mark of the Cabinet Office.
All other company, product, or service names may be trade marks or service marks of others and are the property of their respective owners.
1 Reading aid
This document is designed to support training institutes in the development of their trainings and training materials that meet with TÜV SÜD requirements.
The main objective of the specification sheet is to identify the exam subjects, the exam re- quirements and specifications, and the target audience.
2 ISO/IEC 20000 - Introduction
IT service management focuses on providing and supplying efficient services to ensure the satisfaction of customer requirements, cost-effectiveness and smooth business processes.
Service optimization is deemed a prerequisite for successful presence on national and interna- tional markets.
ISO/IEC 20000 is the first internationally recognized worldwide process based standard creat- ed specifically for the breadth of IT service management. ISO/IEC 20000 Part 1 is the formal specification; it defines the requirements that must be achieved, whereas ISO/IEC 20000 Part 2 is describing guidance on the application.
ISO/IEC 20000 is independent of all frameworks; it is “framework neutral”. There is no control defined or implied between the standard and frameworks such as Microsoft® Operations Framework (MOF), IT Infrastructure Library® (ITIL®) and indeed to their supporting qualifica- tion schemes. Each side of the equation is developed autonomously to the other. However, it should be noted that there are many defined frameworks both public (MOF®…) and private (in-house best practices) that can help the drive towards recognition of capability and there- fore eventually ISO/IEC 20000 certification.
Both internal and external service providers are being challenged to prove they will be able to provide the required service quality and to that end have adequate service management pro- cesses in place. External service providers have already been requested to become certified to the standard as part of invitation to tenders. The award of the ISO/IEC 20000 certificate is predicated upon audits conducted by Registered Certification Bodies against ISO/IEC 20000 Part 1 which ensure that a service provider is designing, realizing the transition, managing and maintaining an IT service management system in line with the requirements of the standard.
3 Aim of the qualification
The Specification Sheet of the Foundation Bridge in ITSM according to ISO/IEC 20000 is de- signed to provide knowledge of what an IT service management system is and the minimum requirements that service providers should aspire to within the context of ISO/IEC 20000. It will test the capability of the candidate to “remember” and “understand” the concepts that are explained.
4 Benefit of the qualification
The qualification and certification program “ISO/IEC 20000 Qualification Scheme for Persons”
familiarizes candidates with the contents of the ISO/IEC 20000 standard, its practice-oriented implementation in the form of a management system, including the relationship with other relevant standards, and the best practices, methods and frameworks associated therewith.
The individual qualifications enable candidates to apply their acquired knowledge and fulfil role- and function-specific management tasks in IT service management in a targeted manner.
This well-structured training programme helps candidates to continuously improve their per- sonal qualifications, thus supporting their continual professional development within their or- ganisation.
Employee qualifications at the various levels, which build on each other, extend over the full range from management and processes to results at internal and external customers, on an internationally recognized and comparable basis.
Candidate benefits summarized:
Aligned to international standards
Recognized, third-party qualification of persons
Qualification and training-course concept in line with company requirements
Transfer of practice-oriented expertise in a well-structured training program
5 Target group of the qualification
The target audience includes both internal and external service providers, who play a role or have an interest in ISO/IEC 20000, even if such an organization is not (yet) certified. The Foundation Certificate in ITSM according to ISO/IEC 20000is particularly aimed at this wider audience. In addition, for customers considering requesting their service providers to become ISO/IEC 20000 certified, they can get an insight into what can be expected of their service providers.
The Foundation Bridge examination according to ISO/IEC 20000 is intended for professionals in IT service management with solid knowledge and experience within IT service manage- ment, with a minimum certification level of ITIL® Foundation (v2 and/or v3), who want to focus on or become proficient in IT service management according to ISO/IEC 20000.
The “Foundation Certificate in ITSM according to ISO/IEC 20000” is a prerequisite for the oth- er qualifications within the qualification scheme.
6 ISO/IEC 20000 qualification scheme structure
The "Foundation Certificate in ITSM according to ISO/IEC 20000" is part of the “ISO/IEC 20000 Qualification Scheme for Persons” which covers a series of exams / certifications that are aligned with the various roles in IT service management.
7 Specification of the exam 7.1 Exam name
The exam name is:
Foundation Bridge Examination in IT service management according to ISO/IEC 20000.
7.2 Exam format
Multiple-choice examination consisting of 20 questions
The examination is passed, if a minimum of 65% of the questions are answered correctly (13 of 20).
Duration of the exam: 30 minutes
7.3 Exam prerequisites
To sit the Foundation Bridge Examination in IT service management according to ISO/IEC 20000 candidates must hold a Foundation Certificate based on ITIL® v2 or v3.
7.4 Exam content
7.4.1 Weight of exam content
Exam requirements Weight (%)
1. Understanding the definitions and principles of (IT) service manage- ment
10
2. Understanding the position of ISO/IEC 20000 in (IT) service manage- ment
30
3. The minimum requirements for a service management system (SMS) according to ISO/IEC 20000-1
40
4. Key points for the application of a service management system (SMS) 20
7.4.2 Detailed content
Since the Foundation Bridge is an excerpt of the regular Foundation training and exam, some of the topics are shown as "--". These topics will not be covered within the Foundation Bridge examination.
1. Understanding the definitions and principles of (IT) service management (10%) 1.1 The candidate understands quality and service requirements
The candidate can:
1.1.1 Explain what quality is and why it is important
1.1.2 Explain what service requirements are and why they are important 1.1.3 Describe what a service management system (SMS) is
1.2 -- 1.3 -- 1.4 --
1.5 The candidate understands continual improvement The candidate can:
1.5.1 Identify the principles of the plan-do-check-act cycle 1.5.2 Describe what maturity is and how maturity models work
1.5.3 Explain the nature of assessments, reviews and corrective and preventive actions 2. Understanding the position of ISO/IEC 20000 in (IT) service management (30%) 2.1 The candidate understands the landscape of standards and frameworks The candidate can:
2.1.1 Identify the purpose and stakeholder of CMMI, COBIT, ISO 9000, ISO 15504, ISO 27000, ITIL®, MOF, Six Sigma®
2.1.2 Describe the relationship to company-specific standards
2.2 The candidate understands the concepts of certification practices The candidate can:
2.2.1 Describe the use of applicability and scoping 2.2.2 Explain the benefits of certification
2.2.3 Describe the certification process
2.2.4 Identify the roles and responsibilities within certification schemes 2.3 The candidate understands the concept of ISO/IEC 20000 The candidate can:
2.3.1 Describe the history and the owner of ISO/IEC 20000 2.3.2 Identify the purpose and benefits of ISO/IEC 20000
2.3.3 Explain the difference between ISO/IEC 20000-1 and ISO/IEC 20000-2 and the rest of the ISO/IEC 20000 series
2.3.4 Describe the grouping of the processes
2.3.5 Explain the use of ISO/IEC 20000 within the lifecycle of an IT Service 2.3.6 Remember the terms and definitions relating to ISO/IEC 20000
3. The minimum requirements for a service management system (SMS) according to ISO/IEC 20000-1 (40%)
3.1 The candidate understands the minimum requirements for management and improve- ment of IT Services
The candidate can:
3.1.1 Describe the objective of a service management system (SMS)
3.1.2 Describe the requirements for (top-) management responsibility including the service man- agement policy
3.1.3 Describe the requirements for governance of processes operated by other parties 3.1.4 Describe the requirements for documentation and control of documents and records 3.1.5 Describe the requirements for resource management
3.1.6 Describe the requirements for applying the plan-do-check-act methodology to the service management system (SMS) and services including defining the scope, planning the SMS, im- plementing and operating the SMS, monitoring and reviewing the SMS, and maintaining and improving the SMS
3.2 --
3.3 The candidate understands the minimum requirements for alignment of IT and the business
The candidate can:
3.3.1 Describe the objective and requirements of the Service Level Management process 3.3.2 Describe the objective and requirements of Service Reporting
3.3.3 Describe the objective and requirements of Budgeting and Accounting for IT Services 3.3.4 Describe the objective and requirements of the Business Relationship Management process 3.3.5 Describe the objective and requirements of the Supplier Management process
3.4 The candidate understands the minimum requirements for delivery of IT services The candidate can:
3.4.1 -- 3.4.2 --
3.4.3 Describe the objective and requirements of the Information Security Management process 3.5 --
4. Key points for the application of a service management system (SMS) (20%)
4.1 The candidate understands the best practices for management and improvement of IT Services
The candidate can:
4.1.1 Describe the key points for the application in the context of (top-) management responsibility including the service management policy (including guidelines for and typical contents of the service man- agement policy, and an overview of the responsibilities of the management representative)
4.1.2 Describe the key points for the application in the context of governance of processes (including a general understanding of the different types of other parties and demonstration of accountability and authority) 4.1.3 Describe the key points for the application in the context of documentation and control of
documents and records (including an overview of typical mechanisms of control of documents)
4.1.4 Describe the key points for the application in the context of resource management (including the meaning and importance of competence, awareness and training in the context of human resources)
4.1.5 Describe the key points for the application in the context of the plan-do-check-act methodology applied to the service management system (SMS) and services including defining the scope, planning the SMS, implementing and operating the SMS, monitoring and reviewing
the SMS, and maintaining and improving the SMS (including typical contents of the service management plan, the role of internal and external audits, selection of auditors and principles of auditing)
4.2 -- 4.3 --
4.4 The candidate understands the best practices for delivery of IT services The candidate can:
4.4.1 -- 4.4.2 --
4.4.3 Describe the key points for the application in the context of the Information Security Manage- ment process (including an overview of the contents and practices in the context of the information security policy, understanding of the importance and practices in managing information security risks, and understanding of managing information security-related incidents and changes)
4.5 --
7.5 Exam terms
The terms the candidates should be familiar with are listed in Annex 1 and are intended as a guide for the trainers.
8 Description of the training 8.1 Training name
Foundation Bridge training in IT service management according to ISO/IEC 20000
8.2 Training format
The training has to be provided by one trainer. Assignments and sample exams should be performed but are not mandatory.
8.3 Prerequisites for admission to training
To sit the Foundation Bridge examination in IT service management according to ISO/IEC 20000 candidates must hold a Foundation Certificate based on ITIL® v2 or v3.
8.4 Training content
The training is covering the following subject areas:
- General management systems and continual improvement process (CIP) - The significance of IT service management as per ISO/IEC 20000 - Service management processes and their interfaces with other processes
8.5 Requirements for training institutes
According to ISO/IEC 17000 the term “certification” will be used instead of “accreditation”.
Training institutes must be certified accordingly to run Foundation trainings. Please refer to the Specification Sheet for Training Institutes Certification for more details.
8.6 Requirements for trainers
Trainers must be certified by the accordingly to run Foundation trainings. Please refer to the Specification Sheet for Trainer Certification for more details. Certified trainers have the possi- bility to obtain the basic set of training material and the possibility to join an advanced training through TÜV SÜD or its partner institutes.
8.7 Requirements for training
The training material must be certified according to the requirements as stated in the Specifi- cation Sheet for Training Material Certification.
Following requirements are valid:
- Minimal training duration (contact hours) 7.5 hours (plus exam).
- Attendees: a minimum of 6 and a maximum of 25 attendees
- It must be aligned with the requirements of the Foundation Bridge exam (i.e. cover this Specification Sheet).
- It must provide the attendees the opportunity to interact and discuss their experience.
The certified Foundation Bridge training in IT service management according to ISO 20000 will typically take one or one and a half days, including the exam at the end of the training.
8.8 Requirement for practical assignments
Within this training no practical assignments are mandatory, but to receive better training re- sults the training provider should perform some practical assignments during the training.
8.9 Description of the training
The description of the training indicates the possible structure of the training. This is an indica- tion only that by no means dictates how training should be conducted. However it provides a logical order for the exam topics and gives a time indication that corresponds with the exam requirements percentage, the overall training/assignment duration is at minimum 7.5 hours (10 learning units) plus a 30 minutes examination:
Training duration including examination (7.5 hours + 30 min) Minimum 8 hours Introduction
7.5 hours Introduction to ISO/IEC 20000
What is ISO/IEC 20000?
Context of ISO/IEC 20000
Basic terms and concepts
What is a(n) (IT) service?
Quality
Summary
Basic Structure of ISO/IEC 20000
Clause 1: Scope
Clause 2: Normative References
Clause 3:Terms and Definitions
Clause 4: Service management system general requirements
Clause 5: Design and transition of new or changed services
Clause 6: Service delivery processes
Clause 7: Relationship processes
Clause 8: Resolution processes
Clause 9: Control processes
Related Standards – Overview
Summary
Examination 30 minutes
9 Glossary
Exam matrix/taxonomy
The exam matrix specifies the number and weight of the questions assigned to each topic, based on the exam requirements and specifications.
Exam requirements
The exam requirements are the main topics of a module. The candidate must have a thorough command of these topics.
Exam specification
The exam specifications elaborate on the exam requirements. The exam specifications have two levels. The mastery level defines what candidates must know, understand and what they must be able to apply, analyze, or solve. The testing level defines what will be tested and how this will be tested.
Literature
The specification sheet provides a list of required and suggested materials for the exam.
Mastery level
TÜV SÜD develops exam specifications on the six mastery levels of the revised Bloom taxonomy (2001):
1 Remembering: the ability to recall, restate and remember learned information
2 Understanding: the ability to grasp meaning of information by interpreting and translat- ing what has been learned
3 Applying: the ability to make use of information in a context different from the one in which it was learned
4 Analyzing: the ability to break learned information into its parts to understand it
5 Evaluating: the ability to make decisions based on in-depth reflection, criticism and as- sessment
6 Creating: the ability to create new ideas and information using what has been learned.
Target group
The target group is the audience for whom the module is intended.
Testing level
The testing level gives an indication of what may be asked in the exam.
Weight
The weight of an exam requirement or exam specification indicates the relative importance of the requirement or specification and is expressed as a percentage. The weight of an exam re-
10 Further applicable information 10.1 Certification
The TÜV SÜD Examination Institute requires candidates to be trained by certified training in- stitute before taking the exam. For more information about the certification process, which is intended to improve and safeguard the quality of the trainings and independent certification, please refer to information available at the
TÜV SÜD Examination Institute:
www.tuev-sued.com/examination-institute, or mailto:akd.it@tuev-sued.de, or
TÜV SÜD Akademie GmbH Certification Body for Persons/
Examination Institute Westendstrasse 160 80339 Munich / Germany Phone: +49 89 5791-1909 Fax: +49 89 5791-2247
10.2 Exam matrix/taxonomy & literature references
The exam matrix/taxonomy specifies the number and weight of the questions in the exam, based on the exam requirements and specifications.
The literature references shown in the table on the next page refer to those below which are recommended reading for the training provider:
A ISO/IEC 20000-1:2011(E) A Pocket Guide van Haren Publishing, 2012
ISBN 978 90 8753 682 4
B ISO/IEC
ISO/IEC 20000-1:2011(E) Part 1: Service management system requirements Switzerland, ISO, 2011
ISO/IEC 20000-1:2011(E)
C ISO/IEC
ISO/IEC 20000-2:2012(E) Part 2: Guidance on the application of service manage- ment systems
Switzerland, ISO, 2012 ISO/IEC 20000-2:2012(E)
The following literature will also prove of use for training providers and candidates alike:
David Clifford FISM
Implementing ISO/IEC 20000 Certification – The Roadmap van Haren Publishing, 2008
ISBN 978 90 87530 82 2
EXAM MATRIX/TAXONOMY LITERATURE REFERENCES
Exam Re- quirement
Exam Specification
Weight % Number of Questions
Literature Id
Literature Refer- ence Mastery
level
Testing level
1
1.1 1.1.1-
1.1.3
10 2
A: 8.4 (4)
1.5 1.5.1-
1.5.3
A: 8.4 (4)
2
2.1 2.1.1-
2.1.2
30 6
A: 5, 6
2.2 2.2.1-
2.2.4
A: 4
2.3 2.3.1-
2.3.6
A: 2, A
Training description
3
3.1 3.1.1-
3.1.6
40 8
B: 3, 3.1, 3.2, 3.3, 4
3.3 3.3.1-
3.3.5
B: 6.1, 6.2, 6.4, 7.2, 7.3
3.4 only 3.4.3 B: 6.3, 6.5, 6.6
4
4.1 4.1.1-
4.1.5 20 4
C: 3.1, 3.2, 3.3, 4
4.4 only 4.4.3 C: 6.6
10.3 Other applicable documents
List of abbreviations ( Information technology – List of Abbreviations used)
Blue Print of TÜV SÜD Akademie to the "Qualification and Certification Program in IT service management according to ISO/IEC 20000"
Specification Sheet for Training Institute Certification
Specification Sheet for Trainer Certification
Specification Sheet for Training Material Certification
10.4 Revision history
October 2011 Version 1.2 Layout adjustments; Style of lettering harmonized
Trade Mark Acknowledgement Statements revised
Changes of definitions: course to training / accreditation to certification etc.
Section 8 revised: Requirements for training institutes / trainers / trainings
Section 8 completed: Information from the Blue Print
Section 7.5: Exam terms moved to Annex 1
New section 10.3 „Other applicable documents“
New section 10.4 „Revision history”
Chapter 10.1 web link updated
Name of training and exam from ISO/IEC 20000 to ISO/IEC 20000:2011 changed
Chapter 7.4.2/3.1 updated
Annex 1 updated: management system replaced with service management system
Annex 1 changed according to the Specification Matrix
Chapter 7.4.2 and Chapter 10.2: Exam taxonomy and exam content changed according to the German Specification Sheet v1.2
Chapter 8.9 Course outline changed according to the German Specification Sheet v1.2
August 2012
October 2012
Version 1.3
Version 2.0
Used terms aligned to the standard editions ISO/IEC 20000- 1:2011 and ISO/IEC 20000-2:2012
Section 10.2: Revision of literature references
Annex 1 completed: Additional terms based on clause 3 of the standard's edition ISO/IEC 20000-1:2011
Section 7.4, 10.2 and Annex 1 revised
Annex 1 - Exam terms
The terms the candidates should be familiar with are listed below and are intended as a guide for the trainers. The terms are listed in order of the exam requirements. Since the Foundation Bridge is an excerpt of the regular Foundation training and exam, some of the topics are shown as "--". These top- ics will not be covered within the Foundation Bridge examination.
1 Understanding the definitions and principles of (IT) service management 1.1 Understanding quality and service requirements
Quality
Customer
1.2 -- 1.3 -- 1.4 --
1.5 Understanding continual improvement
Continual improvement
Plan, Do, Check, Act
2 Understanding the position of ISO/IEC 20000 in (IT) service management 2.1 Understanding the landscape of standards and frameworks
CMMI®
CobiTTM
ISO 9000
ISO/IEC 20000
ISO/IEC 27001
ITIL®
MOF
Six Sigma®
2.2 Understanding the concepts of certification practices
Audit
Compliance / conformity
Non-conformity
Scoping
SMS scope
Scoping statement
Organization
2.3 Understanding the concept of ISO/IEC 20000
Service provider
(International) standard
Minimum requirement
ISO/IEC 20000-1
ISO/IEC 20000-2
3 The minimum requirements for a service management system (SMS) according to ISO/IEC 20000-1
3.1 Management and improvement of IT Services
Top management
Service management policy
Service management plan
Effectiveness
Efficiency
Risks
Risk management
Internal audit / first party audit
Supplier audit / second party audit
Third party audit
Audit scope
Auditor
Audit criteria
Audit programme
Corrective action
Preventive action
Process owner
Management representative /senior responsible owner
Document control
Document
Record 3.2 --
3.3 Alignment of IT and the business
Customer satisfaction
Supplier
Lead supplier
Subcontracted supplier
Service level
Service level agreement (SLA)
Service catalogue
Service requirement
Operational level agreement (OLA)
Underpinning contract (UC)
Trend information
Budget
Budgeting
Accounting
Direct cost
Indirect cost
Shared cost
3.4 Delivery of IT services
(Service) availability
(Service) continuity
Capacity plan
(Service) performance
(Service) capacity
Threshold
Asset
Information security
Information security policy
Access rights
Confidentiality
Integrity
Accessibility
Risk assessment
Security control
Information security incident
Information security risk
3.5 --
4 Key points for the application of a service management system (SMS) 4.1 Management and improvement of IT Services
Management responsibility
Management review
Interested party
Other party
4.2 -- 4.3 --
4.4 Delivery of IT services
Response time
4.5 --
Justification of choices
To avoid repetition, terms have usually been listed under the first examination specification where they are used. Note that questions based on one of the examination requirements may also use terms listed under the heading for other requirements.
