ISO/IEC 20000 Certification Mark

Adding value with our service portfolio

Adding value with our service portfolio


Management system certification / Voluntary assessment

Basis for Certification (certification standard):

International standard ISO/IEC 20000 (IT Service Management System Requirements)

Standard owner:

ISO International Organization for Standardization


What does the ISO/IEC 20000 standard cover?

The ISO/IEC 20000 standard defines the requirements for a certifiable IT Service Management (ITSM) system. These requirements include, but are not limited to:

  • Establishment of a suitable management system that enables the organisation to provide and manage IT services of defined quality, including mechanisms for risk identification, self-assessment, prevention, correction and continuous improvement of services.
  • Regular reporting to customers regarding the services actually provided.
  • Implementation of changes to IT services in compliance with defined processes

  • What does “certification” and/or the issue of a certification mark for ISO/IEC 20000 by TÜV SÜD Management Service GmbH mean?
    • The customer has submitted to voluntary assessment (audit) according to defined criteria (certification standard).
    • A certificate and/or the authorisation to use a certification mark is only issued if the assessment (audit) does not reveal any major nonconformities with the requirements of the certification standard.
    • The certificates and/or certification marks are valid for a restricted period of time. Interested parties can check the validity of individual certificates in the certificate database of TÜV SÜD Management Service GmbH.
    • To maintain certificate validity, the certificate holder must annually complete an announced audit with a positive result.
    • Unannounced audits are possible in specific cases.
  • How do we audit?

    Independent and qualified experts (auditors) apply the following auditing techniques:

    • Document review:
      Evaluation of the organisation’s requirements and/or documentation to ensure the systematic control of all processes relevant for the IT Service Management System.

    • On-site-audit:
      Verification, in the form of interviews and on-site inspection at the customer's premises, that the above requirements are effectively implemented in practice. Random on-site checks of processes based on records, such as available measurement results, minutes of meetings, training and qualification records, complaints management and records related to defined objectives and the resulting improvement projects.
  • What is beyond the scope of certification according to ISO/IEC 20000?
    • Certification according to ISO/IEC 20000 does not constitute product certification. Certification thus does not provide any direct statements on the quality of a product or service of the certified customer. Certification according to ISO/IEC 20000 does not mean that the company manufactures products or provides services of higher quality.
    • Certification according to ISO/IEC 20000 does not prevent in each specific case and at any time, that disturbances or malfunctioning of the IT Services provided by the certified company might occur, even though this is one of the key objectives of the IT Service Management System.



Management System Certification Marks

Explore here our certification marks

Learn More

Next Steps

Site Selector