ISO 20000:2018

What is ISO/ IEC 20000:2018?

ISO/IEC 20000 is the international standard specifically for IT Service Management. It describes an integrated set of management processes which form a service management system for the effective delivery of services to the business and its customers. The standard allows IT service provider organizations to achieve conformance to a service management system which requires them to continually improve their delivery of IT services. ISO/IEC 20000 was first released in 2005 and is now at the second edition. It aligns to the IT infrastructure library (ITIL®) best practice framework. The ultimate goal being effective overall IT service management, the standard is based on key processes ranging from service level management reporting, budgeting and accounting for IT services, to information security, supplier, incident, change and release management.

The Benefits of implementing ISO 20000:2018

Assessment to ISO 20000:2018

Having chosen a third-party certification body for your audit, it will review your documentation to ascertain that it meets all the requirements of ISO 20000. This is followed at a later date by an audit to check that records are being kept and documented working practices are being followed
After a successful audit, a certificate of registration to ISO 20000 will be issued. Then there will be continual surveillance visits (usually once a year) to ensure that the system is maintained and continues to be effective.

Certification Process:

Pre Audit

Client interested in obtaining a certificate of registration under the QMS scheme from CQAL shall have established a documented quality system in accordance with the requirements of current version of the ISO 20000 standard and the applicable product standards.

CQAL Certification Services reviews the submitted documentation against the requirements of ISO 20000 standard and prepares a report detailing its finding. The deficiencies, if any, will have to be corrected prior to assessment since this documentation will form a part of the assessment criteria during the assessment.

Stage – 1 Audit

Stage 1 assessment shall include – Review of quality manual/ procedures, supporting documentation, evaluation of client’s location, assessment of preparedness for stage 2 audit, collecting of information regarding the scope of the management system, statutory and regulatory aspects, legal aspects and risks and processes and locations, preparation of an audit plan for stage 2 audit, evaluation of internal audits and management review performed by the customer.

Stage – 2 Audit

Stage 2 assessment is an on-site assessment which includes

- Evaluation of the implementation, including the effectiveness of the client’s management system

- Evidence about conformity to all requirements of the applicable standard or scheme

- Performance monitoring and reviewing against key performance objectives and targets

- Conformance to regulatory and legal aspects relevant to the standard

- Operational control of the client’s processes

- Internal auditing, management review and management responsibility, the competence of personnel, performance data, audit findings and conclusions

- Links between the normative requirements, policy, performance objectives and targets


CQAL Certification Services will issue a certificate of registration to the applicant once the corrective action has been accepted. The certificate carries a validity of three years from the date of issue subject to satisfactory findings during surveillances.

The certified clients are committed through the signing of a certification agreement to comply with the certification body’s requirements.

Surveillance Audit

-  Annual surveillance method – which includes conducting one surveillance audit annually, and performing a Recertification every third year

-  Semi-annual surveillance method – which includes conducting two audits annually and a Recertification every third year

- Implementation or the corrective actions required by the previous audit

- Review of changes in the organization

- Management reviews

- Internal system audits

- Customer complaints

- Corrective and preventive actions

- Scopes/activities that have changed since the last audit

- Customer complaints & appeals received in the Division concerning the organization

- Use of marks (certification logos)


The client’s quality system is re-assessed for the renewal of the certificate. All actions related with renewal (including completion of corrective actions) shall be completed before the expiry of the certificate to ensure continuity of certificate.

Form Downloads

Reach us for:

Are we ready for a certification audit? What is the cost of an audit to ISO 20000:2018? When can we get audited? Please Contact us for more information!