{"id":7559,"date":"2021-12-06T10:35:30","date_gmt":"2021-12-06T10:35:30","guid":{"rendered":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/"},"modified":"2023-01-18T11:47:01","modified_gmt":"2023-01-18T11:47:01","slug":"what-is-the-relationship-between-iso-27001-and-iso-20000","status":"publish","type":"post","link":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/","title":{"rendered":"What is the relationship between ISO 27001 and ISO 20000?"},"content":{"rendered":"<p><a href=\"https:\/\/www.imsm.com\/gb\/iso-27001\/\">ISO\/IEC 27001<\/a> and <a href=\"https:\/\/www.imsm.com\/gb\/iso-20000\/\">ISO\/IEC 20000<\/a> are the two most popular information technology standards used by businesses worldwide, but what is the relationship between these two standards?<\/p>\n<p>With more businesses investing in their information security processes, we have seen an increase in <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO\/IEC 27001<\/a> certifications. Alongside this growth, we have also seen more curiosity regarding <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO\/IEC 20000<\/a>. It\u2019s true that these two standards do have a lot of things in common but, more accurately, they complement each other. On the other hand, they also have differences, and these differences are worth exploring.<\/p>\n<p>In this article, we will discuss:<\/p>\n<ul>\n<li>What is ISO\/IEC 20000?<\/li>\n<li>What are the similarities between ISO\/IEC 27001 and ISO\/IEC 20000?<\/li>\n<li>What are the differences between ISO\/IEC 27001 and ISO\/IEC 20000?<\/li>\n<li>Can I implement ISO\/IEC 27001 and ISO\/IEC 20000 together?<\/li>\n<\/ul>\n<h2>What is ISO 20000?<\/h2>\n<p><a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO\/IEC 20000<\/a> is a Service Management System (SMS) standard that specifies requirements for an organisation to establish, implement, maintain, and continually improve a service management system (SMS). The requirements specified in the standard include the planning, design, transition, delivery, and improvement of services to meet the service requirements and deliver value. It enables IT institutions to ensure their IT service management processes are aligned to the needs of the business and customers, whilst following international best practices.<\/p>\n<h2>What are the similarities between ISO 27001 and ISO 20000?<\/h2>\n<p>An <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a> based ISMS (Information Security Management System) may seem like its related to information only, however information is a broad term, and can include raw data, the location, and the equipment where the data is held. It also includes devices, software, processing operations, management, people, and the organisation itself. Additionally, it includes \u00a0communication channels, suppliers and procurement, development, and legislation.\u00a0<a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\"> ISO 27001<\/a> relates to far more than just the information or data that we would normally expect.<\/p>\n<p><a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> is also a very similar SMS (Service Management System). It defines, implements, manages, and improves IT service from its design through management and improvement after its release into the live environment. It goes beyond what the service does and includes how the service is built, how it is used, and how it handles issues that occur. It includes details on how you set up your organisation, how you handle third parties, how you report customer satisfaction, complaints, and compliments, etc. Many of the same or similar elements can be found in the <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a> standard, but these are seen from a different point of view.<\/p>\n<p><a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> is process-based and although <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a> is not explicitly process-based, when you review the list of controls detailed in Annex A there are many where you would need to define a process to deal with the particular requirement. Seen from the <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> point of view, the standard requires Information Security Management, IT Service Continuity and Availability processes to be implemented. Requirements for those two processes are very much in line with ISMS requirements defined by <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a>.<\/p>\n<h2>What are the differences between ISO 27001 and ISO 20000?<\/h2>\n<p>Although both standards offer specific approaches, <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> is service based whereas <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a> is risk management based; it has risk management at its core. <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> considers risks as one of the building elements of the IT service management and goes deep into the daily operation of the organisation, meaning that it coincides with some parts of the <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a> (like information classification, access control, etc.) but looks at a far wider context.<\/p>\n<p>In addition to information security, <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> gives an overall view on the service, including financial aspects, design, release, and deployment of the IT service. While <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO\/IEC 20000<\/a> specifies a standard for service management, <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO\/IEC 27001<\/a> focuses on risk assessment.<\/p>\n<p>In <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO 20000<\/a> some common processes such as incident, change or capacity management, go into much more detail in order to manage IT services than those found in an ISMS aligned to the requirements of <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO 27001<\/a>.<\/p>\n<h2>Can I implement ISO 27001 and ISO 20000 together?<\/h2>\n<p>Yes, and with an experienced consultant, it&#8217;s relatively straightforward. Management systems provide benefits to any business, regardless of size or industry. Whether you&#8217;re looking to reduce costs, streamline your operations, reach customers on a global scale, or otherwise expand your business, you&#8217;ll benefit from having some form of management system in place. What kind of management system is right for you depends on your specific goals; both <a href=\"https:\/\/www.imsm.com\/us\/iso-27001\/\">ISO\/IEC 27001<\/a> for information security and <a href=\"https:\/\/www.imsm.com\/us\/iso-20000\/\">ISO\/IEC 20000<\/a> for IT service management can set out precise goals that can help streamline your company.<\/p>\n<p>Speak to an ISO consultant today to better understand which ISO could be best for your business or if you&#8217;d benefit from multiple systems.<\/p>\n<figure class=\"u-TextAlignNone\"><a href=\"https:\/\/www.imsm.com\/us\/contact-us\/\"><img decoding=\"async\" class=\"c-Image\" title=\"\" src=\"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2022\/08\/Multi-ISO-Get-your-free-quote.png\" alt=\"Get your free quote\" \/><\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>ISO\/IEC 27001 and ISO\/IEC 20000 are the two most popular information technology standards used by businesses worldwide, but what is [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":7560,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","inline_featured_image":false,"pgc_sgb_lightbox_settings":"","footnotes":""},"categories":[34],"tags":[47,13,46,61,60,19,49],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The relationship between ISO 27001 and ISO 20000 | IMSM US<\/title>\n<meta name=\"description\" content=\"ISO 27001 and ISO 20000 are the two most popular information technology standards used by businesses worldwide.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The relationship between ISO 27001 and ISO 20000 | IMSM US\" \/>\n<meta property=\"og:description\" content=\"ISO 27001 and ISO 20000 are the two most popular information technology standards used by businesses worldwide.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/\" \/>\n<meta property=\"og:site_name\" content=\"IMSM US\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/en-gb.facebook.com\/imsmltd\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-06T10:35:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-01-18T11:47:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.imsm.com\/gb\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"1500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"amywright\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@IMSM_Ltd\" \/>\n<meta name=\"twitter:site\" content=\"@IMSM_Ltd\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"amywright\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/\",\"url\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/\",\"name\":\"The relationship between ISO 27001 and ISO 20000 | IMSM US\",\"isPartOf\":{\"@id\":\"https:\/\/www.imsm.com\/us\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png\",\"datePublished\":\"2021-12-06T10:35:30+00:00\",\"dateModified\":\"2023-01-18T11:47:01+00:00\",\"author\":{\"@id\":\"https:\/\/www.imsm.com\/us\/#\/schema\/person\/990a6ba5dfd82cda313e2dd00eb363b0\"},\"description\":\"ISO 27001 and ISO 20000 are the two most popular information technology standards used by businesses worldwide.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#primaryimage\",\"url\":\"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png\",\"contentUrl\":\"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png\",\"width\":1500,\"height\":1500,\"caption\":\"ISO 27001 vs ISO 22000\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.imsm.com\/us\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is the relationship between ISO 27001 and ISO 20000?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.imsm.com\/us\/#website\",\"url\":\"https:\/\/www.imsm.com\/us\/\",\"name\":\"IMSM US\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.imsm.com\/us\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.imsm.com\/us\/#\/schema\/person\/990a6ba5dfd82cda313e2dd00eb363b0\",\"name\":\"amywright\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.imsm.com\/us\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b9a7d7e0f867d04d3ec6ad1557548ab8?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b9a7d7e0f867d04d3ec6ad1557548ab8?s=96&d=mm&r=g\",\"caption\":\"amywright\"},\"url\":\"https:\/\/www.imsm.com\/us\/news\/author\/amywright\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The relationship between ISO 27001 and ISO 20000 | IMSM US","description":"ISO 27001 and ISO 20000 are the two most popular information technology standards used by businesses worldwide.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/","og_locale":"en_US","og_type":"article","og_title":"The relationship between ISO 27001 and ISO 20000 | IMSM US","og_description":"ISO 27001 and ISO 20000 are the two most popular information technology standards used by businesses worldwide.","og_url":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/","og_site_name":"IMSM US","article_publisher":"https:\/\/en-gb.facebook.com\/imsmltd\/","article_published_time":"2021-12-06T10:35:30+00:00","article_modified_time":"2023-01-18T11:47:01+00:00","og_image":[{"width":1500,"height":1500,"url":"https:\/\/www.imsm.com\/gb\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png","type":"image\/png"}],"author":"amywright","twitter_card":"summary_large_image","twitter_creator":"@IMSM_Ltd","twitter_site":"@IMSM_Ltd","twitter_misc":{"Written by":"amywright","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/","url":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/","name":"The relationship between ISO 27001 and ISO 20000 | IMSM US","isPartOf":{"@id":"https:\/\/www.imsm.com\/us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#primaryimage"},"image":{"@id":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#primaryimage"},"thumbnailUrl":"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png","datePublished":"2021-12-06T10:35:30+00:00","dateModified":"2023-01-18T11:47:01+00:00","author":{"@id":"https:\/\/www.imsm.com\/us\/#\/schema\/person\/990a6ba5dfd82cda313e2dd00eb363b0"},"description":"ISO 27001 and ISO 20000 are the two most popular information technology standards used by businesses worldwide.","breadcrumb":{"@id":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#primaryimage","url":"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png","contentUrl":"https:\/\/www.imsm.com\/us\/wp-content\/uploads\/sites\/2\/2021\/12\/Thumbnails-8.png","width":1500,"height":1500,"caption":"ISO 27001 vs ISO 22000"},{"@type":"BreadcrumbList","@id":"https:\/\/www.imsm.com\/us\/news\/what-is-the-relationship-between-iso-27001-and-iso-20000\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.imsm.com\/us\/"},{"@type":"ListItem","position":2,"name":"What is the relationship between ISO 27001 and ISO 20000?"}]},{"@type":"WebSite","@id":"https:\/\/www.imsm.com\/us\/#website","url":"https:\/\/www.imsm.com\/us\/","name":"IMSM US","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.imsm.com\/us\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.imsm.com\/us\/#\/schema\/person\/990a6ba5dfd82cda313e2dd00eb363b0","name":"amywright","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.imsm.com\/us\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b9a7d7e0f867d04d3ec6ad1557548ab8?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b9a7d7e0f867d04d3ec6ad1557548ab8?s=96&d=mm&r=g","caption":"amywright"},"url":"https:\/\/www.imsm.com\/us\/news\/author\/amywright\/"}]}},"_links":{"self":[{"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/posts\/7559"}],"collection":[{"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/comments?post=7559"}],"version-history":[{"count":6,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/posts\/7559\/revisions"}],"predecessor-version":[{"id":8473,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/posts\/7559\/revisions\/8473"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/media\/7560"}],"wp:attachment":[{"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/media?parent=7559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/categories?post=7559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.imsm.com\/us\/wp-json\/wp\/v2\/tags?post=7559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}