We can always ask: “What’s in a name?”. But the fact of the matter is most often than not, the name (or title) is of utmost important in setting perceptions and acceptance, when it comes to books, standards and other key documentations at least.

ISO/IEC 20000, the standard has evolved with specific focus on IT Service management.  However, in its 2011 edition of the standard, there seemed to be a clear effort to elevate the standard to a generic Service Management focus – to make it applicable to any Service organizations, IT or non-IT.

A major roadblock in this elevation and global acceptance as a generic standard could be the term that remained in its title: “Information Technology (IT)”. The standard title remains to be: “Information technology — Service management”.

I have written in an earlier post regarding the confusion that exists in this matter.

I have come across more than one organization (Non-IT) who are hesitant to adopt ISO/IEC 20000 – just because the standard title specifically refer to Information Technology infrastructure Library.

I do understand there could be internal, technical reasons within ISO to keep the title as is; however, it is also important to understand the majority of the adopters and practitioners remain unaware of (or quite understandably, don’t care) about them.

And we can also see that this is not just an issue with the ISO/IEC 20000 standard alone.

The global standard for Information Security , ISO/IEC 27001 also carries the title:  “Information technology — Security techniques — Information security management systems”. (This is retained in the latest, 2013 edition as well).

But we all will agree to a greater extent that the scope of this standard is not limited to Information Technology alone. I have come across at least a couple of auditors who specifically told the customer organization that the certification scope will be limited to IT portions – as the standard is (!) specific to Information Technology.

So it is still unclear (within the industry and practitioners) whether:

  1. The standards are, by design, intended to be specifically focused on IT or
  2. The standards are generic in nature – though the title mentions IT.

If the latter is true, the obvious question from any logical angle will be – why to introduce the term IT in the title of the standard and create such a confusion, that in turn is constraining a wider adoption of the standards?

Fortunately, the Business continuity Standard ISO 22301 is not affected by this problem as it doesn’t have ‘Information Technology’ in its title! Otherwise we would have faced unfortunate situation of the standard being applied to only IT continuity in an organization…

Would be interested to hear some views and further concrete information on this.

Advertisements