Security Threat Advisory
Looking Glass
FireEye
Governance Risk and Compliance
Governance / Risk / Compliance
Strategic Consulting
ADSIC
FISMA
ISO 20000 ITSM
ISO 22301 BCMS
ISO 27001 ISMS
PCI DSS
Information Security Review

Data & App Security

Database Security & Protection Data Encryption & Control Enterprise Digital Rights Management Data Vulnerability Assessment Application Protection Vulnerability Assessment & Penetration Testing Web Application Firewall Data Governance

Network Security

Network Access Control Next Generation Firewall Email Security Network IPS Web Gateway Next Generation APT Next Generation DDoS Mitigation Smart DDI

Security Operation & Response

Governance Risk & Compliance Cyber Security Transaction Monitoring Compromised Card Monitoring Incident Response & Orchestration Encrypted Calls and Messaging Travel Risk Management & Crisis Avoidance Anti Phishing Services

User Security

Identity Management Single Sign On Two Factor Authentication Privileged User Password Management Insider Threat Management Endpoint Security Management Endpoint Detection & Remediation Employee Monitoring Tool

Infrastructure Security

Virtual Security SCADA Security Mobile Device Management Public Key Infrastructure Certificates

Policy & Compliance Management

NETconsent Compliance Suite File Integrity Monitoring, Network Configuration, and Compliance

Overview

ITIL SERVICE MANAGEMENT (ITSM) ISO 20000/ITIL IMPLEMENTATION
We provide ISO 20000 consulting and implementation support. This includes ISO 20000 process wise gap analysis, service catalog definition, service wise risk assessment, ISO 20000 recommendations, policy/documentation support, training, coaching, performance dashboard, internal audit, and management review leading to successful certification. Our consulting methodology for ISO 20000 consulting guarantees higher customer satisfaction for IT service delivery. We also ensure that CEO finds IT as a more profitable operations. For CIO we ensure that the IT organization is more aligned to business/customer demand.

WHAT IS ISO 20000-1:2011?
ISO/IEC 20000 is the first international standard for IT service management (ITSM).
IT service management (ITSM) is a discipline for managing information technology (IT) systems, from the customer's perspective of IT's contribution to the business. ITSM stands in deliberate contrast to technology-centered approaches to IT management and business interaction. Customers are becoming ever more sophisticated, better informed and their expectations are continuously growing. For any business, the only way to keep ahead is to provide a better level of service than the competition. But how can you demonstrate this to your customers? One way is to consider implementing an IT Service Management system that meets the requirements of an internationally recognized standard – ISO 20000. Choosing this approach means that you can apply for an independent certification body to assess the system and confirm that your IT Service Management is effective and uses best practice principles.

ISO 20000 is primarily concerned with the areas of Service Support and Service Delivery of the Information Technology function. The three key objectives are:

To align IT services with the current and future needs of the business and its customers.
To improve the quality of the IT services delivered.
To reduce the long term cost of service provision.

ISO 20000 is heavily based upon the IT Infrastructure Library (ITIL). It provides a framework that defines a set of inter-related service management processes essential for the delivery of high quality services that satisfy the business and customer requirements.

ISO 20000 is a certification standard that enables the organisation being assessed has demonstrated considerable amount of implementation in ITSM domains. If successfully certified, it means that the organisation has demonstrated the implementation and is 'continually' improving.

The standard - ISO 20000 - is divided into management system controls (Clause 4) and 5 domains (Clause 5 to 9), which is further divided into the following listed implementation requirements:

Plan new or changed services
Design and development of new or changed services
Transition of new or changed services
Service delivery processes
Service level management
Service reporting
Service continuity and availability management

Service continuity and availability requirements
Service continuity and availability plans
Service continuity and availability monitoring and testing
Budgeting and accounting for services
Capacity management

Information security management
Information security policy
Information security controls
Information security changes and incidents
Relationship processes
Business relationship management

Supplier management
Incident and service request management
Problem management
Control processes
Configuration management
Change management
Release and deployment management

WHAT IS NANJGEL SOLUTIONS APPROACH TO SUCCESSFUL ITSM – ISO 20000 CONSULTING/CERTIFICATION?

We bring our world wide experience in implementing IT service management system (SMS) in line with ISO 20000 requirements.

Phase I - Defining service catalog - this represents the Service level agreement (SLA)) between business and IT. Once accomplished the rest of the phases have clear direction.
Phase II - Determine the scope of implementation - The next phase of ISO 20000 consulting involves defining scope, risk assessment, and gap analysis resulting in determining the scope of risks and implementation.
Phase III – ISO 20000 Implementation/measurement journey - through definition of performance metrics/policy/procedure/documentation on one hand and the implementation of the gaps on the other;This phase takes the longest duration.
Phase IV – ISO 20000 Internal Audit - is the process of verifying successful implementation, on one hand, and the inclusion of ITSM principles in business life cycle on the other.
Phase V – Registration body certification

This has two stages Stage

1 – documentation, and Stage
2 – implementation verification.

Upon ISO 20000 certification what should happen in the organization?

Creates competitive advantage via the promotion of consistent and cost-effective services.
More efficient use of resources for service provision leading to cost reductions.
Lower incident volumes, faster incident resolution and less business disruption because of service failures.
Alignment of information technology services and business strategy.
The creation of a consistent approach that facilitates organizational change.
Reduced risk of not being able to meet business objectives and Service Level Agreement targets.
Higher customer satisfaction and improved reputation.
A continuous improvement in the quality of IT services.