ISO/IEC TR 20000-7:2019 信息技术服务管理第7部分：ISO/IEC 20000-1：2018到ISO 9001：2015和ISO/IEC 27001：2013的集成和关联指南

标准编号：ISO/IEC TR 20000-7:2019

中文名称：信息技术服务管理第7部分：ISO/IEC 20000-1：2018到ISO 9001：2015和ISO/IEC 27001：2013的集成和关联指南

英文名称：Information technology — Service management — Part 7: Guidance on the integration and correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013

发布日期：2019-07

标准范围

ISO/IEC TR 20000-7:20 19本文件为ISO/IEC 20000-1中规定的服务管理系统（SMS）与ISO 9001中规定的质量管理系统（QMS）和ISO/IEC 27001中规定的信息安全管理系统（ISMS）的集成实施提供了指导。它针对的是那些打算:a)在已经实施ISO/IEC 20000-1时实施ISO 9001，反之亦然；b)当ISO/IEC 20000-1已经实施时，实施ISO/IEC 27001，反之亦然；c)同时实施ISO 9001和ISO/IEC 20000-1，或同时实施ISO/IEC 27001和ISO/IEC 20000-1；d)同时实施ISO/IEC 20000-1、ISO 9001和ISO/IEC 27001；或e)整合基于ISO/IEC 20000-1、ISO 9001和ISO/IEC 27001的现有管理体系。在实践中，SMS、QMS或ISMS也可以与其他管理系统标准（MSS）集成，例如ISO 22301或ISO 55001。第4条介绍了ISO/IEC 20000-1、ISO/IEC指令第1部分中规定的MSS的HLS以及MSS集成的注意事项。第5条介绍了ISO 9001、与ISO/IEC 20000-1的共性和差异以及SMS与QMS集成的注意事项。第6条介绍了ISO/IEC 27001、与ISO/IEC 20000-1的共性和差异以及SMS与ISMS集成的注意事项。第7条着眼于SMS、QMS和ISMS集成的注意事项。本文件还提供了ISO/IEC 20000-1与ISO 9001和ISO/IEC 27001的相关性见附录A.ISO/IEC 20000-1条款与ISO 9001的相关性见附录B.ISO/IEC 20000-1条款与ISO/IEC 27001的相关性见附录C。

ISO/IEC TR 20000-7:2019 This document provides guidance on the integrated implementation of a service management system (SMS) as specified in ISO/IEC 20000-1 with a quality management system (QMS) as specified in ISO 9001 and an information security management system (ISMS) as specified in ISO/IEC 27001. It is aimed at those organizations that are intending to either:
a) implement ISO 9001 when ISO/IEC 20000-1 is already implemented, or vice versa;
b) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa;
c) implement both ISO 9001 and ISO/IEC 20000-1 together, or implement both ISO/IEC 27001 and ISO/IEC 20000-1 together;
d) implement ISO/IEC 20000-1, ISO 9001 and ISO/IEC 27001 together; or
e) integrate existing management systems based on ISO/IEC 20000-1, ISO 9001 and ISO/IEC 27001.
In practice, an SMS, QMS or ISMS can also be integrated with other management system standards (MSS), such as ISO 22301 or ISO 55001.
Clause 4 provides an introduction to ISO/IEC 20000-1, the HLS of MSS specified in ISO/IEC Directives Part 1 and considerations for the integration of an MSS.
Clause 5 provides an introduction to ISO 9001, commonalities and differences with ISO/IEC 20000-1 and considerations for the integration of an SMS with a QMS.
Clause 6 provides an introduction to ISO/IEC 27001, commonalities and differences with ISO/IEC 20000-1 and considerations for the integration of an SMS with an ISMS.
Clause 7 looks at considerations for the integration of an SMS, a QMS, and an ISMS.
This document also provides correlation information for the terms and definitions of ISO/IEC 20000-1 with ISO 9001 and ISO/IEC 27001 in Annex A. Correlation of the clauses of ISO/IEC 20000-1 with ISO 9001 is shown in Annex B. Correlation of the clauses of ISO/IEC 20000-1 with ISO/IEC 27001 is shown in Annex C.

ISO/IEC TR 20000-7:2019 信息技术 服务管理 第7部分：ISO/IEC 20000-1：2018到ISO 9001：2015和ISO/IEC 27001：2013的集成和关联指南

标准范围

标准预览图

ISO/IEC TR 20000-7:2019 信息技术服务管理第7部分：ISO/IEC 20000-1：2018到ISO 9001：2015和ISO/IEC 27001：2013的集成和关联指南