For the purposes of this document, the following terms and definitions apply. 

ISO and IEC maintain terminological databases for use in standardization at the following addresses: 

— IEC Electropedia: available at http:/ /www.electropedia.org/ 

— ISO Online browsing platform: available at https:/ /www.iso.org/obp

item, thing or entity that has potential or actual value to an organization (3.1.14) 

Note 1 to entry: Value can be tangible or intangible, financial or non-financial, and includes consideration of risks (3.1.20) and liabilities. It can be positive or negative at different stages of the asset life. 

Note 2 to entry: Physical assets usually refer to equipment, inventory and properties owned by the organization. Physical assets are the opposite of intangible assets, which are non-physical assets such as leases, brands, digital assets, use rights, licences, intellectual property rights, reputation or agreements. 

Note 3 to entry: A grouping of assets referred to as an asset system could also be considered as an asset. 

Note 4 to entry: An asset can also be a configuration item (3.2.2). Some configuration items are not assets. 

[SOURCE: ISO/IEC 19770-5:2015, 3.2, modified — Note 4 to entry contains new content.] 

CI element that needs to be controlled in order to deliver a service (3.2.15) or services 

organization (3.1.14) or part of an organization that receives a service (3.2.15) or services EXAMPLE Consumer, client, beneficiary, sponsor, purchaser. 

Note 1 to entry: A customer can be internal or external to the organization delivering the service or services. 

Note 2 to entry: A customer can also be a user (3.2.28). A customer can also act as a supplier. 

another party that is external to the organization that enters into a contract to contribute to the planning, design, transition (3.2.27), delivery or improvement of a service (3.2.15), service component (3.2.18) or process (3.1.18) 

Note 1 to entry: External suppliers include designated lead suppliers but not their sub-contracted suppliers. 

Note 2 to entry: If the organization in the scope of the SMS is part of a larger organization, the other party is external to the larger organization.

unplanned interruption to a service (3.2.15), a reduction in the quality of a service or an event that has not yet impacted the service to the customer (3.2.3) or user (3.2.28) 

preservation of confidentiality, integrity and availability of information 

Note 1 to entry: In addition, other properties such as authenticity, accountability, non-repudiation and reliability can also be involved. 

[SOURCE: ISO/IEC 27000:2018, 3.28] 

single or a series of unwanted or unexpected information security (3.2.6) events that have a significant probability of compromising business operations and threatening information security 

[SOURCE: ISO/IEC 27000:2018, 3.31] 

part of a larger organization (3.1.14) that is outside the scope of the SMS (3.2.23) that enters into a documented agreement to contribute to the planning, design, transition (3.2.27), delivery or improvement of a service (3.2.15), service component (3.2.18) or process (3.1.18) 

EXAMPLE Procurement, infrastructure, finance, human resources, facilities. 

Note 1 to entry: The internal supplier and the organization in the scope of the SMS are both part of the same larger organization. 

problem (3.2.10) that has an identified root cause or a method of reducing or eliminating its impact on a service (3.2.15) 

cause of one or more actual or potential incidents (3.2.5) 

specified way to carry out an activity or a process (3.1.18) 

Note 1 to entry: Procedures can be documented or not. 

[SOURCE: ISO 9000:2015, 3.4.5] 

document stating results achieved or providing evidence of activities performed 

EXAMPLE Audit (3.1.1) reports, incident (3.2.5) details, list of training delegates, minutes of meetings. 

Note 1 to entry: Records can be used, for example, to formalize traceability and to provide evidence of verification, preventive action and corrective action (3.1.5). 

Note 2 to entry: Generally, records need not be under revision control. 

[SOURCE: ISO 9000:2015, 3.8.10, modified — EXAMPLE has been added.]

collection of one or more new or changed services (3.2.15) or service components (3.2.18) deployed into the live environment as a result of one or more changes 

proposal for a change to be made to a service (3.2.15), service component (3.2.18) or the SMS (3.2.23) Note 1 to entry: A change to a service includes the provision of a new service, transfer of a service or the removal of a service that is no longer required. 

means of delivering value for the customer (3.2.3) by facilitating outcomes the customer wants to achieve 

Note 1 to entry: Service is generally intangible. 

Note 2 to entry: The term service as used in this document means the service or services in the scope of the SMS (3.2.23). Any use of the term service with a different intent is distinguished clearly. 

ability of a service (3.2.15) or service component (3.2.18) to perform its required function at an agreed time or over an agreed period of time 

Note  1  to  entry:  Service availability can be expressed as a ratio or percentage of the time that the service or service component is actually available for use compared to the agreed time. 

documented information about services that an organization provides to its customers 

part of a service (3.2.15) that when combined with other elements will deliver a complete service 

EXAMPLE Infrastructure, applications, documentation, licences, information, resources, supporting services. Note 1 to entry: A service component can include configuration items (3.2.2), assets (3.2.1) or other elements. 

capability to deliver a service (3.2.15) without interruption, or with consistent availability as agreed 

Note 1 to entry: Service continuity management can be a subset of business continuity management. ISO 22301 is a management system standard for business continuity management. 

SLA 

documented agreement between the organization (3.1.14) and the customer (3.2.3) that identifies services (3.2.15) and their agreed performance 

Note  1  to entry:  A service level agreement can also be established between the organization and an external supplier (3.2.4), an internal supplier (3.2.8) or a customer acting as a supplier. 

Note 2 to entry: A service level agreement can be included in a contract or another type of documented agreement. 

specific measurable characteristic of a service (3.2.15) that an organization (3.1.14) commits to

set of capabilities and processes (3.1.18) to direct and control the organization’s (3.1.14) activities and resources for the planning, design, transition (3.2.27), delivery and improvement of services (3.2.15) to deliver value (3.2.29) 

Note 1 to entry: This document provides a set of requirements that are split into clauses and sub-clauses. Each organization can choose how to combine the requirements into processes. The sub-clauses can be used to define the processes of the organization’s SMS. 

SMS 

management system (3.1.9) to direct and control the service management (3.2.22) activities of the organization (3.1.14) 

Note  1  to  entry:  An SMS includes service management policies (3.1.17), objectives (3.1.13), plans, processes (3.1.18), documented information and resources required for the planning, design, transition (3.2.27), delivery and improvement of services to meet the requirements (3.1.19) specified in this document. 

organization (3.1.14) that manages and delivers a service (3.2.15) or services to customers (3.2.3) 

request for information, advice, access to a service (3.2.15) or a pre-approved change 

needs of customers (3.2.3), users (3.2.28) and the organization (3.1.14) related to the services (3.2.15) and the SMS (3.2.23) that are stated or obligatory 

Note 1 to entry: In the context of an SMS (3.2.23), service requirements are documented and agreed rather than generally implied. There can also be other requirements such as legal and regulatory requirements. 

activities involved in moving a new or changed service (3.2.15) to or from the live environment 

individual or group that interacts with or benefits from a service (3.2.15) or services 

Note 1 to entry: Examples of users include a person or community of people. A customer (3.2.3) can also be a user. 

importance, benefit or usefulness 

EXAMPLE Monetary value, achieving service outcomes, achieving service management (3.2.22) objectives (3.1.13), customer retention, removal of constraints. 

Note 1 to entry: The creation of value from services (3.2.15) includes realizing benefits at an optimal resource level while managing risk (3.1.20). An asset (3.2.1) and a service (3.2.15) are examples that can be assigned a value.

Xem thêm:

• Hệ thống Quản lý Dịch vụ CNTT là gì ? tại LINK

• Lợi ích của Hệ thống Quản lý An toàn Thông tin đối với doanh nghiệp ? tại LINK

• Chứng nhận hệ thống quản lý dịch vụ CNTT ISO 20000

SẴN SÀNG ĐỂ BẮT ĐẦU HÀNH TRÌNH ĐẠT CHỨNG NHẬN ISO 20000 ?

Chúng tôi sẽ cung cấp cho bạn một thông tin rõ ràng về chi phí đạt được và duy trì chứng nhận ISO 20000.

 
  👉 ẤN VÀO ĐÂY

  

Nếu bạn chưa sẵn sàng? Gọi cho chúng tôi theo số 091 203 5885 hoặc yêu cầu gọi lại để thảo luận về các yêu cầu chứng nhận ISO 20000 của bạn.