ISO/IEC 20000-9:2015 is a part of an information technology series of standards. It provides recommendations on how to use ISO/IEC 20000-1:2011 by service providers who are delivering cloud services.
Why is ISO/IEC 20000-9:2015 required?
The guidance provided by ISO/IEC 20000-9:2015 could be used by the cloud service providers of various deployment models like private, public, hybrid and community cloud. This is also useful for the customers subscribing to cloud services to host their workloads. The Standard of ISO/IEC Technical Rule 20000-9 could be implemented and certified together with the Base Standard ISO/IEC 20000-1 for IT Service Management.
This guidance is represented as a set of 15 different scenarios that addresses the various activities taking place in the life cycle of cloud service. Each of the scenario listed includes references to the applicable and pertinent requirements that have been specified by ISO/IEC 20000-1.
| S01 | Identify the context for service management of cloud services |
| S02 | Establish strategy and plan for management of cloud services |
| S03 | Provide a catalogue of cloud services |
| S04 | Identify and manage service requirements for cloud services |
| S05 | Design and develop a new cloud service |
| S06 | Establish a service relationship with the cloud customer |
| S07 | Establish a cloud service agreement |
| S08 | Onboarding the customer |
| S09 | Deliver and operate the cloud services |
| S10 | Monitor and report cloud services |
| S11 | Manage resources for cloud services |
| S12 | Check and improve the SMS and cloud services |
| S13 | Terminate a cloud service contract |
| S14 | Transfer a cloud service |
| S15 | Remove a cloud service |
Is Tata Communications ISO/TR 20000-9:2015 certified?
Tata Communications has achieved ISO/TR 20000-9: 2015 certification of Information Security Management System (ISMS) for the delivery of managed cloud services – IZO Private Cloud and IZO Cloud Storage by GSMC.
ISO/IEC 27017: 2015 in-scope services:
| IZO Private Cloud & IZO Cloud Storage | In-Scope services |
| Compute | Cloud services, Virtual Services, Auto Scaling |
| Network | VPN Gateway, Load balancer, switches, router, WAF, Firewall, NFV |
| Storage/ Backup | Block, File and ICS (Object) backup Scheduled data backup and data restoration |
| Database | Managed Oracle, MS-SQL, DB2 or MySQL database administration |
| Middleware | Managed Middleware service is offered on applications including JBOSS; TOMCAT; Apache Application maintenance |
| Hypervisor | VMware, Hyper-V and KVM |
| Load balancer | Static, Dynamic, Persistence : NFV-Virtual Appliance, Physical Appliance |
| Security | SIEM, DDoS detection & mitigation, firewall monitoring & management, WAF, UTM and network based vUTM – SIGS, Managed and monitoring IDS/IPS, OAuth |
ABOUT ISO/IEC 20000-9:2015
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
Contact us
Contact us to learn how we can help you unleash collaboration, creativity, and commercial innovation.