ISO (the International Organisation for Standardisation) and IEC (the International Electrotechnical Commission) form the specialised system for worldwide standardisation. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organisation to deal with particular fields of technical activity. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.

The relationship between information security management and service management is so close that many organisations already recognise the benefits of adopting the two International Standards for these domains. There are a number of advantages in implementing an integrated management system.

Benefits:

• Enhanced credibility, with internal and external customers

• Lower cost of an integrated programme of two projects

• Reduction in implementation time due to the integrated development of processes common to both standards

• Better communication, reduced cost and improved operational efficiency through elimination of unnecessary duplication

•  a greater understanding by service management

This International Standard is intended for use by persons with knowledge of both of the International Standards ISO/IEC 27001 (information security management system (ISMS) and ISO/IEC 20000-1 (a service management system (SMS)) and provides guidance on the implementation of both international standards.