ISO/IEC 20000-9:2015 is a part of an information technology series of standards. It provides recommendations on how to use ISO/IEC 20000-1:2011 by service providers who are delivering cloud services.



Why is ISO/IEC 20000-9:2015 required?

The guidance provided by ISO/IEC 20000-9:2015 could be used by the cloud service providers of various deployment models like private, public, hybrid and community cloud. This is also useful for the customers subscribing to cloud services to host their workloads. The Standard of ISO/IEC Technical Rule 20000-9 could be implemented and certified together with the Base Standard ISO/IEC 20000-1 for IT Service Management.

This guidance is represented as a set of 15 different scenarios that addresses the various activities taking place in the life cycle of cloud service. Each of the scenario listed includes references to the applicable and pertinent requirements that have been specified by ISO/IEC 20000-1.

S01 Identify the context for service management of cloud services
S02 Establish strategy and plan for management of cloud services
S03 Provide a catalogue of cloud services
S04 Identify and manage service requirements for cloud services
S05 Design and develop a new cloud service
S06 Establish a service relationship with the cloud customer
S07 Establish a cloud service agreement
S08 Onboarding the customer
S09 Deliver and operate the cloud services
S10 Monitor and report cloud services
S11 Manage resources for cloud services
S12 Check and improve the SMS and cloud services
S13 Terminate a cloud service contract
S14 Transfer a cloud service
S15 Remove a cloud service


Is Tata Communications ISO/TR 20000-9:2015 certified?

Tata Communications has achieved ISO/TR 20000-9: 2015 certification of Information Security Management System (ISMS) for the delivery of managed cloud services – IZO Private Cloud and IZO Cloud Storage by GSMC.

ISO/IEC 27017: 2015 in-scope services:

IZO Private Cloud & IZO Cloud Storage In-Scope services
Compute Cloud services, Virtual Services, Auto Scaling
Network VPN Gateway, Load balancer, switches, router, WAF, Firewall, NFV
Storage/ Backup Block, File and ICS (Object) backup
Scheduled data backup and data restoration
Database Managed Oracle, MS-SQL, DB2 or MySQL database administration
Middleware Managed Middleware service is offered on applications including JBOSS; TOMCAT; Apache
Application maintenance
Hypervisor VMware, Hyper-V and KVM
Load balancer Static, Dynamic, Persistence : NFV-Virtual Appliance, Physical Appliance
Security SIEM, DDoS detection & mitigation, firewall monitoring & management, WAF, UTM and network based vUTM – SIGS, Managed and monitoring IDS/IPS, OAuth


Review all of our global compliance programs

Contact us

Contact us to learn how we can help you unleash collaboration, creativity, and commercial innovation.