Return to search

企業如何因應ISO/IEC 20000改版之研究-以證券業為例 / A moving plan for a corporation to adapt the new edition of ISO/IEC 20000:2011: a case study in securities industry.

企業應隨著資訊科技進步,必須跟上資訊科技改變服務策略的趨勢,更要知道如何善用資訊科技,成為自身的優勢,才能在一波波新的科技浪潮中免於被吞噬的命運。

本研究對於資訊治理相關ITIL與ISO/IEC 20000進行相關文獻的探討蒐集,歸納過去研究的重點,並對於ISO於2011年發行新版ISO/IEC 20000:2011驗證,企業或組織面臨版本轉換的考驗做一探討,整理企業應透過哪些步驟修改才能夠符合改版後的ISO/IEC 20000:2011。

研究透過相關文獻與統計資料了解目前ITIL與ISO/IEC 20000的現況與台灣企業目前通過驗證的狀況,對於其版本差異進行分析研究,提出企業轉版規劃建議,並以實際個案公司(證券業)為例,對於如何調整規劃以轉換至2011版本提供一個具體可行方案。

企業從ISO/IEC 20000:2005轉換到ISO/IEC 20000:2011,因為已有舊版導入經驗,所以取得新版驗證不算困難,但是取得ISO/IEC 20000:2011驗證的組織,並非一定能讓資訊服務與業務策略緊密結合,因為ISO/IEC 20000:2011新版條文,對於服務策略部分,並沒有ITIL V3的策略發想、服務組合管理及需求管理等服務策略管理流程要求。

通過 ISO/IEC 20000:2011,必須先建立ITIL V3與ISO/IEC 20000:2011對應的管理流程,再以ISO/IEC 20000:2011為檢核方式作為組織提供資訊服務的能力與效度之驗證,最後參考ITIL V3新增的管理流程及資訊功能,補強ISO/IEC:20000:2011不足之處,才能夠由業務策略出發結合服務流程運用資訊科技提昇組織整體對外競爭力。

由於資訊科技日新月異,建議已經通過ISO/IEC 20000:2011的組織,應隨時關注ITIL版本更新,參考新增的部分強化管理流程,以彌補資訊科技演進快速,管理跟不上腳步的困境;企業不應只以取得 ISO/IEC 20000:2011驗證自滿,對於新資訊科技改變服務流程也應建立管理評估標準,以PDCA的方法論持續改善,達到真正資訊治理的目標。 / It is necessary for corporations to follow the progress of information technology, to catch up with the changing trends service strategies, and to transform the information technology to become their advantages so that they will be saved from the fate of being devoured by the continuous new waves of technology.

This research includes providing literature review with respect to information governance targeting on Information Technology Infrastructure Library (ITIL) and ISO/IEC 20000, summarizing previous research works, studying the challenges that the corporations or organizations facing when moving to the new edition of ISO/IEC 20000:2011, and analyzing the steps that the corporations should take in order to be certified under the new edition.

This research surveys the current conditions of the certified companies in Taiwan under ITIL and ISO/IEC 20000 based on related literatures and statistical data. The research further analyzes the differences between editions and proposes a moving plan to the new edition. The moving plan is illustrated in a case study in securities industry with a tangible and executable solution of adjustment planning.

It is not difficult for corporations to move from ISO/IEC 20000:2005 to ISO/IEC 20000:2011 because of the experiences of introducing prior edition into the organizations. However, for organizations that pass the certification of ISO/IEC 20000:2011, it is not always the case to integrate information services and business model tightly. The problem occurs because there are no specific requirements documented in the new edition regarding service strategy management processes such as strategy generation, service portfolio management, and demand management specified in ITIL V3.

In order to be certified by ISO/IEC 20000:2011, the corporations first have to establish corresponding management processes between ITIL V3 and ISO/IEC 20000:2011. Secondly, the corporations have to verify the capability and effectiveness of providing information services within the organizations by using the ISO/IEC 20000:2011 as an auditing tool. Lastly, the corporations have to reinforce the missing part of the ISO/IEC 20000:2011 by considering the newly added management process and information functions in ITIL V3 and integrate service process from business model. Thus can promote competitive strength across the organizations

This research suggests that in order to catch up the fast pace of the technology evolution and to manage the situation of falling behind, the certified organizations should pay attention to the updates of ITIL, and consider the new additions to strengthen management processes. The corporations should not be only satisfied on passing the certification of ISO/IEC 20000:2011 but also to establish management evaluation standards for the changing service processes caused by new information technology. The corporations also should keep improving according to the PDCA methodology in order to reach the goal of real IT governance.

Identiferoai:union.ndltd.org:CHENGCHI/G0099932044
Creators梁維誠, Liang, Vincent
Publisher國立政治大學
Source SetsNational Chengchi University Libraries
Language中文
Detected LanguageEnglish
Typetext
RightsCopyright © nccu library on behalf of the copyright holders

Page generated in 0.002 seconds