ISO 20000:2011 or IT Service Management is a method of managing information technology activities that focuses on providing excellent service to users. The main driver of the importance of IT Service Management is the fact that the increasing dependence of an organization on information technology to achieve the objectives of the organization’s strategy and needs. This dependence has led to the growing need for high-quality information technology services, which follow the needs of the organization and the user according to their development. High-quality information technology services means increasing the efficiency and effectiveness of the use of information technology to meet organizational needs. The main objective of ITSM is to align IT services with user needs, improve the quality of IT services, and make effective use of costs for IT management.
ISO 22301:2012 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. The requirements specified in ISO 22301:2012 are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment and complexity.
The Information Security Management System is a management plan that specifies the needs needed for implementing security controls that have been tailored to the needs of the organization. ISMS is designed to protect information assets from all security problems. ISO 27001 is a series of international standards for information security management. The ISO / IEC 27001: 2013 standard is a process of applying security management controls within an organization to obtain security services in order to minimize asset risk and ensure the sustainability of a business.
IT Compliance is a process that meets the requirements of third parties for digital security with the aim of enabling business operations in certain markets or with certain customers. IT compliance services help organizations to comply with various standards in the IT field. Following are some of the standards that are popular in the IT field: ISO 20000 (IT Service Manamegement), ISO 27000 (Information Security), ISO 22301 (Business Continuity Management), POJK 12 Tahun 2018, POJK 38 Tahun 2016, PCI-DSS.