IT service management ISO IEC 20000 Standard eases transition to cloud computing for Orange Business

Issue 39 – June 2012

This article by Axel Haentjens, Vice President of Cloud Computing at Orange Business Services, first appeared in ISO Focus+ May 2012 and is summarised here with permission from ISO.

Cloud computing – the delivery of computation, software applications, data access, management and storage resources 'from the cloud', that is from infrastructure at a remote location, has grown into a multi-billion euro market since its birth in 2007. Finding a global information and communications technology (ICT) provider certified to ISO/IEC 20000-1:2011 Information technology – Service management – Part 1: Service management system requirements, is one way to mitigate the doubts and fears of organisations evaluating their entrée into the world of cloud computing.

By 2014, sales of cloud computing products and services are expected to generate nearly EUR 43 billion in annual revenue, and the cloud computing model will propel information technology (IT) growth and expansion for the next 20 years, according to market intelligence provided by the International Data Corporation (IDC). Today, the model promises enterprises great benefits in terms of IT agility, flexibility, scalability, and cost reductions.

Some hesitation

hanks to cloud computing, organisations can have access to powerful and flexible computing capabilities – and with more flexibility than ever, they can externalise all or part of their information systems, workspaces, servers, applications, and storage.

This allows organisations to personalise computing infrastructures to their needs and to the specific requirements of their industry. However, some hesitate when considering the promise of cloud computing.

Trust and cloud computing adoption go hand-in-hand. Migrating to the cloud raises questions and concerns for enterprise customers, particularly related to their secure, business-critical applications. Finding an International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 20000-certified ICT provider is one way to ease the doubts of those companies considering the transition.

ISO/IEC 20000 key to customer trust

ISO/IEC 20000 implementation and certification is the logical objective of a global ICT provider like Orange Business Services. The release of the latest 2011 version of the international Standard completes our alignment with Information Technology Infrastructure Library (ITIL) V3 (2011) IT qualifications, and enables us to validate our alignment with the widely adopted ITIL IT service management approach by speaking the same language as most of our multinational customers globally.

This strategic process baseline, necessary to deliver ICT services successfully, provides a stable launch pad for cloud computing services. These Standards have helped us improve our processes, performance, and quality of delivery.

Without such a solid process baseline, the complexities of cloud computing would be difficult to attain. For example, we must master change and configuration management in a standard IT environment before launching into the cloud, and our product development processes must work well.

Integrating certifications for greater impact

Orange Business Services is a global organisation delivering services in more than 220 countries and territories with a physical presence in 166. To deliver services on such a global scale, we operate seamless global processes managed under a corporate governance model that applies worldwide.

The model is under the stewardship of global process sponsors and owners, as well as the corporate quality organisation.

These processes underpin the delivery of our services, and together these roles ensure that the business and performance objectives are met through a system of controls, regular review and process scorecards. The evolution and improvement of the processes are defined in process roadmaps, in terms of operational objectives, performance, quality, and security.

This governance model is underpinned by our ISO 9001 quality, ISO/IEC 20000 IT service and ISO/IEC 27001 information security management system certifications – and the common governance requirements and continuous improvement loops inherent in all three Standards.

A decision was made from the beginning to introduce these Standards progressively and in an integrated manner, based on the Orange Business Services governance model, and built on our initial corporate ISO 9001 certification. This gives Orange a regularly audited and certified quality management system based on best practice ICT service management processes, underpinned by a standard set of security controls.

We have even gone a step further than the ISO management system Standards, by integrating International Standard on Assurance Engagements (ISAE) 3402, the new international standard for service organisation assurance engagements, into our governance model.

To be clear, these standards are integrated at the process and operational level, given that the underlying audit system is not harmonised across ISO and ISAE. Furthermore, from 2013 we plan to integrate our ISO 14001 environmental management system as well.

Standards support cloud objectives

Orange Business Services is successfully delivering on its promise and creating notable momentum in the cloud computing market. The company has confirmed its cloud computing ambition and strategy as part of its 'Conquests 2015' programme.

Cloud computing is one of the key growth drivers defined by Orange in its 5-year plan, and we aim to generate EUR 500 million via the cloud model in 2015. It is also part of our own service transformation programme.

Launching these sophisticated services would be very difficult without the springboard provided by our integrated management system and governance model. Our ITIL V3 aligned processes for IT delivery have been improved over a number of years through our programme of ISO management system standards (MSS). For example, we have developed and optimised the operation of our change advisory board and our problem management process to take advantage of these management system certifications. The improved productivity and customer satisfaction that results go hand-in-hand with the targeted growth we are seeking.

Standards underpin global market strategy

Not surprisingly, our global customer base expects Orange Business Services to achieve certifications on an international level. Today more than ever, our customers and markets are seeking additional assurance that their service providers are audited regularly to ensure expected service levels wherever they are providing services. ITIL processes, ISO MSS, and ISAE assurance reports help us to convince our customers that Orange is more than capable of delivering to their expectations.

Cloud computing creates numerous market opportunities for organisations, and helps address many of their IT challenges. By optimising IT infrastructures and enhancing productivity, cloud computing can enable companies to do more with their IT budgets.

However, choosing the right cloud computing service provider is critical.

Orange Business Services encourages enterprise customers to assess providers by looking at the certifications they hold that address the challenges of cloud computing.

By choosing an ISO/IEC 20000-certified provider, enterprises can have the assurance they need to take the first step in the cloud computing journey. As a result, they will achieve clear business benefits backed by essential global quality, services, and security management standards.

We participate with the Distributed Management Task Force (DMTF) in its Cloud Management Work Group to advance international cloud computing and virtualisation management standards that will allow more choice for IT customers via interoperability and portability between cloud environments. In addition, Orange has joined the Cloud Security Alliance as a corporate member to lend its global expertise to promoting best practices for security within cloud computing.

The objective of Orange Business Services it to make it easy for enterprises to access the IT resources they need by providing a one-stop-shop for a range of cloud computing services. By taking an integrated approach, Orange can deliver network and IT 'as-a-service' with end-to-end service level commitments wherever our customers do business.

Note: You can order ISO and IEC Standards from or call 0800 782 632 during business hours or email Members of Standards New Zealand receive a 20% discount on all Standards. Visit our membership page for more information.

Related Touchstone articles

Published in business and ICT.

You may be interested in these Standards: