ISO 20000-1 software that proves you run IT services like a grown-up

Enterprise buyers procuring managed IT increasingly demand ISO/IEC 20000-1 alongside ISO 27001. ISO-STANDARD.app is the SME-priced workspace that builds your Service Management System (SMS), evidences the process fabric, and gives buyers a Trust Center they can verify — without an ITIL consultancy contract.

Why 20000-1 matters commercially

ISO/IEC 20000-1 tells your buyer that when they hand you their production estate, you actually have processes — not a group chat. That's why it appears on RFPs alongside ISO 27001 for MSPs, managed SaaS operations and outsourced IT.

Small providers usually run genuinely good operations but can't evidence them. 20000-1 done properly turns institutional muscle memory into artifacts a buyer can inspect and a certification body can audit.

What's in the box

SMS scope & service catalogue

Define your SMS boundary, services, service levels, dependencies and customers.

Incident / problem / change processes

Records, ownership and cadence — with the ISO 20000-1 evidence points already mapped.

Configuration management

A CMDB view suited to SMEs: assets, relationships, ownership and change history without a six-figure ITSM platform.

Service reporting & reviews

Monthly service review packs, SLA achievement, customer-facing reporting — assembled in one click.

Supplier & customer management

Underpinning contracts, SLAs, OLAs — with the review cadence the standard expects.

Integrated with ISO 27001

Share risks, controls, policies and audit log with the ISMS — one workspace, two certifications.

Why MSPs and managed-SaaS providers pick us

SMS
Service Management System, ready to configure
27001+
Integrated with ISO 27001 controls & evidence
SLA
Monthly service review pack in one click
0
ITIL consultants required to start

How buyers verify you — in minutes, not weeks

Buyers procuring managed IT want proof your processes exist AND that they run. Both live here.

  1. Step 1

    Publish SMS scope on your Trust Center

    Prospective buyers see the services you cover, current SLAs and certification status — before the first call.

  2. Step 2

    Share the service review pack

    Route the last monthly review under NDA: SLA achievement, incidents, changes and improvement actions.

  3. Step 3

    Answer the operational questionnaire

    Every answer backed by process artifacts — RACI, workflows, CAB records — not marketing copy.

  4. Step 4

    Prove ongoing operation

    Management review, internal audit and CAPA cycles are logged and dated; the surveillance audit becomes documentation, not archaeology.

The artifacts buyers actually ask for

Every artifact below is generated inside the workspace, versioned, timestamped and shareable via a signed link — no last-minute PDF assembly, no "wait, which version did I send them?"

SMS scope statement and service catalogue
Incident, problem and change registers
Configuration Management Database (CMDB) snapshot
SLA / OLA / underpinning-contract library
Monthly service review packs
Continual service improvement (CSI) register
Capacity, availability and continuity plans
Supplier performance reviews with sign-off

Who it's for

Managed service provider chasing enterprise deals

Pain: Every new tender asks for both ISO 27001 and ISO 20000-1 — you have the first, not the second.

With ISO-STANDARD.app: A single workspace that reuses your ISMS evidence for the SMS, so you can announce a target certification date in the bid response.

Outsourced IT / white-label SaaS operator

Pain: Your customer wants monthly service reviews with named owners, SLAs and improvement actions — currently a spreadsheet-and-hope.

With ISO-STANDARD.app: Pre-built review pack, service catalogue and SLA tracking — reviews stop being an all-day preparation exercise.

ITSM lead in a scale-up

Pain: You've adopted ITIL practices informally, but there's no evidence a certifying body will accept.

With ISO-STANDARD.app: Framework-aligned records for every practice — incident, change, problem, config — with the audit trail auditors expect.

Deal-close moment
"We used to lose two days a month preparing customer service reviews. The one-click pack means we deliver them before the customer asks."
Head of Service Delivery, UK managed IT provider

Answers buyers, procurement and auditors want

Does this replace a ticketing system?+

No — you keep your ticketing tool. ISO-STANDARD.app runs the management system around it: scope, SLAs, reviews, audits and continual improvement.

Can it handle multiple customers with different SLAs?+

Yes — services, customers and SLAs are first-class objects; reviews are generated per customer or per service line.

Does it cover ITIL 4 practices?+

Aligned to ITIL 4 vocabulary but focused on ISO 20000-1 clauses. You get certification-grade evidence without the practice-by-practice bloat.

Can we combine this with our ISMS?+

Yes — one workspace, one set of controls and policies, mapped to both standards. The integrated management-system approach is what makes it cost-effective for SMEs.

How does it help me win deals?+

Publishing SMS scope, SLA performance and certification status on your Trust Center makes procurement diligence measurably shorter.

Related

Read the ISO 20000-1 guide. Pair with ISO 27001 or ISO 9001.

Sample ISO 20000-1 evidence you can download now

Redacted samples covering the service-management artifacts auditors and enterprise buyers expect from an SMS.

Samples are anonymised for public preview. Real exports carry your workspace branding, signed timestamps and per-control mappings.

Turn your service operation into a certifiable SMS

Define your scope, wire up your service catalogue, publish your Trust Center — and show buyers you run IT services like a grown-up.

Prefer a conversation? Email hello@iso-standard.app — a practitioner responds within one business day.

MM
Michael McCarroll
Founder · 25+ years
IT governance · Information security · AI
Why this platform exists

Enterprise-grade governance — built for the SMEs and consultants enterprise GRC forgets.

I've spent 25 years in corporate governance — aligning technology, controls and compliance with what the business is actually trying to do. Time and again, the same pattern: the organisations that win new clients aren't the ones with the biggest GRC budget. They're the ones who can demonstrate trust on demand. This platform is the tool I wanted for the SMEs and consultants I've worked with — institutional-grade governance without an institutional price tag, built on the way audits and buyer reviews actually happen.