There are two stage audits required by ISO 20000 Standard namely Internal Audits and External Audits. Internal Audits are generally conducted by Internal resources where as External Audits are to be conducted by auditors from the Certification Body.
Internal Audits for ISO 20000 Standard
Internal Audits for ISO 20000 Standard are conducted by Internal Auditors who are trained to conduct these audits. Training is imparted by External Auditors to internal auditors. External Auditors also ensure that Internal Audits are conducted in consistent and transparent manner.
Internal Auditors are selected from staff who is motivated and inspired by the organization and want to have improvement in the quality of the service deliveries and other activities. If Internal Auditors are not available then Consultants can be hired to do the job.
Generally ITSM Audit is conducted for all the processes and Internal Auditors covers all processes during Internal Audits. It can be customised to cover only processes where most of the NCs were reported in last audits or where most of the improvements scope is available.
External Audits for ISO 20000 Standard
ISO 20000 External Audits are conducted by Auditors provided by Certification Bodies. These Auditors have experience in same domain for conducting these audits. Auditors also have relevant experience of ISO 17021:2006 – a standard for Certification Bodies who provides audit and certification of Management Systems. External Audits are known to be more transparent as compared to Internal Audits conducted by Internal Auditors and provide management deeper insights into the actual status of Implementation.