Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/54779
|
| Title: | 企業如何因應ISO/IEC 20000改版之研究-以證券業為例
A moving plan for a corporation to adapt the new edition of ISO/IEC 20000:2011: a case study in securities industry. |
| Authors: | 梁維誠
Liang, Vincent |
| Contributors: | 周宣光
梁維誠
Liang, Vincent |
| Keywords: | 資訊治理
ISO/IEC 20000:2011
ITIL
ISO 20000
IT Governance
ISO/IEC 20000:2011
ITIL
ISO 20000 |
| Date: | 2011 |
| Issue Date: | 2012-10-30 11:44:31 (UTC+8) |
| Abstract: | 企業應隨著資訊科技進步,必須跟上資訊科技改變服務策略的趨勢,更要知道如何善用資訊科技,成為自身的優勢,才能在一波波新的科技浪潮中免於被吞噬的命運。
本研究對於資訊治理相關ITIL與ISO/IEC 20000進行相關文獻的探討蒐集,歸納過去研究的重點,並對於ISO於2011年發行新版ISO/IEC 20000:2011驗證,企業或組織面臨版本轉換的考驗做一探討,整理企業應透過哪些步驟修改才能夠符合改版後的ISO/IEC 20000:2011。
研究透過相關文獻與統計資料了解目前ITIL與ISO/IEC 20000的現況與台灣企業目前通過驗證的狀況,對於其版本差異進行分析研究,提出企業轉版規劃建議,並以實際個案公司(證券業)為例,對於如何調整規劃以轉換至2011版本提供一個具體可行方案。
企業從ISO/IEC 20000:2005轉換到ISO/IEC 20000:2011,因為已有舊版導入經驗,所以取得新版驗證不算困難,但是取得ISO/IEC 20000:2011驗證的組織,並非一定能讓資訊服務與業務策略緊密結合,因為ISO/IEC 20000:2011新版條文,對於服務策略部分,並沒有ITIL V3的策略發想、服務組合管理及需求管理等服務策略管理流程要求。
通過 ISO/IEC 20000:2011,必須先建立ITIL V3與ISO/IEC 20000:2011對應的管理流程,再以ISO/IEC 20000:2011為檢核方式作為組織提供資訊服務的能力與效度之驗證,最後參考ITIL V3新增的管理流程及資訊功能,補強ISO/IEC:20000:2011不足之處,才能夠由業務策略出發結合服務流程運用資訊科技提昇組織整體對外競爭力。
由於資訊科技日新月異,建議已經通過ISO/IEC 20000:2011的組織,應隨時關注ITIL版本更新,參考新增的部分強化管理流程,以彌補資訊科技演進快速,管理跟不上腳步的困境;企業不應只以取得 ISO/IEC 20000:2011驗證自滿,對於新資訊科技改變服務流程也應建立管理評估標準,以PDCA的方法論持續改善,達到真正資訊治理的目標。
It is necessary for corporations to follow the progress of information technology, to catch up with the changing trends service strategies, and to transform the information technology to become their advantages so that they will be saved from the fate of being devoured by the continuous new waves of technology.
This research includes providing literature review with respect to information governance targeting on Information Technology Infrastructure Library (ITIL) and ISO/IEC 20000, summarizing previous research works, studying the challenges that the corporations or organizations facing when moving to the new edition of ISO/IEC 20000:2011, and analyzing the steps that the corporations should take in order to be certified under the new edition.
This research surveys the current conditions of the certified companies in Taiwan under ITIL and ISO/IEC 20000 based on related literatures and statistical data. The research further analyzes the differences between editions and proposes a moving plan to the new edition. The moving plan is illustrated in a case study in securities industry with a tangible and executable solution of adjustment planning.
It is not difficult for corporations to move from ISO/IEC 20000:2005 to ISO/IEC 20000:2011 because of the experiences of introducing prior edition into the organizations. However, for organizations that pass the certification of ISO/IEC 20000:2011, it is not always the case to integrate information services and business model tightly. The problem occurs because there are no specific requirements documented in the new edition regarding service strategy management processes such as strategy generation, service portfolio management, and demand management specified in ITIL V3.
In order to be certified by ISO/IEC 20000:2011, the corporations first have to establish corresponding management processes between ITIL V3 and ISO/IEC 20000:2011. Secondly, the corporations have to verify the capability and effectiveness of providing information services within the organizations by using the ISO/IEC 20000:2011 as an auditing tool. Lastly, the corporations have to reinforce the missing part of the ISO/IEC 20000:2011 by considering the newly added management process and information functions in ITIL V3 and integrate service process from business model. Thus can promote competitive strength across the organizations
This research suggests that in order to catch up the fast pace of the technology evolution and to manage the situation of falling behind, the certified organizations should pay attention to the updates of ITIL, and consider the new additions to strengthen management processes. The corporations should not be only satisfied on passing the certification of ISO/IEC 20000:2011 but also to establish management evaluation standards for the changing service processes caused by new information technology. The corporations also should keep improving according to the PDCA methodology in order to reach the goal of real IT governance. |
| Reference: | 壹、 英文部分
1. ISO, “Information Technology - Service Management Part1:Specification”, International Standards Organisation, Switzerland, 2005.
2. ISO, “Information Technology - Service Management Part2: Code of practice”, International Standards Organisation, Switzerland, 2005.
3. ISO, “Information Technology - Service Management Part1:Service management system requirements”, International Standards Organisation, Switzerland, 2011.
4. ISO, “Information Technology - Service Management Part2: Guidance on the application of service managements system”, International Standards Organisation, Switzerland, 2011.
5. Glossary of Terms and Definitions.ITIL®V3 Glossary, v01, 30 May 2007
6. ITIL® Lite A road map to full or partial ITIL implementation, Malcolm Fry 2010
7. Office of Government Commerce (OGC), “Service Strategy”, The Stationery Office, United Kingdom, 2007.
8. Office of Government Commerce (OGC), “Service Design”, The Stationery Office, United Kingdom, 2007.
9. Office of Government Commerce (OGC), “Service Transition”, The Stationery Office, United Kingdom, 2007.
10. Office of Government Commerce (OGC), “Service Operation”, The Stationery Office, United Kingdom, 2007.
11. Office of Government Commerce (OGC), “Continual Service Improvement”, The Stationery Office, United Kingdom, 2007.
貳、 中文部分
1. 中華民國國家標準CNS20000-1,資訊技術-服務管理-第1 部:規格,2007年9 月14 日。
2. 中華民國國家標準CNS20000-2,資訊技術-服務管理-第2 部:作業規範,2007年9 月14 日。
3. 王興聖,企業導入ITIL服務管理流程之研究-以宏碁電子化資訊管理中心為例,長庚大學企業管理研究所碩士論文,2011年。
4. 林良原,以ITIL流程改善模型進行SLM導入之研究─以某證券公司資訊部門為例,國立政治大學經營管理碩士論文,2005年。
5. 侯維棟、麻德瓊、高軍、虞銜、周彥徟等,ISO 20000驗證與實踐,台灣科技化服務協會,2011。
6. 馬秀莉,探討企業同時導入ISO系列(ISO 9001、ISO 27001、ISO/IEC 20000)與CMMI之比較分析管理,國立交通大學管理學院碩士論文,2010年。
7. 陳惇仁,在推行ISO20000時,如何使服務台有效運作之研究,國立政治大學資訊管理所碩士論文,2008年。
8. 曹漢平、王強、賈素玲等,現代IT服務管理-基於ITIL的最佳實踐,清華大學,2005年。
9. 楊仁達、樂以媛、江榮倫、許譽勝、陳俊昌、陳聖棋、陳韋均、郭晉宏、陳光楷,ISO 20000導入實務案例,台灣科技化服務協會,2011年。
10. 劉丹雯,「適合台灣製造業CMDB導入方法之研究」,國立政治大學經營管理碩士論文,2007年。
11. OGC,ITIL 服務策略,2007年。
12. OGC,ITIL 服務設計,2007年。
13. OGC,ITIL 服務轉換,2007年。
14. OGC,ITIL 服務維運,2007年。
15. OGC,ITIL 持續服務改善,2007年。
參、 網站部分
1. ITIL v.3整合ITIL v.2內容 強調生命週期概念http://www.ithome.com.tw/itadm/article.php?c=44269 存取時間:2012/05/08
2. ITIL官方網站www.itil.org,存取時間:2012/05/08
3. ISO/IEC 20000 Listings –Taiwan
http://www.isoiec20000certification.com/home/ISOCertifiedOrganizations/ISOCountryListings-TW.aspx,存取時間:2012/5/25 |
| Description: | 碩士
國立政治大學
經營管理碩士學程(EMBA)
99932044
100 |
| Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0099932044 |
| Data Type: | thesis |
| Appears in Collections: | [經營管理碩士學程EMBA] 學位論文
|
Files in This Item:
| File |
Size | Format | |
|---|
| 204401.pdf | 2901Kb | Adobe PDF2 | 4007 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|
