ISO IEC 19770-11-2021 PDF

Full title and description

Information technology — IT asset management — Part 11: Requirements for bodies providing audit and certification of IT asset management systems. This part of ISO/IEC 19770 specifies requirements and provides guidance for certification bodies that audit and certify IT asset management systems (ITAMS), supplementing the requirements of ISO/IEC 17021‑1 and referencing the ITAMS requirements in ISO/IEC 19770‑1.

Abstract

This document specifies requirements and provides guidance for certification bodies providing audit and certification of an ITAMS in accordance with ISO/IEC 19770‑1. It does not change the normative requirements of ISO/IEC 19770‑1. The standard can also be used by accreditation bodies for the accreditation of certification bodies, while not prescribing how accreditation bodies should audit certification bodies. It is intended to ensure consistent, reliable certification of IT asset management systems through defined competence, impartiality, process and management requirements.

General information

• Status: Published / Current
• Publication date: June 2021
• Publisher: International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC)
• ICS / categories: 35.080 (Software); 03.120.20 (Certification, conformity assessment)
• Edition / version: Edition 1 (2021)
• Number of pages: 16

Scope

ISO/IEC 19770‑11:2021 defines requirements and guidance for bodies that perform audits and grant certification of an IT asset management system (ITAMS) against the requirements in ISO/IEC 19770‑1. The scope covers organizational, procedural and competence requirements for certification bodies, management of impartiality, legal and contractual matters, auditor competence and audit processes, and related requirements needed to provide consistent and credible certification of ITAMS. It is applicable to certification bodies and is informative for accreditation bodies, though it does not establish accreditation processes for those accreditation bodies.

Key topics and requirements

• Requirements for certification body organisation, governance and legal/contractual arrangements.
• Management of impartiality and conflicts of interest specific to ITAMS certification.
• Alignment and complementarity with ISO/IEC 17021‑1 (requirements for bodies providing audit and certification of management systems).
• Competence criteria for auditors and technical experts in IT asset management and software asset management (SAM).
• Audit and certification processes: initial certification, surveillance, recertification and handling of nonconformities.
• Confidentiality, information security and record‑keeping expectations for certification bodies.
• Liability, financing and assurances to maintain impartiality and independence.
• Requirements for handling complaints, appeals and public claims about certification.

Typical use and users

Primary users are certification bodies that provide audits and certification of IT asset management systems, and accreditation bodies that oversee certification bodies. Secondary users include organizations seeking ITAMS certification (to demonstrate conformity with ISO/IEC 19770‑1), IT asset management auditors, SAM consultants, purchasers of certification services, and regulators or stakeholders evaluating the credibility of ITAMS certifications.

Related standards

ISO/IEC 19770‑1 (IT asset management — Requirements), ISO/IEC 17021‑1 (Conformity assessment — Requirements for bodies providing audit and certification of management systems), and other parts of the ISO/IEC 19770 series (for example parts 2, 3, 4, 5 and 8) that cover tags, entitlement schemas, guidance and related ITAM topics.

Keywords

IT asset management, ITAMS, software asset management (SAM), certification body, audit, accreditation, ISO/IEC 19770, ISO/IEC 17021, impartiality, auditor competence, surveillance, conformity assessment.

FAQ

Q: What is this standard?

A: ISO/IEC 19770‑11:2021 is a part of the ISO/IEC 19770 family that specifies requirements and guidance for bodies that audit and certify IT asset management systems, ensuring consistent and credible certification practices.

Q: What does it cover?

A: It covers organizational and procedural requirements for certification bodies (management of impartiality, legal and contractual matters, auditor competence, audit cycles, confidentiality, complaints and record keeping) as they apply to certification of ITAMS against ISO/IEC 19770‑1.

Q: Who typically uses it?

A: Certification bodies and their auditors, accreditation bodies, organizations seeking ITAMS certification, SAM consultants, and stakeholders who need assurance about the rigour and credibility of IT asset management certification.

Q: Is it current or superseded?

A: As published in June 2021, ISO/IEC 19770‑11:2021 is the current first edition. Users should check with ISO or their national standards body for any amendments or later revisions if up‑to‑date status is required.

Q: Is it part of a series?

A: Yes — it is part of the ISO/IEC 19770 series on IT software/asset management. It is specifically the Part 11 document addressing requirements for certification bodies and links directly to ISO/IEC 19770‑1.

Q: What are the key keywords?

A: IT asset management, ITAMS, software asset management, audit, certification body, accreditation, impartiality, ISO/IEC 19770, ISO/IEC 17021, auditor competence.