ISO/IEC TR 20000-9:2015 provides guidance on the use of ISO/IEC 200001:2011 for service providers delivering cloud services. It is applicable to different categories of cloud service, such as those defined in ISO/IEC 17788/ITU-T Y.3500 and ISO/IEC 17789/ITU-T Y.3502, including, but not limited to, the following:
a) infrastructure as a service (IaaS);
b) platform as a service (PaaS);
c) software as a service (SaaS).
It is also applicable to public, private, community, and hybrid cloud deployment models.
The applicability of ISO/IEC 200001 is independent of the type of technology or service model used to deliver the services. All requirements in ISO/IEC 200001 can be applicable to cloud service providers.
The structure of ISO/IEC TR 20000-9:2015 does not follow the structure of ISO/IEC 200001. The guidance is presented as a set of scenarios that can address many of the typical activities of a cloud service provider. The guidance in ISO/IEC TR 20000-9:2015 can also be useful for customers of cloud service providers.
This part of ISO/IEC TR 20000-9:2015 can be used as guidance for a cloud service provider in designing, managing, or improving an SMS to support cloud services.
ISO/IEC TR 20000-9:2015 does not add any requirements to those stated in ISO/IEC 200001 and does not state explicitly how evidence can be provided to an assessor or auditor. The scope of ISO/IEC TR 20000-9:2015 excludes any specifications for products or tools.