The following basic considerations must be taken into account when determining whether an organization is suitable for certification under ISO/IEC 20000:

• The certificate can only be issued to an individual, legal entity. It is not possible to issue a joint certification with a sourcing partner.
• All the services to be covered by the management system must be defined.
• It is not a compulsory requirement for the service provider to be the owner of the underlying infrastructure.
• No commercial infrastructure agreements have any bearing on a subsequent certification.
• The roles of the supplier and service provider must be clearly defined.
• The description of the processes is irrelevant and does not have to precisely match the descriptions in the ISO/IEC 20000 standard.
• The service provider must supply evidence that it meets all the ISO/IEC 20000 requirements. 

 The question as to whether an organization is suitable to be awarded a certificate depends upon its ability to demonstrate the management controls over all ISO/IEC 20000 processes. This question cannot be answered at this point in time, particularly when many organizations work in conjunction with external partners or have even separated parts of the IT service delivery through outsourcing or co-sourcing.