ITSM Maturity Assessment

2012

Table of Contents
Introduction .................................................................................................................................................. 2 What is ITSM? ........................................................................................................................................... 2 What is ITIL®.............................................................................................................................................. 2 Is ITS doing ITSM today? ........................................................................................................................... 3 Where is ITS in relation to ITIL® best practices? ....................................................................................... 3 Readiness and Awareness Assessment......................................................................................................... 5 Overall Results .......................................................................................................................................... 5 Detailed Results ........................................................................................................................................ 6 Analysis and Recommendations ............................................................................................................... 7 Process Maturity Assessment ....................................................................................................................... 9 Overall Results ........................................................................................................................................ 10 Detailed Results ...................................................................................................................................... 11 Analysis and Recommendations ............................................................................................................. 20 Incident Management (1.33) .............................................................................................................. 20 Problem Management (0.87) .............................................................................................................. 21 Service Desk (2.04) .............................................................................................................................. 21 Change Management (1.29) ............................................................................................................... 21 Release and Deployment Management (1.29) ................................................................................... 22 IT Asset and Configuration Management (0.58) ................................................................................. 22 Service Portfolio Management (0.64) ................................................................................................. 23 Service Catalog Management (0.60) ................................................................................................... 23 Service Level Management (0.38)....................................................................................................... 24 References .................................................................................................................................................. 24 Author ......................................................................................................................................................... 24

1

and many universities have as well—Ohio State. That way. The reason that ITIL® is so popular is that it provides many benefits such as:        Alignment with University priorities and objectives Known and manageable IT costs Negotiated. Information Technology Service (ITS) has engaged in many projects and initiatives. and WalMart have adopted ITIL®. is a set of specialized organizational capabilities for providing value to customers in the form of services. the Office of the Vice President and Chief Information Officer (VPCIO) launched the Predictability Project. Bank of America. Most major corporations such as IBM. is a set of ITSM best practices (like PMP® is a set of best practices for project management). The current version is ITIL® v3 2011. The value that we provide is in delivering services that do what our users need them to and work the way we say they will. This is also known as “utility” and “warranty”. improvable services and processes A common set of terminology ITIL® was created in the 1980s by the Office of Government Commerce in the United Kingdom. process. BYU and Wake Forest to name a few. and its basic concept is based on the lifecycle of a service. One of ITS’s initiatives is to implement Information Technology Service Management (ITSM) improvements based on the Information Technology Infrastructure Library (ITIL®). It is non-proprietary and is maintained by experts and incorporates the learning experiences and practices of leading organizations. In ITS.Introduction In 2011. What is ITIL® ITIL®. departments can focus on their core competencies such as education and research. or Information Technology Service Management. and technology we have to deliver services such as network connectivity and email to the University. while we focus on delivering the technology they need. Stanford. we provide storage solutions for the University because we can do so at a reasonable cost with appropriate security and support. thus: Value = Utility and Warranty A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks. it is the most widely adopted set of best practices for ITSM. those capabilities are the people. or Information Technology Infrastructure Library. achievable service levels Predictable. In fact. What is ITSM? ITSM. and in support of that project. consistent processes Efficiency in service delivery Measurable. In total the 2 . For example.

current set of best practices is split into five Service Lifecycles that are made up of 24 processes and four functions (see diagram below). and ITS is doing Release and Deployment Management activities. 3 . To do this. and other leaders in ITS from:     Custom Applications and Consulting Services Enterprise Applications Enterprise Infrastructure User Experience and Engagement Both assessments were conducted in a single. Image: ©Crown 2007 Is ITS doing ITSM today? ITS is doing ITSM activities today in some of its groups. ITS Directors. But where are we in relation to best practices? What should we be working to improve? How will we know when we get there? Where is ITS in relation to ITIL® best practices? The best way to determine where ITS is today is to benchmark ourselves against ITIL® best practices. we conducted two internal assessments—a Readiness and Awareness Assessment and a Process Maturity Assessment. there is a Service Desk (the UVa Help Desk). For example. two-hour session. and participants used clickers to respond to each of the questions and could view the results in real-time. There were thirty assessment participants that included the ITS Leadership Team. There are ITSM related projects that are underway such as Portfolio Management and Service Level Agreements.

The results of the assessments follow.The objectives of the assessments were to:    Provide a baseline assessment of current process maturity Identify key areas of improvement in relation to organizational needs Compare our IT Service Management practices against a set of best practices (ITIL®) Another set of assessments is planned for 2014 so that we can compare results between the two and see where we have matured as an organization. 4 .

27 We are able to measure the services we provide in a relevant manner. 5 .67 1 2. 2.60 We have defined service delivery and support processes in our organization.60 2. 2.07 2.90 3 2. We understand what work is most important to accomplish.47 2. 4 2.Readiness and Awareness Assessment The Readiness and Awareness Assessment gauged how ready the organization is to take on ITSM implementation activities and how aware it is of core concepts that underlie ITSM. We have clearly defined roles and responsibilities for how we deliver and support our services. The assessment consisted of nine statements which the participants rated: 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Overall Results Readiness and Awareness A customer driven culture exists in our organization. I know where to go to find documentation about how services are supported. We operate with a common set of service support and delivery terminology across our organization. A culture of continuous service improvement exists in our organization.43 2 2.67 We understand how each of our services add value to the University.

67% 3.Detailed Results A customer driven culture exists in our organization.33% 100% Strongly Disagree Disagree Agree Strongly Agree We have defined service delivery and support processes in our organization. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 0 10 20 0 30 0.33% 100% Strongly Disagree Disagree Agree Strongly Agree We operate with a common set of service support and delivery terminology across our organization.00% 3.00% 100% Strongly Disagree Disagree Agree Strongly Agree We are able to measure the services we provide in a relevant manner.00% 13.00% 33.00% 100% Strongly Disagree Disagree Agree Strongly Agree We understand how each of our services add value to the University.33% 70.00% 56.33% 3.33% 10. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 4 21 4 1 30 13. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 1 4 22 3 30 3. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 3 17 9 1 30 10.67% 30.67% 0.67% 56.33% 13.33% 66. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 1 11 17 1 30 3.33% 36.33% 100% Strongly Disagree Disagree Agree Strongly Agree 6 .33% 73.

00% 63.A culture of continuous service improvement exists in our organization.00% 3. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 1 16 12 1 30 3. While a customer focus is generally regarded as a good thing. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 3 6 19 2 30 10.50) on the readiness and awareness scale.67% 3.90). 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 2 14 12 2 30 6.33% 36. there are some 7 .33% of the participants rated this as “agree” or “strongly agree”.00% 20. 1-Strongly Disagree 2-Disagree 3-Agree 4-Strongly Agree Totals 1 11 17 1 30 3.67% 100% Strongly Disagree Disagree Agree Strongly Agree I know where to go to find documentation about how services are supported.67% 46.67% 56.67% 100% Strongly Disagree Disagree Agree Strongly Agree We understand what work is most important to accomplish. but none of the responses were at the highest or lowest ends of the scale. Overall the responses were balanced and showed a base upon which we can build our culture and increase maturity. Five of the responses were above the midpoint and four were below. The highest response recorded was the existence of a customer driven culture (2.67% 40. 83.33% 100% Strongly Disagree Disagree Agree Strongly Agree Analysis and Recommendations The Readiness and Awareness Assessment showed overall ITS falls slightly above the midpoint (2. and understanding customer needs are central to good ITSM practices.33% 40.33% 100% Strongly Disagree Disagree Agree Strongly Agree We have clearly defined roles and responsibilities for how we deliver and support our services.00% 6.33% 53.33% 6.

and student applications. ITIL® will provide the common language and terminology that is needed.33% of the participants rated this as “disagree” or “strongly disagree”. The result is the lack of a comprehensive underlying strategy for the technology itself. It can create a culture where the organization is constantly in reactive mode trying to create custom solutions to meet every customer need. It is also due to audit requirements related to working with human resource. 8 . This is partly due to their very direct relationship with the customers and the integration of the services they provide with business processes. financial. Organizations that focus too much externally can risk achieving good customer performance to the detriment of the IT services they provide.07). All other participants were more focused on their particular areas when answering the questions. Part of the challenge for ITS is that we are a new organization consisting of two groups that operated fairly independently in the past. Their overall ratings fell closer to “disagree”.notes of caution. This is typical for organizations with low levels of process maturity. Enterprise Applications rated themselves higher than any other group. creating a patchwork of solutions that are difficult and expensive to support. and this is common for groups the support applications. while all others fell closer to “agree”. Introducing common terminology across ITS will improve our efficiency and effectiveness. 83. The lowest response recorded was for the existence of a common set of service delivery and support technology (2. This is likely due to the scope of the Leadership Team’s responsibilities and their view across the organization as well as their sense of urgency to mature the organization’s ITSM practices. The ITS Leadership Team rated readiness and awareness lower than all other participants on each of the questions.

fully automated Please note that the values represent the level at which a process is executed and are not necessarily a direct measure of performance.Initial – Loosely defined. unmeasured 3 . Those that were selected are:          Incident Management Problem Management Change Management IT Asset and Configuration Management Service Desk Service Level Management Service Portfolio Management Service Catalog Management Release and Deployment Management The Assessment responses were based on the ITIL® Process Maturity Framework (PMF) which borrows from maturity level concepts developed by the Software Engineering Institute at Carnegie Mellon University. The responses are: 0 . There are many processes and functions with ITIL®. documented. so ITS chose to nine of them that represent processes that already exist in ITS. 9 . business value focus. measured.Process Maturity Assessment The Process Maturity Assessment used ITIL® as a benchmark for assessing ITS process maturity.Defined – Clearly defined. unplanned 2 .Optimizing – Well-defined. undocumented.Repeatable – Defined. continuously improved. processes that are currently being implemented or processes that may be implemented in the near future. reactive.Managed – Well-defined. and it consisted of 91 questions. somewhat automated 4 . planned.I don’t know OR not at all 1 . automated 5 . good documentation. unplanned. mainly proactive. largely reactive. proactive.

33 0.87 Change Mgt Problem Mgt 2.29 1.04 Service Level Mgt Service Desk 10 .29 Service Catalog Mgt 0.60 0.64 0.58 1.Overall Results Process Maturity Incident Mgt 5 Release & Deployment Mgt 4 3 1.38 Service Portfolio Mgt Asset & Configuration Mgt 2 1 0 0.

00 1.38 1.00 1.38 1.25 0.88 1. objectives. The definition of an Incident is clearly understood and is applied across the organization.00 1.45 4 5 2.57 0. and known-errors.00 1. policies and procedures for the Incident Management process.00 1. A shared repository of Incident Management documentation is in place.50 2.38 1. documented and appointed.63 0.36 Enterprise Applications Enterprise Infrastructure Incidents are categorized using a method that enables meaningful reporting.91 2.88 2.63 Procedures are in place to assess the user satisfaction levels related to the resolution of the Incident. 1 2 1.82 User Experience & Engagement Custom Apps & Consulting Srvcs All Incidents are assigned a priority based on impact and urgency. An Incident is understood as distinct and separate from a Problem.43 1.Detailed Results Incident Management 0 The organization has clearly defined process goals.50 0.00 0.64 1.55 11 .00 0. Customers are informed of the status of Incidents that affect them in a consistent and defined manner. 1.43 0.73 1. There is a searchable Knowledge Database that contains workarounds.09 2. There are clearly defined policies and procedures for logging all Incidents.63 1.00 1.00 1. defined.64 0.00 1. resolutions.14 1.00 1.50 1.50 1. measures and reports on metrics aligned to Key Performance Indicators (KPIs).00 3 2.14 0. as well as work instructions regarding how to apply these resolutions.00 1.71 0. A measurement framework has been established for Incident Management that identifies. Incident Management exists as a standardized and repeatable process across our organization. 1.50 0. 0. Clear roles and responsibilities for the Incident Management process have been identified.14 0.29 1. The definition of and procedure for handling a Major Incident based on impact and urgency is clearly documented and understood.88 1.43 1.18 1.43 2.

29 0. Problem records include current status of the problem investigation.71 0.00 1. priority and impact and assigned for investigation and root cause analysis. defined. Problem Management ensures (following a Post Implementation Review) that changes have been successfully implemented before closing associated Known Errors and/or Problems and any associated Incidents. measures and reports on metrics aligned to Key Performance Indicators (KPIs). A shared repository of Problem Management documentation is in place.13 12 .09 Enterprise Applications Enterprise Infrastructure User Experience & Engagement Custom Apps & Consulting Srvcs 0.75 1.75 1.00 0.63 1. policies and procedures for the Problem Management process.00 0.73 1. A role exists in Problem Management that is responsible for proactive problem management (looking for potential areas of failure before they occur).27 0. and any changes in status for the problem. There is a procedure by which potential problems are classified in terms of category.00 1.38 1. urgency.86 0. documented and appointed. A role exists in Problem Management that is responsible for analyzing incident information to look for incident trends.18 0.63 1. Clear roles and responsibilities for the Problem Management process have been identified.55 2.88 1.00 1.57 0.Problem Management 0 The organization has clearly defined process goals.50 1.00 2 3 4 5 1.29 0. 1 1. categorization of the problem.00 0.27 0. objectives.75 1.73 0.71 0.00 1. A measurement framework has been established for Problem Management that identifies.14 0. All Problems and Known Errors are linked to Configuration Items when relevant.64 0.86 0.00 0.00 0.00 1.

are easily accessible.50 3.50 There is a Service Desk in place which is the known contact point for all IT inquiries and problems.00 User Experience & Engagement Reports for Service Desk metrics.29 3.75 2. 3.50 3 4 5 2.71 Enterprise Applications Calls recorded by the Service Desk are distinguished as Incident. or Service Request.43 1. defined. documented policies and procedures for the Service Desk function.14 1.82 3. 1. 0.73 2. 1.50 There is a regular.29 There is an escalation process in place for calls that cannot be resolved at first point of contact with the Service Desk.00 1.09 1.73 2.86 1.88 Clear roles and responsibilities for the Service Desk function have been identified.09 0. Request for Change. 1. types of calls.88 Enterprise Infrastructure 2.88 2.43 2.00 2.00 2.27 2.00 2.09 The Service Desk provides trending information and customer satisfaction rating reports to Management. documented and appointed.50 2. 1.Service Desk 0 The Organization has clearly defined process goals.50 13 .50 1. such as numbers of calls received. 0. reported review of Service Desk performance against expected Key Performance Indicators (KPIs). etc.91 2.91 Custom Apps & Consulting Srvcs 1. objectives. 1 2 1.25 2. 0.88 2.88 There is a user satisfaction survey system in place.71 2.

91 1. measures and reports on metrics aligned to Key Performance Indicators (KPIs).14 1. A Change Advisory Board (CAB) exists as a formal body responsible for reviewing and authorizing changes. Clear roles and responsibilities for the Change Management Process have been identified. and what level of authorization is required for each change category. implemented.36 1.45 2.Change Management 0 The organization has clearly defined process goals.55 A “calendar of Change” is communicated to all change stakeholders (including the Service Desk).75 1. 0. documented and appointed.09 2 3 2. A shared repository of Change Management documentation is in place.00 1. 3.57 0.50 0.00 1. and reviewed according to the specification contained within the Request for Change. An IT Management Board is responsible for reviewing and authorizing Changes bearing significant risk to the university and/or that impact multiple services or organizational areas. A Request for Change (RFC) is used to record and control all information related to Changes and proposed changes. defined.73 3.45 Custom Apps & Consulting Srvcs 3.25 1.00 1. 0. The scope of Change Management includes the introduction of new services and changes to existing services in the production environment.00 0. All Changes (including emergency changes) are tested prior to implementation.36 The priority for a submitted Change Request is determined through the assessment of the change’s impact and urgency.00 1.00 0. objectives.43 0.00 2.88 1.63 1.00 1.00 1. 1.43 0.50 1. A measurement framework has been established for Change Management that identifies.25 1.09 14 .82 1. University representatives (from non-IT areas) are involved in the review of major proposed changes.09 2.13 1. 1 1.57 0. A role exists within the Change Management process that is responsible for the coordination of each change being built.00 2.86 1.14 0.71 0.36 1.50 0.64 Enterprise Applications Enterprise Infrastructure User Experience & Engagement An Emergency CAB exists to review and authorize emergency changes.64 4 5 2.57 0.00 1.50 0.00 0.14 0.00 Changes are assessed for potential impacts to existing services as defined in Service Level Agreements. A change authorization model defines various change categories. tested.13 0.00 1.00 0.00 1. policies and procedures for the Change Management process.13 0.00 0.71 1.00 0.88 1.50 0.00 1.50 0.00 0.

00 0. tested.50 0.29 1. Knowledge and skills are transferred to enable to the customers and users to optimize their use of the service to support their business activities.75 0. documented policies.55 0.50 Release packages are tracked. objectives. 1 0.86 1. 2.00 1.63 0.Release & Deployment Management 0 The Organization has clearly defined process goals.57 0. installed.50 0.00 1. 3.00 1. The process owner has the authority to ensure compliance to and governance of the process.00 1.00 0. support and maintain the service according to required warranties and service levels.63 0. and verified. A Release & Deployment Management process owner with accountability for the process across the organization has been appointed. 1.73 4 5 1.50 0.43 0.00 2 3 2.38 2.91 1. There are regular reviews (including testing) on performance of this process area against documented Key Performance Indicators (KPIs). A shared repository of Release & Deployment Management documentation is in place.25 1.50 1.88 0. Release and deployment plans are defined and agreed upon with customers and stakeholders.50 0.00 15 .27 Enterprise Applications Enterprise Infrastructure User Experience & Engagement Custom Apps & Consulting Srvcs There are procedures to ensure that new or changed services are capable of delivering the agreed utility and warranty.27 0. Knowledge and skills are transferred to service operation and support functions to enable them to effectively and efficiently deliver.13 0. activities and procedures for the Release & Deployment Management process.14 0.64 3.00 Release packages are deployed to the live environment following an agreed plan and schedule.18 2.13 1.57 0.

50 0.38 0.14 0.00 0.36 1.57 0.00 1.14 0.36 0.00 2 3 4 5 0.25 0. owners. The process owner has the authority to ensure compliance to and governance of the process.82 0. All Configuration Items (CIs). The Configuration Management System (CMS) audit includes a comparison of Configuration Items in the environment with the data contained in the CMS.00 0.57 0. Clear roles and responsibilities for the Asset & Configuration Management process have been identified. 1 1. A Service Asset and Configuration Management process owner with accountability for the process across the organization has been appointed.18 0.00 1. systems.29 0. 16 . Registered Configuration Items are physically identified through labeling according to organizational policy using a standard coding model.25 0.25 0.00 1. databases.00 1. hardware and software components. measures.IT Asset & Configuration Management 0 The organization has clearly defined process goals.13 0.00 0. The Configuration Management System (CMS) provides a logical model of all service assets used in providing services and enables information about service assets to be used in meeting business requirements. documentation and support staff roles related to the maintenance and support of these CIs.00 1.73 0.43 0.38 0.63 1.43 1.00 0.09 0.25 1.25 0.00 Custom Apps & Consulting Srvcs 0.29 1.91 Enterprise Applications Enterprise Infrastructure User Experience & Engagement 0.50 0.09 0. There is a Definitive Software Library (DSL) and a Definitive Hardware Store (DHS) within the organization (physical storage locations for software and hardware).50 A scheduled and regularly occurring audit is used to verify the accuracy of the Configuration Management System (CMS).25 0. policies and procedures for the Service Asset & Configuration Management process. defined. A measurement framework has been established for Service Asset and Configuration Management that identifies.27 1. and relationships are recorded and maintained in a central repository that is subject to rigorous Change Management controls and is maintained only by designated personnel. Configuration Items (CIs) contained in the CMS include services.71 0. documented and appointed. attributes. objectives. and reports on metrics aligned to Key Performance Indicators (KPIs). A shared repository of Asset & Configuration Management documentation is in place.27 0. Service Asset and Configuration Management provides up-to-date information about infrastructure and application configurations to support definition of technical services in the Service Catalog.36 0.00 0.50 0.27 1.29 0.

The process owner has the authority to ensure compliance to and governance of the process. A Service Portfolio Management process owner with accountability for the process across the organization has been appointed.14 1.50 1.36 0. 1 0. Services are reviewed on a regular basis to determine which are no longer viable and should be retired.57 1.00 0.09 2.00 1.00 2 3 4 5 0.50 0.00 0. documented policies.00 Enterprise Applications Enterprise Infrastructure User Experience & Engagement Custom Apps & Consulting Srvcs There is definitive portfolio of services with the articulated business needs each service meets and the business outcomes it supports.50 1. There is a process for enabling ITS to investigate and decide on which services to provide based on an analysis of potential return and acceptable level of risk.82 0.50 0.82 1.29 0.50 0. documented service pipeline listing all service that are under consideration or development.00 1. objectives. 17 .Service Portfolio 0 The Organization has clearly defined process goals.64 0.14 0.00 0.25 0. but are not yet available to customers. activities and procedures for the Service Portfolio Management process. There is a central.00 0. Investments in services are tracked throughout their lifecycle.38 0.64 0. A shared repository of Service Portfolio Management documentation is in place.14 0.13 1.29 0.

36 0. Enterprise Applications Enterprise Infrastructure User Experience & Engagement Custom Apps & Consulting Srvcs There is a Service Catalog that describes the services offered by ITS.00 0.43 1.50 0.50 1.00 0.00 0. activities and procedures for the Service Catalog Management process. 0.36 0. objectives. There are regular reviews (including testing) on performance of this process area against documented Key Performance Indicators (KPIs).Service Catalog 0 The Organization has clearly defined process goals. interfaces and dependencies of all services in the live environment.25 0.36 0.00 18 . The process owner has the authority to ensure compliance to and governance of the process.18 0.86 1.25 1.50 There is a generally-accepted definition of what a ‘service’ is. 0.88 1. 1 0.71 0.50 The Service Catalog is accurate and reflects the current details. status.27 1.00 0. documented policies.63 2 3 4 5 0.18 0.86 0. 0. A shared repository of Service Catalog Management documentation is in place.50 0.63 0.45 0.57 0. A Service Catalog Management process owner with accountability for the process across the organization has been appointed.00 The Service Catalog is available to those who need access to it.

A Service Level Management process owner with accountability for the process across the organization has been appointed. OLAs. and all internal functional areas involved in the provision of the service.25 Clear roles and responsibilities for the Service Level Management Process have been identified.14 0.00 0.75 0.14 0. Operational Level Agreements (OLAs) – which are aligned with requirements defined in the SLAs – have been documented and agreed among individual provider IT groups within the Organization.36 0.43 0.36 0.00 0.45 0. defined. Service review meetings are held regularly with customers to discuss Service Level achievements and any plans for improvements that may be required. OLAs. Enterprise Applications Enterprise Infrastructure User Experience & Engagement Service Level Agreements are regularly reviewed to ensure they are current and aligned with customer requirements.71 0.00 0.27 0. Service Level Agreements (SLAs) – which define the services and levels of services provided by IT for the customers – exist for all services.25 1.50 0.00 0.29 0.36 0.00 0.25 0.75 0.00 0.14 0.38 0. SLAs. A shared repository of Service Level Management documentation is in place. and Contracts. documented and appointed. 1.38 0.14 1.00 0.27 0.50 0.00 0. the Service Desk.00 0. The process owner has the authority to ensure compliance to and governance of the process.50 0.50 19 .45 0.00 Service Improvement Programs are used to improve the quality of services and are initiated for services that are underperforming.00 Custom Apps & Consulting Srvcs Service levels achieved by all operational services are monitored and measured against targets within SLAs. 1 0. and Underpinning Contracts are stored in a Definitive Document Library and are controlled as Configuration Items in the Configuration Management Database. 0.64 0.50 0.00 0. policies and procedures for the Service Level Management process.50 0. 1.00 2 3 4 5 0.Service Level Management 0 The organization has clearly defined process goals.50 0.82 0. objectives.25 0. Regular communications and reports concerning levels of service contained within SLAs occur with IT management.

a defined process for identifying and handling Major Incidents would reduce the response and resolution times for larger scale issues and outages lessening their impact on users while improving customer communications during such events. In addition. Across ITS. There is also a Knowledge Base for the Service Desk. participants indicated that customers are kept informed of their issues in a consistent and defined manner. Incident Management (1. With the guidance of ITIL®.Analysis and Recommendations ITSM is a relatively new concept for ITS.38 putting it closest to a “Not at all” rating. a defined and documented Incident Management process would improve how incidents are handled on a daily basis and. in turn. The highest rated process (or function) overall was the Service Desk with rating of 2. and student applications. and Release and Deployment Management. Part of this is related to the Service Desk function which has driven `the Incident Management process with defined ticketing workflows and a ticketing tool. Enterprise Applications had the highest ratings for those four processes coming in near or above a “Repeatable” level for all of them. Assigning urgency and impact to incidents would drive defined response and resolution times that can be used to set customer expectations and measure performance. We rated highest for processes such as the Service Desk. Change Management. a standard approach to contacting customers and defined response and resolution times would improve the customer experience. This is partly due to their very direct relationship with the customers they support and the integration of the services they provide with business processes. This agrees with the Readiness and Awareness Assessment where customer focus was rated highest. These are processes that tend to mature early because of customer demands and/or audit requirements. Work is already underway in this area. customer satisfaction. ITS can move up the scale of maturity over future years. financial. Generally. 20 . It is also due in part to the audit requirements related to working with human resource. but it is limited to information where the Service Desk is the audience. and the results of the Process Maturity Assessment are typical for where we are as an organization. thus ensuring that the best possible levels of service quality and availability are maintained. some best practices are in place in parts of our organization that provide a great starting point. Generally. ITS is currently implementing on a new oncall process with the goal of improving Major Incident response. The lowest rated was Service Level Management which had a rating of 0.33) Purpose: To restore normal service operation as quickly as possible and minimize the adverse impact on business operations. While many of the process scored low on the maturity scale. Incident Management. Incident Management rated “Initial” in the assessment.04 or “Repeatable”. the ratings came out as expected across the nine processes. Building on this concept. A broader Knowledge Base that is shared across all support areas with different access levels to information such as workarounds and known-errors would be an improvement.

There is a clear process for the escalation of incident tickets with all of the referral support groups which is handled through a ticketing and workflow tool. Based on the assessment results. Enterprise Applications rated higher on all questions and overall rated above “Repeatable” which was nearly one point higher than the next group. It is common for application groups to score higher for Change Management on initial assessments. enabling beneficial changes to be made with minimum disruption to IT services. As mentioned 21 . The Help Desk is well known as the first point of contact for ITS services and for some other services that are not under ITS. The Service Desk rated the highest of any process (or function). but talking about a problem as being distinct and different from an incident is new. First steps can be taken in the area of “reactive” Problem Management. Problem Management was assessed just below “Initial”. (2) To facilitate the restoration of normal operational service with minimal business impact on the Customer within agreed service levels and business priorities. ITS should consider defining and documenting an overall Problem Management process.04) Purpose: (1) To provide a single point of contact for Customers. All tickets that are resolved through the ticketing tool generate a customer satisfaction survey for the user to complete. The SLA metrics are published publicly as of October 2011. more management level reporting regarding incident trends that is easily available to ITS resources would be useful. The assessment results for Change Management show its maturity as “Initial”. Incident Management is about restoring service as quickly as possible. but there are clear differences in the results across ITS. one area that could improve the Service Desk would be additional management reporting.Problem Management (0. Then “proactive” Problem Management can be introduced where problems are identified and permanent fixes implemented before any incidents occur. ITS could begin to use the “incident” and “problem” terminology across the organization and take steps to differentiate them. and to prevent recurrence of incidents related to these errors. The UVa Help Desk plays the role of Service Desk for ITS and this function is outsourced to a vendor. Problem Management is about doing root cause analysis and implementing permanent fixes.87) Purpose: The goal of Problem Management is to minimize the adverse impact of Incidents and Problems on the business that are caused by underlying errors within the IT Infrastructure. but additional awareness about their existence would improve assessment ratings. Change Management (1. The SLA defines the performance metrics and targets for the Help Desk. Service Desk (2.29) Purpose: To control the lifecycle of all changes. In addition. The outsourcing plays a key role in the maturity of the Help Desk because using a vendor requires a contract and Service Level Agreement (SLA). The concepts behind Problem Management are not new to ITS. where root cause analysis follows a Major Incident or trend analysis is triggered by a reoccurring incident.

22 . buildings. and people. IT Asset and Configuration Management (0. Release and Deployment Management (1. schedule. can be generated that will let everyone see what upcoming changes may affect their areas. The Release and Deployment process that is followed by Enterprise Applications can be compared against ITIL® best practices to begin the implementation of an organization-wide process. Having a central repository for CIs. hardware. the groups under Enterprise Applications are subject to more and tighter audits due to the types of applications they manage. application groups tend to have more well-defined customers with whom they work closely on projects. It is likely that Enterprise Applications will receive the greatest benefit from a documented Release and Deployment Management process. Reviewing RFCs will give ITS the opportunity assess the impact and urgency of each change.earlier. Incident Management. but infrastructure and custom development teams can also benefit. Enterprise Applications rated higher than other groups and had a “Repeatable” rating. IT Asset and Configuration Management rated below “Initial”. its overall risk. It will also ensure that knowledge is transferred to service operation and support functions as well as customers. software. tested. A report of future changes. ITS has taken initial steps in Change Management by requiring that changes be logged after they have been completed. A Change Advisory Board (CAB) can be established to review the highest level RFCs. including other IT services. installed.58) Purpose: To ensure that the assets required to deliver services are properly controlled. Like Change Management. documentation. In addition. This too is not uncommon for application groups especially those that are supporting vendor software solutions such as Oracle or PeopleSoft. test and deployment of releases. and control the build. the best date and time for the change. would allow the organization to better manage it services and make Change Management. and to deliver new functionality required by the business while protecting the integrity of existing services. and verified prior to implementation. Having changes requested in advance will also allow ITS to ensure the necessary support and communications are in place for a change. ITS should consider implementing a Change Management process where Requests for Change (RFCs) are reviewed and approved prior to implementation. Implementing Release and Deployment Management will provide accountability at all stages of the deployment process and ensure that release packages are tracked. or a Configuration Management System (CMS). known as a Forward Schedule of Change (FSC). and that accurate and reliable information about those assets is available when and where it is needed. ITS would benefit greatly from documenting its Configuration Items (CIs) and their relationships. and whether multiple changes will impact each other.29) Purpose: To plan. and other processes more effective. CIs are any component that needs to be managed in order to deliver an IT service. Service Level Management.

Service Catalog Management (0. Service Portfolio Management (0. those currently being offered to customers. and lay the groundwork for Portfolio Management. In addition.64) Purpose: To ensure that the service provider has the right mix of services to balance the investment in IT with the ability to meet business outcomes. but it is not current and does not include all ITS services. with the Cost of Services project to identify the cost of services. This information will provide a tremendous opportunity for ITS to determine what services it provides. It is recommended that ITS start with the most important or critical services when updating the Service Catalog and work from there to expand the list. Portfolio Management is a current. The VPCIO’s organizations have recently undertaken a project to identify the cost of services. Service Catalog Management rated less than “Initial”. It is recommended that ITS identify the most critical or important services to start with and drill-down only as far as is deemed useful and practical. ITS rated above “Initial” for reviewing and retiring services on a regular basis. how money is invested in each. This team has been effective in proposing the retirement of services and managing a list of services to be retired and their status. and those that have been retired. named initiative for ITS. Having a process to manage the portfolio will be critical as emphasis is placed on higher education budgets and UVa’s new budget model is introduced.60) Purpose: To provide and maintain a single source of consistent information on all operational services and those being prepared to be run operationally. and to ensure that it is widely available to those who are authorized to access it. Service Portfolio rated below “Initial”. 23 . Organizations that attempt to document the smallest details in the CMS sometimes find they cannot complete the scope of their implementation. Then expand to additional services and details in later phases as needed. Service Portfolio Management is about managing all of ITS’s services including those that are conceptual. Currently.Careful thought should be put in to the approach to IT Asset and Configuration Management. there is a great opportunity to use the services delineated as part of that as an input to an updated Service Catalog. There is a crossdepartmental team in ITS that meets on a regular basis to discuss the retirement of services. Keeping the list to a manageable size so that it can be properly maintained is advised. there is a customer-facing Service Catalog available. Service Catalog Management is composed of two types of catalogs: a customer-facing Service Catalog and a Technical Service Catalog. Enterprise Infrastructure has an internal list of services they offer that is a good input into a Technical Service Catalog and perhaps even a Service Catalog depending on how services are defined.

©Official Accreditor of the OGC ITIL Portfolio: APM Group Limited.edu 24 . CMMI for Services. Valerie Arraj.Service Level Management (0. 2011. ITIL®: The Basics. ITIL® Expert Director. These will be important tools for managing ITS services and customer expectations.2. ITIL v3® Continual Service Improvement. Service Level Management had the lowest rating of all processes and scored “Not at all”. Help Services Information Technology Services University of Virginia drs4h@virginia. ITS has documented Service Level Requirements such as maintenance windows. The main reason for the low rating is that there are few documented Service Level Agreements (SLAs) for ITS’s services. 2011. Author This assessment was conducted and prepared by: Dave Strite. 2010. 2011. London: TSO. Office of Government and Commerce. Carnegie Mellon University. Version 1. Office of Government and Commerce. For some services. 2011. ITIL v3® Service Transition. The challenge will be to negotiate and measure service level metrics such as availability and reliability which have not been done before. References Executive Briefing: The Benefits of ITIL®. 2009. London: TSO. Office of Government and Commerce. Pittsburgh. 2010. ITIL v3® Service Strategy. Software Engineering Institute. 2011. Office of Government and Commerce. London: TSO. ITIL v3® Service Design. ©The Stationary Office. London: TSO. ITS has initiated one project to begin the documenting of SLAs and another to implement a SLA process to keep the SLAs current after the have been negotiated and agreed upon. Maggie Kneller.38) Purpose: To ensure that all current and planned IT services are delivered to agreed achievable targets. ITIL v3® Service Operation. London: TSO. Office of Government and Commerce.

Sign up to vote on this title
UsefulNot useful