Professional Documents
Culture Documents
1
Purpose of this training
2
FitSM Foundation exam
3
FitSM qualification program
Expert Level
ITIL Expert, ISO/IEC
2 days 2 days 20000 consultant
Expert training in IT service management Expert Bridge and auditor
Advanced Level
2 days 2 days
Advanced training in Advanced training in
service planning and delivery service operation and control
Foundation Level
4
Training agenda
5
IT Service Management:
Introduction, Terms & Concepts
6
Why IT service management is needed
7
What is a service?
Examples of IT services:
– Provision of standard desktop workstations
– Connectivity: E-Mail, LAN, internet access
– Provision of computational resources
– Provision of standard and special applications
– Storage, backup, archival storage
8
Service and value
• Service is…
– … an intangible good that is delivered by a service
provider to customers
– … something that provides value to the customers by
helping them achieve their goals.
Top
management
1
Client Server Communication
Service desk
operations operations networks
5
2
Mobile Application Network
DB servers Web servers
devices servers planning
Desktop 3 Network
ERP
support maintenance
4
CRM
11
What comprises a process?
Goal(s), objectives
12
Process roles
• Process owner:
– Overall accountability for a process
Process owner
– Defines process goals, monitors their fulfillment
1
– Has authority to provide / approve resources
• Process manager:
1..*
– Responsible for the operational effectiveness and
efficiency of a process Process manager
13
Additional key terms
security policy
Control level
Process: Inputs Process managers
Process teams
Activities and roles
e.g. incident management,
change management, security Outputs
management, …
Operational level
Departments
Person (in a role) Proce- Functions
dures
e.g. procedures for Persons
classifying and prioritizing
applies incidents
15
The FitSM Standards Family
16
What is FitSM?
www.fitsm.eu
The development of the FitSM standards was supported and funded by the European
Commission through the EC-FP7 project "FedSM“.
17
FitSM parts
Core standard
FitSM-0
this training
Overview & vocabulary
Focus of
FitSM-1
Requirements
FitSM-2 FitSM-3
Objectives and activities Role model
Implementation aids
FitSM-4 FitSM-5 FitSM-6
Selected templates and Selected Maturity and capability
samples implementation guides assessment scheme
18
FitSM logic
19
FitSM process model
Offer & Plan & Control & Resolve & Report & Protect &
Agree Ensure Deploy Prevent Improve Secure
• SPM • SUPPM • CONFM • IM • SRM • ISM
• SLM • SACM • CHM • PM • CSI
• CRM • CAPM • RDM
21
FitSM-0: "Overview & vocabulary"
22
FitSM-1: "Requirements"
23
IT Service Management – General Aspects
24
Top management responsibility:
Requirements according to FitSM-1
GR1 Top Management Commitment & Responsibility
REQUIREMENTS
• GR1.1 Top management of the organisation(s) involved in the delivery of services shall show
evidence that they are committed to planning, implementing, operating, monitoring,
reviewing, and improving the service management system (SMS) and services. They shall:
o Assign one individual to be accountable for the overall SMS with sufficient authority to
exercise this role
o Define and communicate goals
o Define a general service management policy
o Conduct management reviews at planned intervals
• GR1.2 The service management policy shall include:
o A commitment to fulfil customer service requirements
o A commitment to a service-oriented approach
o A commitment to a process approach
o A commitment to continual improvement
o Overall service management goals
25
Documentation: Requirements according
to FitSM-1
GR2 Documentation
REQUIREMENTS
• GR2.1 The overall SMS shall be documented to support effective planning. This
documentation shall include:
o Service management scope statement (see GR3)
o Service management policy (see GR1)
o Service management plan and related plans (see GR4)
• GR2.2 Documented definitions of all service management processes (see PR1-PR14) shall be
created and maintained. Each of these definitions shall at least cover or reference:
o Description of the goals of the process
o Description of the inputs, activities and outputs of the process
o Description of process-specific roles and responsibilities
o Description of interfaces to other processes
o Related process-specific policies as applicable
o Related process- and activity-specific procedures as required
26
Documentation: Requirements according
to FitSM-1
GR2 Documentation
REQUIREMENTS
• GR2.3 The outputs of all service management processes (see PR1-PR14) shall be documented,
and the execution of key activities of these processes recorded.
• GR2.4 Documentation shall be controlled, addressing the following activities as applicable:
o Creation and approval
o Communication and distribution
o Review
o Versioning and change tracking
27
Plan-Do-Check-Act Cycle (PDCA)
Plan
Act Do
Maturity
Check
Time
• Quality management approach according to W. E. Deming
• Key principle: continual improvement
• Plan-Do-Check-Act can be applied to the whole service management system
28
PDCA applied to the SMS
29
IT Service Management – Processes
30
Service Portfolio Management (SPM)
Objective
To define and maintain a service portfolio
31
SPM: Important terms
32
SPM: Requirements according to FitSM-1
33
SPM: Summary
• 3 things to remember:
– The service portfolio lists and defines the services that a
service provider offers or plans to offer in the future.
– The service portfolio is an "internal tool" for the service
provider.
– The service portfolio is the basis for the service catalogue.
Service Service
portfolio catalogue
basis
for Customer
34
Service Level Management (SLM)
Objective
To maintain a service catalogue, and to define, agree and monitor service
levels with customers by establishing meaningful service level
agreements (SLAs) and supportive operational level agreements (OLAs)
and underpinning agreements (UAs) with suppliers
35
SLM: Important terms
36
SLM: Important terms
37
SLM: Requirements according to FitSM-1
38
SLM: Defining SLAs
39
SLM: Types of service agreements and
their relationships
Customer
(IT) service
Service components provider
40
SLM: Summary
• 3 things to remember:
– Produce a service catalogue for the customers and agree
SLAs with customers.
– Agree OLAs and UAs with supporting parties and suppliers
to ensure service targets in SLAs can be met.
– Evaluate service performance based on SLAs.
41
Service Reporting Management (SRM)
Objective
To specify all service reports and ensure they are produced
according to specifications in a timely manner to support
decision-making
42
SRM: Requirements according to FitSM-1
43
SRM: Summary
• 3 things to remember:
– Service reports are important to support decision-making.
– Service reports can be useful to demonstrate the level of
service quality that has been achieved.
– Agree the reports and their purpose, audience, frequency,
content, format and method of delivery with the report
stakeholders.
44
Service Availability & Continuity
Management (SACM)
Objective
To ensure sufficient service availability to meet agreed
requirements and adequate service continuity in case of
exceptional situations
45
Why Availability AND Continuity?
Availability Continuity
Goal: Service is available frequently Goal: Sufficient disaster protection to
enough to meet customer needs à ensure continual operation of key
continuous operation services under all circumstances
47
SACM: Requirements according to FitSM-1
48
SACM: Summary
• 3 things to remember:
– Identify service availability and continuity requirements (e.g.
from SLAs).
– Plan to reduce the probability and impact of identified
availability and continuity risks and produce plans.
– Monitor service availability.
49
Capacity Management (CAPM)
Objective
To ensure sufficient capacities are provided to meet agreed
service capacity and performance requirements
50
CAPM vs SACM
Requirements Requirements
51
CAPM: Requirements according to FitSM-1
52
CAPM: Summary
• 3 things to remember:
– Identify service performance requirements (e.g. from SLAs).
– Plan the resources required to fulfil the requirements and
produce a capacity plan.
– Monitor service performance.
53
Information Security Management (ISM)
Objective
To manage information security effectively through all activities
performed to deliver and manage services, so that the
confidentiality, integrity and accessibility of relevant assets are
preserved
54
ISM: What is information security?
Key aspects
– Integrity
– Accessibility of information
55
ISM: Confidentiality and integrity
10110100
10110100 01011001
01011001 10101100
10110100
10101100 11001011
10100100
11001011
01000110
Alice Bob Alice 11001011
Bob
Chuck
Chuck
56
ISM: Accessibility
58
ISM: Outputs
• 3 things to remember:
– Preserve confidentiality, integrity and accessibility of
information assets.
– Identify and treat information security risks.
– Produce and enforce information security policies.
60
Customer Relationship Management (CRM)
Objective
To establish and maintain a good relationship with customers
receiving services
61
CRM: Requirements according to FitSM-1
62
Supplier Relationship Management (SUPPM)
Objective
To establish and maintain a healthy relationship with suppliers
supporting the service provider in delivering services to
customers
63
SUPPM: Requirements according to FitSM-1
64
Incident & Service Request Management
(ISRM)
Objective
To restore normal / agreed service operation within the agreed
time after the occurrence of an incident, and to respond to user
service requests
65
ISRM: Important terms
Note: Service requests are often handled by the same process and tools as
incidents.
66
ISRM: Requirements according to FitSM-1
67
ISRM: Workflow (example)
Incident
notification / Register
Service
Request
Classify
Escalate
Prioritize Yes
Escalation
Analyze / Evaluate required?
No
Resolve / Fulfill
Close
68
ISRM: Service request or incident?
I forgot
my Wiki password!
?
I cannot access
my e-mails! ?
69
Problem Management (PM)
Objective
To investigate the root causes of (recurring) incidents in order to
avoid future recurrence of incidents by resolving the underlying
causes, or to ensure workarounds / temporary fixes are
available.
70
PM: Important terms
72
PM: Example – From incidents to
problems to resolutions
Problem Problem
Incident
Management: Management:
Management
Analysis & Workaround Resolution
Workaround Resolution
• Back-up log file • Patch available
• Empty log file • Request for Change: Install
• Reboot system patch T12-02 on pclx3
73
Configuration Management (CONFM)
Objective
To provide and maintain a logical model of all configuration
items and their relationships and dependencies
74
CONFM: Important terms
75
CONFM: Requirements according to FitSM-1
76
CONFM: Output and summary
• 3 things to remember:
– Configuration Management is not about configuring
resources
– Configuration Management is about understanding (and
documenting) the current configuration
– Current configuration = All relevant CIs and their attributes
and relationships
77
Change Management (CHM)
Objective
To ensure changes to configuration items are planned, approved,
implemented and reviewed in a controlled manner to avoid
adverse impact of changes to services or the customers receiving
services
78
CHM: Important terms
79
CHM: Requirements according to FitSM-1
80
CHM: Workflow (example)
RFC Filter
Register
Classify
No Change
Approved?
refused
Assess & Approve
Yes
Review
81
CHM: Summary
• 3 things to remember:
– All changes to CIs should be controlled by the change
management process.
– Typical categories of changes:
• Standard change (pre- or self-approved)
• Non-standard change
• Emergency change
– A change advisory board (CAB) may be established. During
CAB meetings, requests for non-standard changes are
evaluated and discussed.
82
Release & Deployment Management (RDM)
Objective
To bundle changes of one or more configuration items to
releases, so that these changes can be tested and deployed to
the live environment together
83
RDM: Important terms
84
RDM: Requirements according to FitSM-1
85
RDM: Workflow
Deployment planning
Deployment preparations
Release
Review Record Deployment / rollout
86
Continual Service Improvement
Management (CSI)
Objective
To identify, prioritize, plan, implement and review improvements
to services and service management
87
CSI: Requirements according to FitSM-1
88
Benefits, Risks & Challenges of
Implementing IT Service Management
89
ITSM: Benefits and risks in practice
91
Examples of types of federation
In looser federations:
Individual federation members are responsible Invisible Hotel industry
for delivering services to their customers coordination association
largely on their own. Integration and
coordination falls upon individual federation
Hotel guide,
members or customers themselves. … rating portal
ITSM perspective
Travel agent,
Matchmaking booking portal
Airline with
… code sharing
In more tightly integrated federations:
Service delivery to customers requires joint effort
from multiple federation members Full service Virtual mobile
à Many, if not all, ITSM processes are federation- integration phone operator
wide 92
Related Standards & Frameworks
93
Related standards and frameworks
ISO 9000
Legend
IT (service) management
ITIL FitSM standard / framework
Quality management
standard
Information security
COBIT
management standard
Software engineering
maturity model
94
ITIL, ISO/IEC 20000, COBIT
95
ISO 9000, ISO/IEC 27000, CMMI
ISO 9000
• International standard for quality • Applicable to all organizations
management and branches
ISO 9000
• Quality management principles • Auditable, certifiable
• Requirements for a quality • Several documents
management system
ISO/IEC 27000
• International standard for information • Applicable to all organizations
security management and branches
ISO/IEC 27000 • Requirements for an information • Auditable, certifiable
security management system (ISMS) • Based on BS 7799
• More than 100 security controls • Auditable, certifiable
• Several documents
Capability Maturity Model Integration
• Maturity and capability model • Developed by SEI (Software
CMMI • Organizational maturity assessment Engineering Institute),
Carnegie Mellon University
96