Oct03-23-05 14, 2006

ITIL Essentials (Foundation) Course Aroonrat Chinwonno Sakul Tunboonek
page 1

What is ITIL ?
ITIL (Information Technology Infrastructure Library) is - Documentation for IT Server Management Best Practice - Framework for any IT organization to develop its support model ITIL is NOT a technology specific ITIL has been well established in UK and Europe, and was used as a groundwork in developing BS15000/ISO20000*
BS15000/ISO20000 is (the first) worldwide standard for IT service management

ITIL recommends “ADOPT AND ADAPT” approach

ITIL Essentials (Foundations)

Oct 14, 2006

page 2

What companies ADOPT and ADAPT ITIL ?
Microsoft “ADOPT and ADAPT” ITIL into its Microsoft’s Operations Framework (MOF) HP “ADOPT and ADAPT” ITIL into its HP’s IT Service Management Reference Model In US, implementing of ITIL provides an acceptable structure to meet many of Sarbanes-Oxley Act audit requirements Many companies are now regularly requesting ITIL compliance in bids and requests for service improvement Forrester Research reports that 13% of corporations with revenue exceeding $1 billion had adopted ITIL by the end of 2005. By late 2006, that will have expanded to 40%, then to as high as 80% by 2008.

ITIL Essentials (Foundations)

Oct 14, 2006

page 3

Implement Service Desk SPOC with SLA .Implement Problem Mgnt to develop known error database To increase user satisfaction level To find more time to do IT planning (80/20). 2006 page 4 .Each module is able to be measured* You cannot control what you cannot measure. • However the ultimate is to serve the Corporate Business goals (CEO) to – Increase efficiency and create value to Business – Reduce cost ITIL Essentials (Foundations) Oct 14.Implement ITIL as a whole .Implement Incident Mgnt to ensure minimum business impact . Difficult to get control .Implement Change Mgnt to ensure that system changes are properly plan . and metric .What ITIL can mean to us ? • Understand what ITIL is • What are the (ITM Objectives) we want to implement ITIL To reduce unexpected system downtime .

ITIL Elements • Service Support concentrates on day to day operation and support • Service Delivery looks at planning and improvement of IT service Service Support Service Desk Incident Mgnt Problem Mgnt Configuration Mgnt Change Mgnt Release Mgnt Service Delivery SLM Financial Mgnt Capacity Mgnt IT Service Cont Mgnt Availability Mgnt Security Mgnt ITIL Essentials (Foundations) Oct 14. 2006 page 5 .

usually Customer management has responsibility for the funding of the service Provider: the unit responsibility for the provision of IT services Supplier : a 3rd party responsible for supplying or supporting of underpinning elements of the IT services User: the person using the service on a daily basis ITIL Essentials (Foundations) Oct 14.Standard Definitions Customer: recipient of a service. 2006 page 6 .

What questions do you have? ITIL Essentials (Foundations) Oct 14. 2006 page 7 .

Oct03-23-05 14. 2006 ITIL Essentials (Foundations) Course First Part: Service Support page 8 .

2006 page 9 .Service Delivery Agenda Service Support Service Desk Incident Mgnt Problem Mgnt Configuration Mgnt Change Mgnt Release Mgnt Service Delivery SLM Financial Mgnt Capacity Mgnt IT Service Cont Mgnt Availability Mgnt Security Mgnt ITIL Essentials (Foundations) Oct 14.

Oct03-23-05 14. 2006 Service Desk page 10 .

Service Desk . Service Desk has broader role of the front line support – with more organizations looking to radically increase the percentage of calls closed at first point of contact – FIXED ON FIRST - ITIL Essentials (Foundations) Oct 14.Roles • ITIL views Service Desk as a Vital function rather than as a process • Service Desk is the “Central Point of Contact” between users and the IT service model • A first positive or negative impression is perceived upon Service Desk performance and attitude • Service Desk in ITIL is more than just a Helpdesk. 2006 page 11 .

Service requests . 2006 page 12 . monitor the tickets according to SLA and Keep users informed on the status and progress ITIL Essentials (Foundations) Oct 14. how to request a software installation • Provide initial assessment of all incidents. FAQ such as how to order equipment.IT service information. deal directly with simple requests and complaints . based on agreed SLA • Once escalated. make first attempt at Incident resolution and/or escalate to 2nd level support.Service Desk .Responsibilities • Receive and Record all calls from Users (a ticket created).Incident calls .

backup and restore • Perform Infrastructure monitoring such as Data Center environmental check.Service Desk . 2006 page 13 .Responsibilities • Produce Service Desk Management reports • Highlighting user requirements such as training to assist with service improvement • Perform basic operational functions such as password resets. Server-LANWAN status (receiving alerts from automated tools) ITIL Essentials (Foundations) Oct 14. System backup status.

Tivoli (IBM).Tools • Remedy (BMC). 2006 page 14 . Openview (HP) • Knowledge base • ACD (Automated Call Distribution) • IVR (Interactive Voice Response) ITIL Essentials (Foundations) Oct 14.Service Desk .

Service Desk .Distributed Service Desk on each site • Central Service Desk . or Regional Helpdesk • Virtual Service Desk .Centralized. 2006 page 15 . Follow the Sun concept ITIL Essentials (Foundations) Oct 14.Types • Local Service Desk .Global.

2006 page 16 .What questions do you have? ITIL Essentials (Foundations) Oct 14.

Oct03-23-05 14. 2006 Incident Management page 17 .

and later can transferred to Incident Manager (IM) ITIL Essentials (Foundations) Oct 14.Incident Management Purpose: • To restore normal service operation as quickly as possible with minimal disruption to the business Definition: • Incident is an event which is not part of standard operation service and cause interruption or reduction in quality of service Incident Management process is usually owned by Service Desk . 2006 page 18 .

2006 page 19 .Incident Management Incident Priorities: ITIL defines Priority = Urgency + Impact Urgency = How soon the problem needs resolution Impact = How many or how large business service is effected Priority in many practical term is called “Severity” ITIL Essentials (Foundations) Oct 14.

2006 page 20 .Incident Management – Severity Level <<Company Name>>Incident Severity Definition: * Incident Manager (IM) should be identified and on board to take over the Sev1 and/or Sev2 incidents ITIL Essentials (Foundations) Oct 14.

Incident Management – Incident Manager IM’s roles – Arrange a formal meeting of “Support Group” which are usually Problem Management. so that the “Support Group” do not receive mixed directions ITIL Essentials (Foundations) Oct 14. 2006 page 21 . and Service Desk teams – Make common understanding of this incident management objectives: • To restore the service ASAP (also communicate SLA) • To minimize the business disruption (consider workaround) – Arrange any additional resources if required – Be a communicator between “Support Group” and the “Customer”.

Incident Management .Escalation There are 2 types of escalation: • Functional escalation – involving more specialist to help • Hierarchical escalation – means a vertical move is made through the organization because the authority are required ITIL Essentials (Foundations) Oct 14. 2006 page 22 .

What questions do you have? ITIL Essentials (Foundations) Oct 14. 2006 page 23 .

2006 Problem Management page 24 .Oct03-23-05 14.

2006 page 25 .To minimize the adverse effect on the business of Incidents and problems cause by error in the infrastructure .To diagnose the root cause of the incidents and to identify a permanent solution Definition: Incident is an abnormal event which cause interrupt or impact Problem is an Unknown underlying cause of the incident Known Error is an problem which root cause has been determined ITIL Essentials (Foundations) Oct 14.Problem Management Purpose: .To proactively prevent the occurrence of incidents and problems Role: .

To eliminate the known error ITIL Essentials (Foundations) Oct 14. 2006 page 26 .Problem Management . Eg.Definition Error in Infrastructure Incident is an abnormal event which cause interrupt or impact Problem: A problem describes an undesirable situation. indicating the unknown root cause of the Incident Known Error A known error is a problem whose root cause has been determined Request for Change (RFC) An RFC proposes a change.

Problem Management – Responsibilities • Identify problems • Investigate problems to resolution or error identification • Raise RFC to clear error • Advise IM of workaround for incidents for known errors • Assist in Major incident to identify root cause • Prevent the replication of problems across multiple system ITIL Essentials (Foundations) Oct 14. 2006 page 27 .

Problem Management • Problem Control – Focus on transforming Problems into Known Error • Error Control – Focus on resolving Known errors via the Change Management process Incident Management Configuration Management Service Level Management Information Availability Management Problem Management Workaround Problem Control -> Error Control RFC Change Management ITIL Essentials (Foundations) Oct 14. 2006 page 28 .

2006 page 29 .What questions do you have? ITIL Essentials (Foundations) Oct 14.

Oct03-23-05 14. 2006 Configuration Management page 30 .

2006 page 31 .Configuration Management • Asset Management • Assurance the recorded CIs (Configuration Item) from receipt to disposal • Not only Asset Management but also provide relationship among CIs CMDB (Configuration Management Database) is a single repository of information will be accessed across the Service Management process. and is a major driver of consistency between processes ITIL Essentials (Foundations) Oct 14.

6 .Remedy SLA 5.6 BMC Atrium 6.0 .Remedy Helpdesk 5.6 .Remedy Change Management 5.Configuration Management Remedy ITSM 6.6 . 2006 page 32 .3 = CDMB ITIL Essentials (Foundations) Oct 14.Remedy Asset Management 5.

Created first time as a baseline .Use as a point to fall back to if things go wrong ITIL Essentials (Foundations) Oct 14. and capturing both structure and details .Updated of CIs affected as changed by RFC . 2006 page 33 .Configuration Management Configuration Baseline is a configuration of a system established at a specific point in time.

2006 page 34 .Configuration Management – Relationship with others ERROR INCIDENT PROBLEM KNOWN ERROR RFC CHANGE AUTHORIZED CHANGE IMPLEMENTED CDMB ITIL Essentials (Foundations) Oct 14.

2006 page 35 .What questions do you have? ITIL Essentials (Foundations) Oct 14.

2006 Change Management page 36 .Oct03-23-05 14.

and the improve the day-to-day operation of the organizations Input of RFC .Change Management Purpose To ensure that standardize method and procedure are used to handle all changes in order to minimize the impact of change-related incidents.A proposed to add/change/remove a CI . 2006 page 37 .Product or service changes from vendors/suppliers ITIL Essentials (Foundations) Oct 14.Changes in business requirement or Policy .Required resolution of an incident or problem .A proposed to upgrade the infrastructure .

resource plan.Change Management . issue agenda of RFCs to CAB – Chair CAB meeting – Update authorized change status (post implementation) – Produce Change Management report • CAB (Change Advisory Board) Roles – Review RFCs. implementation plan.Roles • Change Manager Roles – Receive. UAT. ensure to evaluate of RFCs’ impact. Log. Assign priority to RFCs – Reject RFCs which are impractical – Consolidate. and Rollback plan – Provide approval or not approval for the RFCs ITIL Essentials (Foundations) Oct 14. 2006 page 38 .

a minimum steps qualifying to approve such urgent changes ITIL Essentials (Foundations) Oct 14. setting up access profiles for a new employee • Urgent Changes – A change that requires immediate action in the managed IT environment and cannot be executed through the normal change/authorization process – Most of urgent changes are reactive changes E. E. Urgent RFCs from Problem Management to fix error (during the incidents) IT organization should also identify process to handle such urgent change such as who can be CAB to approve the urgent changes.Change Management .g.Types • Standard pre-approved Changes – An accepted solution to an identifiable and relatively common set of requirements.g. where authority is effectively in advance of implementation. 2006 page 39 .

ITIL Essentials (Foundations) Oct 14. many urgent changes request for approval over the telephone.Change Management – Abuse of Urgent change Do NOT request Urgent Change for … – Would be nice to have completed early – Was accidentally submitted too late for the CAB – Attempting to avoid all of the planning processes – To compensate for poor planning Note: An Urgent Change should be avoided if possible and used only when required. 2006 page 40 . Approval of the RFCs in such situation can cause instability in the production environment. Urgent Changes skip the normal planning and communication process.

What questions do you have? ITIL Essentials (Foundations) Oct 14. 2006 page 41 .

2006 Release Management page 42 .Oct03-23-05 14.

Release Management . both technical and non-technical. 2006 page 43 .Purpose To take a holistic view of a change to an IT service and ensure that all aspects of a release. are considered together. •PROTECTS THE PRODUCTION ENVIRONMENT ITIL Essentials (Foundations) Oct 14.

which is concerned with verification • particularly useful in distributed multi-tier environments.Release Management Usually Release Management will be used for . unlike Change Management.Bundle relates set of changes Release Management • is concerned with implementation. 2006 page 44 . which need to be coordinated ITIL Essentials (Foundations) Oct 14. where an implementation may consist of a number of different components supported by different technology domains.Large or critical hardware / software roll out .

Release Management Responsibilities: • Plan the rollout of software and related hardware. • Create procedures for the distribution and installation of changes to IT systems • Communicate and manage customer expectations during the planning and rollout of releases • Implementing new releases into the operational environment using the controlling processes of Configuration and Change Management. • Ensuring that master copies of all software are secured in the Definitive Software Library (DSL) and that the Configuration Management Database (CMDB) is updated ITIL Essentials (Foundations) Oct 14. 2006 page 45 .

• In a larger organization there may be dedicated Release Management staff for particular systems. 2006 page 46 . in particular Change Management and Configuration Management.Release Management – Functions and Roles Release Management staff In most of companies the Release Management function may well be combined with several other Service Management disciplines. ITIL Essentials (Foundations) Oct 14.

2006 page 47 .Activities A Release is a collection of authorized changes into an IT environment ITIL Essentials (Foundations) Oct 14.Release Management .

Release Management – Process Relationships Incident Management Problem Management RFC Change Management Approved RFC New projects HW and SW Incidents Release schedules Release Management Service Desk Release schedules Release schedules Configuration Configuration -assets Management -relationships CpM AvM SCM ITIL Essentials (Foundations) Service Delivery Oct 14. 2006 Service Level Management -Monitoring -software -availability page 48 .

Change and Configuration Management Change mgnt ensures that new/modified CIs are implemented to Production environment properly Change Management Release Management Change Mgnt ensures that Configuration Items are accurate due to changes Configuration Mgnt ensures that Release Mgnt use the correct CIs version Configuration Management ITIL Essentials (Foundations) Oct 14. 2006 page 49 .Release.

What questions do you have? ITIL Essentials (Foundations) Oct 14. 2006 page 50 .

2006 ITIL Essentials (Foundations) Course Second Part: Service Delivery page 51 .Oct03-23-05 14.

2006 page 52 .Service Delivery Agenda Service Support Service Desk Incident Mgnt Problem Mgnt Configuration Mgnt Change Mgnt Release Mgnt Service Delivery SLM Financial Mgnt Capacity Mgnt IT Service Cont Mgnt Availability Mgnt Security Mgnt ITIL Essentials (Foundations) Oct 14.

Service Delivery . 2006 page 53 .Overview BUSINESS / USERS Service Level Management COSTS Financial Management SERVICE DELIVERY Capacity Availability Management Management IT Service Continuity Management Security Management RISK TECHNOLOGY ITIL Essentials (Foundations) Oct 14.

2006 page 54 . Security Management sits under the Information Security umbrella but will be addressed today due to the criticality of information security in today’s IT environment. There are five processes within the Service Delivery umbrella and they are: – Service Level Management – Financial Management for IT Services – Capacity Management – IT Service Continuity Management – Availability Management.Service Delivery Service Delivery looks at the long term planning and improvement of IT service provision. which will also improve efficiency and the achievement of business goals. ITIL Essentials (Foundations) Oct 14.

•SERVICE DEFINITION AND STANDARDS ITIL Essentials (Foundations) Oct 14. in line with business or cost justification. monitoring and reporting upon IT Service achievements and the instigation of actions to eradicate poor service. 2006 page 55 .Service Level Management .Purpose To maintain and improve IT service quality through a constant cycle of agreeing.

2006 page 56 . where regular lines of communication are maintained between the IT service provider and the IT customer • process is responsible for ensuring Service Level Agreements (SLAs) and Operational Level Agreements (OLAs) or underpinning contracts (UCs) are met ITIL Essentials (Foundations) Oct 14.Service Level Management .Role Service Level Management • is essential in any organization so that the level of IT service needed to support the business can be determined. and monitoring can be initiated to identify whether the required service levels are being met. • is a client facing role.

Types of Agreements and Contracts
Internal/External Customers

Service Level Agreements
(Business Language)

Operational Level Agreements
(Technical Language)

IT Service Level Management

Underpinning Contracts (supporting)
(Technical Language)

Internal Suppliers and Maintenance Personnel
ITIL Essentials (Foundations) Oct 14, 2006

External Suppliers and Maintenance Personnel
page 57

Service Level Management - Activities
Cso eDmn ut mr e a d Sr ic L v l ev e ee Rq i e e t e u mn r s Sr ic Se ev e p c Se t he s Sr ic Qa y ev e u lit Pn la Sr ic ev e Ct lo u aa g e Sr ic L v l ev e ee Ar e e t ge mn Oeai n l p r to a Lv l ee Ar e e t ge mn Ud r in i g n ep n n Cn at ot c r Mn oi g o i rn : t Sev eL v ls ri c ee Rp r e ot Sr ic L v l ev e ee Ah v mn c iee e t Sr ic L v l ev e ee Rp rs e ot Sr ic ev e I poe e t mr v mn P ga r rm o I e tf : d ni y nes ed Dfn : ei e I t r a ad n n lly n e Et r a xen l ly

Cnr c: o t at -Ng t t e oia e -D f r t a -A e d mn -Cnlu e oc d

Rve ei w

ITIL Essentials (Foundations)

Oct 14, 2006

page 58

Service Catalogue
• A list of all services • The characteristics of each service • Information on the use of the service

ITIL Essentials (Foundations)

Oct 14, 2006

page 59

Contents of a Service Level Agreement • Scope of the agreement • Service description • Signatories • Date of next review • Service hours • Service availability • Support levels • Performance • Security • Functionality • Charges • Change procedure • Contingency • Anticipated growth • Restrictions • Training • Change procedure for the Service Level Agreement ITIL Essentials (Foundations) Oct 14. 2006 page 60 .

Service Level Management . 2006 page 61 . customers can draw a balance between service costs and required quality • The IT organization can control resource management and reduce costs in the long term as the organization can specify the required services and components • Improved customer relationships and satisfaction ITIL Essentials (Foundations) Oct 14.Benefits • IT services are designed to meet expectations outlined in SLRs • Service performance can be measured *Reporting is Critical to the success of Service Level Agreements • If charged.

Service Level Management – Process Relationships Service Desk Incidents RFC Incident Management Service Support Change Management SLAs OLAs Problem Release Configuration Management Service definitions Customer SLAs SLRs Service Level Management SLAs OLAs UCs Third Party Suppliers Planning Capacity Availability Continuity Oct 14. 2006 Service Delivery Finance ITIL Essentials (Foundations) page 62 .

Service Level Management
SLR - Service Level Requirement SLA - Service Level Agreement



UC Suppliers Suppliers Suppliers

OLA - Operational Level Agreement UC - Underpinning Contract
ITIL Essentials (Foundations)


End User

Oct 14, 2006 page 63

What questions do you have?
ITIL Essentials (Foundations) Oct 14, 2006 page 64

Oct03-23-05 14, 2006

Financial Management for IT Services

page 65

2006 page 66 . •CONTROL AND RECOVER IT COSTS ITIL Essentials (Foundations) Oct 14.Financial Management for IT Services .Purpose To provide cost effective stewardship of the IT assets and the financial resources used in the IT services provided.

ITIL Essentials (Foundations) Oct 14. 2006 page 67 .for any aspects of recovering costs from the customers (charging). and • Budgeting – defining and implementing IT budgetary process • Charging .Financial Management for IT Services – Role Financial Management is responsible for • Accounting for the costs (costing) and return on IT service investments (IT portfolio management).

particularly those responsible for service level management. 2006 page 68 .Financial Management for IT Services – Functions and Roles Finance Manager Responsibility for: • Managing the IT budget • Gathering suitable cost data to develop a cost model • Preparing regular bills for the customer Note: • The Finance Manager for IT Services may not necessarily be a dedicated resource. • The process may have an owner within the IT department who liaises with the Finance department of the organization and senior IT managers. ITIL Essentials (Foundations) Oct 14.

Charging and Budgeting Cycle Business IT requirements IT operational plan (inc. Budgets) Cost analysis (Accounting) Charges Financial targets Costing models Feedback of proposed charges to business ITIL Essentials (Foundations) Charging policies Oct 14.The Costing. 2006 page 69 .

CPUseconds. activity (Activity Based Costing).) ITIL Essentials (Foundations) Oct 14. minute. activities or other categories • Several types – Cost-by-service.Cost Model • A framework in which all known costs can be recorded and allocated to specific Customers. 2006 page 70 . change. Customer or location • Define the Cost Unit for services or activities (transaction. incident. etc. storage.

2006 page 71 .Pricing Policy • Market price – the price charged by external suppliers • Going rate – comparable to other internal organizations • Cost plus – input cost plus uplift • Cost – total cost of ownership • Fixed price – negotiated price for a fixed period ITIL Essentials (Foundations) Oct 14.

Financial Management – Process Relationships Customer • • • • • • • Purpose … Activities Benefits Relationships Between Processes Potential Challenges/Problems KPIs Services Service Level Management Budget Spend Business Relationship Management Cost model Charging Financial Management Performance Usage Service Support Configuration Management Cost model Charges Changes with cost affects Capacity Management Service Delivery Performance Usage ITIL Essentials (Foundations) Oct 14. 2006 page 72 .

2006 page 73 .What questions do you have? ITIL Essentials (Foundations) Oct 14.

2006 Capacity Management page 74 .Oct03-23-05 14.

Purpose To ensure that cost justifiable IT capacity always exists and that it is matched to the current and future identified needs of the business. 2006 page 75 .Capacity Management . ITIL Essentials (Foundations) Oct 14.

2006 page 76 . • Assessing new technology or products which may improve efficiency of the capacity process. ITIL Essentials (Foundations) Oct 14. trending and forecasts for future usage • Identifying needs for increases or reductions in hardware based on SLR and cost • Performance testing of new systems • Sizing all proposed new systems to determine resources required.Capacity Management – Functions and Roles Capacity Manager • Reporting on current usage of resources.

SLRs and Service Catalogue  Business plans and strategy  IS/IT plans and strategy  Business requirements and volumes  Operational schedules  Deployment and development plans and programs  Forward Schedule of Change  Incidents and Problems  Service Reviews  SLA breaches  Financial plans  Budgets Sub-process Outputs  Business Capacity Management  Service Capacity Management  Resource Capacity Management            Capacity plan Capacity Database Baselines and profiles Thresholds and alarms Capacity reports (regular. 2006 page 77 . ad hoc and exception) SLA and SLR recommendations Costing and charging recommendations Proactive changes and service improvements Revised operational schedule Effectiveness reviews Audit reports ITIL Essentials (Foundations) Oct 14.Input and Output Data Requirements Inputs  Technology  SLAs.

and report on service performance. establish baselines and profiles of use of components • Service Capacity Management – Monitor.Sub-Processes • Resource Capacity Management – Monitor. analyze. tune. model. size and document future business requirements ITIL Essentials (Foundations) Oct 14. establish baselines and profiles of use for services. run and report on the utilization of components. analyze. 2006 page 78 . manage demand for services • Business Capacity Management – Trend. forecast. prototype.

Capacity Management – Process Relationships Service Level Management Monitoring Reporting Requirements Plans Requirements Capacity Management Plans Incident Management Problem Management Change Management SLR Service Support Customer Plans Planning Availability Continuity Service Delivery ITIL Essentials (Foundations) Oct 14. 2006 page 79 .

2006 page 80 .What questions do you have? ITIL Essentials (Foundations) Oct 14.

2006 IT Service Continuity Management page 81 .Oct03-23-05 14.

IT Service Continuity Management – Purpose To support the overall Business Continuity Management process by ensuring that the required IT technical and services facilities can be recovered within required and agreed business timescales. 2006 page 82 . •KEEP THE BUSINESS IN BUSINESS ITIL Essentials (Foundations) Oct 14.

IT Service Continuity Management – Functions and Roles The primary goal of ITSCM Manager is to implement and maintain the ITSCM process in accordance with the overall requirements of the organization's Business Continuity Management (BCM). 2006 page 83 . ITIL Essentials (Foundations) Oct 14. and to represent the IT services within the BCM function.

MURPHY LAW……Anything can go wrong . You cannot recover what you have not planned. ITIL Essentials (Foundations) Oct 14. 2006 page 84 . will go wrong You cannot control what you cannot measure.Thoughts that should avoid… • Too expensive • Disaster unlikely to happen • More important things to do • We will ‘muddle through’ • Unaware of the business risks Thought that should have….

team services. integrate across organization Crisis Management. negotiate Task execution. contract site management. 2006 page 85 . resource authorization Senior Management Junior Management Undertake IT Service Continuity Invocation. allocate responsibilities. liaison for services. perform testing. communicate and maintain awareness. team leadership.IT Service Continuity Management – Functions and Roles Role Roles in Normal Operation Roles in Crisis Situation Board Level Initiate IT Service Continuity.ordination. set policy. direct and authorize Manage IT Service Continuity. define deliverables. accept deliverables. external affairs Co. corporate decisions. manage testing and and reporting assurance Develop deliverables. develop and membership liaison operate processes and procedures Supervisors and Staff ITIL Essentials (Foundations) Oct 14. direction and arbitration. analysis.

IT Service Continuity Management – Activities Stage 1 .Initiation Initiate BCM Business Impact Analysis Risk Assessment Business Continuity Mgt Stage 3 Implementation Implement Stand-by Arrangements Organization and Implementation Planning Develop Recovery Plans Develop Procedures Initial Testing Implement Risk Reduction Measures Stage 2 – Requirements & strategy Stage 4 – Operational Education & Management Awareness Review & Audit Testing Change Management Training Assurance ITIL Essentials (Foundations) Oct 14. 2006 page 86 .

Generally a combination of reducing risks to assets with greatest vulnerability or with higher business impact with a recovery plan will be implemented. Recovery Options Do nothing Return to manual systems Gradual recovery (cold stand-by) (72 hrs) Intermediate recovery (warm stand-by) (24-72 hrs) Immediate recovery (hot start. 2006 page 87 .IT Service Continuity Management – Risk Reduction and Recovery Options It is rare that an organization will choose only risk reduction (prevention measures) or recovery options. hot stand-by) (<24 hrs) Combinations ITIL Essentials (Foundations) Oct 14.

Gradual Recovery Facilities (cold standby 72+ hours) • Accommodations • Power • Environmental controls • Network cabling infrastructure • Telecommunications Does not include ANY computing equipment ITIL Essentials (Foundations) Oct 14. 2006 page 88 .

Intermediate Recovery Facilities (warm standby 24-72 hours) • Accommodations • Power • Environmental controls • Network cabling infrastructure • Telecommunications • Operations. peripherals. 2006 page 89 . communications equipment and / or operating systems ITIL Essentials (Foundations) Oct 14. system management and technical support • Processors.

2006 page 90 . system management and technical support • Processors. peripherals and communications equipment • Operating systems.Immediate Recovery Facilities (hot standby <24 hours) • Accommodations • Power • Environmental controls • Network cabling infrastructure • Telecommunications • Operations. applications and data mirrored from the operational servers ITIL Essentials (Foundations) Oct 14.

IT Service Continuity Management – Process Relationships Service Level Management Exercise / Service Recovery Incident Management Problem Management SLR Plans Requirements Requirements Service Continuity Management Planning Change Management Configuration Management Service Support Customer Plans Incidents Service Desk Event Monitoring Planning Capacity Availability Service Delivery ITIL Essentials (Foundations) Oct 14. 2006 page 91 .

What questions do you have? ITIL Essentials (Foundations) Oct 14. 2006 page 92 .

2006 Availability Management page 93 .Oct03-23-05 14.

Availability Management .Purpose To optimize the capability of the IT infrastructure and supporting organization to deliver a cost effective and sustained level of availability that enables the business to satisfy its business objectives. 2006 page 94 . •ENSURE RESOURCES ARE AVAILABLE AND EFFECTIVE ITIL Essentials (Foundations) Oct 14.

reliability & maintainability achieved Availability monitoring Service level achievements ITIL Essentials (Foundations) Availability Plan Oct 14. reliability & maintainability requirements Incident and problem data OUTPUTS Availability & recovery design criteria Configuration & monitoring data A V A I L A B I L I T Y M A N A G E M E N T IT infrastructure resilience & assessment Agreed targets for availability and maintainability Reports of availability. 2006 page 95 .The Availability Management Process INPUTS Business availability requirements Business impact assessment Availability.

as Maintainability but for external suppliers • Security . how long can it perform) • Resilience – the ability of the component to continue providing the service even though some piece is no longer functioning (i. an aspect of overall availability Confidentiality. 2006 page 96 . Integrity and Availability (CIA) – the basis of security ITIL Essentials (Foundations) Oct 14.is the ability to retain or restore an IT Service or component to an operational state (internal) • Serviceability . Integrity and Availability of the services and associated data.Availability Management Terminology • Availability .e.is the ability for an IT Service or component to perform its required function at a stated instant or over a stated period • Reliability – the tendency of an IT Service or component not to fail (i. fault tolerance) • Maintainability .e.Confidentiality.

Availability Management Terminology Basic Availability Calculation (2 of 2) (Agreed service time – downtime) Availability = ____________________________ Agreed service time x 100 Remember the definition of a "Service” ITIL Essentials (Foundations) Oct 14. 2006 page 97 .

Availability Management Activities • Designing for availability (Proactive perspective) – The technical design of the IT infrastructure and the alignment of the internal and external suppliers required to meet the availability requirements of the service • Designing for recovery (Reactive perspective) – The design points required to ensure that in the event of an IT service failure. 2006 page 98 . the service can be reinstated to resume normal business operations as quickly as possible ITIL Essentials (Foundations) Oct 14.

2006 page 99 . wasted materials or goods. financial penalties or fines) Impact on Customer Service / Reputation (Where / if known) ITIL Essentials (Foundations) Oct 14.The Monetary Impact of Unavailability User productivity loss IT productivity loss + + + + = = = Hourly cost of User affected Hourly cost of IT staff Lost revenue per hour X X X Hours of disruption Hours of disruption Hours of disruption Lost revenue Other business losses incurred (Overtime.

5% W orkstation 96% Host x N etw ork x Server x W orkstation = Availability 0.98 x 0.Calculating Availability M inicom puter 99.96 = 0.8% N etw ork 98% Server 99.4% ITIL Essentials (Foundations) Oct 14.998 x 0. 2006 page 100 .934 93.995 x 0.

Availability Management – Process Relationships Service Level Management SLA Monitoring Downtime Monitoring Cause Incident Management Problem Management Change Management SLR Plans Requirements Availability Management Service Support Customer Plans Change Planning Configuration Management Incidents Service Desk Event Monitoring of Downtime Planning Capacity Continuity Service Delivery ITIL Essentials (Foundations) Oct 14. 2006 page 101 .

2006 page 102 .What questions do you have? ITIL Essentials (Foundations) Oct 14.

2006 Security Management page 103 .Oct03-23-05 14.

2006 page 104 . It has links with all processes It also includes managing the reaction to security incidents. independence and external requirements. •PROTECT DATA ITIL Essentials (Foundations) Oct 14.Purpose Security Management is the process of managing a defined level of security on information and IT services .Security Management . • To provide a basic level of security. Security Management has two objectives: • To meet the security requirements of SLAs and other external requirements further to contracts. legislation and externally imposed policies.

064.670.592 116.847.470.250 45.The Cost of Security Incidents Incident Type Proprietary Information Fraud Denial of Service Virus Insider Access Laptop Theft 1999 $1.500 26.496.652 1.560 ITIL Essentials (Foundations) Source: CSI/FBI Computer Crime and Security Survey Oct 14.734.920 2004 $11.900 4.000 7.500 Total losses reported in the 2004 report was: $141.050 55.680 2006 page 105 .205 6.465 142.

2006 page 106 ITIL Essentials (Foundations) .Security Management . Oct 14. as it is much more difficult to manage a large number of different SLAs than a limited one.Role • Confidentiality – protecting the business information from failure and attack – is more than locking server rooms or insisting on password discipline. • Integrity – timeliness or correctness require careful consideration of information flows and – safeguards against incorrect values • Availability – maintaining the uninterrupted operation of the IT organization – also helps to simplify Information Security Service Level Management.

2006 page 107 .Security Management Activities * • Plan – – – – – – Establish the structure of the Security section of the Service Level Agreements. Operational Level Agreements and Underpinning Contracts Establish the security baseline (or minimum security standards) Establish and maintain security awareness Establish the procedures to identify and classify security incidents Establish the procedures to handle security incidents Conducting security audits • • • – – – – – – – – – Using Internal resources Using External resources Self assessment (using Security Management resources) • Implement • Evaluate Ongoing review and analysis of security incidents Establish the structure and controls for security functions Defines the roles & responsibilities (including the line of command) Ensure the continuity of security measures Update to the security handbooks Communicate the effectiveness and efficiency of the security management process and functions Communicate the number and type of security incidents Communicate the action plans to improve/correct security measures Communicate compliance with security policy • Control • Maintain • Report ITIL Essentials (Foundations) Oct 14.

Security Management – Process Relationships Service Level Management Incidents SLA Monitoring Virus Incident Management Problem Management Change Management SLR Plans Requirements Security Management Service Support Customer Plans Change Planning Configuration Management Release Management Incidents Service Desk Attacks Planning Capacity Continuity Availability Service Delivery ITIL Essentials (Foundations) Oct 14. 2006 page 108 .

2006 Quick Review page 109 .Oct03-23-05 14.

2006 .ITIL Process Linkages IT Service Continuity Management Strong Relationship Availability Management Capacity Management Uses Communicates With Configuration Management Change Management Financial Management Release Management Service Level Management Problem Management Incident Management and Service Desk ITIL Essentials (Foundations) Oct 14.

2006 page 111 .Attitude Change The organization works better We can learn Recommending improvements Understanding Structure helps May have benefits Would be nice in a perfect world Bureaucratic Too much delay Paper chase It won't work for us Time and Effort We already do that ITIL Essentials (Foundations) Oct 14.

2006 page 112 .Roles that could be combined • Configuration Management and Release Management • Configuration Management and Change Management • Service Level Management and Financial Management for IT Services ? ITIL Essentials (Foundations) Oct 14.

Roles that should not be combined • Problem Management and Incident Management • Problem Management and Change Management • Capacity Management and Availability Management ITIL Essentials (Foundations) Oct 14. 2006 page 113 .

itsmf. and white-papers on ITSM ITIL Essentials (Foundations) Oct 14.co.pultorak.itsmf.check out Event/Presentation for local context and players.com/ The OGC – the organization that publishes the ITIL books ITIL UK – Official Web Site Loyalist College [Belleville.itilexams.com http://www. Ontario] ITIL Certification Agent http://www. newsletters.do http://www.nextslm.ca/ The global IT Service Management Forum site The ITSMF – US site ItSMF Canada Site – IT Service Management Forum .org/mc/page.staytech.Some Useful Websites http://www.org/ Tools. 2006 page 114 .com/ General ITSM information and white-papers Ottawa based ITIL Services/Training provider “Links” contains a good selection of ITIL Information/Solution providers http://www.itil.htm http://www.gov. http://www.uk http://www.itsmfusa.ogc.com/pcbit/itsm.uk http://www.

What questions do you have? ITIL Essentials (Foundations) Oct 14. 2006 page 115 .

Go home! ITIL Essentials (Foundations) Oct 14. 2006 page 116 .

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.