ITIL Foundations Certification Course

ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office. IT Infrastructure Library® is a Registered Trade Mark of the Central Computer and Telecommunications Agency which is now part of the Office of Government Commerce.


Page 1

 ITIL History  What is ITIL?  The ITIL Framework  ITIL Certifications  Benefits of ITIL  Remember about ITIL


Page 2

ITIL History
• In the late 1980‟s, the British govt. asked the Central Computer and Telecommunications Agency (CCTA) to structure the IT organisations of the British government agencies.

• This resulted in the IT Infrastructure Library, a library of books describing best practices in IT management, and a detailed approach for the implementation of these best practices.
• The aims of the CCTA in developing the IT Infrastructure Library were: – – – – to facilitate the quality management of IT services. increase the efficiency with which the corporate objectives are met. to improve efficiency, increase effectiveness, and reduce risks. to provide codes of practice in support of total quality.


Page 3

What is ITIL? • ITIL is a compilation of best practices in IT Service Management. • ITIL defines the organisational structure and skill requirements of an information technology organisation and a set of standard operational management procedures to allow the organisation to manage an IT operation and associated IT infrastructure. 3/31/2012 Page 4 . developed by the OGC (Office of Govt. qualifications and an international user group. • ITIL does not set in stone every action you should do on a day-to-day basis as that is something which differs from organisation to organisation. it allows the IT Infrastructure Library to be utilised within organisations with existing methods and activities in Service Management. Commerce) and supported by publications. Instead. • IT Service Management is concerned with delivering and supporting IT services that are appropriate to the business requirements of the organisation.

to the testing.The ITIL Framework • ITIL comprises of seven distinct books: Service Support • describes the processes associated with the day-to day support and maintenance activities associated with the provision of IT services – Service Delivery • covers the processes required for the planning and delivery of quality IT services and looks at the longer term processes associate with improving the quality of IT services delivered – ICT (Information & Communications Technology) Infrastructure Management • covers all aspects of ICT Infrastructure Management from identification of business requirements through the tendering process. and ongoing operation and optimisation of the ICT components and IT services 3/31/2012 Page 5 . installation. deployment.

up to and including retirement. the development of a vision and strategy and the most appropriate method of approach.The ITIL Framework – Planning to implement Service Management • examines the issues and tasks involved in planning. to ensure that the business obtains best value from its investment. through all stages in the application lifecycle. It places emphasis on ensuring that IT projects and strategies are tightly aligned with those of the business throughout the application lifecycle. – Application Management • describes how to manage applications from the initial business need. It also addresses the issues associated with addressing Cultural and Organisational Change. 3/31/2012 Page 6 . implementing and improving Service Management processes within an organisation.

The ITIL Framework – The Business Perspective • provides advice and guidance to help IT personnel to understand how they can contribute to the business objectives and how their roles and services can be better aligned and exploited to maximise that contribution – Security Management • details the process of planning and managing a defined level of security for information and IT services. including all aspects associated with reaction to security Incidents. and the implementation of cost justifiable countermeasures 3/31/2012 Page 7 . It also includes the assessment and management of risks and vulnerabilities.

3/31/2012 Page 8 .

ITIL Framework • • • • • • Service Desk Configuration Management Incident Management Problem Management Change Management Release Management Planning to implement service management • • • • • Service Level Management Availability Management Capacity Management Financial Management for IT Services IT Services Continuity Management • Guidance on integrating the business perspective into every aspect of service management Service management The business perspective Service support ICT Infrastructure management • • • • Design and Plan Deployment Operations Technical Support The technology The technology The business Service delivery Software Asset Management Security management • IT Infrastructure Security Management • Security setup from the IT manager's point of view Application management • • • • • What is the vision? Where are we now? Where do we want to be? How do we check our milestones? How do we keep momentum? • • • • Organization & Roles Process Overview Tools & Technology Partners and SAM • • • • • • Manage the Business Value Align Service Delivery with Business Strategy Drivers and Organizational Capability Application Lifecycle Management Organization Roles and Functions Control Methods and Techniques 3/31/2012 Page 9 .

ITIL Framework ( contd… ) • The two most commonly used disciplines are Service Support and Service Delivery • Service Support comprises of : – Service Desk – Incident Management – Problem Management – Configuration Management – Change Management – Release Management • Service Delivery comprises of : – Service Level Management – Financial Management for IT Services – Capacity Management – Availability Management – IT Service Continuity Management 3/31/2012 Page 10 .

3/31/2012 Page 11 .

status.Resolve incidents as they occur Service Management Service Delivery Availability Problem Capacity Change ITSCM Define what services and service levels will be supported and delivered Release SLM Ensure the greed services are available at agreed levels Ensure agreed services have the required and agreed to capacity Service Support Incident Service Desk Identify root causes of incidents and submit RFCs to remove them Single Point of Contact for users of IT Services Ensure standard methods and procedures are used from the RFCs to the PIR Manage major hardware and software releases as part of effective change management Manage technical information regarding the version. FMITS Config Ensure agreed-to services can recover after a disruption as a part of business continuity management Budget. ownership and relationships among IT assets. account and optionally charge for IT services 3/31/2012 Page 12 .

itSMF and the Examination Institutes • Official qualifications based on ITIL are currently offered by the following Examination Institutes : – ISEB (The Information Systems Examination Board).ITIL Certifications • ITIL accreditation demonstrates that an individual has met the standards in Service Management as set by an examination certification board comprising representatives of OGC. a wholly owned subsidiary of the British Computer Society – EXIN (the European Examination Institute for Information Science) in the Netherlands • ITIL qualifications are recognised world-wide. the qualification is recognised by the industry 3/31/2012 Page 13 . Whether you passed your exam via ISEB or EXIN.

and performing the activities that belong to those processes – Managers Certificate This is aimed at those who need to demonstrate a capability for managing ITIL-based solutions across the breadth of the Service Management subjects.ITIL Certifications (contd. 3/31/2012 Page 14 .) – Foundations Certificate This is designed to provide a foundation level of knowledge in IT Service Management and is aimed at all personnel who wish to become familiar with the best practices for IT Service Management – Practitioners Certificate This is aimed at those who are responsible within their organisation for designing specific processes within the IT Service Management discipline..

ITIL Certifications Foundations Essential (2 days) Practitioners (9 certificates) Change Manager (5 days) Service Level Manager (5 days) 1 hour Multiple choice (Know list of Basic Concepts) 1 hour Multiple choice Prerequisites form assessed by Examination Board In course assessment 3 hour examination (essay form) Service Delivery (5 days) Service Support (5 days) 3 hour examination (essay form) Service Manager 3/31/2012 Page 15 .

measurable rate of success – Processes and procedures that can be audited for compliance to “best practice” guidelines 3/31/2012 Page 16 . the board and stakeholders. through the delivery of rapidly recoverable. consistent services – Improved communication and better working relationships between IT and the business – The ability to absorb a higher rate of Change with an improved.Benefits of ITIL • Adopting ITIL guidance can provide such benefits as: – Continuous improvement in the delivery of quality IT services – Reduced long term costs through improved Return On Investment through process improvement – Demonstrable Value For Money to the business. through greater efficiency – Reduced risk of not meeting business objectives.

.Remember about ITIL . • Remember : – ITIL describes what needs to be done but NOT how it should be done – ITIL does NOT define: • Every role. every other equipment. but it instead contains “best practices” that have observed and accepted in the industry 3/31/2012 Page 17 . every required customisation • Every process. procedure and task required to be implemented – ITIL does NOT claim to be a comprehensive description of everything within IT. job or organisation design • Every tool.

Service Support  Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management 3/31/2012 Page 18 .

Service Support 3/31/2012 Page 19 .

actions and opportunities that are likely to impact their ability to pursue their day-to-day activities • Incident Management – Restore normal service operations as quickly as possible – Should interface closely with Problem Management. Change management and the Service Desk – Incident priorities and escalation procedures need to be agreed as part of the Service Level Management process and documented in the SLAs 3/31/2012 Page 20 . on a day-to-day basis – Focal point for reporting Incidents and making service requests – Keeps Users informed of service events.The Service Support set • Service Desk – Single point of contact between service providers and Users.

The Service Support set • Problem Management – Prevent and minimize the adverse effect on the business of errors in the IT Infrastructure – Performs RCAs to establish the root causes of Problems – Requires the accurate and comprehensive recording of Incidents in order to identify effectively and efficiently the cause of the Incidents and trends – Liaises closely with Availability Management process to identify these trends and instigate remedial action • Change Management – Ensure standardized methods and procedures are used for efficient. prompt and authorized handling of all changes in the IT Infrastructure – Close relationship with Configuration Management and Release Management 3/31/2012 Page 21 .

maintaining and verifying the versions of all Configuration Items (CIs) – Stores information in the CMDB of what CIs available.The Service Support set • Release Management – Ensure that all technical and non-technical aspects of a release are dealt with in a coordinated approach – Actual implementers of Changes – Responsible for secure and managed rollout of Changes • Configuration Management – Provide a logical model of the IT Infrastructure by identifying. where are they available and how are they inter-connected 3/31/2012 Page 22 . controlling.

Service Support  Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management 3/31/2012 Page 23 .

pay for and own the IT Services.Service Desk • Service Desk acts as the Single Point of Contact (SPOC) between the users and the IT Services Organization • ITIL defines customers and users : – Customers : People (generally senior managers) who commission. sometimes referred to as "the business" – Users : People who use the services on a day-to-day basis 3/31/2012 Page 24 .

) • The primary functions of the Service Desk are : – Incident Control : life cycle management of all Service Requests – Communication : keeping the customer informed of progress and advising on workarounds • It handles all incoming calls and only directs them through to the second or third tier support when necessary : – for the customer.Service Desk (contd. it means that they only have to deal with issues that are related to their skills or area of responsibility is a FUNCTION 3/31/2012 Page 25 . the advantage is that they don‟t have to ring around searching for the right person to solve their problem – for IT personnel..The Service Desk is not a process .

maintenance contracts. problems and questions but also provides an interface for other activities such as change requests.Types • The Service Desk function is known under various names : – Call Centre • main emphasis on professionally handling large call volumes of telephonebased transactions – HelpDesk • manage. software licenses. Financial Management and IT Services Continuity Management 3/31/2012 Page 26 . Service Level Management. Configuration Management. Availability Management. co-ordinate and resolve incidents as quickly as possible – Service Desk • not only handles incidents.Service Desk .

processes and technology to deliver a service 3/31/2012 Page 27 .Service Desk .Types • Many Call Centres and HelpDesks naturally evolve into Service Desks to improve and extend overall service to the Customers and the Business • All three functions share common characteristics : – they represent the service provider to the Customer and the User (internal or external) – they operate on the principle that customer satisfaction and perception is critical – they depend on blending people.

is practical only until multiple locations requiring support services are involved – Central Service Desk • for organisations having multiple locations .Structures • The three types of structure that can be considered are : – Local Service Desk • to meet local business needs .reduces operational costs and improves usage of available resources – Virtual Service Desk • for organisations having multi-country locations .can be situated and accessed from anywhere in the world due to advances in network performance and telecommunications • reduces operational costs and improves usage of available resources 3/31/2012 Page 28 .Service Desk .

Local 3/31/2012 Page 29 .Service Desk .

Central 3/31/2012 Page 30 .Service Desk .

Virtual 3/31/2012 Page 31 .Service Desk .

based on agreed service levels – managing the request life-cycle. attempting to resolve them or refer them to someone who can.Functions • The common Service Desk functions include : – receiving calls and first-line customer liaison – recording and tracking incidents and complaints – keeping customers informed on request status and progress – making an initial assessment of requests.Service Desk . including closure and verification – communicating planned and short-term changes of service levels to customers – coordinating second-line and third party support groups – providing management information and suggestions for service improvement – identifying or contributing to problem identification – highlighting Customer training and education needs – closing incidents after confirmation with the Customer 3/31/2012 Page 32 .

Staff Profile • A Service Desk staff member should be : – articulate and methodical – trained in interpersonal skills – multilingual (if required) – able to understand the business‟s objectives – able to understand and accept that: • the Customer‟s Problem affects the business • without the Customer there is no support department • the Customer is an expert in their own field – genuinely wanting to deliver a first-class service 3/31/2012 Page 33 .Service Desk – Customer-focused .

Benefits • A Service Desk benefits an organisation by : – improved customer service. – better quality and speedier turnaround of customer requests – improved teamwork and communication – enhanced focus and a proactive approach to service provision – reduced negative business impact – better managed infrastructure and improved control – improved usage of IT support resources and increased productivity of business personnel – more meaningful management information for decision support 3/31/2012 Page 34 . perception and satisfaction – increased accessibility through a single point of contact.Service Desk . communication. and information.

Critical Success Factors • To introduce and maintain a successful Service Desk. agreed and regularly reviewed 3/31/2012 Page 35 . it is essential that: – business needs and requirements are understood – Customer requirements are understood – investment is made in training for customers. goals and deliverables are clearly defined – service levels are practical. support teams and Service Desk staff – service objectives.Service Desk .

Service Support
 Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management


Page 36

Incident Management
• An Incident is defined as “ any event which is not part of the standard operation of a service and which causes or may cause, an interruption to, or a reduction in, the quality of that service “ • The primary goal of Incident Management is to restore normal service operations as quickly as possible with the least possible impact on business operations, at a cost-effective price, thus ensuring that the optimum levels of service quality and availability are maintained • In lay-man terms, Incident Management is similar to “fire-fighting” • Inputs for Incident Management mostly come from users (through the Service Desk), but can have other sources as well like Automatic Detection Systems or Release Management


Page 37


Page 38

Incident Management – Functions 3/31/2012 Page 39 .

Incident Management – Incident detection and recording – Classification and initial support . tracking and communication 3/31/2012 Page 40 . monitoring.Functions • The primary functions of Incident Management are : – Investigation and diagnosis – Resolution and recovery – Incident closure – Incident ownership.

Incident Management .Functions • Incident detection and recording – Inputs • Incident details from Service Desk or event management systems – Actions • record basic details of the Incident • alert specialist support group(s) as necessary • start procedures for handling the service request – Outputs • updated details of Incidents • the recognition of any errors on the CMDB • notice to Customers when an Incident has been resolved 3/31/2012 Page 41 .

find quick resolution) • closing the Incident/routing to a specialist support group.or third-line support 3/31/2012 Page 42 . and informing User(s).Functions • Classification and initial support • recorded Incident details • configuration details from the CMDB • response from Incident matching against Problems and Known Errors – Actions • matching against Known Errors and Problems • informing Problem Management of the existence of new Problems and of unmatched or multiple Incidents • assigning impact and urgency.Incident Management – Inputs . or Incident routed to second. and thereby defining priority • providing initial support (assess Incident details. – Outputs • RFC for Incident resolution • updated Incident details. and • Work-arounds for Incidents.

Incident Classification • Incident Classification is used to : Specify the service with which the incident is related Associate with an SLA where appropriate Select/define the best specialist/group to handle the incident Identify the priority based upon the business impact & urgency Define what questions should be asked or information checked Identify a relationship to match against Known Errors or solutions • Typically classification consists of three parts: – Categorisation – Prioritising – Matching 3/31/2012 Page 43 .Incident Management – – – – – – .

Incident Management • Categorisation – Application • Service not available • Application bug/query .Incident Classification – Hardware • Automatic alert • Printer not printing – Service Request • Password forgotten – Security Incident • Virus 3/31/2012 Page 44 .

Example coding system for Incident classification 3/31/2012 Page 45 .Incident Management .

Incident Management • Prioritising . will depend upon : – The impact on the business – The urgency with which a resolution/work-around is needed – The size. scope and complexity of the Incident – The resources available for coping in the meantime and for correcting the fault 3/31/2012 Page 46 .Incident Classification The priority with which Incidents need to be resolved and therefore the amount of effort put into the resolution of and recovery from Incidents.

Incident Classification • All incidents are categorised in order to establish appropriate priorities and resolution lead times • To facilitate lead-times of incident resolution. accurate classification and sufficient registration is imperative • The criteria to consider when assigning priority are: – Impact : To what extent an incident results in a deviation from the normal service level.Incident Management . aspects are the number of users and the service concerned – Urgency : To what extent the solution of an incident can be postponed Priority = Impact x Urgency 3/31/2012 Page 47 .

Example of a priority coding system 3/31/2012 Page 48 .Incident Management .

which should require no further investigation effort.Incident Classification Matching is the process whereby the Incident details are compared to knowledge that is already present in the organisation. 3/31/2012 Page 49 . Successful matching could give access to proven resolution actions.Incident Management • Matching .

3/31/2012 Page 50 .

and a specification of the selection or required Work-around 3/31/2012 Page 51 . • collection and analysis of all related information.Incident Management • Investigation and diagnosis – Inputs .Functions • updated Incident details • configuration details from the CMDB – Actions • assessment of the Incident details. and resolution • (including any Work-around) or a route to n-line support – Outputs • Incident details yet further updated.

Functions • updated Incident details • any response on an RFC to effect resolution for the Incident(s) • any derived Work-around or solution – Actions • resolve the Incident using the solution/Work-around or. • updated Incident details 3/31/2012 Page 52 .Incident Management • Resolution and recovery – Inputs . to raise an RFC (including a check for resolution) • take recovery actions – Outputs • RFC for future Incident resolution • resolved Incident. including recovery details. alternatively.

Incident Management • Incident closure – Inputs • updated Incident details • resolved Incident .Functions – Actions • the confirmation of the resolution with the Customer or originator • „close‟ category • Incident – Outputs • updated Incident detail • closed Incident record 3/31/2012 Page 53 .

monitoring. and • Customer reports and communication 3/31/2012 Page 54 .Incident Management .Functions • Ownership. tracking and communication – Inputs • Incident records – Actions • monitor Incidents • escalate Incidents • inform User – Outputs • management reports about Incident progress • escalated Incident details.

Incident Management • .Escalation There are two levels of escalation possible: – Transferring an Incident from first-line to second-line support groups or further is called “Functional Escalation” and primarily takes places because of lack of knowledge or expertise – “Hierarchical Escalation” can take place at any moment during the resolution process when it is likely that resolution of an Incident will not be in time or satisfactory 3/31/2012 Page 55 .

Tasks 3/31/2012 Page 56 .Incident Management .

3/31/2012 Page 57 . allowing performance against SLAs to be accurately measured • improved management information on aspects of service quality • better staff utilisation.Benefits • The benefits to be gained by implementing an Incident Management process are: – For the business as a whole: • reduced business impact of Incidents by timely resolution. – For the IT organisation in particular: • improved monitoring.Incident Management . leading to greater efficiency • elimination of lost or incorrect Incidents and service requests • improved User and Customer satisfaction. thereby increasing effectiveness • the proactive identification of beneficial system enhancements and amendments • the availability of business-focused management information related to the SLA.

Incident Management .Critical Success Factors • The critical success factors for Incident Management are : – A sound up-to-date CMDB really helps – Create knowledge databases (KEDB) and make them „easily‟ accessible – Use tools whenever appropriate – Establish interfaces with other processes 3/31/2012 Page 58 .

Service Support  Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management 3/31/2012 Page 59 .

Problem Management analyses the root cause of the incidents. or from a single significant incident. • While Incident Management focuses on quick resolution of incidents. for which the cause is unknown. 3/31/2012 Page 60 .Problem Management • A problem is a “condition identified from multiple incidents exhibiting common symptoms. indicative of a single error.” • The goal of Problem Management is to minimize the adverse impact of incidents and problems on the business caused by errors within the IT Infrastructure. and to prevent reoccurrence of incidents related to these errors.

Problem Management • Problem Definition (contd..) Many criteria can be used to define a Problem including : – A number of related incidents – Incident closed via work-around (temporary fix) – Major incident – Information from third parties 3/31/2012 Page 61 .

.) • The unknown root cause of one or more incidents (not necessarily – or often – solved at the time the incident is closed) – Error • A condition that exists after the successful diagnosis of the root cause of a Problem – Known Error • Error + solution and/or workaround has been found – Known Error DataBase (KEDB) • Repository of known errors for the benefit and utilisation of Incident Management 3/31/2012 Page 62 .Problem Management Problem Management Terminology – Problem (contd.

When a problem is defined.) Problems can be identified from incidents. diagnosis takes place to find the root cause of the problem.Problem Management • (contd.. and then a change request is entered to correct the problem 3/31/2012 Page 63 .

end up resulting in a smaller number of RFCs 3/31/2012 Page 64 .) The "Funnel Effect" is shown below .Problem Management • (contd. after further investigation. after investigation. which usually.multiple incidents are usually. which are also reanalyzed and (usually) reclassified as yet a smaller number of known errors. re-classified as a smaller number of problems..

) • The primary functions of Problem Management are : – Problem Control: identifying the real underlying causes of incidents in order to prevent future reoccurrences 3/31/2012 Page 65 .Problem Management (contd..

) – Error Control : the processes involved in successful correction of Known Errors. The objective is to change IT components to remove Known Errors affecting the IT infrastructure and thus to prevent any recurrences of incidents 3/31/2012 Page 66 ..Problem Management (contd.

Problem Management (contd.) Investigation and Diagnosis of Problems The various methods include : – Ishikawa diagrams – Kepner and Tregoe – Brainstorming sessions – Voting – Flowcharts – Common sense – Deduction 3/31/2012 Page 67 ..

.) Proactive Problem Management comprises of : – Trend Analysis • Identifying „fragile‟ components of an IT Infrastructure and investigate the reasons for this „fragility‟ – Targeting preventive actions • Trend analysis can lead to the identification of faults in the IT Infrastructure which can then be analysed and corrected via Problem and Error Control – Improving procedures – Research other sources of knowledge about known errors 3/31/2012 Page 68 .Problem Management • (contd.

3/31/2012 Page 69 .

Problem Management (contd. The Known Error DataBase is a repository containing all these Known Errors. When a solution or a work-around is identified for this Error. it is transformed into a Known Error.) Known Error DataBase (KEDB) : • Problem Management reduces a Problem into an Error after it has successfully identified the root cause of the Problem. The KEDB is essentially for the utilisation of the Incident Management process and to prevent Incidents from becoming Problems • 3/31/2012 Page 70 ..

Known Error DataBase (KEDB) : 3/31/2012 Page 71 .

Problem Management analyses the root cause of the incidents 3/31/2012 Page 72 .Problem Management (contd..) Incident v/s Problem Management : While Incident Management focuses on quick resolution of incidents.

• The differences between Incident & Problem Management are : – Objectives are different – Different skills/expertise required – Time is less of an issue within Problem Management – Activities carried out are different 3/31/2012 Page 73 .) Incident v/s Problem Management : • Incident Management is the basis for defining Problems and information from Problem Management is made available for Incident Matching.Problem Management (contd..

Tasks 3/31/2012 Page 74 .Problem Management .

Problem Management

- Benefits

• The benefits of Problem Management are : – improved IT Service quality (by removing structural errors pro-actively) – reduction in the number of incidents – providing permanent solutions thereby resolved problems stay resolved – improving the organisation‟s knowledge by contributing known error data to the service desk / incident management / configuration management, etc.


Page 75

Problem Management

- Critical success factors

• The critical success factors for Problem Management are : – Keep Incident Management and Problem Management separate – Start with re-active Problem Management and then progress towards developing pro-active Problem Management – Makes use of tools to detect possible trends – Interface with Incident Management and Change Management


Page 76

Service Support
 Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management


Page 77

Change Management • A change is “an event that results in a new status of one or more configuration items (CI's)” 3/31/2012 Page 78 .

in order to minimise the impact of Change-related incidents and to improve day-to-day operations.Change Management • The goal of Change Management is to ensure that standardised methods and procedures are used for efficient handling of all Changes. • The main aims of Change Management are : – Minimal disruption of services – Reduction in back-out activities – Economic utilisation of resources involved in the change 3/31/2012 Page 79 .

modification or removal of CIs • Request for Change (RFC) – form used to record details of a request for a change and is sent as an input to Change Management by the Change Requestor • Forward Schedule of Changes (FSC) – schedule that contains details of all the forthcoming Changes 3/31/2012 Page 80 .Change Management Change Management Terminology • Change – the addition.

• Change Priorities – Urgent: change is required now. otherwise risk to current or future production – Normal: change solves serious mistakes or a lack in functionality – Low: change yields improvements that are not required by contract 3/31/2012 Page 81 .) – Category 0 : Is executed without prior contact. Change Manager authorises this RFC – Category 2 : Significant impact. Considerable resources required.. CAB discussion needed. Senior Management need to be a part of the CAB.Change Management • Change Categories (contd. in order to achieve the service levels – High: as soon as possible. Change Manager requests advice on authorisation and planning – Category 3 : Major impact. Used for workarounds/ temporary fixes – Category 1 : Little or no impact.

Request for Change ( RFC) 3/31/2012 Page 82 .

) – It is a formal document sent to Change Management by the Change Requestor requesting for a change..Change Management • Request for Change ( RFC) (contd. – Every RFC runs through a number of stages before the change can be implemented 3/31/2012 Page 83 .

.) – All implemented changes must be reviewed to establish whether: • The change has had the desired effect and met its objectives • There have been no unexpected or undesirable side-effects • The resources used to implement the change were as planned • Change Advisory Board (CAB) – The CAB is an advisory board that reviews RFCs and determines and provides detail of likely impact – CAB participants include : • Customers/users affected by the change • Representatives of Service Management areas • Application development teams 3/31/2012 Page 84 .Change Management • Change Review (contd.

.Change Management • (contd. and their availability at the time • What the CAB discusses : – Failed or backed-out Changes – Changes applied without reference to the CAB by Incident Management – RFCs to be assessed by CAB – Change reviews – Change management process 3/31/2012 Page 85 .) Change Advisory Board/ Executive Committee (CAB/EC) – The CAB/EC is responsible for authorising urgent changes – The members vary depending on their involvement with the urgent change.

Change Management .CAB attendees 3/31/2012 Page 86 .

Change Management • Change Approval Process (contd.. sensible and can be performed without serious interruptions to the business – Customer approval • To ensure that business managers are satisfied with the proposals and accept any impact to their requirements 3/31/2012 Page 87 .) – Financial approval • Indicates costs are within budgetary limits or cost-benefit criteria are met – Technical approval • Assurance that the Change is feasible.

Change Management .Tasks 3/31/2012 Page 88 .

Change Management .Benefits • The benefits of Change Management are : – increased visibility and better communication of changes – improved risk assessment of changes – fewer backed-out or failed changes – better productivity of Users (fewer disruptions) and IT Staff (duties clearly planned) – ability to absorb large number of changes – reduction in the number of incidents and problems caused by changes 3/31/2012 Page 89 .

Critical success factors • The critical success factors for Change Management are : – Be prepared for dealing with Urgent Changes – Integrate with Configuration and Release Management – Ensure management commitment is present and let them set the example – Choose appropriate Project Management methodologies 3/31/2012 Page 90 .Change Management .

Service Support  Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management 3/31/2012 Page 91 .

design. are considered • The input to the Release Management process comes from the Change Management process 3/31/2012 Page 92 .Release Management • Release Management undertakes the planning. build. configuration and testing of hardware and software to create a set of Release components for a live environment • Release Management takes a holistic view of a Change to an IT service and ensures that all aspects of a Release. both technical and non-technical.

A minor upgrade or Release usually supersedes all preceding emergency fixes – Emergency software and hardware fixes.Release Management Release Categories • (contd. normally containing the corrections to a small number of known Problems 3/31/2012 Page 93 . normally containing large areas of new functionality.. some of which may have already been issued as emergency fixes. A major upgrade or Release usually supersedes all preceding minor upgrades. some of which may make intervening fixes to Problems redundant.) A Release consists of the new or changed software and/or hardware required to implement approved Changes • Releases are categorised as : – Major software Releases and hardware upgrades. normally containing small enhancements and fixes. Releases and emergency fixes – Minor software Releases and hardware upgrades.

For ex: Security patches to plug bugs in a software – Full Release : means that the entire software program will be release again. For ex : an Operating System image containing the applications as well 3/31/2012 Page 94 .) Releases can be divided based on the release unit into : – Delta Release : is a release of only that part of the software which has been changed.Release Management • (contd. For ex : an entire version of an application – Packaged Release : is a combination of many changes ..

installation instructions and Release notes) – Guidance as to how and where Releases should be documented (e.. which tool to use and how) – A policy on the production of back-out plans 3/31/2012 Page 95 . plus a policy on issuing emergency fixes – Frequency of Releases – Expected deliverables for Releases (e.g.g.Release Management Release Policy (contd.) A Release policy should include : – Release naming and numbering conventions – A definition of major and minor Releases.

Release Management • (contd. Includes copies of purchased software (along with the license documents) as well as the software developed on site • Definite Hardware Storage (DHS) – An area set aside for secure storage of hardware spares 3/31/2012 Page 96 ..) One of the main activities of Release Management is managing the Definitive Software Library (DSL) and the Definite Hardware Storage (DHS) • Definitive Software Library (DSL) – Secure compound in which the authorised versions of all software CIs are stored and protected.

Tasks 3/31/2012 Page 97 .Release Management .

Release Management – greater success rate of changes – consistency in the release process .Benefits • The benefits of Release Management are : – less disruptions to services by synchronizing releases – assurance that all CIs in use are of known quality and satisfy legal obligations – controlling & safeguarding of CIs – lower probability of illegal CIs – easier detection of wrong & unauthorized versions 3/31/2012 Page 98 .

Release Management .Critical success factors • The critical success factors for Release Management are : – Align with Change and Configuration Management – Create test environments that represent the live hardware and software environments as closely as possible 3/31/2012 Page 99 .

Service Support  Service Desk  Incident Management  Problem Management  Change Management  Release Management  Configuration Management 3/31/2012 Page 100 .

Configuration Management • Almost every Service Management process depends upon accurate IT infrastructure information. whereas Asset Management is primarily concerned with the financial value of assets 3/31/2012 Page 101 . Configuration Management : – Provides accurate information on configurations and their documentation to support all the other Service Management processes – Accounts for all the IT assets and configurations within the organisation – Verifies the configuration records against the infrastructure and corrects any exceptions • Configuration Management v/s Asset Management Configuration Management revolves around the lifecycles of CI‟s and their relationships.

Manuals.. Hierarchically subjected to (parent-child relation) Is part of (a processor is part of a PC) Interfaced with (a system is connected to a printer) Uses (a program uses a subroutine) Is a copy of (program is a copy of. etc. status) • • Examples of the relationships between CIs : – – – – – – 3/31/2012 Page 102 . documentation. software.Configuration Management • (contd. location.) Is related to (attribute) (serial number.. Network components. Applications.) A configuration item (CI) is a component of. processes and procedures Examples of CIs : – Personal computers. or directly related. Service Level Agreements. CI's include: hardware. to the ITinfrastructure..

archived) • History (past incidents. price) • Status (ordered. production. is a part of) The scope of the Configuration Management database is defined by the area of responsibility of the IT organization The level of detail is defined by the need for information of the IT management processes. the control of the information and the costs and benefits of a CMDB – – – 3/31/2012 Page 103 . software) • Relationship (is connected to.Configuration Management DataBase (CMDB) – Details about CIs are stored in the Configuration Management DataBase (CMDB) from which queries about the IT Infrastructure can be answered The details of a CI that are mentioned in a CMDB include : • Unique Identifier (service tag) • Attributes (supplier. applied changes) • Category (hardware. testing.

Configuration Management DataBase (CMDB) 3/31/2012 Page 104 .

Configuration Management • – (contd..) Configuration Management Database (CMDB) Change Management interfaces with Configuration Management to obtain information about a CI and then provides input on what the status of the CI‟s will be after a change – Configuration Management will then update the CMDB to reflect the changed status of the CI 3/31/2012 Page 105 .

Configuration Management .Process 3/31/2012 Page 106 .

) – – – – Related policies and standards Roles and responsibilities CI naming conventions CMDB design.Configuration Management • Planning During the planning. including scope and key interfaces 3/31/2012 Page 107 . define : – Purpose. scope and objectives (contd..

Configuration Management • Identification The Identification activity addresses : – (contd.. structures and the selection of CIs – – – – – CI types and life-cycles CI relationships Identification of software and document libraries Identification of configuration baselines Naming conventions – Labelling CIs 3/31/2012 Page 108 .) Configuration.

.Configuration Management • Control The Control activity organises : – – – – – Registration of new CIs and versions Updating of CI records (contd.) Archiving of CIs and their associated records Protection of the integrity of configurations Updating of the CMDB after periodic checking 3/31/2012 Page 109 .

their current version and history.) Status reports should be produced on a regular basis listing. 3/31/2012 Page 110 . Status Accounting reports can be used to establish baselines and enable Changes between baselines and Releases to be traceable.Configuration Management • Status Accounting (contd.. for all CIs under Control.

equipment and standards should be verified against the contracted or specified requirements.Configuration Management • Verification and Audit (contd.) Before acceptance into the environment.. builds. new Releases. 3/31/2012 Page 111 . Physical configuration audits should be carried out to verify that the “asbuilt” configuration of a CI confirms to it‟s “as-planned” configuration and it‟s associated documents.

which captures both the structure and the details of that product or system and enables that product or system to be re-built at a later date. 3/31/2012 Page 112 .Configuration Management Configuration BaseLines (contd. Configuration BaseLines and approved Changes to those BaseLines together constitute the “Currently Approved Configuration”..) A BaseLine is the configuration of a product or system established at a specific point in time.

Interaction with other processes 3/31/2012 Page 113 .

Change Management .Benefits • The benefits of Configuration Management are : – helps to minimize the impact of changes – provides accurate information on CIs – improves security by controlling the versions of CIs in use – facilitates adherence to legal obligations – helps in financial & expenditure planning 3/31/2012 Page 114 .

Change Management – Critical success factors • The critical success factors for Configuration Management are : – Select the appropriate tool at the start of the process – Ensure no one bypasses Change Management – Make use of Inventory Systems 3/31/2012 Page 115 .

Prepare. Build. Configure Status Accounting Investigation and Diagnosis Proactive Prevention of Problems Authorize & Schedule Changes Test.Service Support Configuration Management Incident Management Problem Management Change Management Release Management Identification Detection & Recording Problem Control Accept & Classify Changes Release Planning Control Classification & Initial Support Error Control Evaluate Design. Train Review & Close Distribute & Install 3/31/2012 Page 116 . Accept Verification & Audit Resolution & Recovery Coordinate Implementation Plan Roll Out Closure Monitor & Report Communicate.

3/31/2012 Page 117 .

Service Delivery  Capacity Management  Availability Management  Service Level Management  IT Service Continuity Management  Financial Management for IT Services 3/31/2012 Page 118 .

Service Delivery 3/31/2012 Page 119 .

monitoring.The Service Delivery set • Capacity Management – Ensure that capacity and performance aspects of the business requirements are provided timely and cost effectively • Availability Management – Optimize the capability of the IT Infrastructure and supporting organization to deliver a cost effective and sustained level of availability to satisfy business objectives • Service Level Management – Maintain and improve IT service quality through a constant cycle of agreeing. reporting and reviewing IT service achievements 3/31/2012 Page 120 .

The Service Delivery set • IT Service Continuity Management (contd.) – Ensuring that the required IT technical and service facilities can be recovered within the time scales required by Business Continuity Management • Financial Management for IT Services – Provide cost effective stewardship of IT assets and resources used in providing IT services 3/31/2012 Page 121 ..

Service Delivery
 Capacity Management  Availability Management  Service Level Management  IT Service Continuity Management  Financial Management for IT Services


Page 122

Capacity Management
• The objective of Capacity Management is to ensure the optimum use of IT resources for the performance agreed upon with the client

Capacity Management is needed to support the optimum and cost-effective provision of IT services by helping organizations to match their IT resources to the current and future demands of their business

The main tasks of Capacity Management are :

– Match capacity and demand by increasing or managing available capacity
– Ensure that existing capacity is used in an optimum manner


Page 123

Capacity Management


The main types of Capacity Management are : – Business Capacity Management
• Trend, forecast, model, prototype and document future business requirements

– Service Capacity Management
• Monitor, analyse, tune and report on service performance, establish baselines and profiles of use service, manage demand for services

– Resource Capacity Management
• Monitor, analyse, tune and report on utilisation of components, establish baselines and profiles of use of components


Page 124

3/31/2012 Page 125 .

.Capacity Management • (contd.) Capacity Management activities can be subdivided into planning and monitoring activities 3/31/2012 Page 126 .

3/31/2012 Page 127 .

) Demand Management (covers the management of users' demands for IT resources) – Short-term: optimization – Long-term: have an insight into future projects Workload Management (concerned with identifying and understanding the applications. and their use of hardware resources) Resource Management (storage management. control and tuning of performance of components of the IT infrastructure) • • • • Application Sizing (forecast for HW resources for new and changed applications) 3/31/2012 Page 128 . assessment of new HW technology) Performance Management (measure. their work patterns and peaks.Capacity Management • (contd..

and forecasts the future requirements for resources) 3/31/2012 Page 129 ..) Modelling (trend analysis. analytic modeling) Capacity Planning (Capacity plan which details the current levels of resource utilisation and service performance. estimation. simulation.Capacity Management • • (contd.

Capacity Management (contd.) Capacity Management DataBase (CDB) Capacity Management collects data from a variety of hardware platforms and software applications that could be widely distributed and stores the data in a CDB. The components of a CDB include : • • • • service data from SLAs business data from the business plans and strategy technical data from the manufacturers‟ specification of the hardware and software components financial data 3/31/2012 Page 130 ..

Capacity Management .Tasks 3/31/2012 Page 131 .

and how much it will cost. when to do so.Benefits • The benefits of Capacity Management are : – Reduced risk of performance problems and failure – Cost savings – Both achievable through: • Planned buying • Deferring expenditure until really needed (but in a controlled way) • Matching capacity to business need – Ensures that systems have sufficient capacity to run the applications required by the business for the foreseeable future – Provides information on current and planned resource utilization of individual components allowing decisions on which components to upgrade.Capacity Management . 3/31/2012 Page 132 .

especially for Business Capacity Management 3/31/2012 Page 133 .Critical success factors • The critical success factors for Capacity Management are : – Interface with Availability and Financial Management – Ensure business expertise is available.Capacity Management .

Service Delivery  Capacity Management  Availability Management  Service Level Management  IT Service Continuity Management  Financial Management for IT Services 3/31/2012 Page 134 .

maintaining the agreed functionality • Availability Management is concerned with the planning. services and the supporting organisation to deliver effective and sustained levels of availability that enable the business to satisfy the business objectives 3/31/2012 Page 135 . are achieved and maintained • The goal of Availability Management is to optimise the capability of the IT Infrastructure. and ongoing management activities. as specified in the SLAs. needed to ensure that the reliability and availability levels.Availability Management • A service is available when the service has been provided for an agreed number of direct users. within a maximum response time.

corrective) 3/31/2012 Page 136 .) Availability Management Terminology • Availability The extent that a CI or an IT service is able to perform the expected functionality of the CI or IT service over a specified time period • Reliability Refers to the extent that an IT service is able to perform the expected functionality. inspective. • Maintainability This indicates the ease of the maintenance of the IT service (preventative. under prescribed circumstances OR freedom from operational failure. over a certain period of time.Availability Management (contd..

Availability Management (contd..) • Serviceability All relevant contractual conditions of external suppliers and third-party suppliers to maintain CI‟s • Resilience The ability of an IT service to function correctly in spite of the incorrect operation of one or more subsystems 3/31/2012 Page 137 .

3/31/2012 Page 138 .

3/31/2012 Page 139 .

98 * 0. 3/31/2012 Page 140 .975 * 0.8809 Total Infrastructure Availability = 88.98 * 0.96 = 0.09%.Availability = Host * Network * Server * Workstation = 0.98 * 0.

Availability Management (contd.) 3/31/2012 Page 141 ..

3/31/2012 Page 142 .

loss of confidence. fines and penalties • Intangible costs Loss of goodwill (customer dissatisfaction). damage to staff morale 3/31/2012 Page 143 . overtime payments. gain customers).Availability Management Un-Availability Costs • Tangible costs (contd.. lost revenue. loss of customers. loss of business opportunity (to sell.) Lost user and IT staff productivity. damage to business reputation. wasted goods and material.

) • Carry out CRAMM (Computer Risk Assessment Management Methodology) 3/31/2012 Page 144 ..Availability Management Calculating Un-Availability Costs • Determine the Vital Business Function (contd.

Availability Management .Tasks 3/31/2012 Page 145 .

Benefits • The benefits of Availability Management are : – IT services with an availability requirement are designed.Availability Management . implemented. and managed to consistently meet that target – Improvement of capability of the IT infrastructure to attain the required levels of availability to support the critical business processes – Improvement of customer satisfaction and recognition that availability is the prime IT deliverable – Reduction in frequency and duration of incidents that impact IT availability – Single point for availability is established within the IT organization (process owner) – Levels of IT availability provided are cost-justified and support SLAs fully – Shortcomings in provision of availability are recognized and coped with in a formal way – Mindset moves from error correction to service enhancement: from reactive to proactive attitude 3/31/2012 Page 146 .

Availability Management .Critical success factors • The critical success factors for Availability Management are : – Integrate with IT Service Continuity Management – Understand the un-availability costs (both tangible and intangible costs) 3/31/2012 Page 147 .

Service Delivery  Capacity Management  Availability Management  Service Level Management  IT Service Continuity Management  Financial Management for IT Services 3/31/2012 Page 148 .

that are both required and cost effective • Service Level Management helps to develop a better relationship between the IT Organisation and it‟s customers 3/31/2012 Page 149 .Service Level Management • A Service Level Agreement (SLA) is a two-sided written agreement between an IT Service Provider and the IT Customer(s). defining. contracting. defining the key service targets and responsibilities of both parties • Service Level Management is the process of negotiating. monitoring and reviewing the levels of customer service.

.Service Level Management • Service Level Management aims to : (contd.) – Strike a balance between customer requirements and service costs – Identify customer requirements in terms of what customers want and what can be delivered – Measurable service standards – What you don't measure. you can't agree upon – Enhance quality by implementing quality improvement programs – What can be measured can be improved! – Business relationship between customer and supplier 3/31/2012 Page 150 .

) The IT organization has several contracts: An SLA with customers. an OLA with an internal supplier and underpinning contracts with external suppliers 3/31/2012 Page 151 .Service Level Management Service Level Management Contracts • (contd..

) As well as setting up and monitoring SLAs.Service Level Management Functions of Service Level Management • (contd. maintaining underpinning contracts with suppliers and managing relationships with customers are also functions of SLM 3/31/2012 Page 152 ..

.) Service Level Management consists of activities that are needed to set up a SLA.Service Level Management • (contd. but also activities needed to see if the Service Levels are met 3/31/2012 Page 153 .

Service Level Management Balancing IT Service Supply & Demand • (contd.) Important within a SLA is the balance between the demand for IT services and the supply of IT services • Demand and Supply for IT Services can be balanced by : – Being aware of the business requirements – Being aware of the IT possibilities (technical and economical) – Alignment of expectations 3/31/2012 Page 154 ..

.Service Level Management • • (contd.) Service Level Agreements consist of elements of the other Service Management processes Input from those processes is required for agreeing and monitoring Service Levels 3/31/2012 Page 155 .

.Service Level Management SLA Details (contd.) 3/31/2012 Page 156 .

Throughput. Support. Signatures. Charging 3/31/2012 Page 157 . Frequency – Incentives & Penalties Support • Service Hours.Service Level Management Elements of an SLA • (contd. Reliability. Escalation • Delivery Availability. Batch Turn-around Times.) General – Introduction : Parties. Transaction Response Time. Contingency & Security.. Change Procedures. Service Description – Reporting & Reviewing : Content.

Service Level Management Service Level Reports (SLR) • Measured from the customer‟s perspective (contd. escalation times and support should be made measurable Reports should be produced regularly Reports contain measuring values concerning the up-to-date supporting levels and the trend developments 3/31/2012 Page 158 ..) • • • Data like reaction times.

) A Service Catalogue can be used to list the "normal" services provided by the IT organization whereas Service Level Agreements can be set up for "special" services • The Service Catalogue contains : – Relevant characteristics of services – Relevant information of the use of the services 3/31/2012 Page 159 ..Service Level Management Service Catalog • (contd.

Tasks 3/31/2012 Page 160 .Service Level Management .

Benefits • The benefits of Service Level Management are : – Improvement in IT service quality and reduction of service outages can lead to significant financial savings – Satisfied customers and better customer relationship – Clearer view between both parties on roles and responsibilities – Specific targets that have to be achieved and that can be measured and reported – Focusing of IT effort on what the business thinks is key – IT and customers have consistent expectations on the level of service required – Identification of weak areas that can be remedied subsequently – SLM underpins supplier management and vice-versa – IT services are designed to meet Service Level Requirements – SLAs can be the basis for charging.Service Level Management . 3/31/2012 Page 161 . and are the demonstration of what customers receive for their money.

Critical success factors • The critical success factors for Service Level Management are : – Service Level Management should not just be limited to SLAs – Ensure buy-in from all other Service Management processes – Create a definition of Service 3/31/2012 Page 162 .Service Level Management .

Service Delivery  Capacity Management  Availability Management  Service Level Management  IT Service Continuity Management  Financial Management for IT Services 3/31/2012 Page 163 .

business protection – Provides a competitive edge – Legal requirements – Customers‟ demands • • 3/31/2012 Page 164 . telecommunications.IT Service Continuity Management • The objective of IT Service Continuity Planning is to restore IT services as quickly and as completely as possible after a disaster has taken place IT Service Continuity Management ensures that the required IT technical and services facilities (including computer systems. technical support and service desk) can be recovered within required. and agreed. applications. The reasons an organization should implement IT Service Continuity Management are : – Avoid financial risks (insurance) – Increased dependence on IT services. business schedules. networks.

IT Service Continuity Management (contd. ITSCM is focused on the continuity of IT Services to the business. a predetermined minimum level.) Business Continuity Management and IT Service Continuity Management • Business Continuity Management (BCM) is concerned with managing risks to ensure that at all times an organization can continue operating to.. at least. IT Service Continuity Management (ITSCM) must be a part of the overall BCM (Business Continuity Management) process and is dependent upon information derived through this process. • 3/31/2012 Page 165 . BCM is concerned with the management of Business Continuity that incorporates all services upon which the business depends. The BCM process involves reducing the risk to an acceptable level and planning for the recovery of business processes should a risk materialize and a disruption to the business occur. one of which is IT.

.IT Service Continuity Management • IT Service Continuity Management activities include : – Risk Analysis – Risk Management – Continuity Plan – Creation – Testing – Improving – Maintenance (contd.) – Reporting • These activities are all engineered to provide IT Service continuity 3/31/2012 Page 166 .

) – Manual back-up procedures (on paper until IT is restored) – Take-over by other organization with similar equipment (reciprocal) – Fortress approach. disaster-proof – Gradual recovery {cold standby} 72-48 hours – Intermediate recovery {warm standby} 24-1 hours – Immediate recovery {hot standby} seconds – Using internal / external / fixed / portable / mobile centres 3/31/2012 Page 167 ..IT Service Continuity Management • The recovery options that can be used are : – Do nothing !!! – Insure for damage (contd.

IT Service Continuity Management
Risk Assessment



Page 168

IT Service Continuity Management
Contingency Plan
• Contents – Administration


– IT infrastructure
– IT infrastructure management and procedures for operation – Staff – Security – Continuity site

– Return to original situation
• Scope – Hardware, Software, Networks, Terminals/PCs, Accommodation (for IT and users), Building facilities and Staff


Page 169

IT Service Continuity Management



Page 170

Benefits – Business relationship with the rest of the enterprise is fostered because IT organization is forced to get a better – understanding of the business – Positive marketing of contingency capabilities. and stakeholders – Competitive advantage over organizations without it 3/31/2012 Page 171 . Effective ITSCM allows organization to provide high service levels and thus win business – Organizational credibility is increased towards customers. business partners.IT Service Continuity Management • The benefits of IT Service Continuity Management are : – Potential lower insurance premiums .

it‟s not worth doing – Test under realistic circumstances 3/31/2012 Page 172 .IT Service Continuity Management .Critical success factors • The critical success factors for IT Service Continuity Management are : – Ensure alignment to BCM – If it‟s not worth protecting.

Service Delivery  Capacity Management  Availability Management  Service Level Management  IT Service Continuity Management  Financial Management for IT Services 3/31/2012 Page 173 .

making it possible to run IT as a business • The reasons why an organization should implement Financial Management for IT Services are : – Cost/profits awareness (make users aware of what services actually cost) – Decision-making support – Cost recovery – Cost control (know the full cost of the provided IT services) – Planning – Efficiency – Influence on use (for instance providing incentives for using off-peak times 3/31/2012 Page 174 .Financial Management for IT Services • Financial Management gives insight into the costs of the IT organization and options to charge the costs .

Financial Management for IT Services • The goals of Financial Management for IT Services are to : – Provide cost-effective stewardship of the IT assets and resources used in providing IT Services – Be able to account fully for the spendings on IT Services and to attribute these costs to the services delivered to customers – Assist management decisions on investments by providing detailed business cases for Changes to IT Services 3/31/2012 Page 175 .

Budgeting enables an organisation to : – Predict the money required for a given period – Ensure that actual spending can be compared with predicted spending – Reduce the risk of over-spending – Ensure that revenues are available to cover predicted spending 3/31/2012 Page 176 .Financial Management for IT Services • Financial Management for IT Services activities include : – Budgeting – IT Accounting – Charging (contd..) • Budgeting The process of predicting and controlling the spending of money within the enterprise and consists of a periodic negotiation cycle (usually annual) to set limits on budgets and the day-to-day monitoring of the current budgets.

) The set of processes that enable the IT organization to fully account for the way its money is spent (particularly the ability to identify costs by customer.. IT Accounting enables an organisation by : – Account for the money spent – Calculate the cost of providing IT Services to both internal & external services – Perform cost-benefit or return-on-investment analyses – Identify the cost of Changes 3/31/2012 Page 177 . by service. by activity).Financial Management for IT Services • IT Accounting (contd. It usually involves ledgers and should be overseen by someone trained in Accountancy.

Financial Management for IT Services • Charging (contd. to a level of detail determined by the requirements of the analysis. billing & reporting processes. Charging enables an organisation to : – Recover the costs of the IT Services from the Customers of the service – Operate the IT Organisation as a business unit.. To achieve this requires sound Accounting. if required – Influence User and Customer behaviour 3/31/2012 Page 178 .) The set of processes required to bill a customer for the services supplied to them.

Financial Management for IT Services .Costs 3/31/2012 Page 179 .

Tasks 3/31/2012 Page 180 .Financial Management for IT Services .

Financial Management for IT Services • The benefits of Financial Management for IT Services are : – IT accounting supports the IT Service Manager – Statements about profitability of the individual IT services .Benefits – Essential decisions about IT services and the required investments – Data for justifying IT expenditures – Essential planning and budgeting – Overview of costs. as a basis for expenditure justification in strategy planning – Users can track costs of the services they have used 3/31/2012 Page 181 . created by service failures.

Critical • The critical success factors for Financial Management for IT Services are : – Involve financial / accounting experts – Interface with the other Service Management processes – Use customer-based charging units 3/31/2012 Page 182 .Financial Management for IT Services success factors .

Service Delivery Service Level Management Availability Management Capacity Management Financial Management for IT Services IT Services Continuity Management Identify Service Level Requirements Determine Requirements Business Capacity Management Budget Initiation Verification of Feasibility Perform BIA and assess design criteria Service Capacity Management Account Requirements Analysis & Strategy Definition Negotiate (Agreeing) Define Targets & Measures Resource Capacity Management Charge (Optional) Implementation Establishment of Agreements Monitoring & Trend Analysis Operational Management Monitor Service Levels Investigate Report & Review Produce & Maintain the Availability Plan 3/31/2012 Page 183 .

3/31/2012 Page 184 .

Security Management 3/31/2012 Page 185 .

Security Management • Security Management is the process of “managing a defined level of security on information and IT services. including managing the responses to security incidents” • The goal of Security Management is to counter risks of threats to one of the most important assets for business: information • Information is threatened in three main ways: – Confidentiality – Integrity (accuracy) – Availability (accessibility) 3/31/2012 Page 186 .

Security Management • Confidentiality .CIA Protecting sensitive information from unauthorized disclosure or intelligible interception • Integrity Safeguarding the accuracy and completeness of information and software • Availability Ensuring that information and vital IT services are available and accessible when required 3/31/2012 Page 187 .

online banking) – Processes are controlled via networks 3/31/2012 Page 188 .Security Management .Why Security Management? • Information is the most important production factor of the world • Threat to information = threat to the organization„s productivity • Security Management gets increasingly important. – Public networks (Internet) are increasingly used – Internal networks are opened to customers and business partners – Internet usability is increasingly extended (e-commerce.. because..

codes of conduct • Physical security measures – Physical separation of the computer room • Technical security measures – Security in a computer system or network • Procedural security measures – How the staff are required to act in particular cases – Work instructions 3/31/2012 Page 189 .Security Management • Security organization .Security Measures – With clear responsibilities and tasks – Policies.

functions. lessons learned • Improvement will be considered for the next round of planning & implementation The section security in SLA is negotiated between customer and service provider • Show conformity with SLA • Management without information is impossible Define processes.Security works only if disciplined and motivated • Security incident handling responsiveness • Security incident registration . roles.Defines its security requirements based on its business requirements • Collect experiences. responsibilities • Organization structure between sub-processes • Reporting structure/line of command SLA • Underpinning contracts • OLA • Policy statement Avoid the atmosphere of phantom security • Internal audits • External audits • Self-assessments • Security incident evaluation • Maintaining awareness .classification .measurement .and reporting 3/31/2012 Page 190 .

3/31/2012 Page 191 .

Security Management .Tasks 3/31/2012 Page 192 .

Security Management • Can only be qualified with difficulty .Benefits • The costs are nevertheless clear if security is not sufficient 3/31/2012 Page 193 .

Application Management 3/31/2012 Page 194 .

delivery. The main objective is to ensure that the application once built and deployed can meet the service level that has been defined for it.Application Management A key issue that has existed for some time is the problem of moving application developers and IT Service Management closer together. availability. i. and to be tested for compliance to specification. maintainability. Applications need to be deployed with Service Management requirements included. of the application as it goes through its entire lifecycle (see Figure 9) • Application Development is concerned with the activities needed to plan. performance and manageability. design. support and optimisation of the application. it is necessary to compare it with Service Management and Application Development: • Application Management is the superset which describes the overall handling. and build an application that can ultimately be used by some part of the organisation to address a business requirement • Service Management focuses on the activities that are involved with the Release. designed and built for operability.e. reliability. 3/31/2012 Page 195 . The lack of Service Management considerations within all phases of the application lifecycle has been seriously deficient for some time. To fully understand Application Management. or management.

Application Management 3/31/2012 Page 196 .

needs to be a precursor to beginning any Application Development or deployment project. based on the readiness assessment. Organisations need to assess their ability to build. Once an organisation has a common understanding of the alignment between business and IT. A readiness assessment provides a structured mechanism for determining an organisation‟s capabilities and state of readiness for delivering a new or revised application to support business drivers. The delivery strategy is the approach to move an organisation from a known state. maintain. A method for managing a complex applications environment is through the use of an application portfolio. This ensures that IT and the business agree to objectives that are clear. The information obtained from an assessment can be used to determine the delivery strategy for an application. ensuring that the increasing number of applications are appropriately documented. IT service. it faces a new problem.Application Management It is essential that the requirements of all areas of the business and Service Management are considered at each stage of the application lifecycle. 3/31/2012 Page 197 . concise and achievable. or ICT system. which provides a mechanism for viewing and evaluating the entire suite of applications in the business enterprise. to a desired state. and operate the IT services needed by the business. Having IT and the business jointly develop their strategies. as a mutual effort. as determined by the business drivers.

Within each phase of the application lifecycle. touching the strategic as well as the tactical and operational levels. It is crucial that organisations find some way of measuring progress and performance with respect to achieving these goals. For each application lifecycle phase a management checklist can be developed to ensure appropriate Service Management aspects are fully considered and addressed. identifying the key Application Management roles that need representation to ensure that activities are completed comprehensively. which need to be aligned. The implication of this is that Application Development. delivery and operational aspects. measurements and metrics must be woven through the complete organisation. The emphasis must be on the importance of dealing early in the lifecycle with those issues as this can have a large impact on the effectiveness and efficiency of service delivery and operation. Service Management and ICT IM units need to cooperate closely to ensure that every phase in the lifecycle dedicates the appropriate attention to service creation. and likewise for the service lifecycle. each of the key Application Management roles has very specific goals to meet. 3/31/2012 Page 198 . To be effective.Application Management Application Management sees Application Development and all areas of Service Management as interrelated parts of a whole.

Thank you for your participation 3/31/2012 Page 199 .

Sign up to vote on this title
UsefulNot useful