ITIL® Version 3 Foundation New Horizons CLC of South Florida Glen Victor ITIL, MCITP (SA), MCTS, MCDBA, MCSE, MCSA, CCISP

Module 1: Review of ITSM & ITIL Course Agenda Course Design Introductions Review of ITIL ITIL Review ITIL V2 Books Review Why ITIL for Service Management Complementary Guidance Qualification Scheme Exin Accredited More Complementary Material

Course Agenda Introductions Review of IT Service Management (ITSM) and IT Infrastructure Library (ITIL) ITIL v3, a look at the Lifecycle Service Lifecycle Approach Service Strategy Service Design Service Transition Service Operations Continual Service Improvement

Introductions Where do you work? What is your Title and Key Responsibilities? What is your IT experience? What is your Service Management experience? What expectations do you have for this class?

Course Design Coverage of Service Lifecycle strategy within ITIL v3 Lecture Simulation Case Study Practice Exams Foundations Certification Exam (Optional)

Review of ITIL Conceived in Mid 1980’s Centralized  distributed computing Geographically distributed resources Led to inconsistent process delivery & support OGC: UK Office of Government Commerce CCTA (Central Computer and Telecommunications Agency) Evolution V1: 30 Titles V2: 7  9 Titles SM broke into Service Support & Service Delivery V3: 5 titles Standard for Service Management Best Practice across many industries itSMF (IT Service Management Forum)

ITIL v2 Books Review 2001: v2 2007: v3 SAM & Security Mgt Added Later Mostly used for Service Desks

Why ITIL for Service Management? Best Practices Non-Proprietary/Non-Prescriptive Guidance, not regulations Innovative Examples: Just In Time Delivery Automatic Updates Blogging/SEO/SEM Software Web Design UN Best Practices Can you name any? Good Practices Lead to Best Practices Best Practices Lead to Good Practices

Complementary Guidance Commonly known frameworks and standards that have synergy with ITIL: COBIT Project Management ISO/IEC 20000 CMMI ISO/IEC 15504 6 Sigma ISO/IEC 19770:2006 Other ITSM Publications Management of Risk ITIL Live MOF

Microsoft Operations Framework Similarities Differences Process, People & Technology (PPT) MOF ITIL Strategy, Tactics & Operations (STO) Plan, Deliver & Operate SS, SD, ST, SO, Continual Improvement Separations of Duties (SuD) Customer Service SR/s & Req for Change Deming’s Plan-Do-Check-Act (PDCA) Structured Organization Best Practices Can be used in Full or Part Microsoft Vendor neutral Price Free Cost

Six Sigma Developed by Bill Smith at Motorola in 1986 Manufacturing  Business Processes Measure, Analyze, Control & Improve Voice of the Customer (VoC) Customer Surveys Methodology to Identify, Reduce & Eliminate process variance or poor performance

Qualification Scheme 16.25 Hrs of Classroom Instruction Lifecycle Processes & Roles 16.25 Hrs of Classroom Instruction Passing Score: 65% Exam: 60 Min; 40 questions Multiple Choice

Foundations Certificate Target Group Individuals who require a basic understanding of the ITIL framework and how it may be used to enhance the quality of IT service management within an organization. IT professionals who are working within an organization that has adopted and adapted ITIL who need to be informed about and thereafter contribute to an ongoing service improvement program.

This Course is EXIN accredited: Independent exams in IT, based on standards and best practices Worldwide recognition, in over 125 countries 40 years of experience, involving experts High quality, web-based technology Partner with The APM Group Limited (APMG) who won the rights to administer the ITIL accreditation, certification and examination needs for the OGC International certification for IT Standards ITIL® ISO/IEC 20000:SQM MOF ASL BiSL Tmap®

More Complementary Material Pocket Guides Quick Wins itSMF (updated May 2009) Details of potential quick wins and benefits that can be obtained from the adoption of ITIL practices Foundation Handbook Standards Alignment with ISO Qualifications Knowledge and Skills A set of qualifications based around the core publications and their use within the industry information on the experience and knowledge needed to exploit (and gained through) ITIL Templates Case Studies Study Aids Scalability Additional guides that can be used by students studying ITIL, particularly on accredited training courses How to scale service management implementation for specific organizations, such as very small or very large businesses update service: a web-based service providing regular updates Specialty Topics Specific areas of interest, such as outsourcing

Benefits of ITIL Alignment with business needs. ITIL becomes an asset to the business when IT can proactively recommend solutions as a response to one or more business needs. The IT Strategy Group recommended in Service Strategy and the implementation of Service Portfolio Management gives IT the opportunity to understand the business’ current and future needs and develop service offerings that can address them. Negotiated achievable service levels. Business and IT become true partners when they can agree upon realistic service levels that deliver the necessary value at an acceptable cost. Predictable, consistent processes. Customer expectations can beset and are easier to meet with through the use of predictable processes that are consistently used. As well, good practice processes are foundational and can assist in laying the groundwork to meet regulatory compliance requirements. Efficiency in service delivery. Well-defined processes with clearly documented accountability for each activity as recommended through the use of a RACI matrix can significantly increase the efficiency of processes. In conjunction with the evaluation of efficiency metrics that indicate the time required to perform each activity, service delivery tasks can be optimized. Measurable, improvable services and processes. The adage that you can’t manage what you cannot measure rings true here. Consistent, repeatable processes can be measured and therefore can be better tuned for accurate delivery and overall effectiveness. For example, presume that a critical success factor for incident management is to reduce the time to restore service. When predictable, consistent processes are used key performance indicators such as Mean Time To Restore Service can be captured to determine whether this KPI is trending in a positive or negative direction so that the appropriate adjustments can be made. Additionally, under ITIL guidelines, services are designed to be measurable. With the proper metrics and monitoring in place, IT organizations can monitor SLAs and make improvements as necessary. A common language – terms are defined.

Module 2: Lifecycle Overview of ITIL Key Concepts Five Core Books Lifecycle: Terms of Interest Capabilities and Resources Value Creation Lifecycle: Five Phases Benefits of ITIL to the IT Provider Benefits of ITIL to the Customer RACI and Organizational Structure Governance Continual Service Improvement Process Model The 4 P’s of Design Review Questions

Overview of ITIL Key Concepts ITIL (IT Infrastructure Library) provides a framework of Best Practice guidance for IT Service Management and since its creation, ITIL has grown to become the most widely accepted approach to IT Service Management in the world. A Framework for IT governance

5 Core Books Service Management Lifecycle Phases Service Strategy Service validation and testing Understanding who the IT customers are Transition planning (Release  Production) The service offerings that are required to meet the customers’ needs Users The IT capabilities and resource that are required to develop these offerings Support personnel Production environment The requirements for executing successfully Service Operation Cost of delivery is consistent with the value delivered. Delivers the service Service Design Overall day-to-day health Manage disruptions Assures new and change services are designed effectively Rapid restoration Determine the root cause Technology and architecture Detect trends Handle daily routine end user requests Processes required to manage services Manage service access Service management systems and tools Continual Service Improvement Monitor and support Measuring service levels Measure and improve efficiency & effectiveness Service Transition Service levels The design is built, tested and moved into production Technology Processes Manage changes Control assets and configuration items

Lifecycle Terms of Interest Service Management Service Service Owner Process Process Owner Function Capability Resource Service Asset

Continual Service Improvement

Business Service Examples Telecommunications Requisitioning Shrink wrapped Telephone Purchase orders Incidents & Service Requests Pager Warehouse Remote Access Voice mail Inventory control VPN Intranet paging Remote Desktop Resource Scheduling Dispensing? Tokens Human Resources Conference rooms End User Tech Equipment Payroll Install Hw/Sw Training rooms Job Postings Move Hw Finance/Accounting Benefits Change Sw General ledger Professional Development/Education Network Access (Physical) Accounting functions Mobile devices Time & Attendance Decision support Disposal Staff Scheduling Reporting Lifecycle Performance Management Budgeting System Access (Security) Revenue Travel Grant, Request, biometric Meeting Requests IT Training Expense Reports Desktop Procurement/Supply Chain Management System Service Desk

Technology Service Examples Network Database Application Development (Design, Development, Documentation) Data transport – Network equipment: switches/routers Database installation Database tuning Incident management Data transport – Network equipment Database backup/restore Consulting (Internal Software Evaluations) Database account management Network monitoring Implementation coordination Database schema changes Network management Money Transfers Database consulting Secure access to external and internal resources Report Development (Crystal Reports, batch, etc.) Database management Database monitoring Secure access to and from Internet Web Development and Administration Research Data transport - wired network installation GIS Development and Administration Server Web Content Management Account management Data transport - wired network maintenance Server management Application Monitoring Data transport - wired network decommissioning Server monitoring Application Management (maintenance, patch management) SAN Enterprise Storage Area management Data transport - wireless network installation Training (early life support) SAN Enterprise Storage Area configuration Access Database Development Data transport - wireless network maintenance Testing Internet Security and Connection service Requirements Gathering Data transport - wireless network decommissioning Active Directory management Forms Development Cable Head In - Maintenance and Repair Server provisioning Infrastructure application maintenance Cable Head In – Administration Cable Relocates (Physical) Cable TV Fiber Setup/Teardown Applications Development

Roles Service Strategy Service Operation Service Design 3.9 Knowledge Manager 1.1 IT Steering Group (ISG) 3.10 Test Manager 1.2 Financial Manager Service Operation 1.3 Service Portfolio Manager 4.1 1st Level Support Service Design 4.2 2nd Level Support 2.1 Service Catalogue Manager 4.3 3rd Level Support 2.2 Service Level Manager 4.4 Major Incident Team 2.3 Service Owner 4.5 Incident Manager 2.4 Service Design Manager 4.6 Problem Manager 2.5 Applications Analyst/ Architect 4.7 Service Request Fulfillment Group 2.6 Technical Analyst/ Architect 4.8 Access Manager 2.7 Risk Manager 4.9 IT Operations Manager 2.8 Capacity Manager 4.10 IT Operator 2.9 Availability Manager 4.11 IT Facilities Manager 2.10 IT Service Continuity Manager Continual Service Improvement 2.11 IT Security Manager 5.1 CSI Manager 2.12 Compliance Manager 5.2 Process Manager 2.13 IT Architect 5.3 Process Owner 2.14 Supplier Manager Outside the IT organization Service Transition 6.1 User 3.1 Change Manager 6.2 Customer 3.2 Change Advisory Board (CAB) 3.3 Change Owner 3.4 Emergency Change Advisory Board (ECAB) 3.5 Project Manager 3.6 Application Developer 3.7 Release Manager 3.8 Configuration Manager

Lifecycle: Terms of Interest Service Management: a set of specialized organizational capabilities for providing value to customers in the form of services Processes, methods, functions & roles, activities for service provider to use Services : Is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks SQL, IM, Desktop, HelpDesk, Email Service Owner: Person responsible to the customer for initiation, transition and ongoing maintenance and support of a particular service Key Task Process: set of coordinated activities combining and implementing resources and capabilities in order to produce an outcome, which creates value for an external customer or stakeholder

Continual Service Improvement

Capabilities & Resources Management Financial Capital Organization Infrastructure Processes Applications Knowledge Information People

Value Creation

Lifecycle: 5 Phases Strategy Design Transition Operation Working with the business to plan appropriately for both Long and Short term service needs Design Planning and architecting services that fall within the business’s strategy Transition Moving planned business initiatives to live status Retiring old services no longer of value to the business Improving services to keep the business at or above required competitive levels Operation Manage the services currently utilized by the business Continual Service Improvement Implemented as part of every process

Benefits of ITIL to the IT Provider Service Management Best Practices Lifecycle Approach Better management of services Better Integration among Business services IT Services IT Functions Focus on Value of Service

Benefits of ITIL Whitepaper “ From a business perspective, the adoption of ITIL practices by IT service providers – whether in-house providers or external suppliers – ensures many benefits, including: IT services which align better with business priorities and objectives, meaning that the business achieves more in terms of its strategic objectives Known and manageable IT costs, ensuring the business better plans its finances Increased business productivity, efficiency and effectiveness, because IT services are more reliable and work better for the business users Financial savings from improved resource management and reduced rework More effective change management, enabling the business to keep pace with change and drive business change to its advantage Improved user and customer satisfaction with IT Improved end-customer perception and brand image. Real organizations have benefited from ITIL practices in a number of ways – for example: A nationwide retail organization made savings in excess of £600,000 per annum by adopting service strategy practices for its financial management. An organization identified that most of the cost of delivering IT support came from resolving customer issues. By adopting ITIL approaches to knowledge-based information and self-help, it was able to reduce costs of support by over 75% while at the same time increasing user satisfaction with the service, and improving user productivity. A medium-sized IT service organization invested e2.6m in a two-year program to improve its IT service management. It recouped the investment within the first year, and achieved annual savings of e3.5m mainly through rationalizing unused and under-used resources (people, software licenses, IT hardware etc). It also reduced IT incident resolution times and improved customer satisfaction by over 11%. A large multinational company made annual savings of £5m by introducing ITIL service design practices to its IT supplier management From whitepaper: “Executive Briefing: The Benefits of ITIL” by Maggie Kneller, Independent Consultant

Benefits of ITIL to the Customer Focus on Business Needs Services Aligned to Business Activity Services Designed to Meet Business Requirements

RACI and Organizational Structure RACI Model Responsible What needs to be done and by whom Accountable Who are the owners of the results Consult Who has ability to assist, guide? Inform Who needs/desires to know

Typical Steps in RACI Process Identify all Processes Identify all Roles Fill in chart, identifying RACI for each Process

RACI Example

Enterprise Governance Corporate Governance Ie. Conformance Business Governance Ie Performance Accountability Assurance Value Creation Resource Utilization

IT Governance IT Governance is the responsibility of the Board of Directors and Executive Management

IT Governance

IT Governance

Process Model Measureable Deliver specific Results Customers/Stakeholders expectations must be met Respond to event or trigger

Process Model

The 4 P’s of Design People, Process, Products, Partners Processes Products/ Tech Partners/ Suppliers

Process by Lifecycle

Process by Lifecycle (SS)

Process by Lifecycle (SD)

Process by Lifecycle (ST)

Process by Lifecycle (SO)

Process by Lifecycle (CSI)

Service Lifecycle Stages

Sample Questions

Module 3: Service Strategy Service Strategy Key Concepts Strategy Key Activities Strategy Terms of Interest Utility and Warranty = Value Service Provider Types Service Strategy Processes Financial Management Service Value Service Justification: Business Case Service Portfolio Management Demand Management Demand and Capacity Review Questions

How do you become “not optional”? – William D Green, CEO Accenture Service Strategy ITSM Starting Point Explore Business Needs, Plans Align IT Strategies to Business Strategies Focus on Services as “Value” to business Source Appropriately How do you become “not optional”? – William D Green, CEO Accenture

Service Strategy Key Concepts Business Service Management Who, What, When Where & How Who are the Stakeholders/Customers What are the Services, Infrastructure, ROI/VOI When will they be delivered Where will they be delivered (Marketspace) How to implement, operate, feedback to improve

Strategy Key Activities Define the Market Competition and Marketspace Develop the Offerings Service Value (Assets, Networks, Creation & Capture) Develop Strategic Assets Technical, Business, Informal/Formal ITIL Prepare for Execution Securing Financial Management Integrate into Service Portfolio Management

Strategy Terms of Interest Warranty Usability of a service Is it user-friendly? “Fit for Use” Utility Functionality of a service It does what it was designed to do “Fit for Purpose” Open-loop Systems Perform activity regardless of environment conditions, ie Backup scheduled Closed-loop Systems Monitor environment and respond to changes, ie load balancing Trigger Event that launches a process, ie a call to the Service Desk begins Incident Management Activities Used for Closed-Loop Systems

Open-Looped vs. Closed-Looped Capacity Management via over/under provisioning is an example of Open Loop System Load Balancer detecting congestion/failure and redirecting traffic is an example of Closed Loop System. Difference: Capacity Management via over/under provisioning vs. Load Balancer detecting congestion/failure and redirecting traffic

Warranty & Utility = Service Value

Service Models

Service Provider Types Type I Internal Type II Shared Services (Internal) Type III External Provider

Service Provider Decision Matrix From/To Type I Type II Type III Functional Reorganization Disaggregation Outsourcing Aggregation Corporate Reorganization Insourcing Value Net Reconfiguration

Choosing Provider Type Does the activity require assets that are highly specialized? Will those assets be idle or obsolete if that activity is no longer performed? (If yes, then disaggregate.) How frequently is the activity performed within a period or business cycle? Is it infrequent or sporadic? (If yes then disaggregate.) How complex is the activity? Is it simple and routine? Is it stable over time with few changes? (If yes, then disaggregate.) Is it hard to define good performance? (If yes, then aggregate.) Is it hard to measure good performance? (If yes, then aggregate.) Is it tightly coupled with other activities or assets in the business? Would separating it increase complexity and cause problems of coordination? (If yes, then aggregate.)

Service Strategy Processes Financial Management Service Portfolio Management Demand Management

Financial Management Service Valuation Funding (Budgeting) Accounting ROI (and VOI) Funding (Budgeting) Accounting Chargeback

Elements of Financial Management Service Valuation Demand Modeling Service Portfolio Management Service Provisioning Optimization Planning Confidence Service Investment Analysis Accounting Compliance According to TwitterPR Osama bin Laden Death averaged 3,000 tweets per second Peak: 5k+ Superbowl peak: 4k

Business case structure Introduction Presents the business objectives addressed by the service Methods and assumptions Defines the boundaries of the business case, such as time period, whose costs and whose benefits Business impacts The financial and non-financial business case results Risks and contingencies The probability that alternative results will emerge Recommendations Specific actions recommended.

Service Portfolio Management The Provider’s collection of Services available to the Customer Services defined in terms of business value Repository detailing information about the services throughout the lifecycle Means for comparing service competitiveness Why should a customer buy from this provider? What is a fair rate for the service? What are the strengths, weaknesses, priorities, risks?

Service Portfolio Management Methods http://www.linkedin.com/answers/administration/regulation-compliance/ADM_RCM/491768-47218461

Service Portfolio 1

Service Portfolio 2

Demand Management

Demand and Capacity User Profiles Applicable Patterns of Business Activity (PBA) PBA Code Senior executive (UP1) Moderate travel-domestic and overseas; highly sensitive information; zero latency on service requests; high need for technical assistance; need to be highly available to the business 45F 45A 35D Highly mobile (UP2) Extensive travel-domestic and overseas; sensitive information; low latency on service requests; moderate need for technical assistance; high customer contact; need to be highly available to customers 22A Office-based staff (UP3) Office-based administrative staff; low travel-domestic; medium latency on service requests; low need for technical assistance; full-featured desktop needs; moderate customer contact; high volume of paperwork; need to be highly productive during work hours 14B 3A Payment processing system (UP4) Business system; high volume; transaction-based; high security needs; low latency on service requests; low seasonal variation; mailing of documents by postal service; automatic customer notification; under regulatory compliance; need for low unit costs; need to be highly secure and transparent (audit control) 12F Customer assistance process (UP5) Business process; moderate volume; transaction-based; moderate security needs; very low latency on service requests; medium seasonal variation; mailing of replacement parts by express; automatic customer notification; need to be highly responsive to customers 24G 10G

Module 4: Service Design Service Design Key Concepts Service Design Terms of Interest Business Change Process Design Management 5 Aspects of Service Design 4 P’s Design Constraints Service Design Processes Service Catalog Management Service level Management Availability Management Capacity Management IT Service Continuity Management Information Security Management Supplier Management

Service Design Design of Services to meet Business Needs Design of Processes to maximize Service Management Design of Measurements and Metrics to assist in Service Management and Improvement

Service Design Quote The common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools --Douglas Adams

Service Design Key Concepts The Main purpose of Service Design stage is the design of new or changed services for introduction into the live environment.

Service Design Terms of Interest Service Provider Service Level Agreement Operational Level Agreement Contract Service Design Package Availability Supplier

Operational Level Agreement Support Service Description Scope of Agreement Service Hours Service Targets Contact Points & Escalation Service Desk & Incident Response Times & Responsibilities Problem response times and Responsibilities Change Management Release Management Configuration Management Information Security Management Availability Management Service Continuity Management Capacity Management Service Level Management Supplier Management

Business Change Process

Role of Project Team

Design Management

5 Aspects of Service Design Design of Service Solutions Design of Service Management Systems & Tools Especially the Service Portfolio Design of Technology Architectures and Management Systems Design of Processes Design of Measurement methods and Metrics of the Service

Design of Service Solution Focus on Business Needs Designed to meet Functional Requirements Development of Resources and Capabilities

Design of Service Portfolio

Service Portfolio Content Service Name SLR references Service Description Supporting Services Service Status Supporting Resources Classification & Criticality OLAs, Contract & agreements Applications used Costs Data used Metrics Business processes supported Business owners Business Users IT owners

Services Email Data Protection Printing & Scanning Security (via CCTV) Supporting Apps Calendaring Data Protection Conference Room BU Printing & Scanning DR Security (via CCTV) Clustering Bus Continuity Fire Physical Content Mgt/Collaboration Access Db Iprotect Tuning Logical Hosting Encryption Admin Telecommunication App Support / Admin Phone Policy & Guidelines Landlines Risk Assessment Mobile Governance Fax Compliance File Storage & Maintenance Records Management Desktop Maintenance

Design of Technology Architectures and Management Systems

Architectural Relationships

Design of Process

Design of Measurement Methods and Metrics of Service

Design Constraints

Service Design Processes Service Catalog Management Availability Management Capacity Management IT Continuity Management Service Level Management

Service Catalog Management Dependent on Service Portfolio Details of all LIVE and APPROVED-FOR-LIVE services 2 versions Business Service Catalog Technical Service Catalog

Service Design The Big Picture

Service Catalog

Service Level Management Design SLA framework Gather, Document SLR’s Monitor Performance against SLA’s Produce appropriate reports Conduct Reviews (could lead to SIP) Manage contacts and relationships “Agree, Monitor, Report, Review”

Scope of SLM Service Level Agreements Service Level Requirements Availability Targets Operational Level Agreements Contracts Reporting and Reviewing Service Improvement

SLA Structures Service-based SLA Customer-based SLA Multi-level SLA Covers 1 service and all customers All SLM issues to 1 customer Service Common service levels for all customers All SLM issues for 1 service to 1 customer Customer-based SLA Covers 1 customer group and all services Customer prefers this Only 1 signature Multi-level SLA Corporate All customers and all services

Availability Management Produce Availability Plan Provide Guidelines on Availability Issues Ensure Availability Targets Assist on Availability Incidents and Problems Assess Change Plans Proactive Improvements of Availability

Availability Management Responsibilities

Availability Management Key Components Service Availability Component Availability Reliability Maintainability

Availability Management Process Monitor using events, alarms, escalation and scripts for recovery Availability MTBF: Mean Time between Failure Uptime Reliability MTBSI: Mean Time between Service Incident Average Reliability Maintainability MTTR: Mean Time between Repair/Replace/Recovery/Resolve MTRS: Mean Time between Restore Service Downtime

Availability Management Calculations

Availability Management Calculation Example A situation where a 24x7 service has been running for a period of 5,020 hours with only 2 breaks 1x 6 hours 1x 14 hours Availability = (5,020-(6+14))/5,020 x 100 = 99.6% Reliability (MTBSI)= 5,020/2 = 2,510 Hours Reliability (MTBF) = 5,020 – (6+14) / 2 = 2,500 Hours Maintainability (MTRS) (6+14) /2 = 10 Hours

Vital Business Functions High Availability Masks effects of failure Fault Tolerance: Service, component or CI to operate correctly after failure of component part Continuous Operations Eliminate planned downtime CIs may be down, but not service Continuous availability No planned downtime

Measurements Impact by user minutes lost Duration of downtime x no. of users impacted Impact by business transaction No. of transactions that could NOT be processed during downtime

Availability Activities & Methods Identify Vital Business Functions Unavailability Analysis Plan & Design for new/changed services Component Failure Impact Analysis Redundancy Modeling High Availability Monitor, Measure, Analyze, Report, Review on Component Availability SPOF Fault Tree Analysis Management_of_Risk Expanded Incident Lifecycle Testing & Maintenance Service Failure Analysis (SFA) Produce Projected Service Outage Document

Capacity Management Business Capacity Management Service Capacity Management Component Capacity Management Capacity Management Information System Capacity Plan

Capacity Management Responsibilities Capacity Plan Guidance and Assistance on Capacity-related issues Ensure Capacity Targets Ensure Proactive Improvements

Capacity Management Provides information on current and planned resource utilization of individual components to enable organization to decide, with confidence: Which components to upgrade More memory, faster storage/processors, more bandwidth When to upgrade Not too early (over capacity) Not too late (bottlenecks) How much upgrade will cost

Capacity Management IS

Continuity Management Service Continuity Plans Business Impact Analysis Guidance on Continuity and Recovery Ensure Continuity and Recovery Measures in Place Assess Impact of Change on Continuity Plans Ensure Proactive Measures Negotiate with Suppliers for Continuity Needs

ITSCM Lifecycle

Initiation Policy Setting Terms of Reference and Scope Allocate Resources Define Project organization and control structure Agree Project and quality plans

Risk Profile Example

Information Security Management IT Information Security Policy (ISP) Ensure Security Requirements Document & Implement Security Controls Manage Supplier Access to Systems Manage Security Breaches and Security-related incidents Proactive Improvements of Security Integrate Security Aspects within other ITSM processes

5 Elements of Security Framework

Information Security Key Concepts Passwords (Access Management) Email Virus Control Encryption Remote Access Information Security Management System

Supplier Management Supplier Policy Obtain Value from Suppliers Ensure Supplier Contracts are Business-aligned Manage Supplier Relationships and Performance Negotiate Supplier Contracts and Manage them through their Lifecycle Supplier and Contract Database

Supplier Management Components

Supplier Management Partner Relationships Strategic alignment Integration Information Flow Mutual Trust Shared Risk/Reward Openness Collective Responsibility

Supplier Management Partner Relationship Example

Supplier Categorization Strategic Partnering relationships Senior Management Tactical Commercial Activities Middle Management Operational ISP, CoLo Junior Level Commodity Paper, Printer consumables

The Supplier and Contract Db

Service Transition Service Transition Service Transition Key Concepts Service Transition Terms of Interest Service Transition Processes Change Management Assets & Configuration Management Knowledge Management Release & Deployment Management Transition Planning & Support Validation and Testing Evaluation

Service Transition Enable Effective Business Change Manage Change & Risk Guide New IT Service into Operation Ensure Service Quality Minimize adverse impact of Change

Service Transition Purposes Plan & Manage resources required to package, build, test and deploy a release into production Evaluate service capability and risk profile prior to new or changed service is release or deployed Provide good-quality knowledge and information so Release & Deployment Management can expedite effective decisions through test environment and into production Provide efficient repeatable build and installation mechanisms to deploy releases to test and production environments and rebuild/restore if necessary Goals Set Customer Expectations as to the use and performance Reduce variations Reduce Known Errors Objectives Meet predicted cost, quality and time estimates

Service Transition Key Concepts

Service Transition Terms of Interest Service Knowledge Management System Configuration Item Configuration management System Definitive Media Library Change Normal, Standard, Emergency Seven R’s of Change Management Release Unit Release Policy

Service Transition Processes Complete Lifecycle Change Management Asset & Configuration management Knowledge Management Within ST Transition Planning and Support Release and Deployment Management Service Testing and Validation Evaluation

Change Management Focus on Changes to assets and Cis across whole lifecycle Change Activities Planning and Controlling Changes Change & Release Scheduling Communications Change Decisions and Authorizations Measurement & Reporting

Change Scope

Change Management Roles & Resources Request for Change Change Advisory Board (CAB) Emergency Change Advisory Board (ECAB) Schedule of Change (SC) Projected Service Outage Document (PSO) Post Implementation Review (PIR)

Example Types of Request Type of Change Doc work Proc SS SD ST SO CSI RFC Service Portfolios -New item -Predicted Scope, Bus Case, Baselining -Service Pipeline Service Change Management X RFC to Service or Service Definition -Existing or planned attributes -Impacts SD -Service Improvement Project Change Proposal -Business Change -No Impact on Service Project Change Management Procedure User Access Request User Access Procedure Operational Activity Tuning Local Procedure PreAuthorized

Normal Change

Standard Change

7 Rs of Change Who RAISED the Change? What is the Reason for the Change? What is the Return required from the Change? What are the Risks involved in the Change? What Resources are required to deliver the change? Who is Responsible for the Build, test and Implementation of the Change? What is the Relationship between this change and other changes?

Change Impact & Risk Matrix

Asset & Configuration Management Asset Management Focus: Service Assets during Service Lifecycle Configuration Management Focus: Manage Logical Model of Infrastructure Show how Assets and Components interrelate

Asset and Configuration Management Key Components Configuration Items Configuration Management Systems Configuration Management Databases Definitive Media Library Configuration Baseline Configuration Model

Configuration Model

Asset Management Manage / Details Inventory of Assets Owner / Responsible party for Asset Lifecycle steps form Acquisition to Disposal Financial Information

Configuration Management Information Systems Logical Model of the IT Infrastructure Data from multiple sources or federated CMDBs References Definitive Media Libraries, Spares Store and Asset Stores (staging area)

Right Information to the right people at the right time Knowledge Management Service Knowledge Management System (SKMS) Right Information to the right people at the right time

Knowledge Sharing

Release and Deployment Management Deliver Change faster, at lower cost, with reduced risk Assure the changed or new service supports the business and its customers Ensure consistency in implementing changes Ensure traceability

Release and Deployment Activities Planning Preparation Build and test Service and Pilots Plan and Prepare for Deployment Transfer. Deploy/ Retire Verify Early Life Support Review and Close Deployment Review and Close Transition

Transition Planning and Support Determine Capacity and Resources Support transition teams Ensure integrity of Assets

Validation and Testing Is the change fit for purpose (Utility)? Is the change fit for use (Warranty)? Testing Is the change going to achieve its intended result (Utility)? Is the change going to work without adverse effects (Warranty)

Evaluation Determines a means of answering these two questions What was the expected result? Did the change succeed?

Module 6: Service Operations Service Operation Key Concepts Service Operation Terms of Interest Service Operations Processes Incident Management Problem Management Event Management Request Fulfillment Access Management Service Operations Function

Service Operations Manage Day to Day Activities Provide Value to Customer Communication Support

Service Operation Key Concepts Services that are operational Services that are utilized Technology used to deliver services And processes People

Service Operations An interesting daily dichotomy Services vs. Components (External vs. Internal) Manage the customer desires and needs (external) while working with an ever changing IT architecture (internal). Stability vs. Responsive Attempt to keep the environment stable while at the same time being responsive to user needs Quality vs. Cost Managing expectations within a finite budget Reactive vs. Proactive Balance hard to achieve if environment routinely undergoes massive change

Service Dichotomies

Service Operation Terms of Interest Incident Alert Event Service Request Problem Known Error Workaround Impact, Urgency, Priority

Service Operation Processes Incident Management Problem Management Event Management Access Management Request Fulfillment

Incident Management Restore Service as Soon as Possible Standard Incident Model Assist in speedy Incident Management Major Incident Management Problem Management may be asked to assist

Incident Management Workflow

Information Needed Unique reference number Call-back method (telephone, mail, etc.) Incident categorization (often broken down into between two and four levels of sub-categories) Description of symptoms Incident status (active, waiting, closed, etc.) Incident urgency Incident impact Related CI Incident prioritization Support group/person to which the incident is allocated Date/time recorded Related problem/Known Error Name/ID of the person and/or group recording the incident Activities undertaken to resolve the incident Method of notification (telephone, automatic, e-mail, in person, etc.) Resolution date and time Name/department/phone/location of user Closure category Closure date and time.

Incident Level Matrices Impact High Medium Low Urgency 1 2 3 4 5 Priority Code Desc Target Resolution 1 Critical 1 Hour 2 High 8 Hours 3 Medium 24 Hours 4 Low 48 Hours 5 Planning Planned

Incident Closure Closure Categorization User satisfaction survey Incident documentation Ongoing or recurring? Formal closure Auto Manual

Incident Management interfaces with Problem Management Change Management Incidents are caused by problems Workaround or resolution Report problems to Problem Management Logged as RFC PM detects and resolves incidents arising from failed changes Configuration Management Assist in finding faulty equipment Capacity Management Impact assessment IM provides trigger for performance monitoring Hold information about which categories should be assigned to which support group Workarounds Availability Management Audit infrastructure as comparison Relies on IM for availability of services and improvement paths SLM Helps define measurable response Release & Deploy Management Helps identify weak services

Event Management Scope focused on specific events vs. general monitoring Early detection – Preventative Basis for key automated operations Detect Make sense of Act on Classifications Informational Warning Exceptions

Request Fulfillment Handles non-incident requests Request Models Service Requests RFC’s (Standard Changes) Request Models Self-Help Opportunities

Event Management Scope CI Constant State Switches/Routers Status changes Updating file server Environmental conditions Fire/smoke detection Sw licensing monitoring Security Intrusion Normal Activity Application usage Server Performance

Access Management Access Rights Verification of Legitimacy of requests Monitoring Identity Status Logging and Tracking access Granting/Removing/Restricting Privileges predetermined (Availability & Security Physical Access control NOT within scope Facilities

Value to Business Maintain Confidentiality of Information Reduces errors by unskilled users Audit services to trace abuses Revoke access when needed Regulatory compliance (SOX, HIPAA)

Requesting Access Standard Request Request for Change Service Request Pre-Authorized Script Filling form to download application

Service Operation Functions Service Desk Technical Management Application Management IT Operations

Service Desk Single Point of Contact for User Community Manages Incidents and Service Requests First level support Escalate as agreed Keeps users informed Closes Conducts Satisfaction Surveys Communicates with Users Update CMS

Service Desk Organizational Structures Local Service Desk Centralized Service Desk Virtual Service Desk May be structured as “Follow the Sun” Service Desk

Local Service Desk Reasons for having Local desk when call volumes don’t justify it Language, Cultural, Political Time zones Specialized group Specialized services VIP/critical user status

Centralized Service Desk Advantages Costs are reduced. Resources are optimized. Management is simplified. Disadvantages Users are spread across several geographical locations, with different languages, products and services. Maintenance services need to be delivered on site.

Virtual Service Desk Knowledge is centralized. Unnecessary duplication is avoided, with the consequent cost savings. A "local service" can be offered without incurring extra costs. The quality of service is uniform and consistent.

Service Desk Metrics First Line Resolution Rate Average time to resolve an incident Average time to escalate incident Average cost of handling an incident Specific to Service Desk Percentage of user updates as agreed by SLA Average time to review and close a resolved call Average number of calls per day and per week

Technical Management Custodian of Technical Knowledge Provides the Resources to support the ITSM Lifecycle Starts in SS Expands in SD Executed in SO Ongoing in CSI Activities Documentation of skills (current and future) Design training Defined in SD, executed in SO Recruiting/contracting people with skills Define standards used in Design of new Architectures (SO/SD) Design Performance Standards

Application Management Assists in application sizing and workload forecasts Assists in identifying ongoing operational costs of applications Assists in determining support skills required Assists in determining costs of customization Assists in determining to build or buy Assists in data access requirements

Application Management Lifecycle

IT Operations Management Operations Control Console Management Job Scheduling Back-up and Restore Print & Output Management Maintenance Activities Facilities Management IT Environment Ie Data Center

Continual Service Improvement Continual Service Improvement Key Concepts Continual Service Improvement Key Terms Continual Service Improvement Activities Constant Improvement: Deming Seven Steps of Improvement CSI Model Role of Measurements Focus on Business Needs Methods & Techniques of Continual Service Improvement

Continual Service Improvement Continual Re-Alignment of IT to meet Business Requirements Improve Services Assist/Guide growth & maturity of Service Management Processes Manage, Analyze, Review

Continual Service Improvement Key Concepts Main Areas Overall Health of ITSM Continual alignment of Service Portfolio to Business Needs Maturity of IT Processes Guiding principles You cannot manage what you cannot control You cannot control what you cannot measure You cannot measure what you cannot define

Continual Service Improvement Key Terms Baseline 7 Steps of Improvement CSI Model Metrics Technology Process Service

Continual Service Improvement Activities Key Activities Key Roles Collect data and analyze trends compared to baselines, targets, SLAs and benchmarks. This would include output from services and service management processes CSI Manager, Service Manager, Service Owner, IT Process Owner Set targets for improvement in efficiency and cost effectiveness throughout the entire service lifecycle CSI Manager, Service Manager Set targets for improvements in service quality and resource Utilization CSI Manager, Service Manager, Service Owner, Business Process Consider new business and security requirements CSI Manager, Service Manager, Business Process Owner Consider new external drivers such as regulatory requirements CSI Manager, Service Manager, Business Process Owner Create a plan and implement improvements Service Owner, Process Owner Provide a means for staff members to recommend improvement opportunities

Constant Improvement: Deming

7 Steps of Improvement

CSI Model

Role of Measurements

Focus on Business Needs

Methods & Techniques of CSI Assessments Gap Analysis Balanced Scorecard SWOT Deming Cycle Plan Do Check Act

Demand and Capacity Pattern of Business Activity (PBA)