Presentation is loading. Please wait.

Presentation is loading. Please wait.

Demystifying ITIL Greg Charles, Ph.D. Area Principal Consultant, CA

Published byRudolf Böhmer Modified over 6 years ago

Similar presentations

Presentation on theme: "Demystifying ITIL Greg Charles, Ph.D. Area Principal Consultant, CA"— Presentation transcript:

1 Demystifying ITIL Greg Charles, Ph.D. Area Principal Consultant, CA
June 2006 Pacific Northwest Digital Government Summit

2 Today’s Objective To provide a basic understanding (theory and concepts) of ITIL’s Service Management Framework (Service Support and Service Delivery components)

3 Ever-Increasing Complexity

4 Approaches Currently In Use
Business As Usual - “Firefighting” Legislation - “Forced” Best Practice Focused

5 The Legislation Minefield
Privacy & Security Personal Information Protection Electronic Document Act (PIPEDA) US Patriot Act \ Homeland Security (Critical Infrastructure) Personal Health Information Protection Act (PHIPA) Health Insurance Portability and Accountability Act (HIPAA) SEC Rules 17a-3 & 17a-4 re: Securities Transaction Retention Gramm-Leach Bliley Act (GLBA) privacy of financial information Children’s Online Privacy Protection Act Clinger-Cohen Act (US Gov.) Federal Information Security Mgmt. Act (FISMA) Freedom of Information & Protection of Privacy (FOIPOP) BC Gov FDA Regulated IT Systems Freedom Of Information Act Americans with Disabilities Act, Sec (website accessibility) Finance Sarbanes Oxley (US) FFIEC US Banking Standards Basel II (World Bank) Turnbull Report (UK) Canadian Bill 198 (MI & ) Washington State Laws relating to IT Policy 403-R1, 400-P1, 401-S1, 402-G1; Executive Order 00-03; RCW 9A ,120,130; RCW 9A , 080, 090; RCW 9A and many more Other International IT Models Corporate Governance for ICT DR (Australia) Intragob Quality Effort (Mexico) Medical Information System Development (Medis-DC) (Japan) Authority for IT in the Public Administration (AIPA) (Italy) Principles of accurate data processing supported accounting systems (GDPdu & GoBS) (Germany) European Privacy Directive (Safe Harbor Framework)

6 Best Practices Quality & Control Models ISO 900x COBIT TQM EFQM
Six Sigma COSO Deming etc.. Process Frameworks IT Infrastructure Library Application Service Library Gartner CSD IBM Processes EDS Digital Workflow Microsoft MOF Telecom Ops Map etc.. •What is not defined cannot be controlled •What is not controlled cannot be measured •What is not measured cannot be improved Define -- Improve Measure -- Control And Stabilize

7 Information Technology Infrastructure Library
What Is ITIL? ITIL is a seven book series that guides business users through the planning, delivery and management of quality IT services Information Technology Infrastructure Library

8 The ITIL Books T Planning To Implement Service Management h T e h e
T e c h n o l o g y Planning To Implement Service Management T h e B u s i n Service Management Service Support The Business Perspective ICT Infrastructure Management Service Delivery Security Management Application Management

9 ITIL Simplified Business, Customers & Users Service Support
Service Delivery Service Desk Service Level Management Incident Management Availability Management Problem Management Capacity Management Change Management Financial Management Release Management Service Continuity Configuration Management

10 ITIL Service Support Model
The Business, Customers or Users Monitoring Tools Difficulties Queries Enquiries Communications Updates Work-arounds Incidents Incidents Service Desk Customer Survey reports Changes Incident Management Customer Survey reports Problem Management Releases Service reports Incident statistics Audit reports Change Management Problem statistics Problem reports Problem reviews Diagnostic aids Audit reports Change schedule CAB minutes Change statistics Change reviews Audit reports Release Management Release schedule Release statistics Release reviews Secure library’ Testing standards Audit reports Configuration Management CMDB reports CMDB statistics Policy standards Audit reports Problems Known Errors Cls Relationships Incidents Changes Releases CMDB

11 Service Desk To provide a strategic central point of contact for customers and an operational single point of contact for managing incidents to resolution In addition, the Service Desk handles Service Requests

12 Incident Management To restore normal service operation as quickly as possible and minimize the adverse impact on business operations

13 Problem Management To minimize the adverse impact of incidents and problems on the business that are caused by errors in the IT Infrastructure and to prevent recurrence of incidents related to these errors

14 Change Management To ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to minimize the impact of change-related incidents and improve day-to-day operations

15 Release Management Release Management takes a holistic view of a change to an IT service and should ensure that all aspects of a Release, both technical and non-technical, are considered together

16 Configuration Management
To identify, record and report on all IT components that are under the control and scope of Configuration Management

17 ITIL Service Support

18 ITIL Service Delivery Model
Business, Customers and Users Queries Enquiries Communications Updates Reports Availability Management Service Level Management Availability plan AMDB Design criteria Targets/Thresholds Reports Audit reports Capacity Management SLAs, SLRs OLAs Service reports Service catalogue SIP Exception reports Audit reports Requirements Targets Achievements Capacity plan CDV Targets/thresholds Capacity reports Schedules Audit reports Financial Management For IT Services Financial plan Types and models Costs and charges Reports Budgets and forecasts Audit reports IT Service Continuity Management IT continuity plans BIS and risk analysis Requirements def’n Control centers DR contracts Reports Audit reports Alerts and Exceptions Changes Management Tools

19 Service Level Management
To maintain and improve IT service quality through a constant cycle of agreeing, monitoring and reporting to meet the customers’ business objectives

20 Availability Management
To optimize the capability of the IT infrastructure, services and supporting organization to deliver a cost effective and sustained level of availability enabling the business to meet their objectives

21 Capacity Management To ensure that all the current and future capacity and performance aspects of the business requirements are provided cost effectively

22 Financial Management To provide cost-effective stewardship of the IT assets and resources used in providing IT services

23 IT Service Continuity Management
To ensure that the required IT technical and services facilities can be recovered within required, and agreed timescales IT Service Continuity Planning is a systematic approach to create a plan and/or procedures to prevent, cope with and recover from the loss of critical services for extended periods

24 Service Delivery

25 What Is ITIL All About? Aligning IT services with business requirements A set of best practices, not a methodology Providing guidance, not a step-by-step, how-to manual; the implementation of ITIL processes will vary from organization to organization Providing optimal service provision at a justifiable cost A non-proprietary, vendor-neutral, technology-agnostic set of best practices.

26 US Securities & Exchange Commission
IT Governance Model CobIT Sarbanes- Oxley US Securities & Exchange Commission Audit Models COSO Service Mgmt. App. Dev. (SDLC) Project Mgmt. IT Planning IT Security Quality System Quality Systems & Mgmt. Frameworks ISO CMMi Six Sigma ITIL BS 15000 ISO 20000 ASL ISO 17799 PMI TSO IS Strategy IT OPERATIONS

27 CobIT (Control Objectives for IT)
CobIT is an open standard control framework for IT Governance with a focus on IT Standards and Audit Based on over 40 International standards and is supported by a network of 150 IT Governance Chapters operating in over 100 countries CobIT describes standards, controls and maturity guidelines for four domains, and 34 control processes

28 The CobiT Cube 4 Domains 34 Processes 318 Control Objectives
(Business Requirements) 4 Domains 34 Processes 318 Control Objectives

29 CobiT Domains Plan & Acquire & Implement Organize Monitor
(AI Process Domain) Plan & Organize (PO Process Domain) Monitor (M Process Domain) Deliver & Support (DS Process Domain)

30 Planning & Organization
Plan & Organize Planning & Organization Acquire & Implement Define Strategic IT Plan Define IT Organization & Relationships Manage IT Investment Determine Technological Direction Communicate Aims & Manage Human Resource Ensure Compliance With External Standards Projects Quality Identify Automated Solutions Develop & Maintain IT Procedures Educate Train Users Monitor The Process Assess Internal Control Adequacy Obtain Independent Assurance Provide Audit Information Architecture Install & Accredit Systems Manage Change Assist & Advise IT Customers Configuration Problems & Incidents Acquire & Maintain Application Software Acquire & Maintain Technology Infrastructure Manage Data Facilities Operations Assess Risks Manage Performance & Capacity Ensure Continuous Service System Security Identify & Allocate Costs Third-Party Services Define & Levels Monitor Deliver & Support

31 Information and Communication
COSO Components Monitoring Assess control system performance over time Ongoing and separate evaluations Management and supervisory activities Control Activities Policies that ensure management directives are carried out Approval and authorizations, verifications, evaluations, safeguarding assets security and segregation of duties Information and Communication Relevant information identified, captured and communicated timely Access to internal and externally generated information Information flow allows for management action Risk Assessment Identify and analyze relevant risks to achieving the entity’s objectives Control Environment Sets “tone at the top” Foundation for all other components of control Integrity, ethical values, competence, authority, responsibility

32 COSO, CobiT & SOX Components

33 Putting COSO, CobiT, and ITIL together
COSO defines the high level policies of a well governed organization CobiT defines the control structures for evaluating the IT organization conforms to COSO policies. ITIL defines the best practices that will satisfy the CobiT controls.

34 How to Make ITIL a Reality?
Key Success Factors Theory – ITIL/CobIT/COSO Process Guidelines for Best Practices Provides the theory but not the process Education is an important component Convert theory to process that is applicable to the unique needs of the organization Training & Education Tool configuration Technology – CA and others Provide the technology that enables and automates the process Repeatability, compliance and notifications Implement processes impossible without technology

35 Making IT Easier Customer maturity isolates appropriate transition point, blueprint & ROI

36 Next Steps - Focus on Customer Needs
EITM • Complete • Integrated • Open • Proven Best Practices • High Quality • Comprehensive • People Process • Technology • Partners Business Flows Solutions • Enabling • Evolutionary • Efficient

37 Typical Survey Section features…
Respondent Scoring Proven Practice “Statements” CA offers free online surveys called CA Profilers to help you determine those areas where you have the greatest gap between your capabilities and those processes you believe to be most important for your environment. This is a capture of a typical screen from the ITIL Service Management survey. There are five sections in this survey including Service Support and Service Delivery. There are also more detailed surveys available for the processes included in Service Support and Service Delivery. Each section usually contains 5-7 Best Practice statements. You rate these statements on a scale of 1 (low) to 5 (high) in terms of how important they are to your organization and your capability to perform them. If you are interested in a free analysis, please make sure you indicate this on your post event seminar evaluation survey and CA will provide you with a login and password. Typical Survey Section features…

38 Comparison Charts 3 Sets of Scores Industry Comparison Role Overall
Your Score One advantage of conducting the survey online is that you receive results immediately. Results are presented graphically so you can immediately recognize the areas of most importance, least capability, and therefore, the sections with the largest “gap” that are most likely your biggest concerns. If you are interested, results can be compared to others in your industry or with your same job title.

39 Tools to Aid Success Maturity Model Solution Sheets
Transitional Maturity ROI Tool Process Model SAO/SAS Profilers Blueprints

40 Meeting Customer Needs – Best Practices
Six Sigma, etc. To this end, CA has developed an approach to defining each processes for each level of maturity and has created a methodology for customers to continually evolve through each phase. This approach includes a process where the customer assesses their current level, designs a target process, implements the process, and optimizes the processes of focus. To aid the customers in their journey CA has created “Blue Prints” which help to describe the entire solution required to evolve including but not limited to what the target process should look like. This method goes way beyond ITIL in that ITIL tells you what to do but does not focus at all on how you get there. Best Practices: Industry and CA best practices are applied to all of our solutions to maximize standardization and quality

41 Thank You Questions?

Download ppt "Demystifying ITIL Greg Charles, Ph.D. Area Principal Consultant, CA"

Similar presentations

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
Control and Accounting Information Systems

Control and Accounting Information Systems
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
ITIL: Service Transition

ITIL: Service Transition
TI BISNIS ITG using COBIT &

TI BISNIS ITG using COBIT &
COBIT - II.

COBIT - II.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
Security Controls – What Works

Security Controls – What Works
Demystifying ITIL Greg Charles, Ph.D. Area Principal Consultant, CA

Demystifying ITIL Greg Charles, Ph.D. Area Principal Consultant, CA
Improving IT Governance Through Formal Change Management

Improving IT Governance Through Formal Change Management
Managing Information Technology Service Delivery

Managing Information Technology Service Delivery
IT Governance – Leveraging ITIL® v2/v3 for Governance Success

IT Governance – Leveraging ITIL® v2/v3 for Governance Success
Leveraging ITIL Challenges and Successes Greg Charles, Ph.D. Area Principal Consultant February 2006.

Leveraging ITIL Challenges and Successes Greg Charles, Ph.D. Area Principal Consultant February 2006.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
ITIL: Why Your IT Organization Should Care Service Support

ITIL: Why Your IT Organization Should Care Service Support
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
ITIL Process Management An Overview of Service Management Processes Presented by Jerree Catlin, Sue Silkey & Thelma Simons.

ITIL Process Management An Overview of Service Management Processes Presented by Jerree Catlin, Sue Silkey & Thelma Simons.
Integrated Process Model - v2

Integrated Process Model - v2

Similar presentations

Ads by Google