1. Information Technology Infrastructure Library (ITIL)
History, Concepts and Alignment to CobiT and ISO 20000

2. Objectives: Learn about the history of ITIL
Understand ITIL’s key objectives
Discover all components of the ITIL Framework
Visit each of the core 10 ITIL SM Processes
Learn the importance of process interaction
Understand the ISO & alignment to ITIL
Understand the alignment to CobiT Framework
Learn about the future of ITIL

3. Framework for Best Practices in IT Service Management
WHAT IS ITIL?
Framework for Best Practices in IT Service Management

4. ITIL Objectives
Three Key Objectives of IT Service Management:
Align IT Services with the Current and Future Needs of the Business and its Customers
Improve Quality of IT Services
Reduce Long-Term Costs of IT Service Provision

5. The Deming Cycle

6. The Deming Cycle

7. The ITIL Library Service Support The Technology The Business
Service Delivery
Security Management
The Business Perspective
ICT Infrastructure Management
Planning to Implement Service Management
Applications Management
The Business
The Technology
Software Asset Management
Source: OGC

8. ITSM Components security IT Infrastructure Service Level Management
IT Service Continuity Management
Service Level Management
Availability Management
Release Management
Service Delivery Set
IT Infrastructure
Capacity Management
Service Support Set
Change Management
Financial Management for IT services
Service Desk
Configuration Management
Incident
Management
Problem Management

10. Service Support
The Service Desk
Incident Management
Problem Management
Configuration Management
Release Management
Change Management
Service Delivery
Service Level Management
Availability Management
IT Service Continuity Management
Capacity Management
Financial Management for IT Services

11. The Service Desk
The Service Desk
Goals
To act as the single point of contact between the User and IT Service Management and track status of all customer interactions
To handle Incidents and requests, and provide an interface for other activities such as Change, Problem, Configuration, Release, Service Level, and IT Service Continuity Management

12. Inputs to the Service Desk
Information

13. Why a Service Desk? The Service Desk is more than just a Help Desk
Essentials
The Service Desk is more than just a Help Desk
The first and single point of contact
High quality support to meet business goals
Help identify costs of IT services
Proactive support and communication of changes
Increase user perception and satisfaction
Identification of business opportunities
Identification of Training Opportunities

14. Responsibilities Receive and record all calls from users
The Service Desk
Responsibilities
Activities
Receive and record all calls from users
Provide first-line support (using knowledge resources)
Refer to second-line support where necessary
Monitoring and escalation of incidents
Keep users informed on status and progress
Provide interface between ITSM disciplines
Produce measurements and metrics

15. Incident Management
Incident Management
Goals
To restore normal service operation as quickly as possible with minimum disruption to the business, thus ensuring that the best achievable levels of availability and service are maintained
Incident definition
Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service
Work-around definition
A method of avoiding an Incident or Problem either by employing a temporary fix or technique so the user is no longer reliant on a Configuration Item (CI) that is known to cause failure

16. The Incident Life Cycle – the monitoring and tracking of Incidents
Incident Management
The Incident Life Cycle – the monitoring and tracking of Incidents
Activities
Including Impact and Urgency selection
Yes No
Note. This is not Problem Closure

17. Incident Management
Categorization
Activities
Service affected (and possibly by association the affected SLA)
User perception of failure in terms of the User’s inability to do something
Batch job output has not been received
I can’t print, connect to a server or access an application
Category and details of CI thought to be at fault
Category and details of CI eventually found to be at fault
The fault in the CI, the quick fix and the action taken, etc.

18. Impact, Urgency & Priority
Incident Management
Impact, Urgency & Priority
Definitions
Impact
A measure of the business criticality of an incident or problem (e.g. numbers affected, magnitude)
Urgency
A measure of the speed with which an incident or problem requires resolution (i.e. how much delay will the resolution bear)
Priority
The order in which an incident or problem needs to be resolved, based on impact and urgency

19. Illustrative Example Impact Urgency Priority Impact Urgency Priority
Incident Management
Illustrative Example
Payroll Application: System run once per month to run payroll
Impact
Urgency
Priority
Failure of payroll server
(first week in month)
High: will effect all employees
Low : Payroll not run for 3 weeks
Low (at the moment)
Failure in payroll server (last week of month)
High : Fix needed before 06:00 tomorrow morning
High
Bank Teller Application: System used by cashiers in bank to transact on accounts
Impact
Urgency
Priority
One Branch teller application performing poorly
Medium : one branch out of 150
High : Queues beginning to form
High
Router Interface down
Low : Cashiers and customers not impacted due to redundancy in network
Med : Router needs to be re-booted to restore network redundancy
Med

20. Functional escalation might include specialist groups e.g. Unix Group
Incident Management
Escalation
Definitions
Hierarchical escalation would typically include authorization, resources and/or cost
Hierarchical (authority)
Functional (competence)
Functional escalation might include specialist groups e.g. Unix Group

21. Functional Escalation
Incident Management
Functional Escalation
Activities
The use of support teams is important in efficient incident resolution.
First line support deals with the communication to the user, resolution of known incidents (e.g. password resets)…
…allowing the second and subsequent levels to focus on resolving assigned incidents.
Targets are often set for improving the percentage of incidents resolved at first level.

22. Problem Management
Problem Management
Goals
To minimize the adverse effect on the business of Incidents and Problems caused by errors in the infrastructure, and to proactively prevent the occurrence of Incidents, Problems and Errors.
Problem definition
Unknown cause of one or more incidents
Known Error definition
An Incident or Problem for which the root cause is known and for which a temporary work around or permanent alternative has been identified

23. Problem Flow Incidents Service Desk Problem Known Error Change Process
Problem Management
Problem Flow
Information
Incidents
Service Desk
Problem
Known Error
Change Process

24. Configuration Management
Configueration Management
Configuration Management
Goals
Enabling control of the infrastructure by monitoring and maintaining information on:
Configuration Items (CI) needed to deliver services
CI status and history
CI relationships
Valuable CIs (monetary or service)
Providing information on the IT infrastructure to all other processes and to IT Management

25. Configuration Management
Configueration Management
Configuration Management
Definitions
Configuration Item (CI) – a component of an IT infrastructure which is (or is to be) under the control of Configuration Management and therefore subject to formal change control
Configuration Management Database (CMDB) – a database which contains details of the attributes and history of each CI and the relationships between CIs
Baseline – a snapshot of the state of a CI and its components or related CIs, frozen in time for a particular purpose, such as:
The ability to return a service to a trusted state if a change goes wrong
A specification for copying the CI or for a roll-out
The minimum CIs needed to maintain vital Business Functions after a disaster

26. Configueration Management
Major CI Types
Definitions
Documentation
Designs; Reports; Agreements; Contracts; Procedures; Plans; Process Descriptions; Minutes; Records; Events (Incident, Problems, Change Records); Proposals; Quotations
Data Files
What, Where, Most Important
Environment
Accommodation; Light, Heat, Power; Utility Services (Electricity, Gas, Water, Oil); Office Equipment; Furniture; Plant & Machinery
People
Users, Customers, Who, Where, What Skills, Characteristics, Experience, Roles
Services
Desktop Support,
, Service Desk, Payroll, Finance, Production Support
Hardware
Computers, Computer components, Network components & cables (LAN, WAN), Telephones, Switches
Software
Network Mgmt Systems; In-house applications; O/S; Utilities (scheduling, B/R); Packages; Office systems; Web Management

27. CI Relationships and Attributes
Configueration Management
CI Relationships and Attributes
Activities

28. Change Management
Change Management
Goals
Process of controlling changes to the infrastructure or any other aspect of services, in a controlled manner, enabling approved changes with minimum disruption.
Change Management ensures that standardized methods and procedures are used for the efficient and prompt handling of all Changes, in order to minimize the adverse impact of any Change‑related incidents upon service quality.
Changes can arise as a result of Problems, Known Errors and their resolution, but many Changes can come from proactively seeking business benefits such as reducing costs or improving services

29. Change Management
Change Management
Definitions
Change – a deliberate action that alters the form, fit or function of Configuration Item (CI) such as an addition, modification, movement, or deletion that impacts the IT infrastructure
Request for Change (RFC) – a means of proposing a change to any component of an IT infrastructure or any aspect of an IT service
Forward Schedule of Change (FSC) – a schedule that contains details of all the changes approved for implementation and their proposed implementation date

30. Change Management
Change Management
Definitions
Standard Change – a Change that is recurrent, has been proceduralized to follow a pre-defined, relatively risk free path and where Change Management and budgetary authority is effectively give in advance
Service Request – a request, usually made through a Service Desk, for a Standard Change
Example: providing access to services for a new member of staff or relocating a few PCs

31. Release Management
Release Management
Goals
Release Management takes a holistic view of a Change to an IT service and should ensure that all aspects of a Release, both technical and non-technical, are considered together
Good resource planning and management are essential to package and distribute a Release successfully.
The focus of Release Management is the protection of the live environment and its services through the use of formal procedures and checks.

32. Service Support Process Model
Service Desk
Management Tools & IT
Infrastructure
Enquiries, Communications,
Workarounds,
Updates
Incidents
Users / Customers
Incident Management
Changes
Problem Management
Releases
Services Reports, Incidents, Statistics, Audit Reports
Change Management
Release Management
Problem Statistics,
Trend Analysis,
Problem Reports,
Problem Reviews,
Diagnostic Aids,
Audit Reports
Configuration Management
Change Schedule,
CAB Minutes,
Change Statistics,
Change Reviews,
Audit Reports
Release Schedule,
Release Statistics,
Release Reviews,
Source Library,
Testing Standards,
Audit Reports
CMDB Reports,
CMDB Statistics,
Policy/Standards,
Audit Reports
Configuration Management Database
Incidents
Problems, Known Errors
Changes
Releases
CI Relationships

34. Service Support
The Service Desk
Incident Management
Problem Management
Configuration Management
Release Management
Change Management
Service Delivery
Service Level Management
Availability Management
IT Service Continuity Management
Capacity Management
Financial Management for IT Services

35. Service Level Management
Goals
To maintain and gradually improve business aligned IT service quality, through a constant cycle of defining, agreeing, monitoring, reporting and IT service achievements and through instigating actions to eradicate unacceptable levels of service
Service Level Management manages and improves the agreed level of service between two parties
The provider who may be an internal service department or the external organisation that provides an outsourced service
The receiver of the servers i.e. the customer who pays the bill.
Presenter Note : Note that ITIL’s definition of Service Level Management includes both maintaining and improving service level.

36. Availability Management
Availabtily Management
Availability Management
Goals
To optimise the capability of the IT infrastructure and supporting organisations to deliver a cost effective and sustained level of availability that enables the business to satisfy its objectives

37. IT Service Continuity Management
IT Service Coninuity Management
IT Service Continuity Management
Goals
To support the overall Business Continuity Management process by ensuring that the required IT technical services and facilities can be recovered within required and agreed business time-scales
Note. IT Service Continuity Management used to be known as Disaster Recovery in the old ITIL books

38. Capacity Management
Capacity Management
Goals
To understand the future business requirements (the required service delivery), the organization's operations (the current delivery), and ensure that all current and future capacity and aspects of the business requirements are provided cost effectively

39. Financial Management For IT Services
Goals
To provide cost-effective stewardship of the IT assets and financial resources used in Services
Note. Financial Management of IT Services used to be known as Cost Management in the old ITIL books
Note. Financial Management of IT Services used to be known as Cost Recovery in the old ITIL books

40. Participants in IT Service Management
Service Delivery
Sr. IT Mgt
Sr. Mgt
Strategic
Tactical
Service Support
Service Level Management
Customers
Explain the difference between operational, tactical and strategic activities.
Operational activities can be considered as day-to-day activities.
Tactical activities are designed to ensure that the strategic direction is translated into a service that can be operationally supported and reflects the customer requirements.
Difference between end users and customers…
users make use of the IT services
customers pay for it.
Senior management sets policy and ensures strategies and goals are aligned.
This is to show that they are all part of the ITIL activities
Operational
Service Desk
Users IT
The Business

41. ITIL is more than a library of books
Training
Fundamentals
Practitioner
Service Manager
Qualifications:
Certification at each level
Information Technology Infrastructure Library
Consultancy: Provision of IT consulting services to clients based on a de facto standard
Tools: ITIL “compliance” is driving tools manufacturers
itSMF: User groups providing seminars, conferences, and workshops

42. Consistent and predictable results, process improvement and cost saving top the list of benefits from implementing defined IT Process methods *
* Source: Forrester Research – Stabilizing IT with Process Methodologies – May, 2005

43. How Does It Relate To ITIL?
CobiT
What Is It?
How Does It Relate To ITIL?

44. COBIT ITIL COBIT and ITIL–Process Perspective Strategic
Process Control XY XY XY XY XY
ITIL ## ## ## ## ##
Process Execution
Work Instruction
Work instruction 2 3
4,5,6….
Work instruction 2 3
4,5,6….
Work instruction 2 3
4,5,6….
Work instruction 2 3
4,5,6….
Work instruction 2 3
4,5,6….

45. CobiT
COBIT
Control
WHAT
ITIL
Activities
HOW

46. Gartner Advisory on COBIT and ITIL
Control
WHAT
ITIL
Activities
HOW

47. Acquire and Implement Plan and Organise Monitor and
(PO Process Domain)
Acquire and Implement
(AI Process Domain)
Monitor and
Evaluate
(M Process Domain)
Deliver and Support
(DS Process Domain)

48. Planning & Organization
Plan and Organise
Planning & Organization
Acquire and Implement
Define
Strategic
IT Plan
Define
Information
Architecture
Determine
Technological
Direction
Identify
Automated
Solutions
Acquire and
Maintain
Application
Software
Install and
Accredit
Systems
Manage
Change
Acquire and
Maintain
Technology
Infrastructure
Develop and
Maintain IT
Procedures
Define IT
Organisation
and
Relationships
Manage IT
Investment
Communicate
Aims and
Direction
ITIL
Service Support
Service Delivery
Manage
Human
Resource
Ensure
Compliance
with External
Standards
Assess
Risks
Service
Desk
Incident
Management
Problem
Management
Service
Level
Management
Availability
Management
Capacity
Management
Manage
Projects
Manage
Quality
Change
Management
Release
Management
Configuration
Management
Financial
Management
Continuity
Management
Monitor and Evaluate
Deliver and Support
Monitor
the
Process
Assess
Internal
Control
Adequacy
Define and
Manage
Service
Levels
Manage
Third-party
Services
Manage
Performance
and Capacity
Ensure
Continuous
Service
Ensure
System
Security
Identify
and Allocate
Costs
Manage
Operations
Obtain
Independent
Assurance
Provide
Independent
Audit
Educate
and
Train Users
Assist and
Advise IT
Customers
Manage
Configuration
Manage
Problems and
Incidents
Manage
Data
Manage
Facilities

49. Planning & Organization
Plan and Organise
Planning & Organization
Acquire and Implement
Define
Strategic
IT Plan
Define
Information
Architecture
Determine
Technological
Direction
Identify
Automated
Solutions
Acquire and
Maintain
Application
Software
Install and
Accredit
Systems
Manage
Change
Acquire and
Maintain
Technology
Infrastructure
Develop and
Maintain IT
Procedures
Define IT
Organisation
and
Relationships
Manage IT
Investment
Communicate
Aims and
Direction
ITIL
Service Support
Service Delivery
Manage
Human
Resource
Ensure
Compliance
with External
Standards
Assess
Risks
Service
Desk
Incident
Management
Problem
Management
Service
Level
Management
Availability
Management
Capacity
Management
Manage
Projects
Manage
Quality
Change
Management
Release
Management
Configuration
Management
Financial
Management
Continuity
Management
Monitor and Evaluate
Deliver and Support
Monitor
the
Process
Assess
Internal
Control
Adequacy
Define and
Manage
Service
Levels
Manage
Third-party
Services
Manage
Performance
and Capacity
Ensure
Continuous
Service
Ensure
System
Security
Identify
and Allocate
Costs
Manage
Operations
Obtain
Independent
Assurance
Provide
Independent
Audit
Educate
and
Train Users
Assist and
Advise IT
Customers
Manage
Configuration
Manage
Problems and
Incidents
Manage
Data
Manage
Facilities

50. Planning & Organization
Plan and Organise
Planning & Organization
Acquire and Implement
Define
Strategic
IT Plan
Define
Information
Architecture
Determine
Technological
Direction
Identify
Automated
Solutions
Acquire and
Maintain
Application
Software
Install and
Accredit
Systems
Manage
Change
Acquire and
Maintain
Technology
Infrastructure
Develop and
Maintain IT
Procedures
Define IT
Organisation
and
Relationships
Manage IT
Investment
Communicate
Aims and
Direction
ITIL
Service Support
Service Delivery
Manage
Human
Resource
Ensure
Compliance
with External
Standards
Assess
Risks
Service
Desk
Incident
Management
Problem
Management
Service
Level
Management
Availability
Management
Capacity
Management
Manage
Projects
Manage
Quality
Change
Management
Release
Management
Configuration
Management
Financial
Management
Continuity
Management
Monitor and Evaluate
Deliver and Support
Monitor
the
Process
Assess
Internal
Control
Adequacy
Define and
Manage
Service
Levels
Manage
Third-party
Services
Manage
Performance
and Capacity
Ensure
Continuous
Service
Ensure
System
Security
Identify
and Allocate
Costs
Manage
Operations
Obtain
Independent
Assurance
Provide
Independent
Audit
Educate
and
Train Users
Assist and
Advise IT
Customers
Manage
Configuration
Manage
Problems and
Incidents
Manage
Data
Manage
Facilities

51. Planning & Organization
Plan and Organise
Planning & Organization
Acquire and Implement
Define
Strategic
IT Plan
Define
Information
Architecture
Determine
Technological
Direction
Identify
Automated
Solutions
Acquire and
Maintain
Application
Software
Install and
Accredit
Systems
Manage
Change
Acquire and
Maintain
Technology
Infrastructure
Develop and
Maintain IT
Procedures
Define IT
Organisation
and
Relationships
Manage IT
Investment
Communicate
Aims and
Direction
ITIL
Service Support
Service Delivery
Manage
Human
Resource
Ensure
Compliance
with External
Standards
Assess
Risks
Service
Desk
Incident
Management
Problem
Management
Service
Level
Management
Availability
Management
Capacity
Management
Manage
Projects
Manage
Quality
Change
Management
Release
Management
Configuration
Management
Financial
Management
Continuity
Management
Monitor and Evaluate
Deliver and Support
Monitor
the
Process
Assess
Internal
Control
Adequacy
Define and
Manage
Service
Levels
Manage
Third-party
Services
Manage
Performance
and Capacity
Ensure
Continuous
Service
Ensure
System
Security
Identify
and Allocate
Costs
Manage
Operations
Obtain
Independent
Assurance
Provide
Independent
Audit
Educate
and
Train Users
Assist and
Advise IT
Customers
Manage
Configuration
Manage
Problems and
Incidents
Manage
Data
Manage
Facilities

54. How Does It Relate To ITIL?
ISO 20000
What Is It?
How Does It Relate To ITIL?

55. ISO 20000: Basic Concepts Quality standard for IT Service Management
Formal specification defined requirements for an organization to deliver managed services to acceptable quality to customers
BS fast-tracked to become IS
ITIL forms the basis of the standard
Standard = a list of criteria that needs to be met
The standard versus the framework
Standard = audit & certify against. Makes ITIL alive
Framework = best practice that the standard is based on

56. ISO 20000 SERVICE DELIVERY CONTROL RELEASE RELATIONSHIP RESOLUTION
Capacity Management
Information Security Management
Service Level Management
The Business Perspective
Service Reporting
Availability and Service Continuity
Budgeting and Accounting for IT Services
ICT Infrastructure Management
CONTROL
Configuration Management
RELEASE
RELATIONSHIP
Change Management
Business Relationship Management
RESOLUTION
Release Management
Incident Management
Supplier Relationship Management
Problem Management
Source: itSMF International

57. Example: Change Management
Specifications: Objective + Requirements
Objective:
To ensure all changes are assessed, approved, implemented and reviewed in a controlled manner
Requirement examples:
All requests for change shall be recorded and classified, e.g. urgent, emergency, major, minor
Requests for changes shall be assessed for their risk, impact and business benefit
All changes shall be reviewed for success and any actions taken after implementation

58. Example: Change Management
Code of Practice: Objective + Detailed Best Practices
Objective (Sub-process: 8.2.2): Closing and reviewing the change request
Detailed Best Practice:
All changes should be reviewed for success or failure after implementation and any improvements recorded
A post-implementation review should be undertaken for major changes to check that:
a) the change met its objectives;
b) the customers are happy with the results;
c) there have been no unexpected side effects
Any nonconformity should be recorded and actioned
Any weaknesses or deficiencies identified in a review of the change control process should be fed in to service improvement plans

59. ITIL Future – from this….
… to this: ITIL V.3
Service Support
Service Delivery
Security Management
The Business Perspective
ICT Infrastructure Management
Planning to Implement Service Management
Applications Management
The Business
The Technology
Software Asset Management
Service
Strategy
Service
Design
Service
Transition
Service Operation
Continuous Service
Improvmt
LIFECYCLE PERSPECTIVE
The Business
The Technology
Pocket Guides
Case Studies
ITIL Practice Working Templates
Governance Methods
Certification-based Study Aids
Executive Introduction to IT Service Management

60. Various non-proprietary frameworks and methods exist to help IT organizations become more process centric and improve the quality of the services delivered
ITIL
CMM
CobiT
Six Sigma
ISO 2000
What is it?
The IT Infrastructure Library is a customizable framework of best practises that promote quality IT service, build on a process-model view of controlling and managing operations. ITIL was originally developed by the UK government and has since matured into an internationally recognized standard.
The Capability Maturity Model is a method of evaluating and measuring the maturity of the software development process. Recent revisions (CMMI) provide guidance for improving organization process and manage the development, acquisition and maintenance of products and service
Control OBjectives for Information and related Technology is a framework for information security and provides generally accepted IT control objectives to assist in developing appropriate IT governance and control
A data driven quality management program to control variations and thereby achieve high levels of quality.
A standard concerned primarily with the quality of IT Service Management. It provides the basis to fulfill customer requirements, regulatory requirements, enhance customer satisfaction, and pursue continual improvement
Focus
IT Operations – IT Service Management
Development
Governance and Control
Process Improvement
Processes Consistency
IT Specific
Yes
Yes
Yes No
Yes
How it fits
Define and implement processes
Determine extent of process maturity
Provide process controls
Improve processes
Certify processes are being followed

61. Frameworks and Methodologies
ISO20000
CobiT
SIX SIGMA
CMMi
ITIL
Business
Process Models
Governance

62. In summary:
ITIL is:
The international de-facto Best Practice for IT Service Management
Process Approach to improving Quality, Efficiency and Effectiveness
Service focused IT management, viewed from the perspective of IT customers and users
Evolving, vendor-neutral, non-proprietary framework
CobiT complementary, Certifiable through ISO20000
DEFINED COMMON SENSE