Professional Documents
Culture Documents
SD MindMap
SD MindMap
SD MindMap
Models
Fixed Components
Organisations
Information Technology
Generic framework to manage IT Certification Exams
Infrastructure Library (ITIL)
infrastructure and services.
Consultants
Variable Components Trainers
details the process of planning and managing a defined level of security for information Suppliers
and IT services, including all aspects associated with reaction to security Incidents. It Security Management:
also includes the assessment and management of risks and vulnerabilities, and the
covers the processes required for the planning and delivery of
implementation of cost justifiable countermeasures. Service Delivery: quality IT services and looks at the longer term processes
associate with improving the quality of IT services delivered.
provides advice and guidance to help IT personnel to Service Support: describes the processes associated with the day-to day support and
maintenance activities associated with the provision of IT services
understand how they can contribute to the business The Business Perspective: Core of ITIL
objectives and how their roles and services can be better
aligned and exploited to maximise that contribution. 06/03/2005 - v4 ICT Infrastructure covers all aspects of ICT Infrastructure Management from
Management (ICT IM): identification of business requirements through the tendering
process, to the testing, installation, deployment, and ongoing
operation and optimisation of the ICT components and IT services.
describes how to manage applications from the initial business need, through all
stages in the application lifecycle, up to and including retirement. It places
emphasis on ensuring that IT projects and strategies are tightly aligned with Application Management: examines the issues and tasks involved in planning, implementing
Planning to Implement
those of the business throughout the application lifecycle, to ensure that the and improving Service Management processes within an
business obtains best value from its investment. Service Management: organisation. It also addresses the issues associated with
addressing Cultural and Organisational Change, the development of
a vision and strategy and the most appropriate method of approach.
Good IT infrastructure in terms of
tools and technology
Well defined organisation mission, Service management is a methodical approach to delivering services
objectives and policies Success(13) by structuring the firms relationships with its internal customers and Providing high quality, reliable
Competent and trained people to What (2) multiple service providers to ensure business objectives are met. The main objective of ITSM is to and cost effective services
improve the service culture A service level and a cost target ensure that the IT services are Maintaining effective IT
Effective and efficient ITSM process combine to define an SLA
aligned to the business needs (5) customer-supplier relationships
Mission Statement Continuously improving the quality of IT services
Organisational
Strategies & Policies Considerations (15) Using the IT services effectively to meet the
current and changing business requirements
Objectives
Responsible for results/output of the process. Defines Quality is defined by 'all the characteristics of a product or service that has
Process Owner the ability to satisfy the stated and implied needs of the customer'(26)
the activities in the process and determines that the
actual performance matches the expected results Overall quality of the service is determined by the effectiveness of its
component processes
Responsible for structuring the process - controls
Process Roles (20) These component processes form a chain of activities that need to
the day to day activities and operations. Also Process Manager Principles of Quality(29)
be well coordinated to deliver consistent quality.
generates the reports to help the process owner in
comparing actual and expected results. Control and coordinate these activates the following principles should be
applied: Quality Management, Quality Assurance and Quality Systems
Responsible for executing the defined activities. Process Operatives Principle involves the cost effective and systematic management of all the
Report to the process manager
organisational activities such as design, development and implementation
Aim is to direct these activities to efficiently meet
Quality Management(30)
the organisational and user requirements
Specifies continuous identification, modification and
implementation of the quality improvement activities
Procedures help the organisations to ensure that
In hierarchically structured firms the departments, Principles specify the complete set of measures the IT services continuously and consistently
Department Orientated
processes and tasks are usually based on specific Quality Assurance(31) and procedures for ensuring quality. fulfil the expectations of the customer
customers, products, disciplines or regions. Two Approaches to Delivering Measures help in identifying the improvement
Service(22) steps needed to enhance service quality.
In process orientated firms several departments together Quality within ITSM
perform different activities of one process. Roles and Process Orientated Quality Requirements
responsibilities are assigned according to the activities Principles specify the Steps for meeting these requirements
defined to deliver a particular service. organisation wide processes
Procedures for improving the quality standards
Principles Quality Systems(32)
Methods for assuring the service quality levels
Plan
Do
Deming Circle(34)
Check
Act
Quality Improvement Tools(33)
5. Roles Model
Demonstrates the relationships
SEMI Model 6. Relationships with other ITIL Processes
and interrelationships between all
of the ITIL processes
7. Bottlenecks
8. KPI'S
9. Critical Success Factors Service
Management
Covers the processes required for the planning and delivery of quality IT services and looks at Describes the processes associated with the day-to-day support
longer term processes for improving the quality of IT services delivered and maintenance activities for the provision of IT services
Aims to consistently provide the required IT Capacity Service This function facilitates quick resolution
Management Desk (SD)
resources at an acceptable cost and in line with the of user queries by serving as a Single
current and future requirements of the customer Point Of Contact for the user
Availability Incident
Helps manage the IT resources and services and deliver Management_1 Helps to resolve errors that interrupt or
Management
the quality of service expected by the customer reduce the quality of the business processes
with minimal impact on the business
ITSCM enables firms to continue to provide the Service Continuity
Management Configuration Database contains the relationships
pre-determined and agreed level of IT services even Management
Service Delivery Service Support of the IT components to provide
after a calamity or disaster
accurate information to the business
Helps the firm plan and implement their Financial
Management Problem
business objectives by keeping in mind the Management Database contains the r-relationships of the IT
costs associated with providing each service components to provide accurate info to the business
Service Two key components Change
Bridges gap between customer requirements and Standard method for implementing
Level Management Management
quality of service provided by firm by drafting an change with minimum errors in the
agreement on the services to be provided infrastructure and IT services
Bridges gap between customer requirements and Security Release Ensures a stable production environment by using
Management Management
quality of service provided by firm by drafting an formal procedures and checks for implementing
agreement on the services to be provided new versions of software and hardware
Users should be able to access the Service Desk
Users should be encouraged
to approach Service Desk 9. Critical Success
Users should be discouraged from Factors
bypassing the Service Desk
Users should clearly understand Service Desk Provide a Single Point of Contact (SPOC)
Function e.g. Provision of SLA, Service Ensure Restoration of Service
Catalogues, Product Catalogues etc. Guarantee access for all users to IT Organisation
1. Objectives
Average duration and answer time per call. Reduce workload on other IT departments by
Average time to resolve routing only specific and relevant queries to each
% of incidents resolved - first call fix 8. KPI'S department
Number of calls processed per workstation
Total number of calls to the Service Desk
SPOC reduces the time and effort spent by Users resolving issues
2. Benefits to the IT
Provides an Information source to other IT departments
Limited understanding of Business needs Organisation
Provides Long Term Customer Retention through
Inadequate investment in training efficiency of Service Provision
Unrealistic Service Levels 7. Bottlenecks
Insufficient Significance attributed to the
Service Desk Cost & resource constraint
Organisation hierarchy
Considerations
Expertise of service desk staff
Incident Management
6. Relationships with Functional Skill of Users
Change/ Release Management
other ITIL Processes
Configuration Management Integrated Service Desk: Business Operations are
Service Level Management part of the Overall Service Desk
Centralised Service Desk Split Function Centralised Service Desk: Business
Service Desk/Centralised Service Desk where users
Service can go to either Service Desk for support
Record the call - don't provide a solution - route call to
Departments e.g. automated. (Potentially no human
Call centres Desk (SD)
Central Point of Contact All Users phone the SPOC. SPOC then routes the
interaction - therefore no skill required) call to the appropriate Service desk.
Record the call details in general terms - route Structure Deals with Queries of Local Users
to departments - often seen as the most Acts as a single cost centre
Unskilled SD Distributed Service Desk: Multiple Service Local Point of Contact
efficient/cost effective SD Type - Requires
Desks across various locations Interacts with Central Point of Contact for
Standard Procedure Scripts. (Basic human
recording incidents
interaction with script - minimal skill required)
5. Roles
SPOC but voice activated
Use previous experience - usually resolve
- otherwise route call to departments Skilled SD Call Centre Routes calls to specific teams for resolution
(human interaction, skill & experience 3. Concepts Provides local language benefits
required)
Widespread Network of Service Desks
Have specialist knowledge of IT
Around the Clock Support
Infrastructure - Resolve the call Expert SD Virtual Service Desk
single-handedly. (Human interaction End User is unaware of multiple Desks
and highly skilled individuals required) No on-site support to Users
Users bypass Incident Management procedures More accurate CMDB information for ongoing
audit while registering Incidents
Overload of Incidents
Improved User and Customer satisfaction
Increase in escalation of Incidents 7. Bottlenecks Incident
Service Level Agreements not clearly defined Management Applications
Categories of Incidents Hardware
Change in culture in the organization
Service Requests
Poor link between the Incident Management Evaluate Changes to ensure effective
process and the Problem Management process resolution and prevention of problems
Inefficient communication of Known Errors from the 7. Bottlenecks Known Errors - Known Root Causes
development environment to the Live environment
Workarounds - Temporary Fixes,
Lack of commitment on the management's part no disruption to the Client
3. Concepts Reactive PM Activities - Finding Root
Configuration Management Problem
Cause to aid in Permanent Solutions
Change Management Management
6. Relationships with Proactive PM Activities - Prevention
Incident Management before the errors/incidents occur
other ITIL Processes
Service level Management Incident details from the Incident Management process
Capacity Management Workarounds defined by the Incident
Availability Management Management process
Developing and maintaining the Problem Configuration details from the Configuration
Control and Error Control processes Inputs Management Database (CMDB)
Assessing the effectiveness of the Problem Details of products (hardware and software)
Control and Error Control activities used in the IT infrastructure from the suppliers
Providing Problems-related information to the management Details about the IT infrastructure and its behaviour, for
Problem Manager
example, registration of capacity and performance monitoring
Managing the Problem support staff
Allocating resources for the support activities Known Errors
Evaluating the effectiveness of the Proactive Requests for Changes (RFCs)
Problem Management process Up-to-date Problem records
Outputs
Identifying and recording Problems by Closed Problem records for resolved Problems
analyzing Incident details 5. Roles
Management information to help monitor the
Investigating Problems based on their priority effectiveness of the Problem Management
process
Submitting RFCs to remove errors Reactive
Monitoring the resolution of Known Errors 4. Process Identification and reporting
Advising the Incident Management team about Support Group Personnel Classifying - Category (Hardware or Software),
workarounds and quick fixes Impact, Urgency, Priority
Problem Control - Trend Analysis
Investigation & Diagnosing - Diagnosis by
Identifying trends and potential sources of Problems recreating error in a test environment, Diagnosis
Submitting RFCs to prevent the recurrence of Problems Proactive examples: Hardware, Software, Document Error,
Human Error, Procedural Error
Preventing the replication of Problems across multiple systems
Error Identification and recording
Activities Error Assessment
Error Resolution recording & raising
Error Control - Monitoring Known Errors and RFC's
RCFs
Error Closure
Problem/error resolution monitoring
Reviewing Change Manager - Chairperson (CAB) Capacity and performance of affected services
Issuing Forward Schedule of Changes Defined Change Release - several combined batch changes
5. Roles Change Policy
Change Management Reports Different Groups test and Schedule/implementation
Resistance to change
Release - Emergency Fix, Minor SW/HW,
Unfamiliar, cumbersome, and process often bypassed Release Upgrade, Major
Problems in distributed implementation Management Release Units - Infrastructure Portions
Testing environment Release ID - Status of release e.g. in
Insufficient resources 7. Bottlenecks 3. Concepts development, test, live, archive etc
Monitoring performance of HW -
CPU, Disk & Network Utilisation
Incident Management There are 3 main types of Capacity Management Analysing data - trends, normal and baseline
trends (Service Thresholds, Future, Difference)
Problem Management Service Capacity Management
Tuning Resource - Load Balancing
Change Management
Implementing new Hardware - Change supervised
Release Management 6. Relationships with by Change Management and Monitored
other ITIL Processes Technology
Configuration Management Creating and maintaining Capacity Database -CMBD
Business requirements
Service Level Management
Inputs Project plans Resource Capacity Management
Financial Management
Incidents and problems
IT Service Continuity
Financial plans and budgets
Available Management
Capacity Plan
Monitors Process Updated Capacity Database
Capacity Plan Creation Capacity Manager 4. Process Outputs Service Level records
Update the Capacity Management Database Costing and Charging records
5. Roles Revised Operational Schedules
Optimising performance System, Network,
Expertise Business Demand Application Manager Monitoring the performance of a hardware resource
Determining required Capacity Analyzing the data collected from monitoring
Activities Tuning the resource based on the analyzed data
Implementing and adding new hardware
Creating and maintaining the Capacity Database
Availability Management ensures that Measure service availability levels and improve
an accessible service is provided in a them (if possible)
1. Objectives cost effective manner through Provide a quick and effective professional
response in contingency situations, such as
network failure
Both the customer and IT service organization
should have quantifiable availability objectives.
All desired availability requirements should be specified in
terms of time, cost, duration, and performance parameters. A single point of contact is provided for
9. Critical Success Factors
The Service Level Management process should provide customers to resolve availability issues.
realistic formalized SLAs for service delivery. Little Downtime
New products and services comply with existing
Both parties should use common definitions for 2. Benefits to the IT availability standards. Complexity
availability and downtime Organisation The occurrence and duration of unavailability Availability Reliability of components
are reduced using effective remedial actions. Quick response to faults
Availability standards are monitored and Quality of maintenance
Uptime per service or group of Users improved continuously within the associated cost
restrictions. Required Period
Downtime duration
Downtime frequency 8. KPI'S Dependability
Reliability
Rate of Availability 3. Concepts Resilience
LT strategy
Assessment of current situation
Developing the Availability Plan
Set of guidelines for improving existing service
Plans for implementing new service
Insufficient resources, budget constraints 7. Bottlenecks Service Continuity Return to Manual / paper-based
Coordinating the execution of the Recovery plan Training and Awareness Strategy Communication,
Managing the personnel and managers involved in Recovery Training
the execution of the plan Review and Audit: Review Recovery Plans., Audits
Resolving any conflicts that might arise during the Senior Management Operational Management for Changes
execution of the plan
5. Roles
Testing: Loopholes introduced
Providing funds, personnel, and resources required Change Management: Impact of Change on
to execute the Recovery plan Recovery Plan
Defining the organizational policy
Initiating the activities to be performed while executing the plan Identifying the relevant areas to apply ITSCM
Leading the teams, allocating their responsibilities, and 4. Scope Activities
Allocating Resources
specifying clear guidelines for carrying out the plans Management
Setting up the recovery projects in the organization
Reporting on the progress of the execution of the
plan to the Senior Management
Reviewing and improving the performance of the Changes made to the SLA
IT organisation to meet agreed service levels
Problems and incidents related to services
Service Improvement Plans Performance trends
Changes to procedures
Consequences of failure to provide agreed service levels
Comply with the security requirements of the
Service Level Agreements (SLAs)
Security Management prevents Meet the external requirements not defined in the
unauthorised access to information, contracts, legislation, and policies
intrusion or access violation
1. Objectives
Provide a basic level of security to the Information
Total commitment from the management System, independent of the external requirements
User involvement in the process development Ensure that effective security measures are taken
9. Critical Success Factors at strategic, tactical, and operational levels
Clarity in the division of employees'
responsibilities
Providing correct and complete information to
relevant people when required
2. Benefits to the IT Maintaining standards of products and services
Security elements included in SLAs Organisation
Providing value to an Information System
Security elements of the SLA supported by OLA and UCs
Ensuring the continuity of the IT services
Security elements of the SLAs which are
monitored, and where no shortcomings are Helping in meeting the objectives of the organization
reported 8. KPI'S
SLAs
Security elements of the SLAs reviewed regularly Inputs Policies
Security elements of the SLAs where the agreed Information Security External Requirments
service levels are fulfilled
Confidentiality
Routine Security Plans
Integrity Outputs
Security 3. Concepts Exception Reports
Management Availability
Lack of commitment Compliance requirements are located in SLA
Privacy Planning
Insufficient awareness Objectives are specified in the Security Plan
Verifiability
Resistant attitude Classification of IT Resources
Input for CMDB
Immediate implementation 7. Bottlenecks
Task and responsibilities
Inefficient verification
Confidentiality agreements
No link to Change Management Personnel Security
Guidelines
Lack of detection systems
Disciplinary Measures
6. Relationships with Operating instructions
other ITIL Processes Internal regulations
Monitoring the Security Management process
Security Guidelines
Developing and maintaining the Security Plan according to Implementation
the organization's security requirements Managing Security Procedures for dealing with incident
4. Scope
Security Manager Recovery of activities
Handling problems and incidents related to security
Inputs for change management
Ensuring that the Security demands specified in the SLA are met
Activities Virus protection methods
Generating reports containing results of progress,
self-assessment, and internal audits 5. Roles
Control policy
Acting as a mediator between the Security Assess info
Manager and the customer Assess control
Network security barriers
Coordinating escalations for security incidents Security Officer Measures for ID of computer systems
Managing the security measures to be
implemented at the customer end Evaluation
Self Assessments and audits
Found in SLA and Security Plan OLA
Maintenance
Reporting
Reporting
Performance and Issues
Functions
Organisational Structure
Controlling
Roles and Responsibilities
Reporting Structure