ITIL Books

Models
Fixed Components
Organisations
Information Technology
Generic framework to manage IT Certification Exams
Infrastructure Library (ITIL)
infrastructure and services.
Consultants
Variable Components Trainers
details the process of planning and managing a defined level of security for information Suppliers
and IT services, including all aspects associated with reaction to security Incidents. It Security Management:
also includes the assessment and management of risks and vulnerabilities, and the
covers the processes required for the planning and delivery of
implementation of cost justifiable countermeasures. Service Delivery: quality IT services and looks at the longer term processes
associate with improving the quality of IT services delivered.

provides advice and guidance to help IT personnel to
understand how they can contribute to the business The Business Perspective:
objectives and how their roles and services can be better
aligned and exploited to maximise that contribution.
describes how to manage applications from the initial business need, through all
stages in the application lifecycle, up to and including retirement. It places
emphasis on ensuring that IT projects and strategies are tightly aligned with
those of the business throughout the application lifecycle, to ensure that the
business obtains best value from its investment.
Service Support: describes the processes associated with the day-to day support and
maintenance activities associated with the provision of IT services
Core of ITIL
06/03/2005 - v4 ICT Infrastructure covers all aspects of ICT Infrastructure Management from
Management (ICT IM): identification of business requirements through the tendering
process, to the testing, installation, deployment, and ongoing
operation and optimisation of the ICT components and IT services.
Application Management: examines the issues and tasks involved in planning, implementing
Planning to Implement
and improving Service Management processes within an
Service Management: organisation. It also addresses the issues associated with
addressing Cultural and Organisational Change, the development of
a vision and strategy and the most appropriate method of approach.
 Good IT infrastructure in terms of
tools and technology
Well defined organisation mission,
objectives and policies
Competent and trained people to
improve the service culture
Effective and efficient ITSM process
Mission Statement
Strategies & Policies
Objectives
Service management is a methodical approach to delivering services
Success(13) by structuring the firms relationships with its internal customers and Providing high quality, reliable
What (2) multiple service providers to ensure business objectives are met. The main objective of ITSM is to and cost effective services
A service level and a cost target ensure that the IT services are Maintaining effective IT
combine to define an SLA
aligned to the business needs (5) customer-supplier relationships
Continuously improving the quality of IT services
Organisational
Considerations (15) Using the IT services effectively to meet the
current and changing business requirements

Productivity enhancement of the IT

staff by increasing their skill levels Enhanced Quality of business
Better communication between IT departments Organisational Culture (16) operations by ensuring IT services
(Shared values) support business processes
Shift from a product culture towards a service culture
Business Benefits Improved Working Relationships between
Improvement of the relationships customers and IT service organisation
between users and IT specialists
Increased Productivity of
A logically related set of activities needs to be defined. Organisation should have a business and customer staff
Activities to be measured at every process orientated approach to implemented changes
stage to ensure the objectives are met facilitate changes (17)
Financial Benefits Cost justification for estimated capacity requirements
If targets are not achieved, org should Organisational
planned IT services continuity expenditure
modify its plans and policies Approach to
What is the objective of the process ITSM (12) ITSM has the following benefits (6) Clear understanding of required IT services for
Vision and business objective
better Delivery
What is the expected results of the process Increased flexibility and adaptability of IT services
Assessments
Process Innovation Benefits
to coexist with each other
What are the criteria to determine whether the Questions (18)
process has delivered the desired results IT Service Improved ability to recognised and adapt
Process improvements to changing business trends
Management
What is the impact of the output of the
Increased productivity of IT staff
Metrics process on other processes
Increased transparency between
Each process has a clear objective and is defined through a series of activities Process Employee Benefits management and employees of the firm
leading to highly motivated staff
Each activity has a defined input and output
Processes(19) Better motivated staff through
Activities are executed using a set of procedures and working instructions improved job satisfaction
Responsibility of executing these procedures is assigned to appropriate role(s)

Responsible for results/output of the process. Defines
Process Owner
the activities in the process and determines that the
actual performance matches the expected results
Responsible for structuring the process - controls
the day to day activities and operations. Also Process Manager
generates the reports to help the process owner in
comparing actual and expected results.
Responsible for executing the defined activities. Process Operatives
Report to the process manager
In hierarchically structured firms the departments,
Department Orientated
processes and tasks are usually based on specific
customers, products, disciplines or regions.
In process orientated firms several departments together
perform different activities of one process. Roles and
responsibilities are assigned according to the activities
defined to deliver a particular service.
Quality is defined by 'all the characteristics of a product or service that has
the ability to satisfy the stated and implied needs of the customer'(26)
Overall quality of the service is determined by the effectiveness of its
component processes
Process Roles (20) These component processes form a chain of activities that need to
Principles of Quality(29)
be well coordinated to deliver consistent quality.
Control and coordinate these activates the following principles should be
applied: Quality Management, Quality Assurance and Quality Systems
Principle involves the cost effective and systematic management of all the
organisational activities such as design, development and implementation
Aim is to direct these activities to efficiently meet
Quality Management(30)
the organisational and user requirements
Specifies continuous identification, modification and
implementation of the quality improvement activities
Procedures help the organisations to ensure that
Principles specify the complete set of measures the IT services continuously and consistently
Quality Assurance(31) and procedures for ensuring quality. fulfil the expectations of the customer
Two Approaches to Delivering Measures help in identifying the improvement
Service(22) steps needed to enhance service quality.
Quality within ITSM
Process Orientated Quality Requirements
Principles specify the Steps for meeting these requirements
organisation wide processes
Procedures for improving the quality standards
Principles Quality Systems(32)
Methods for assuring the service quality levels

Principle defines the responsibilities, procedures and

resources required to implement quality management

Plan
Do
Deming Circle(34)
Check
Act
Quality Improvement Tools(33)

Model is used to determine the

European Foundation for Quality
maturity of the organisation
Management (EFQM) Model(35)
Organisational maturity is defined by
the levels of:
 1. Objectives
2. Benefits to the IT Organisation
3. Concepts
Input
Output 4. Process
Activities

5. Roles Model
Demonstrates the relationships
SEMI Model 6. Relationships with other ITIL Processes
and interrelationships between all
of the ITIL processes
7. Bottlenecks
8. KPI'S
9. Critical Success Factors Service
Management

Covers the processes required for the planning and delivery of quality IT services and looks at Describes the processes associated with the day-to-day support
longer term processes for improving the quality of IT services delivered and maintenance activities for the provision of IT services
Aims to consistently provide the required IT Capacity Service This function facilitates quick resolution
 Management  Desk (SD)
resources at an acceptable cost and in line with the of user queries by serving as a Single
current and future requirements of the customer Point Of Contact for the user
Availability Incident
Helps manage the IT resources and services and deliver  Management_1 Helps to resolve errors that interrupt or
 Management
the quality of service expected by the customer reduce the quality of the business processes
with minimal impact on the business
ITSCM enables firms to continue to provide the Service Continuity
 Management Configuration Database contains the relationships
pre-determined and agreed level of IT services even  Management
Service Delivery Service Support of the IT components to provide
after a calamity or disaster
accurate information to the business
Helps the firm plan and implement their Financial
 Management Problem
business objectives by keeping in mind the  Management Database contains the r-relationships of the IT
costs associated with providing each service components to provide accurate info to the business
Service Two key components Change
Bridges gap between customer requirements and Standard method for implementing
 Level Management  Management
quality of service provided by firm by drafting an change with minimum errors in the
agreement on the services to be provided infrastructure and IT services
Bridges gap between customer requirements and Security Release Ensures a stable production environment by using
 Management  Management
quality of service provided by firm by drafting an formal procedures and checks for implementing
agreement on the services to be provided new versions of software and hardware
 Users should be able to access the Service Desk
Users should be encouraged
to approach Service Desk 9. Critical Success
Users should be discouraged from Factors
bypassing the Service Desk
Users should clearly understand Service Desk
Function e.g. Provision of SLA, Service
Catalogues, Product Catalogues etc.
Average duration and answer time per call.
Average time to resolve
% of incidents resolved - first call fix
Number of calls processed per workstation
Total number of calls to the Service Desk
Limited understanding of Business needs
Inadequate investment in training
Unrealistic Service Levels 7. Bottlenecks
Insufficient Significance attributed to the
Service Desk
Incident Management
6. Relationships with
Change/ Release Management
other ITIL Processes
Configuration Management
Service Level Management
Record the call - don't provide a solution - route call to
Departments e.g. automated. (Potentially no human
Call centres
interaction - therefore no skill required)
Record the call details in general terms - route
to departments - often seen as the most
Unskilled SD
efficient/cost effective SD Type - Requires
Standard Procedure Scripts. (Basic human
interaction with script - minimal skill required)
5. Roles
Use previous experience - usually resolve
- otherwise route call to departments Skilled SD
(human interaction, skill & experience
required)
Have specialist knowledge of IT
Infrastructure - Resolve the call Expert SD
single-handedly. (Human interaction
and highly skilled individuals required)
Monitoring Progress
Providing Metrics
Resolving Complaints
Responding to User Calls
Providing Info to Users
Communicating with Suppliers
Performing Ops Management Tasks
Monitoring Infrastructure
Provide a Single Point of Contact (SPOC)
Ensure Restoration of Service
Guarantee access for all users to IT Organisation
1. Objectives
Reduce workload on other IT departments by
routing only specific and relevant queries to each
8. KPI'S department
SPOC reduces the time and effort spent by Users resolving issues
2. Benefits to the IT
Provides an Information source to other IT departments
Organisation
Provides Long Term Customer Retention through
efficiency of Service Provision
Cost & resource constraint
Organisation hierarchy
Considerations
Expertise of service desk staff
Functional Skill of Users
Integrated Service Desk: Business Operations are
part of the Overall Service Desk
Centralised Service Desk Split Function Centralised Service Desk: Business
Service Desk/Centralised Service Desk where users
Service can go to either Service Desk for support
Desk (SD)
Central Point of Contact All Users phone the SPOC. SPOC then routes the
call to the appropriate Service desk.
Structure Deals with Queries of Local Users
Acts as a single cost centre
Distributed Service Desk: Multiple Service Local Point of Contact
Desks across various locations Interacts with Central Point of Contact for
recording incidents
SPOC but voice activated
Call Centre Routes calls to specific teams for resolution
3. Concepts Provides local language benefits
Widespread Network of Service Desks
Around the Clock Support
Virtual Service Desk
End User is unaware of multiple Desks
No on-site support to Users
Enhances the interaction between
the Service Desks and the Users.
Objective Tracks the users data for input
into the ITIL processes
CTI (Computer Telephony Integration)
4. Process VOIP (Voice Over Internet Protocol)
Technology
IVR (Interactive Voice Response)
Activities
Internet Gateways
Includes
Automated System Management Tools
Networking Tools
Call Forwarding Facilities Emails, Faxes,
Telephones etc
 An up-to-date CMDB that is a must to estimate
the impact and urgency of Incidents
A Knowledge Base, which is necessary to record 9. Critical Success Timely Solutions to incidents
Incidents, their solutions or workarounds Factors Correct identification of incidents
An automated system that is necessary for 1. Objectives Monitoring of Incidents
recording, tracking and monitoring Incidents
Increased Productivity
Close ties with Service Level Business Management Info
Number of recorded Incidents
Improved monitoring, allowing performance against
Average time to resolve the prioritized SLAs to be accurately measured
and not prioritized Incidents
Accurate recording of Incidents and service requests
Number of resolved Incidents per work station or per Service
Elimination of lost or incorrect Incidents and service
Desk, within the time duration specified in the SLAs 8. KPI'S requests
Percentage of Incidents resolved by the First-line support 2. Benefits to the IT
Organisation Organized and efficient use of personnel for resolving
Average support cost per Incident Incidents
Total Incidents solved without the Support Groups Availability of information on IT errors for effective
needing to visit the User's location management

Users bypass Incident Management procedures More accurate CMDB information for ongoing
audit while registering Incidents
Overload of Incidents
Improved User and Customer satisfaction
Increase in escalation of Incidents 7. Bottlenecks Incident
Service Level Agreements not clearly defined Management Applications
Categories of Incidents Hardware
Change in culture in the organization
Service Requests

Configuration Management Impact - High, Medium, Low

Problem Management Criteria for solving Incidents Urgency - High, Medium, Low
Change Management 6. Relationships with 3. Concepts Priority
Service Level Management other ITIL Processes 1st Line - SD, Report, Monitor, Close
Availability Management Support Groups 2nd, 3rd, 4th Line - Management Department,
Capacity Management software, architects, suppliers
Creating Process Reports
Service Desk Hierarchical - lack of resources or authority
Organising Management Information Escalation
Developing and maintaining incident mgmt system Incident Manager Functional - 1st line to 2nd line

Monitoring responsibility of IM support Incidents from different parts of the

Inputs:
groups infrastructure
Recording reported incidents
Outputs:
Infomation about the incidents and their solutions
Classifying and matching incidents
Routing incidents to other support groups First line & Service Desk 5. Roles Accepting and Recording Incidents
Resolving incidents Classifying Incidents and providing First-line
Support
Closing solved incidents Support Groups 4. Process
Matching new Incidents with the previously
Handling incidents not solved by 1st line recorded Incidents
Activities
Investigating incident details Investigating and Diagnosing Incidents
Other Support Groups
Diagnosing the cause of incidents Resolving and Recovering Incidents
Recovering solved incidents Monitoring and tracking the progress of the
Incidents
Closing the Incidents

Identifying clear process objectives
Ensuring implementation of all stages in the
process
Deleting the existing records before
introducing the process to avoid duplicate data
Ensuring that the Configuration Management
team has the required skills and attitude
Close coordination with the Change
Management process to ensure accuracy of the
information in the CMDB
Number of unauthorised Configuration Items
Number of refused RFC's as a result of incomplete
CMDB data
CI's and CMDB
Number of changes to CMDB per month
Number of unauthorised IT components detected in use
Ratio of calls resolved immediately
Average Time and cost of diagnosis and resolution of Service Desk
Service Desk Calls
Cycle Time for Change Approvals
ITIL processes
Wasted Licences
Level of detail in CMDB
Manual Systems
Urgent Changes
Over ambitious schedules
Unrealistic Expectations
Lack of Commitment
Bureaucratic Process
Isolated Implementation
Inflexible Tools
Incident Management
Problem Management
Release Management
6. Relationships with
Service Level Management
other ITIL Processes
Financial Management
Availability Management
Service Continuity Management
Capacity Management
Making proposals on the scope of Configuration Management
Planning and populating the Configuration
Management Database (CMDB)
Evaluating existing and implementing new
Configuration Management systems
Developing identification system and naming Configuration Manager
conventions for the Configuration Items (CIs)
Developing interfaces to other processes
Creating reports and audits
Communicating the process and conducting
training
Configuration Management Database (CMDB: Details:
Numbers, Versions, Values, Locations of IT components etc
Providing reliable and up-to-date details about
CM provides information about the IT infrastructure and services
components of IT Infrastructure and
helps Organisations by providing: Managing the economic value of the IT
1. Objectives services (customer requirements, quality, and
costs)
9. Critical Success Effective Management of IT Components
Providing accurate information and
Factors documentation to support the other ITIL Provision of High-quality Commercial Services
processes
Effective Problem-solving
Rapid Implementation of Changes
2. Benefits to the IT
Better Control of Software and Hardware
Organisation
Improved Security
Compliance with Legal Requirements
Effective Expenditure Planning
Identification of Hidden Costs
Support for Other ITIL Processes
8. KPI'S Hardware and software
Documentation, such as agreements,
procedures, and manuals Hardware, Software, Network Components,
Servers, Processors, Documents, Procedures,
Scope Services and other IT Components Environments
Technical specifications CI - Configuration Items
Organization charts and project plans CI's must be: Uniquely Identifiable, Changeable,
Manageable
Environment
The CI Baseline consists of
Configuration frozen CI's (CI attributes are not
Management 3. Concepts CI Baseline changed) ; Baseline is used for: Configuration Audit, Release, Change, Product Catalogue,
Collection of Standard CI's for costing, Testing new Configurations,
Backout Problems, Standard Supply to Users
CMDB - Configuration Item Information is Component and version, CI affected by a
7. Bottlenecks Information about changes in the organization logged in the CMDB as follows Schedule, CI purchased by Supplier, CI history,
Inputs Location of CI info, Schedules for upgrading, CI
Information about the new IT components affected by a problem
Reports to other processes and to the IT management
Outputs
New and updated records in the CMDB
Defining the strategy, policy, and objectives of the process
Analyzing the information that is available for the process
1. Planning Identifying the tools and resources required for the process
Creating interfaces with other ITIL processes,
projects, and third parties like the suppliers
Define the scope of the Configuration
Management process
Specify the level of detail for recording the information
2. Identification Identify the relationships of the Configuration Items (CIs)
Determine the depth of information that needs to be recorded
4. Process Create Naming Conventions
Attributes
Activities
3. Status Monitoring A status code is assigned to each of the
statuses for easy identification
Record the details of the hardware and
software in the CMDB
4. Control
5. Roles Changes made to the IT infrastructure and IT
components
Automatically analyze workstations using audit tools report
on the Current situation and status of the IT infrastructure
5. Verification
Check and update the CMDB
Assess the efficiency and effectiveness of the
process
6. Reporting
Review of the expected growth of the demand of the
process activities are scheduled on a regular basis
 Detect causes of errors or Incidents in the IT
infrastructure
1. Objectives Eliminate Problems in the IT infrastructure
Provide permanent solutions to Problems
Prevent the recurrence of Problems

Manual Systems are Error Prone In terms of IT Service Quality -

Effective Automated Incident
Documents and eliminates errors
Registration System
Automated Systems save time and improve the 2. Benefits to the IT
quality of Service Delivery Reduces the number of Incidents
Organisation
9. Critical Success Factors Provides permanent solutions to
Feasible objectives problems in the IT Infrastructure.
Dedicated team required (not part-time)
Higher First Line Resolution Rate
Effective Coordination of Incident Resolution and
Problem Prevention Identify the root cause of the Problem
Problem Control Activities Provide the Service Desk with information
Number of Incidents by resolving problems and advice on workarounds
Time needed to resolve problems 8. KPI'S
Spot, monitor, and eliminate
Costs (people, material resources) incurred during resolving a Problem Scope
Implement solutions as suggested Changes by
Error Control Activities following the Change Management process errors

Poor link between the Incident Management Evaluate Changes to ensure effective
process and the Problem Management process resolution and prevention of problems

Inefficient communication of Known Errors from the 7. Bottlenecks Known Errors - Known Root Causes
development environment to the Live environment
Workarounds - Temporary Fixes,
Lack of commitment on the management's part no disruption to the Client
3. Concepts Reactive PM Activities - Finding Root
Configuration Management Problem
Cause to aid in Permanent Solutions
Change Management Management
6. Relationships with Proactive PM Activities - Prevention
Incident Management before the errors/incidents occur
other ITIL Processes
Service level Management Incident details from the Incident Management process
Capacity Management Workarounds defined by the Incident
Availability Management Management process

Developing and maintaining the Problem Configuration details from the Configuration
Control and Error Control processes Inputs Management Database (CMDB)

Assessing the effectiveness of the Problem Details of products (hardware and software)
Control and Error Control activities used in the IT infrastructure from the suppliers

Providing Problems-related information to the management Details about the IT infrastructure and its behaviour, for
Problem Manager
example, registration of capacity and performance monitoring
Managing the Problem support staff
Allocating resources for the support activities Known Errors
Evaluating the effectiveness of the Proactive Requests for Changes (RFCs)
Problem Management process Up-to-date Problem records
Outputs
Identifying and recording Problems by Closed Problem records for resolved Problems
analyzing Incident details 5. Roles
Management information to help monitor the
Investigating Problems based on their priority effectiveness of the Problem Management
process
Submitting RFCs to remove errors Reactive
Monitoring the resolution of Known Errors 4. Process Identification and reporting
Advising the Incident Management team about Support Group Personnel Classifying - Category (Hardware or Software),
workarounds and quick fixes Impact, Urgency, Priority
Problem Control - Trend Analysis
Investigation & Diagnosing - Diagnosis by
Identifying trends and potential sources of Problems recreating error in a test environment, Diagnosis
Submitting RFCs to prevent the recurrence of Problems Proactive examples: Hardware, Software, Document Error,
Human Error, Procedural Error
Preventing the replication of Problems across multiple systems
Error Identification and recording
Activities Error Assessment
Error Resolution recording & raising
Error Control - Monitoring Known Errors and RFC's
RCFs
Error Closure
Problem/error resolution monitoring

Incident Management team

Providing Information - Solution to Problems Service Desk
End User
 Following process
Co-ordination with Staff
9. Critical Success Factors
Post Implementation Review (PIR) Change Management ensure that all changes in Quick and efficient handling of Changes
Coordination with Configuration Management the IT Infrastructure are approved and closely Minimum impact of risk due to the
1. Objectives managed for associated risk to the IT environment implementation of Changes
Improvement in the day-to-day operations of the
Number of implemented changes per CI
organization
Number of successful changes per CI
Number of unsuccessful changes per CI
Number of backed out changes
8. KPI'S
Number of incidents per CI. Workload
Incidents
2. Benefits to the IT Optimise risks
reduction after change, Average time , Organisation Minimise impact of business change
Average time reduction in related incidents
Save time & money
Number, Number rejected, Number of RFCs
incidents occurring as a result of an RFC
Change
Bureaucracy - Lengthy activities and paperwork
Management
Standard/ Urgent Changes
Urgent Changes - steps missed, errors 3. Concepts Request for Change (RFC)
Lack of Coordination with Configuration Change Approval Board (CAB
7. Bottlenecks
Management - inaccurate analysis of impact
Unclear Role definition
Wide Scope of Change
Change Requests - Require CAB approval
Configuration Management Process Service Requests - No need to review with Change
Release Management Management
Problem Management Classification of RFC's according to Impact & Urgency
6. Relationships with Classifying
Incident Management Category depends on resources required
other ITIL Processes
Service Level Management
Request process:
Availability Management
Required personnel
Capacity Management
Cost
IT Service Continuity Planning: The following are criteria that
need to be addressed as part of the Change Affected Services
4. Process Activities Management Request process New Resources to be purchased
Filtering & accepting RFC's
Obtaining Authorisation Cycle Time of Change

Planning & Implementation Coordination Impact of Change on Services

Reviewing Change Manager - Chairperson (CAB) Capacity and performance of affected services

Convening Urgent CABs IT Service Continuity

Issuing Forward Schedule of Changes Defined Change Release - several combined batch changes
5. Roles Change Policy
Change Management Reports Different Groups test and Schedule/implementation

Customers - Attend Status of RFC is 'closed'

LOS reps - Participate in Scheduling
Apps Teams - Provide Estimation,
Impact and Cost
SW and Systems Users
Evaluate Success Post Implementation Review (PIR
Backout plan is followed
CAB: Change Approval Board consists of
 Release Management concentrates on the
Piloting new changes protection of the live environment by testing
Automatic toolsets changes in a test environment before they are Purchasing
1. Objectives released. In addition, helps monitor:
Number of Incidents by Back Out Storing

Automatic Release Building 9. Critical Success Factors Transporting

Risk optimisation
Build Machines
Number of software in the DSL that have not been subjected to a quality check Release Implementation in manageable time
Test Environments with minimal disruption
Number of accurate and timely distributed-Releases at remote sites 2. Benefits to the IT
User testing
Number of unused software that have unnecessary costs, such as license fee Organisation Fewer individual implementations
8. KPI'S Less illegal copies of software
Number of times that unauthorized software is used
Increased User involvement for testing
Number of times when the status of the Release-associated
CIs in the CMDB was accurately updated Standardisation of Hardware/software

Resistance to change
Release - Emergency Fix, Minor SW/HW,
Unfamiliar, cumbersome, and process often bypassed Release Upgrade, Major
Problems in distributed implementation Management Release Units - Infrastructure Portions
Testing environment Release ID - Status of release e.g. in
Insufficient resources 7. Bottlenecks 3. Concepts development, test, live, archive etc

Insufficient time Release Types - Delta (small), Full release, Small

Testing Problems or Emergency Software
Reluctance to perform back outs
DSL - Definitive Software Library
Delays in installation
DHS - DefinativeHardware Store
Multiple tools or audits
Technical Operations
Incident Management
Testing: The following aspects of a Change are Functional Aspects
Change Management 6. Relationships with tested as part of the Release Management Process Operational Aspects
Problem Management other ITIL Processes
Performance Aspects
Service Level Management
Integration Aspects
Configuration Management
Prepares Release Plan Installation Instructions
Authorises Release Operating Instructions
Communicates Release Release Manager Tools: Automated Tools reduce time and resources and
increase quality. Other tools for Release Management include Test Laboratory
Implements Release Configuring and recording Hardware/ Software
Member of the CAB components
4. Activities Standardising Hardware/Software Requirements
Testing in Live and Test environment
Test Manager Plan
Preparing roll-out Plan
5. Roles Design
Test Environment Activities
Build
Good technical background Configure
Good IT Understanding
Environment Activities Acceptance
Good knowledge of support tools Skills sets required
Preparation
Good knowledge of principles
Roll out plan
Good business strategy
Communication
Live Environment Activities
Distribution
 Justifiable costs
Capacity Management looks at Demand for Resources and costs associated with
balancing the cost of resources and this provision
1. Objectives benefits through the use of: Current and future needs for customers
Accurate Forecasts
Cost Versus Capacity
Accurate Plan
Supply Versus Demand
Close Interaction of Processes 9. Critical Success Factors
Current and Future Technologies Reduced Risks: Monitoring performance, effectively
Better Implementation managed
2. Benefits to the
Accurate Forecasts of future demands:
IT Organisation Future Customer demands,

Performance trends after estimates Efficient Balancing of supply and demand

Reduction in rushed purchases Reduced Capacity Related Expenditure:
Timely Investments
Reduction in expensive overcapacity 8. KPI'S
Reduction in number of incidents due to
performance plans
Performance Management - Measuring,
Monitoring, tuning
Modelling - Mathematical Models
High Expectations -Limited understanding, Application Sizing - Estimation of HW and SW
overestimation Capacity required and expected costs
Lack of Information - No information on workload, Management Capacity Planning - Current and Future resources
no plans, no simulation model and costs
Insufficient Supplier Inputs - Different Benchmarks, 7. Bottlenecks
Different Testing methods Capacity Plan - created annually,
Complex Environments - Too many dependencies reviewed every quarter
Business Capacity Management
Problems in Determining appropriate levels of Modelling - simple, complex
monitoring - Conflict in process and procedure 3. Concepts Applications Sizing

Incident Management
Problem Management
Change Management
Release Management
Configuration Management
Service Level Management
Financial Management
IT Service Continuity
Available Management
Update the Capacity Management Database
Expertise Business Demand
Determining required Capacity
6. Relationships with
other ITIL Processes
Monitors Process
Capacity Plan Creation
Optimising performance System, Network,
Application Manager
Monitoring performance of HW -
CPU, Disk & Network Utilisation
There are 3 main types of Capacity Management Analysing data - trends, normal and baseline
trends (Service Thresholds, Future, Difference)
Service Capacity Management
Tuning Resource - Load Balancing
Implementing new Hardware - Change supervised
by Change Management and Monitored
Technology
Creating and maintaining Capacity Database -CMBD
Business requirements
Inputs Project plans Resource Capacity Management
Incidents and problems
Financial plans and budgets
Capacity Plan
Updated Capacity Database
Capacity Manager 4. Process Outputs Service Level records
Costing and Charging records
5. Roles Revised Operational Schedules
Monitoring the performance of a hardware resource
Analyzing the data collected from monitoring
Activities Tuning the resource based on the analyzed data
Implementing and adding new hardware
Creating and maintaining the Capacity Database

Both the customer and IT service organization
should have quantifiable availability objectives.
All desired availability requirements should be specified in
terms of time, cost, duration, and performance parameters.
9. Critical Success Factors
The Service Level Management process should provide
realistic formalized SLAs for service delivery.
Both parties should use common definitions for
availability and downtime
Uptime per service or group of Users
Downtime duration
Downtime frequency
Rate of Availability
Number of failures with 'X' time
Lack of effective measurement tools for measuring sub-activity
Failure to meet Business Objectives
7. Bottlenecks
Lack of roles and responsibilities
Insufficient empowerment and coordination between processes
Service Level Management
Configuration Management
IT service Continuity Management
6. Relationships with
Financial Management
other ITIL Processes
Capacity Management
Change Management
Incident Management
Problem Management
Managing the Availability process in terms of time, cost, and delivery
Ensuring that the delivered IT services match the agreed service levels
Optimizing the IT infrastructure to lower service costs to customers Availability Manager
Monitoring IT service response time for reporting to customers
Creating a proactive Availability Plan to balance future Availability Management needs
Understanding of Availability Management
Experience
Communication skills
Statistical Analysis
Availability Management ensures that Measure service availability levels and improve
an accessible service is provided in a them (if possible)
1. Objectives cost effective manner through Provide a quick and effective professional
response in contingency situations, such as
network failure
A single point of contact is provided for
customers to resolve availability issues.
Little Downtime
New products and services comply with existing
2. Benefits to the IT availability standards. Complexity
Organisation The occurrence and duration of unavailability Availability Reliability of components
are reduced using effective remedial actions. Quick response to faults
Availability standards are monitored and Quality of maintenance
improved continuously within the associated cost
restrictions. Required Period
8. KPI'S Dependability
Reliability
3. Concepts Resilience
Quality of Maintenance
Availability Contractual 3rd Parties
Management_1 Serviceability
Impact Assessment reports for processes Contractors
Configured data (monitored data)
Detecting failures
Inputs Reliability requirements for all IT Infrastructure components
Diagnosing Failures
Data about faults from previous Incidents Maintainability/Recoverability
Restoring Failures
Service Levels, desired and achieved (SLA)
Resolving Failures
Availability design Criteria
Technical Requirements for Infrastructure Resilience
Reports on achieved availability and reliability
Availability Plan
Outputs
MTTR - mean time to repair
MTBF - mean time between failures
Availability Reports - based on Metrics:
MTBSI - mean time between system incidents
Uptime/Downtime
Key business function
Determines service uptime/downtime
Determining the availability requirements
Business impact of downtime
Business hours for customer
Component failure impact analysis CFIA
4. Activities Component risk assessment management method CRAMM
Design plan - Effective maintenance contracts with suppliers
Designing for availability of service
Adopt alternative strategies if requirements are not suitable
5. Roles Service vulnerabilities and expenditure
Alternative designs
Planning
Skills Designing for recoverability of service
Ensure business and technical processes in place
Activities List of authorised personnel
Evaluating key security issues Types of authorisation
Map authorisation of customer IT policies
S/ware and h/ware upgrades to avoid availability issues
Planning maintenance management
Planning downtimes
LT strategy
Assessment of current situation
Developing the Availability Plan
Set of guidelines for improving existing service
Plans for implementing new service
Measuring the service response time
Monitoring
Preparing availability reports
 IT Service Continuity Management
Structure
concentrates on Business Continuity after
1. Objectives a Disaster by focusing on the following Culture
Strategic Direction

Cooperation and commitment within the organization to

2. Benefits to the IT Business Continuity
create and execute the Recovery Plan
Organisation Organisation Credibility
Effective installation and backup tools, such as tapes, CDs, and zip drives to
transfer business-critical information from disaster site to the Recovery site Infrastructure Recovery - Faster Recovery
9. Critical Success Factors
Effective implementation of the Configuration Management process
Training on procedures for executing the Recovery Plan
Unexpected testing of the Recovery Plan

Number of shortcomings identified in the Recovery

Plan
Cost to the company because of the loss in the Risk Assessment
business, if the Recovery Plan had not been 8. KPI'S Initiation: Determines Scope, Policy, IT Components
executed Resources, Recovery projects etc
Cost incurred in terms of time, resources and Threats and Probability
money to restore IT Services after a disaster Vulnerabilities

Lack of commitment, ownership, awareness Do nothing

Insufficient resources, budget constraints 7. Bottlenecks Service Continuity Return to Manual / paper-based

Immeasurable estimation of damages, unrealistic Management Reciprocal Agreements (sharing department

assumptions and irregular testing Requirements and Strategy: If no resources)
preventative measures, options are: Gradual Recovery (3rg Parties)
Service Level Management Immediate Recovery (Operational Environment
Availability Management Created)
6. Relationships with
Capacity Management Inter-immediate Recovery (Identical Production
other ITIL Processes Environment created with replication of data)
Configuration Management
Change Management Organisation and Implementation planning
3. Concepts 4 phases
Security Management Emergency Response Teams, Damage
Define organisational policies and strategies
Assessment, Crisis Management and Human
Managing crises thus controlling any further impacts of the disaster. Resources
COO, Directors Board
Taking timely decisions that are critical for business continuity. For Implementation Preventative measures and recovery options
example, identifying the right time for executing the Recovery plan. Standby Agreements, Off site recovery with Third
Organisation and Implementation planning Parties
Emergency Response Teams, Damage Assessment, Crisis Manager Includes Installing HW and Network Components
Developing plans and procedures
Crisis Management and Human Resources Restoring Applications, Databases and Data

Coordinating the execution of the Recovery plan Training and Awareness Strategy Communication,
Managing the personnel and managers involved in Recovery Training
the execution of the plan Review and Audit: Review Recovery Plans., Audits
Resolving any conflicts that might arise during the Senior Management Operational Management for Changes
execution of the plan
5. Roles
Testing: Loopholes introduced
Providing funds, personnel, and resources required Change Management: Impact of Change on
to execute the Recovery plan Recovery Plan
Defining the organizational policy
Initiating the activities to be performed while executing the plan Identifying the relevant areas to apply ITSCM
Leading the teams, allocating their responsibilities, and 4. Scope Activities
Allocating Resources
specifying clear guidelines for carrying out the plans Management
Setting up the recovery projects in the organization
Reporting on the progress of the execution of the
plan to the Senior Management

Executing the activities mentioned in the Recovery plan

Reporting the issues faced during the execution of the Recovery Plan Team Leaders and Members
Providing implementation-level details for formulating future plans
 Create awareness among users about cost of
implementing IT services Track service costs
Implement a cost monitoring systems that justifies all 1. Objectives enables IT service organizations to: Implement cost-effective services
expenditure Meet customer demands
Provide effective services at reasonable costs 9. Critical Success Factors
Create complete awareness about impact and cost of
implementing financial mgmt process Determine the costs of IT services
Provide access to relevant information from the
configuration management process
2. Benefits to the IT Identify the cost structure
Organisation Recover costs from customers
Cost benefit analysis Operate the IT department as a business unit
Feedback from customers Verify that charges for IT services are realistic
Financial targets met by IT organisation 8. KPI'S
Changes in use of service Budgeting

Reports sent to the service level management process Accounting

3. Concepts
Charging for IT Services
Non-availability of adequate written material Cost Categories
Difficulty in obtaining planning details Financial
Improper documentation of corporate strategy Management Incremental Budgeting - Looking at the previous
and objectives 7. Bottlenecks years budget
Difficulty in locating skilled personnel Budgeting looks at the long term objectives
Zero Based Budgeting - Business Managers
Insufficient cooperation justifying the cost of services
Lack of managerial commitment
Service Level Management 6. Relationships with Sales and Marketing budget - Sales Volumes
Budgeting
Capacity Management other ITIL Processes Production Budget - Information about Services,
People etc
Configuration Management Secondary Budget
Administrative Budget - Costs per Department
Cost and Investment Budget - Planned budgets
Develops and implements the process and purchase or replacement costs
Managing the IT organization's budget Phase 1 - Identify IT needs
Reporting to IT managers and Customers Phase 2 - Identify Cost Control Methods
about conformance to budget 4 Phases to Financial
IT Finance Manager Accounting Management Accounting: Phase 3 - Charge appropriately to customers
Gathering cost data for all implemented services
4.Scope Activities Phase 4 - Request and receive feedback from
Implementing suitable accounting policies customers about planned changes
Providing justifications for IT service charges
Preparing regular bills for IT services 5. Roles Encourages Companies to work as a Business Unit
Charging Policy
Good numerical and financial skills
Charging Communicates Information
Ability to successfully work with all levels of
IT Organization management Pricing Flexibility - charging additional Costs to the Customer
Skills Notational Charging
Thorough documentation skills
Excellent communication and negotiation skills Direct or indirect
Good presentation skills Fixed Costs - Constant Costs e.g. not related to
volumes or production
Cost Categories
Variable Costs - e.g. Printers, Phones etc
Capital Costs - purchase of assets that depreciate
Operational Costs - e.g. Building Maintenance etc
 Technical and business expertise of the
Service Level Managers
IT services are provided at the agreed quality levels and costs
Accurate formulation of the mission and objectives
of the Service Level Management process 9. Critical Success 1. Objectives Agreed service levels are maintained,
Factors monitored, and improved continuously
Details mentioned in the SLA that help in Awareness of the Service Level Management process
quantifying agreed service levels among the employees of the IT organization
Design services based on customer
Clearly defined OLA and UC that help Clear definition of the tasks and roles within requirements
maintain the service levels agreed in the SLA the Service Level Management process
Provide measurable performance indicators for
Number of monitored elements of the SLA
2. Benefits to the IT IT services
8. KPI'S Organisation
Reported number of deviations from agreed service levels Balance the required quality of services with
costs
Elements of the SLA that meet the agreed service levels
Reduce costs in the long run
Shortfalls in meeting the agreed service levels
and the consequent improvement measures Improve relationships with customers
included in the next phase plans
Cultural changes required within the IT
Service Providers, Customers, and Users
organization Level Management Service Level Requirements (SLR)
Inability of the customers to specify their Service Spec sheets
requirements clearly
Service Catalogs
Difficulty in quantifying customer expectations
7. Bottlenecks 3. Concepts Service Level Agreements (SLA)
Possibility of over-ambitious agreements with
customers Operational Level Agreements (OLA)
Underestimation of overhead costs for Underpinning Contracts (UC)
monitoring and reviewing service levels Service Improvement Plan (SIP)
Identifying requirements
Service Desk Non-conformance to the Service Level Service Quality Plans (SQP)
Management process Reaching Agreements Defining services
Availability Mgt
Finalising
Capacity Mgt
Incident and problem mgt Monitoring
6. Relationships with Fulfilling Agreements
Change mgt Reporting achieved targets
other ITIL Processes
IT service continuity mgt Reviewing Service Levels
Owns and manages the process, and is
Security Mgt responsible for its implementation
Average response times and transaction rates during peak periods
Configuration Mgt Creating and updating the Downtime
service catalogue
Financial Mgt Activities Number of functional errors
4. Activities Service Management Reports
Release Mgt Maintaining the SLA process by
defining SLA's OLA's and UC's Service Level Manager 5. Roles Frequency of duration of service not meeting service levels
Responsible for: Successful/unsuccessful breaches of security
Updating the SIP
Updating the SLA's, UC's and OLA's Completed/Ongoing changes

Reviewing and improving the performance of the Changes made to the SLA
IT organisation to meet agreed service levels
Problems and incidents related to services
Service Improvement Plans Performance trends
Changes to procedures
Consequences of failure to provide agreed service levels

Security Management prevents
unauthorised access to information,
intrusion or access violation
1. Objectives
Total commitment from the management
Comply with the security requirements of the
Service Level Agreements (SLAs)
Meet the external requirements not defined in the
contracts, legislation, and policies
Provide a basic level of security to the Information
System, independent of the external requirements

User involvement in the process development Ensure that effective security measures are taken
9. Critical Success Factors at strategic, tactical, and operational levels
Clarity in the division of employees'
responsibilities
Providing correct and complete information to
relevant people when required
2. Benefits to the IT Maintaining standards of products and services
Security elements included in SLAs Organisation
Providing value to an Information System
Security elements of the SLA supported by OLA and UCs
Ensuring the continuity of the IT services
Security elements of the SLAs which are
monitored, and where no shortcomings are Helping in meeting the objectives of the organization
reported 8. KPI'S
SLAs
Security elements of the SLAs reviewed regularly Inputs Policies
Security elements of the SLAs where the agreed Information Security External Requirments
service levels are fulfilled
Confidentiality
Routine Security Plans
Integrity Outputs
Security 3. Concepts Exception Reports
Management Availability
Lack of commitment Compliance requirements are located in SLA
Privacy Planning
Insufficient awareness Objectives are specified in the Security Plan
Verifiability
Resistant attitude Classification of IT Resources
Input for CMDB
Immediate implementation 7. Bottlenecks
Task and responsibilities
Inefficient verification
Confidentiality agreements
No link to Change Management Personnel Security
Guidelines
Lack of detection systems
Disciplinary Measures
6. Relationships with Operating instructions
other ITIL Processes Internal regulations
Monitoring the Security Management process
Security Guidelines
Developing and maintaining the Security Plan according to Implementation
the organization's security requirements Managing Security Procedures for dealing with incident
4. Scope
Security Manager Recovery of activities
Handling problems and incidents related to security
Inputs for change management
Ensuring that the Security demands specified in the SLA are met
Activities Virus protection methods
Generating reports containing results of progress,
self-assessment, and internal audits 5. Roles
Control policy
Acting as a mediator between the Security Assess info
Manager and the customer Assess control
Network security barriers
Coordinating escalations for security incidents Security Officer Measures for ID of computer systems
Managing the security measures to be
implemented at the customer end Evaluation
Self Assessments and audits
Found in SLA and Security Plan OLA
Maintenance
Reporting

Reporting
Performance and Issues
Functions
Organisational Structure
Controlling
Roles and Responsibilities
Reporting Structure