qwertyuiopasdfghjklzxcvbnmqw

ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiopa
sdfghjklzxcvbnmqwertyuiopasdf
ghjklzxcvbnmqwertyuiopasdfghj
Management of Information Technology Services

17-May-2016

klzxcvbnmqwertyuiopasdfghjklz
Ramandeep kaur
Student ID:-U1077898

xcvbnmqwertyuiopasdfghjklzxcv
bnmqwertyuiopasdfghjklzxcvbn
mqwertyuiopasdfghjklzxcvbnmq
wertyuiopasdfghjklzxcvbnmqwe
rtyuiopasdfghjklzxcvbnmqwerty
uiopasdfghjklzxcvbnmqwertyuio
pasdfghjklzxcvbnmqwertyuiopas
dfghjklzxcvbnmqwertyuiopasdfg
hjklzxcvbnmqwertyuiopasdfghjk
lzxcvbnmrtyuiopasdfghjklzxcvbn
Contents
Task 1: Journal............................................................................................................................................................................... 2
Task – 2 Case Study....................................................................................................................................................................... 2
Letter of Transmittal..................................................................................................................................................................2
Executive Summary:-................................................................................................................................................................4
Introduction:-............................................................................................................................................................................. 4
ACTIVITY SECTION B:-.................................................................................................................................................................... 5
Part 1:- Explain why it is important for HSC to have effective processes in place to manage IT services................................5
Part 2:- Many organizations manage their IT services at an operational level without a clear strategic focus. HSC intends to
continue their ITIL adoption with processes from the service strategy phase. Discuss the service strategy processes and
advise Mr. Diep on how HSC could benefit from their implementation....................................................................................5
Part 3:-....................................................................................................................................................................................... 7
Identify the service design processes in place at HSC. Do you recommend that HSC should continue to implement service
Design Processes? Based on the case and your knowledge which of the service design processes are the highest priority for
HSC? Justify your selection......................................................................................................................................................7
Part 4:-....................................................................................................................................................................................... 9
HSC is now considering ISO/IEC 20000 certification. Mr Diep has asked you to advice on the decision. Provide a brief of
why HSC should or should not seek certification for ISO/IEC20000. Identify the benefits and drawbacks of certification.....9
Part 5:-..................................................................................................................................................................................... 11
Conclusion and recommendations...........................................................................................................................................11
Bibliography................................................................................................................................................................................ 12
Task 1: Journal

Refer to Appendix – B

Task – 2 Case Study

Letter of Transmittal
Dear Mr. Anh Diep, head of IT at the HO Chi Minh Securities Corporation (HSC)

The main findings of the report are:

 The HSC requires huge amount of change in IT infrastructure that will help to generate growth and
development of business.
 There are so many benefits of adopting the ITIL services. There are more benefits of having ITIL IT
services because it converts the business into the well managed and structured business.
 As adopting the ITIL services we decided to achieve our goal to take our business from one place to
another but with the given resources because we have limited number employees.
 The ITIL aligned the IT services with needs of the business. There are some minor differences between
the ITIL and ISO/IES2000 frame work.
 HSC is the biggest trading company of Vietnam and going to adopt the ITIL services for betterment of
the business.

I would like to acknowledge the assistance by your existing staff who was very much cooperative during the
research and discussion period.

Finally I would like to thank you and my organization for this opportunity given to me to generate a research
report on benefits of online business and to develop my research skills that will help me in my future skills.

Thanking You
Executive Summary:-
The IT services are in the modern business is essential playing the essential role. Today many companies are
participating and investing in huge capital investments to develop obligatory arrangement and hence IT resources are
really a need of every business.

The customer is increasing tremendously based on the service quality of a business, product quality and offers to the
business. All most all of the work is done online all the transaction related to money are done through online. It is an
major concern of every business to prevent the customer from the online frauds and other malicious activities. The
system must be secure enough to cope with the hackers, intruders, viruses etc. HSC is totally concerning about the
security of the customers.

According to the latest trend ISO/IES if the company has the certification like this then automatically company has
to pretend its value for the customers and services to be maintain. It is not easy to get the certification of ISO/IES
20K. Only that companies which has the certification has the importance in the market as well.

This report is prepared keeping in view the existing capabilities of Ho Chi Minh Security Corporation and how
effectively we can move to ISO/IES 2000 certification. The report mainly discusses the efficiency of any business
and challenges related to it under the law as governed by the local governmental body.
Introduction:-
Ho Chi Minh Security Corporation is a leading security brokerage and equity firms in Vietnam. It is fastest
growing company of Asian economy. HSC provide the financial services for private and institutional
clients, professional investment advice by solid and trusted researchers. It also provide exceptional track
record of connecting business to investors for corporate finance clients. HSC inherits from the synergy
between two financial powerhouses in Vietnam, the Ho Chi Minh City Finance and Investment State-owned
Company founding shareholder and Dragon Capital Group, a prestigious investment group in Vietnam - strategic
shareholder. Officially listed on the Ho Chi Minh Stock Exchange (HOSE) on May 2009 under the ticker HCM, as
of December 31st 2014, HSC’s shareholders’ equity totaled VND 2,358 billion (approximately USD 106 million),
making it one of the biggest securities companies in the country with a strong financial base and investment
capacity.

VISION:- To become one of the country’s most admitted, trusted, and valued financial institutions, and be an active
contributor to the economy and community of Vietnam.

MISSION:- Being a leading securities company in the industry and Vietnam’s capital markets with the standard for
professionalism, innovation, financial health and sustainability.

CORE VALUES:- At HSC we strive to be true to our corporate values and to apply them in everything we do.

NTEGRITY:-It is our aim to build a high level of trust from our clients, investors and those in the securities business
in Vietnam and beyond.

DEDICATION:-At all levels, our staff are dedicated to providing the best service to our clients, going the extra mile
for our partners, and forging strong relationships with all our stakeholders.

PROFESSIONALISM:-We constantly develop and adopt best practices; upgrade our expertise and processes to
execute all transactions in the best interest of our valued clients. (Government, 2014)

ACTIVITY SECTION B:-

Part 1:- Explain why it is important for HSC to have effective processes in place to manage IT services.
There are so many IT services are done at present which meets international best practice standards also complying
all domestic laws or rules and regulations which are account management, custody and transfer of cash services.
They also remain the confidentiality and integrity in all services provided. It delivering all its services and products
to their client, IT services has been playing a vital role in it. Without IT services it is really hard to even think about
providing these services. One of the major services of this company is to custody and transfer of cash to their clients
and other related persons. It is only accomplished by IT services through handle the customer’s accounts
confidentially. Account handling of the customers is the major part of this company because all the transactions of
money are done through customer’s accounts. If the customer’s accounts will not be handled carefully then many
fraud can be done. So the main objective of this company is to ensure their customer about their money. To handle
the security services efficiently there are so many methods like, IDS (Intrusion detection system) and DDOS
(Distributed denial of service) .

The IDS is software which detects and monitor the network activities for malicious activities and send reports to the
Management Station. It approaches to its goal by detecting suspicious traffic from different ways. There are Network
based and host based intrusion systems. IDS typically inform security administrators of important observed events
and produce reports. IDS also retort to a spotted threat by trying to prevent it from loss. It uses numerous retort
methods, which contain the IDS ending the attack itself, changing the security environment.

Distributive denial of service is the acronym of DDOS. The inward traffic flow overflowing the target creates from
various sources which are possibly more in number. This method successfully makes it impossible to break down the
attack simply by block a single IP address; it is very difficult to distinguish genuine user traffic from attack. In this
way HSC can deploy the unauthorized user access by blocking the IP address from that address. The function has
also progressed with the standardization of internal processes and procedures to improve the safety, efficiency and
transparency of all of its activities, as per the objectives of this service.

Part 2:- Many organizations manage their IT services at an operational level without a clear strategic focus.
HSC intends to continue their ITIL adoption with processes from the service strategy phase. Discuss the
service strategy processes and advise Mr. Diep on how HSC could benefit from their implementation.
Service strategy

ITIL Service Lifecycle’s main and the core point is Service Strategy, which provides supervision on explanation
and prioritization of those who provide the service. Generally the Service Strategy emphases on serving IT
organizations to improve and develop their business for a long term. Service Strategy depends mainly upon a
market-driven methodology. The Service Strategy lifecycle stage is frequently measured as the most essential part of
the service lifecycle. In Service Strategy, the planned methodology for the lifecycle is acknowledged to provide
standards to its customers by IT services.

List of covered processes:

Service portfolio management

Strategy management for IT Services

Business relationship management

Financial management for IT services

Demand management

For candidates in the ITIL Intermediate Capability stream, the Service Offerings and Agreements Qualification
course and exam are most closely aligned to the Service Strategy Qualification course and exam in the Lifecycle
stream.

Service Portfolio Management

To achieve their objectives a customer needs a service portfolio. The provider of the service should ensure that they
can provide the services according to the demand. The objective of Service Portfolio Management is ensuring that
services are offered correctly or not. The service portfolio comprises of the services managed by the provider. The
service portfolio contains the pipeline section, which consist of the services that are so far to be presented,
the service catalogue section, which contains the details of operational services and the retired section, which
contains details of the services that are no longer offered.

Financial management for IT services

IT Financial Management comprises the discipline of ensuring that the IT infrastructure has been got at the most
reasonable price and computing the cost of IT services so that the business can comprehend the costs of its IT
services. These costs then be mended from the customer.

Business relationship management:- It is a official approach to understand, support, Design and internal business
activities directly concerned to networking of the business. BRM consists of knowledge, skills, and behaviors or
competencies that substitute a creative liaison between an organization like Information technology business and
their business associates.

Demand Management:- It is methodology to create prediction and plan about the demand for products and
services. These plans and prediction can be at big (macro) levels and at small (micro) levels within the organizations.
E.g., a government may stimulate interest rates to control financial demand at macro level. A cellular service
provider may offer free night use in order to decrease demand. Effective management the demand in the business the
business follows the concept of receive feedback from the results of the demand plans is served back into the
planning process to improve the expectedness of results. Increased instability is being documented as significant an
issue as the emphasis on alteration of demand to plans and predictions.

As discussed in the above mentioned introduction to the service strategies in ITIL. Its main task is to supervise, plan
and prioritize the business to the serving organizations. It also emphasis on market driven methodology and improve
the business for a long time. According to this methodology there are main four processes which directly target the
service which a organization is giving reaches to their customers correctly or not, it checks the prices for the services
are reasonable enough to bear for the customer and organization, it looks after the relationship of the business with
others associates and it predicts and plan for the demand for the product and services in the market at macro level
and micro level. So there so many things by following these things we can achieve the peak our business. This
methodology covers all the aspects which are necessary according the business point of view. Because our HSC
trading with brokerage exchange of the Vietnam and also launching there prodcts time to time so this methodology
is very suitable for our business needs. (Warren, 2010)

Part 3:-

Identify the service design processes in place at HSC. Do you recommend that HSC should continue to
implement service Design Processes? Based on the case and your knowledge which of the service design
processes are the highest priority for HSC? Justify your selection.
Service design

The Service Design provides good practice supervision on the design of IT services, processes, and other aspects of
the service management, design within ITIL is simple enough to understand and include all elements appropriate to
technology service delivery, rather than converging exclusively on design of the technology. In such, service design
led to how a strategic service solution interrelates with the larger business and technical environments, service
design management systems need to be support the service, procedures which interacts with the service, technology,
and architecture required to support the service, and the supply chain required to support the planned service. Within
ITIL, design work for an IT service is combined into a single Service Design Package. Service design packages,
along with other information about services, are managed within the service catalogues.

List of covered processes:

Service catalogue management

Design coordination
Availability management

IT service continuity management

Service-level management

Capacity management

Security management

Supplier management

Service catalogue management

Service catalogue management upholds and yields the service list and certifies that it attains accurate details,
dependencies and boundaries of all services made accessible to its customers. Service catalogue information
includes: Ordering and requesting processes, Prices, Deliverables, Contract points and Service-level management.
All factors include made the service catalogue better.

Service-level management delivers frequent proof of identity, observing and reviewing of the levels of IT services
specified in the service-level agreement. SLM guarantees that preparations are in place with internal IT support
providers and external dealers in the form of operational level agreements and underneath contracts respectively.
This procedure contains evaluating the sway of change on service quality and SLAs. SLM process is in handy
relation with the operational processes to regulate its activities. The key part of Service Level Management makes it
the regular place for metrics to be recognized and supervised in contradiction of its standards. Service Level
Management is chiefly interacting with the customer. Service Level Management is responsible for certifying that
the decided IT services are produced when and where they are expected. The service-level manager depends upon
the other extents of the service delivery process to deliver the essential support which guaranteed the approved
services are present in a cost secure, effective and efficient manner. (Warren, 2010)

Availability management

Availability management aims to permit organizations to tolerate the IT service availabilities to maintain the
business at a reasonable cost. The Upper level activities are grasping available needs, accumulating available plans,
monitor the availability, and observing maintenance obligations. Availability management tends to the capability of
an IT factors to be achievable at an granted level over.

Reliability: It means how much the components are reliable. In other words ability to execute at an granted level at
pronounced conditions.

Maintainability: The ability to remain in and reestablished to a working state.

Flexibility: A degree of freedom from operational failure and a method of services reliable. One popular method of
resilience is redundancy.

Security: A service may have associated data. Security refers to the confidentiality, integrity, and availability of that
data. Availability gives a clear overview of the availability of the system. (Warren, 2010)

Capacity management

Capacity management supports the optimal and cost effective establishment of IT services by serving organizations
match their IT resources to business wants. These activities include:
Application size

Assignment management

Request management

Modeling

Capacity planning

Resource management

Performance management

IT service continuity management

ITSCM covers the methods by which strategies are put in palce and managed to certify that IT services can improve
and last even after a severe incident arises. It is not just about responsive events, but also about practical measures
tumbling the risk factor of a disaster in the 1st case.

ITSCM is observed as the application owners as the regaining of the IT organization used to deliver IT services, but
as of 2009 many businesses practice the much additional research process of commercial continuity planning, to
guarantee that the whole business process can continue should a severe events occurs. (Warren, 2010)

Security management

The ITIL process of Security Management describes the organized and appropriate of information about security in
the management organization. It is based on the enigma of practice for information security management
system now known as ISO/IEC 27002. An elementary area of security management is to ensure that information
security. The main area of information security, is to defend information resources against risks and therefore to
uphold its value to the organization. This is repeatedly articulated in terms of confirming reliability and availability
along-side interconnected properties such as authentication, responsibility and reliability. (Warren, 2010)

Supplier management

The main idea of this process is to obtain value for money from suppliers and contracts in the business. It guarantees
that behind the contracts and agreements align with corporate needs, Service Level Agreements and Service Level
Requirements. Supplier Management supervises method of documentation of business needs, evaluation of
suppliers, creating contracts, its classification and management.

Yes it is to continue to be implemented for a long time because its functionality is focused of on each and every
aspect of IT services. Its service solution interrelates the larger business with their technical environments, service
design management systems need to be support the service, procedures which interacts with the service, technology,
and architecture required to support the service, and the supply chain required to support the planned service. I
would recommend that HSC will continue to implement service design process.

There are eight types of service process which are explained in the above mentioned information of service design
strategy which as follows: Service catalogue management, Design coordination, Availability management, IT
service continuity management, Service-level management, Capacity management, Security management,
Supplier management. (ITIL, 2016)

I would recommend the security management process because our company dealing with various kind of financial
management processes, all the transactions are done through the IT department ir through online so in this way
security is the main purpose of the corporation. In the security management process the security of the information
from the various risks which can occur any time in the process. This is repeatedly articulated in terms of
confirming reliability and availability along-side interconnected properties such as authentication, responsibility and
reliability. If the customer feels secure to have with us then our market value be remain otherwise it can be lost.

Part 4:-

HSC is now considering ISO/IEC 20000 certification. Mr Diep has asked you to advice on the decision.
Provide a brief of why HSC should or should not seek certification for ISO/IEC20000. Identify the benefits
and drawbacks of certification.
Introduction:-

ISO/IEC 20000 is the international standards for Information Technology Service Management. It is a collection of
integrated management processes which formulate a service management system for the reasonable delivery of
services to the organization and its clients. ISO/IEC 20000 is associated with and corresponding to the process
methodology defined within ITIL. (Haren, 2011)

ISO/IEC 20000 consists of several parts:

1. ISO/IEC 20000-1:2011:- It is the formal specification and defines the requirements for a service management
system. The scope this part includes overall requests for a service management system, strategy and conversion of
existing and new services. There are four processes which are as follows: service delivery process, relationship
processes, resolution processes, control processes.

2. ISO/IEC 20000-2:2012:- This part Provides regulation on the application of service management systems which
includes best observations for service management processes within the scope of ISO/IEC 20000-1:2011.

3. ISO/IEC TR 20000-3:- It tells us about the scope, definition and applicability of Part 1. It is the part
interconnected to Part1. Some other parts addition of these three with help and information on specific features and
uses of the standards.

Certification Scheme
The ISO/IEC 20000 IT Service Management Certification System was originally created by ITSMF and is now
bought and functioned by The APM Group Ltd. Organizations seeking recognition of the quality of their IT
processes against the ISO/IEC 20000 standard can achieve organizational certification through our scheme.

Figure 1 Methodology of SMS

Qualifications for Individuals and organizations

Qualification for individuals and organizations is offered by APMG-International. The Loyalist, TÜV SÜD and
EXIN program is in fact a requirement in ITSM based on ISO/IEC 20000 and comprises of a Underpinning level and
several role based credentials: specialists in Deliver, Control, Align, Support, Associate, Auditor and
Consultant/Manager. The APMG qualifications are fixated on receiving an organization certified and postulate
knowledge of ITSM is already exist. The APMG qualifications are conducted at the Base, Consultant and
Accountant level. In terms of certification, there are several important certification organizations around the world
for instance BSI in UK, Quality Austria in Austria, JQA in Japan, KFQ in Korea. (Pahrroh, 2012)

There are so many benefits of ISO/IEC 20000 certification which are as follows:-

It supports vital service management functions which are very beneficial for HSC.

From its sixteen processes all are applied and combined results will come approximately. Accounting and budgeting
done with Capacity management will give us most effective idea that which customer is valuable for us.

It will align our business better than it, it also adopt the common language for building the trust and confidence of
the customers.

To have the ISO/IEC 2000 certificate is not a common thing it proves that how much we are serious about our
business.
It helps to grow our business as like its intellectual property.

ISO/IES 2000 helps to control natural obstacles between organizations. For example, Sales is forced to cooperate
more tightly with internal IT in order to offer more cost-effective services to external customers.

According to these benefits I will recommend you to apply for the this certification but we need prior prepration
before applying for the certification

Part 5:-

Conclusion and recommendations

At the end there several reasons which are pretend that HSC is serving their customers at comfort level with the help
of ITSM. According to our findings there are several points to be noted which are as follows: ITSM service strategy
it has its number of processes like service portfolio management, strategy management, demand management and
financial management etc. After that the service design provides good practice supervision for designing IT services.
There are also some covered process like service catalogue, Design Coordination, Availability management, Service
level management, capacity level management and security level management. In the above design management
processes, security management design process is very essential from the point of view of the HSC because its work
structure only depends upon the security basis.

Recommendations

It very important step for HSC to get the certification of the ISO/IES 20000 because it not a common thing that have
a ISO certification the value of the company will increase after the certification. There so many benefits of ISO
certifications like It will align our business better than it, it also adopt the common language for building the trust
and confidence of the customers. It will align our business better than it, it also adopt the common language for
building the trust and confidence of the customers. ISO/IES 2000 helps to control natural obstacles between
organizations. For example, Sales is forced to cooperate more tightly with internal IT in order to offer more cost-
effective services to external customers. From my point of view we have to apply for the certifications.
Bibliography
Government. (2014). https://www.hsc.com.vn/en. Retrieved 05 2016, from https://www.hsc.com.vn/en.

Haren, V. (2011). http://www.vanharen.net/Samplefiles/9789087536824SMPL[2].pdf. Retrieved 05 2016, from

http://www.vanharen.net.

ITIL. (2016). http://www.itilnews.com/What_is_Supplier_Management_from_an_ITIL_perspective.html. Retrieved 05 2016,

from http://www.itilnews.com.

Pahrroh, R. (2012). www.apmg-international.com/ISO_20000_White_Paper.pdf. Retrieved 05 2016, from www.apmg-

international.com.

Warren, K. (2010, December 17). https://www.sans.org/reading-room/whitepapers/iso17799/security-controls-service-

management-33558. Retrieved 05 2016, from https://www.sans.org.