ITIL 4 FOUNDATION

LOBNA AL-KOMY
ITIL® PRACTICES

General Service Technical

Management Management Management
Practices Practices Practices

7 Key Other
Examinable Examinable
Practices Practices
GENERAL MANAGEMENT PRACTICES (14)

1. Architecture management
2. Continual improvement (Key)
3. Information security management
4. Knowledge management
5. Measurement and reporting
6. Organizational change management
7. Portfolio management
8. Project management
9. Relationship management
10. Risk management
11. Service financial management
12. Strategy management
13. Supplier management
14. Workforce and talent management
SERVICES MANAGEMENT PRACTICES (17)

1. Availability management
2. Business analysis
3. Capacity and performance management
4. Change control (Key)
5. Incident management (Key)
6. IT asset management
7. Monitoring and event management
8. Problem management (Key)
9. Release management
10. Service catalogue management
11. Service configuration management
12. Service continuity management
13. Service design
14. Service desk (Key)
15. Service level management (Key)
16. Service request management (Key)
17. Service validation and testing
 TECHNICAL MANAGEMENT PRACTICES (3)

1. Deployment management

2. Infrastructure and platform management

3. Software development and management

ITIL PRACTICES REDEFINED
ITIL Practice: A set of organizational resources designed for performing work or accomplishing an objective.

7 Key Examinable Practices Other Examinable Practices

• Continual Improvement • Relationship Management

• Service Level Management • Information Security Management
• Change Control • Supplier Management
• Incident Management • Service Configuration Management
• Service Request Management • IT Asset Management
• Service Desk • Monitoring and Event Management
• Problem Management • Release Management
• Deployment Management
KEY ITIL® PRACTICES (7)

• Service Level Management

• Change Control
Service • Incident Management
management • Service Request Management
practices • Service Desk
• Problem Management

General
Practices • Continual Improvement
 1- CONTINUAL IMPROVEMENT

• Purpose: Service Components

• Align the organization’s practices and services with
changing business needs
• Identification and improvement of:
• Services
• Service components
• Practices
• Develop improvement-related methods and techniques
• Continual improvement culture across the organization
 CONTINUAL IMPROVEMENT: KEY ACTIVITIES

Encourage Encourage continual improvement across the organization.

Secure Secure time and budget for continual improvement.

Identify and log Identify and log improvement opportunities.

Assess and Assess and prioritize improvement opportunities.

prioritize

Make Make business cases for improvement action.

Plan and implement Plan and implement improvements.

Measure and Measure and evaluate improvement results.

evaluate

Coordinate Coordinate improvement activities across the organization.

 CONTINUAL IMPROVEMENT :
METHODS AND TECHNIQUES
• Improvements can be executed using the Continual Improvement model.
Helpful Harmful
To achieve objective To achieve objective
• Identify a team to focus on leading continual improvement activities—

Organization attributes
Internal origin
but continual improvement is everyone’s responsibility.

•
Engage customers, suppliers, partners, and other stakeholders as appropriate.

Accurate data is critical to driving effective improvements.

S
Strengths
W
Weaknesses

Environment attributes
External origin
• Choose the most appropriate ones for your organization, Methods and techniques include:
• LEAN methods focus on waste reduction
• Agile methods focus on iterative improvement
• DevOps methods focus on working holistically and successful implementation
O
Opportunities
T
Threats
• Balanced Scorecard
• SWOT (Strengths, Weaknesses, Opportunities, Threats) Analysis
 CONTINUAL IMPROVEMENT REGISTER
Continual Improvement Register (CIR)
A structured database or document used to track and manage improvement opportunities.

• One or more CIRs; structured in a variety of ways.

• Maintained on individual, team, departmental, business unit, and organizational levels.
• Improvement ideas can initially be captured in other places or documents.
• As new ideas are documented, improvement opportunities are constantly re-prioritized.

• CIRs help to make things visible and track:

• What is currently being done.
• What is already complete.
• What has been set aside for further consideration at a later date.
• Most importantly, CIRs guarantee that improvement opportunities are:

Captured Documented Assessed Prioritized Acted on

 2- SERVICE LEVEL MANAGEMENT
Purpose:
• Set clear business-based targets for service performance so
that the delivery of a service can be properly; Assessed,
Monitored and Managed against the target.
• Objective is end-to-end visibility.
• Establishes a shared view of the services and target
service levels with customers.
• Ensures the organization meets the defined service levels
through the collection, analysis, storage, and reporting of
the relevant metrics for the identified services.
• Captures and reports on service issues, including
performance against defined service levels.
Service Level Agreement (SLA)
A documented agreement between a service provider and a customer that
identifies both services required and the expected level of service.
• Measure the performance of services from the customer’s point of view.
• Must reflect business context.
• Using SLAs may present many challenges, because they often do not fully
reflect wider service performance or user experience.
• “Watermelon SLAs”
Watermelon SLA effect As like a watermelon the SLA may appear green on the outside but
red inside; where system may have had an acceptable unavailability according to the SLA, but,
e.g., the time it occurred fell when there was an important process happening, so
customer/user satisfaction will be low, even though the SLA was met
 SERVICE LEVEL MANAGEMENT

SLA Requirements:
Customer Engagement and Feedback
• Engagement is needed.
• Listening is important.
• Customer engagement questions:
• What does your work involve?
• How does technology help you?
Metric: A measurement or calculation that is • What are your key business times, areas, people, and activities?
monitored or reported for management and improvement. • What differentiates a good day from a bad day for you?
• Operational metrics
• Which of these activities is most important to you?
• Low-level indicators of various operational activities:
• What are your goals, objectives, and measurements for this year?
• System availability
• Incident response and fix times • What is the best measure of your success?
• Change and request processing times • How do you base your opinion and evaluation of a service or IT/technology?
• System response times • How can we help you more?
• Business metrics • Customer feedback methods:
• Any business activity that is deemed useful or valuable by the customer: Surveys Business Other
metrics methods
• Successful completion of a business activity
 3- CHANGE CONTROL

• Purpose Change: The addition, modification, or removal of anything that could have a
• Maximize the number of successful IT changes. direct or indirect effect on services.
• Assess risks properly
• Authorize changes to proceed • Changes could affect a service directly or indirectly.
• Manage a change schedule
• Scope defined by each organization but generally includes changes to:
• Balance the need to make beneficial changes • IT infrastructure
from the adverse effect of changes.
• Applications
• Documentation
• Change Authority:
• Processes
• Correct for each kind of change
• Decentralized in high velocity organizations • Supplier relationships
• Anything else that might impact a product or service
Deliver additional value Vs. The need to protect customers and users
 CHANGE TYPES
Change Schedule

Standard changes • Used to:

Low-risk, pre-authorized, routine changes.
• Plan changes
• Well-understood and fully documented.
• Implemented without needing additional authorization. • Assist in communication
• Risk assessment repeated only if there is a modification to the way it is carried out. • Avoid conflicts
• Assign resources

Normal changes Use standard process to schedule, assess, and authorize change. • Provides information about changes as needed for:
• Change models determine the roles for assessment and authorization.
• Incident Management
• Initiation of a normal change is triggered by the creation of a change request.
• Organizations that have an automated pipeline for continuous integration and continuous deployment (CI/CD) • Problem Management
often automate most steps of the change control process. • Continual Improvement

Emergency changes Must be implemented as soon as possible. • Supports risk assessment to gather input from
• Not typically included in a change schedule. many stakeholders.
• Assessment and authorization is expedited.
• Raises awareness and facilitates readiness.
• May be acceptable to defer some documentation and reduce testing.
• May also be a separate change authority.
 3- INCIDENT MANAGEMENT

Purpose Incident: An unplanned interruption to a service, or reduction in the quality of a service.

• Minimize the negative impact of incidents

by restoring normal service operation as quickly as possible.

• Incidents can have an enormous impact on:

• Customer and user satisfaction.
• Perception of the service provider.
• Every incident should be logged and managed.
• Ensure that it is resolved in the expected time.
• Target resolution times are agreed, documented, and communicated.
• Incidents are prioritized, based on agreed classification,
to ensure that incidents with the highest business impact are resolved first.
• Incidents reflect a user experience – “I can’t _____”
• Interruptions impact business workflows; objective is to minimize the impact
• Allocate resources based on the impact of the incident:
• Major incidents require specialized, separate procedures for handling
• Information Security incidents may require separate procedures as well
• Use suitable tool to track incident information
• Provide links to configuration data, problems, changes, known errors, and knowledge
• Might provide Automated Incident Matching
• Incident Management activities should be timestamped and tracked
 INCIDENT DIAGNOSIS Incidents can be diagnosed and resolved by people in different groups. In all cases,
collaboration within and between teams is essential.
AND RESOLUTION
• User self-help – some users will help themselves
• Service desk – as the normal course of operations
• Support team – complex incidents routed based on incident category
• Suppliers or partners – who support the products and services they supply
• Temporary team – for the most complex incidents and all major incidents.
Incident Management The team may include representatives of many stakeholders.
• Disaster Recover Plans – for extreme cases
• Formal process for logging and managing incidents.
• Generally, doesn’t include detailed procedures for how to diagnose, investigate,
and resolve incidents.
• Provides techniques for making investigation and diagnosis more efficient.
• Scripts for collecting information from users during initial contact
• May lead directly to diagnosis and resolution of simple incidents

• Supplier support agreements must align to service provider commitments.

• Management of incidents may require frequent interaction with these suppliers.

• Suppliers can also act as a service desk.

 INCIDENT MANAGEMENT-SWARMING

• Swarming is a popular technique for managing incidents.

• Initially, many different stakeholders work together until it becomes clear that
certain people are in a better position to continue working so the others can be
released to work on other things.
• Commonly used in work teams to quickly attack incidents so service is restored,
and teams and the other stakeholders stay on track.
 5- SERVICE REQUEST MANAGEMENT
• Supports the agreed quality of a service by handling all pre-
defined, user-initiated service requests in an effective and
user-friendly manner.
• Goal of this practice is to complete the requests as efficiently
and in a streamlined manner as possible.
• Service requests are a normal part of service delivery (not an
incident).
• Characteristics include:
• Pre-defined and pre-agreed by the service provider and users.
• Goal is a clear, standard procedure for initiation, approval,
fulfillment, and management.
• Well-known and proven steps to fulfill the request.
• Set expectation times for fulfillment.
• Provide clear communication of the status of the request to
users.
Service request: A request from a user or user’s authorized representative
that initiates a service action that has been agreed as a normal part of service delivery.
• Each service request may include one or more of:
• A request for a service delivery action (for example, providing a
report or replacing a toner cartridge).
• A request for information (for example, how to create a document or
what the hours of the office are).
• A request for provision of a resource or service (for example,
providing a phone or laptop to a user, or providing a virtual server for
a development team).
• A request for access to a resource or service (for example, providing
access to a file or folder).
• Feedback, compliments, and complaints (for example, complaints
about a new interface or compliments to a support team).
 GUIDELINES FOR HANDLING

• Service requests and their fulfillment should be standardized and automated to

the greatest degree possible.

• Policies should be established regarding what service requests will be fulfilled

with limited or even no additional approvals so that fulfillment can be
streamlined.

• Set realistic expectations of users regarding fulfillment times.

• Opportunities for improvement should be identified and implemented to

produce faster fulfillment times and take additional advantage of automation.

• Policies and workflows should be included for the documenting and redirecting of
any requests that are submitted as service requests, but which should actually be
managed as incidents or changes.
 SERVICE DESK Service desk: The point of communication between the service provider
and all of its users.

• Capture demand for incident resolution and service requests. The entry point/single point of contact for the IT or service organization.

• Focus is to provide support for “people and business.” • Report issues, queries, and requests
• Not simply technical issues • Have them acknowledged, classified, owned, and actioned
• Get matters arranged, explained, and coordinated • Many different models

• Will continue to require help from other support teams.

• Maybe technical, maybe not.

• Major influence on user experience and their perception of the service

provider.

• Must understand business context.

SERVICE DESK ACCESS CHANNELS
Channel
Phone calls
Service portals and mobile applications
Chat
Email
Walk-in service desks
Text and social media messaging
Public and corporate discussion forums
Description
• Specialized technology, such as IVR, conference calls, voice recognition, etc.
• Supported by service and request catalogues and knowledge bases
• Live chats
• Chatbots
• Logging and updating contact with users
• Follow-up surveys and confirmations
• Staffed by service personnel
• Provide personal support
• Provides a way to contact stakeholders
• Can be used to notify users in case of major incidents
• Provides a way for users to request support
• Enables users to contact the service provider
• Provides peer-to-peer support
 TRAINING AND COMPETENCIES
• Service desk personnel need to diagnose incidents in terms of
business priority and to take appropriate action to get them
resolved using available skills, knowledge, people, and processes.
• Must also possess broad technical and business area
skills:
• Excellent customer service skills
• Empathy
• Effective communication skills
• Emotional intelligence
• Incident analysis skills to diagnose and prioritize incidents to
resolve them
• Understanding of business priority
SUPPORTING TOOLS
• Intelligent telephony systems, incorporating computer-
telephony integration, interactive voice response, and
automatic call distribution.
• Workflow systems for routing and escalation.
• Workforce management and resource planning systems
• Knowledge base
• Call recording and quality control
• Remote access tools
• Dashboard and monitoring tools
• Configuration management systems
• Virtual service desks—often require more sophisticated
access, routing, and escalation tools
SERVICE DESK ESCALATION PROCESS Service Desk Heat Map and Value Chain
 6- PROBLEM MANAGEMENT

Purpose: Problem: A cause, or potential cause, of one or more incidents.

• Reduce the likelihood and impact of incidents.
Known error: A problem that has been analyzed and has not been
• Identify actual and potential causes of incidents.
resolved.
• Manage workarounds and known errors.
Workaround: A solution that reduces or eliminates the impact of an
• Workarounds can become a permanent way of dealing with incident or problem for which a full resolution is not yet available. Some
some problems: workarounds reduce the likelihood of incidents.
• When resolving the problem is not viable
• When resolving the problem is not cost-effective
• Problem remains in the known error status, and the • Problems are unknown root causes of incidents.
documented workaround is applied whenever a related • Known errors are diagnosed root causes of incidents,
incident occurs. but which have not yet been resolved.
• Some workarounds can be automated.
 PHASES OF PROBLEM MANAGEMENT
• Identify and log problems.
• Trend analysis of incident records.
• Recurring issues by users, service desk,
and technical support staff.
• Major incident management.
• Information from suppliers and partners.
• Information received from internal teams.
• Main activities:
• Problem analysis
• Documenting workarounds and known errors
• Prioritize problems.
• Analyze the highest priority problems
• Not essential to analyze every problem
• Problem control should consider all contributory
causes:
• Duration and impact of incidents
• Analyze problems from the perspective of all
four dimensions.
• Manages known errors.
• Includes identification of potential permanent
solutions.
• May result in a change request for
implementation of a solution.
• Reassesses the status of known errors.
• Impact on customers.
• Availability and cost of permanent
resolutions.
• Effectiveness of workarounds
• The effectiveness of workarounds should also
be evaluated each time.
 PRACTICE INTERACTIONS

• Problem Management is closely related to Incident Management.

• Design the two practices to work together within the service value chain.
• Activities may complement or conflict.
• Interfaces between Problem Management, Risk Management, Change Control,
Knowledge Management, and Continual Improvement.
• Problem Management activities may be a specific case of Risk Management.
• Problem resolution may fall outside Problem Management and come under
Change Control.
• Problem Management and Knowledge Management have a two-way
relationship.
• Problem Management output includes workarounds and known errors.
• Problem Management may utilize Knowledge Management information
to investigate, diagnose, and resolve problems.
• Problem Management may reveal Continual Improvement opportunities in all
four dimensions of service management.
• May produce problem solutions to include in a CIR.
• May use CI techniques to prioritize and manage.
 OTHER EXAMINABLE PRACTICES (8)

Technical Management
General Practices Service Management Practices
Practices

• Relationship Management • Service Configuration • Deployment Management

• Information Security Management
Management • IT Asset Management
• Supplier Management • Monitoring and Event
Management
• Release Management
 7- RELATIONSHIP MANAGEMENT

Purpose
• To establish the links between the organization and its stakeholders (Strategic and
Tactical).
• Activities include identifying, analyzing, monitoring, and facilitating the continual
improvement of relationships with stakeholders.
• The Relationship Management practice should:
• Understand the needs and drivers of stakeholders.
• Obtain a high level of stakeholder satisfaction.
• Establish and maintain a constructive relationship.
• Effectively establish and articulate priorities for new or changed products and
services.
• Satisfactorily handle any stakeholders’ complaints and escalations.
• Appropriately mediate conflicting stakeholder requirements.
• Ultimate goal is to facilitate and maintain positive relationships with stakeholders (Value
creation).
 STRATEGIC BRM ROLE
• Strategic BRM-or business partner- is a role
that offers organizations a unified, common
purpose and the method of delivering
shared outcomes and business value.
• BRM is not only associated with service
management but with business
transformation.
• Strategic BRM is about leading the
conversation based on the knowledge of
business drivers and IT capabilities.
A business relationship manager needs to have skills like:
• Business acumen awareness of strategic drivers.
• Articulate what IT means regarding the business portfolio
and business investment.
• A creative mindset.
• Enough understanding about service delivery.
• Emotional intelligence.
• Empathy-Bucketloads of it!
• Diplomacy.
• Knowing the good time to have a conversation, or not.
 8- INFORMATION SECURITY MANAGEMENT

Purpose:
• To protect the information needed by the organization to conduct its business.
• Understand and manage risks to confidentiality, integrity and availability
of information, authentication, and non-repudiation.

• Establish policies, processes, behaviors, risk management, and controls, which

must maintain a balance between:
• Prevention: Ensuring that security incidents don’t occur.
• Detection: Rapidly and reliably detecting incidents that can’t be
prevented.
• Correction: Recovering from incidents after they are detected.

• ITIL Security management based on the ISO 27001 standard.

• ISO/IEC 27001:2005 covers all types of organizations.
• Balance the needs for security controls with the needs for innovation.
 INFORMATION SECURITY MANAGEMENT

Procedures that supports information security management: • Driven from the most senior level in the
organization.

• Information security incident management process.

• A dedicated information security team, which
• Risk management process.
carries out risk assessments and defines policies,
• Control review and audit process. procedures, and controls.
• Access management process.
• Event management. • Information security is critically dependent on the
• Procedures for penetration testing, vulnerability scanning, etc. behavior of people throughout the organization.
• Procedures for managing information security related changes
(Firewall). • Poorly trained or insufficiently motivated staff can
be a major vulnerability.
 9- SUPPLIER MANAGEMENT

Purpose
• To ensure that the organization’s suppliers and their
performance are managed appropriately. • Insourcing: Business practice is performed in house.

• Create closer, more collaborative relationships. • Outsourcing: Outsourcing uses the developed workforce of an outside organization.
• Realize new value.
• Reduce risk of failure. • Single-Source/Partnership: to outsource a single partner who will be responsible for the
entire process.

• Key activities include:

• Multi-Sourcing: is an approach to outsourcing in which IT operations and technology
• Create a single point of visibility and control to ensure
infrastructure are contracted to a number of vendors.
consistency.
• Maintain a supplier strategy, policy, and contract
management information.
• Negotiate and agree on contracts and arrangements. Single-source/
Insourcing Outsourcing Multi-sourcing
• Manage relationships and contracts with internal and partnership
external suppliers.
• Manage supplier performance.
 10- SERVICE CONFIGURATION MANAGEMENT

Configuration Item (CI): Any component that needs to be managed in order to

Purpose deliver an IT service.
• To ensure that accurate and reliable information about the configuration of services,
and the CIs that support them, is available when and where it is needed.

• This includes information on how CIs are configured and the relationships between them.

• Collects and manages information about a wide variety of CIs, typically including:
• Hardware
• Software
• Networks
• Buildings
• People
• Suppliers
• Documentation Simplified Service Model for a Typical IT Service
• Services are also treated as CIs
 11- IT ASSET MANAGEMENT

IT asset: Any financially valuable component that can contribute to delivery of an IT product or service.

Purpose:
• To plan and manage the full lifecycle of all IT assets, to help the organization:
• Maximize value
• Control costs
• Manage risks
• Support decision-making about purchase, reuse, and retirement of assets
• Meet regulatory and contractual requirements
Activities include:
• Define, populate, and maintain the asset register.
• Control the asset lifecycle in collaboration with other practices.
• Provide current and historical data, reports, and support to other practices.
• Audit assets, related media, and conformity.
 12- MONITORING AND EVENT MANAGEMENT

Event: Any change of state that has significance for the management of
Purpose an IT service or other configuration item (CI).
• To systematically observe services and service components, and record
and report selected changes of state identified as events.
• Events are typically recognized through notifications created by a service,
CI, or monitoring tool.
• Identify and prioritize events, including infrastructure, services, business
processes, and information security events.
• Establishes the appropriate response.

Activities
• What should be monitored, and establishing the monitoring strategy
• Implementing and maintaining monitoring
• Establishing and maintaining thresholds and policies for event handling
• Implementing processes and automations
 13- RELEASE MANAGEMENT

Release: A version of a service or other configuration item, or a collection of

configuration items, that is made available for use.
Purpose:
• To make new and changed services and features available for use.
• Release components could include:
• Infrastructure and application components.
• Documentation.
• Training (for users or IT staff).
• Updated processes or tools.
• Release plans and release schedules.
• Waterfall vs. Agile approaches
• Traditional/Waterfall: Release occurs before deployment.
• Agile/DevOps: Deployment occurs before release.
Traditional/Waterfall Agile/DevOps
 14- DEPLOYMENT MANAGEMENT

Purpose

• To move new or changed hardware, software, documentation, processes to live environments.

• It may also be involved in deploying components to other environments for testing or staging.
• Collaborates closely with Release Management and Change Control practices.
• Encompasses hardware provisioning and software deployment. • Traditionally, deployment is a high-risk event.

• New practices, such as Agile and DevOps, attempt to make deployment

Deployment approaches activities more routine and frequent to minimize the incidents and errors.
• Phased deployment
• Continuous delivery (Agile) • Additional technical practices that have been successful include:
• Big bang deployment (Patching-Antivirus update)
• Pull deployment (Like windows update) • Automating the deployment pipeline.
• Emphasizing high quality.
Secured locations for deployment • Using automated testing methods.
• Definitive Media Library (DML) for software code • Using small batch sizes.
• Definitive Hardware Store for physical hardware spares
 15- SERVICE CATALOGUE MANAGEMENT

The purpose
The purpose of service catalogue management practice is to provide a single source of consistent
information on all services and service offerings, and to ensure that it is available to the relevant audience.

• Provide all the stakeholders with relevant views on services and service
offerings.

• Many stakeholders have access: users, current and potential customers,

product teams, support teams, supplier managers, relationship managers, etc.

• The service catalogue management practice covers all services managed by

organization, including:
• Internal
• External
• Provided
• Consumed
QUESTIONS?