Okay, so what is ITIL, the IT Infrastructure Library?

So really the top bullet point says a lot about

what we're getting ready to talk about, Is the world wide representation of best practice for
quality IT service management. IT service management. So what is IT service management or
ITSM? Succinctly, defines how to manage the various responsibilities of all parties in a value
chain. Within that value chain, what we're talking about is the sequence of processes that
creates a product or service that is of value to the customer.

So our customers are actually consuming these services that the IT organization actually
produces. So when you take a look at this widely recognized framework, you have to remember
that ITIL's not a standard, there are other things we'll talk about called standards later. ITIL
basically is a framework that allows you, from a suggestive standpoint, to take the pieces that
are applicable and the most beneficial to you in order to deploy and support your service
management activities. Now how do we come up with this ITIL stuff? Well there's some
sources, things around standards out there.

We'll talk about things like ISO 20,000, those types of standards. Industry practices that exist.
Good practices that are used in organizations today to help you deliver good services. Academic
research, of course, and then, of course, there's training, education, and internal experience. So
these are all things from a sources that generate these good practices for service management.
Enablers, of course, enablers are those ingredients that we have to have in order to provide
good services. We have to have employees. Customers clearly have a major, major stake in the
delivery of the services.

Good practices that are used in organizations today to help you deliver good services. Academic
research, of course, and then, of course, there's training, education, and internal experience. So
these are all things from a sources that generate these good practices for service management.
Enablers, of course, enablers are those ingredients that we have to have in order to provide
good services. We have to have employees. Customers clearly have a major, major stake in the
delivery of the services.

The suppliers, because in many cases the services that we are supporting and we're delivering
require suppliers, in some cases folks call those vendors too. Advisers, and of course,
technologies. So a lot of things come in place, a lot of ingredients here, that really looks at how
we filter out in the drivers for these things around the ITIL side. Substitutes, we have regulators,
and we have customers that are involved here. So basically what we're looking at is coming up
with knowledge fit for business objectives, contexts, and purposes.

1
So those are some basic background items around what this ITIL is and how we created, or how
the framework itself was created. So let's talk about the framework, and kind of the history of
how we came up with this ITIL stuff. So now when we look at this, the ITIL framework is this set
of books. And it really kind of started out back in the late 80s, early 90s with what was called
ITIL version one. Now version one literally was a set of 50 books.

This was in response to try to at least come out with some practices on how we manage the
infrastructure. So these 50 books was the IT Infrastructure Library. So they were really helping
us operate, manage IT effectively and efficiently. So there were some, of course, with any good
practice, we need to do updates. So what we started looking at 2000, 2002 time frame, we
started to see what was called ITIL version two.

ITIL version two, again, very process focused. It was condensed down from the previous 50
books that we had in version one. You've probably heard of what was called ITIL version three,
well, ITIL 2007 is the official term for this, and this was a major departure from the version two.
And I like this because it took the life cycle phase approach, again, very process focused, but it
started to really take a look at the service and the phases of a life cycle that a service goes
through.

Those phases like service strategy, all the way through service operation, of course, we have
continual service improvement. But that was really, really a powerful update to the ITIL model.
Of course, the most recent is what we call the ITIL 2011, which is what we're talking about here
in this course. A process based framework is the foundation for what's called ISO 20,000. Now
ISO 20,000 is a standard. ITIL's not a standard, ISO 20,000 is a standard. Organizations become
certified on ISO 20,000, it's the standard.

]]]]]]]]]]]]]]]

Components and phases of a service life cycle

- The core components to the ITIL or to the life cycle owning service management. You see right
here is what we call the ITIL Core. We call those by phase names. We call those Service
Strategy. I'll talk a little bit more about each of these in a little bit. As we see here upon the
Service Strategy side, these are phases of a life cycle that a service go through. The second one
we will go through is what we call Service Design. The third one we go through is what we call
Service Transition or what we might call, I'll call ST.

2
We have Service Operation or SO. We have CSI, Continual Service Improvement. It's important
to note here. Even though I drew them in a linear fashion, it's very important for you to know
that each one of these phases does have an interaction with each other. For example, CSI
doesn't just fall at the end of the spectrum. It is a parent through all phases of the life cycle. I'm
going to tell you a little bit about what each one of these phases. We'll cover more in depth
throughout this course. The Service Strategy. Its focus is on developing the capacity to achieve
and maintain a strategic advantage to refine and create policies, guidelines, and processes that
cross all of the ITIL service life cycle.
You see on the schematic here. Service Strategy across the entire life cycle. Service Design,
which is the second one, takes the Service Strategy, and creates the design that will eventually
operationalize those business objectives. The focus is on the design for new changed and
updated services. We're putting in a new service in. We're retiring a service. We're changing
something about it. Service Transition provides the guidelines for development and
improvement of capabilities for transitioning new and changed services into the life service
operation.
Those activities do actually put that in or retire that or make those changes. Service Operation
manages the day-to-day operation of a service and provides guidelines on the effective and
efficient delivery and support. Then finally, CSI provides critical guidelines in creating and
maintaining value for customers through better design transition and operation of services. As a
former CIO for a large data center operation, we always, we're looking at our list of services
with our portfolio.
Services went through this life cycle process or life cycle phases. For example, we're launching
in a new service. Let's call it Voice in Data Service. We have to go through Service Strategy.
What is it that this thing really is going to accomplish for us from a value perspective that we go
into Service Design through this new service? What is this going to look like? What's the
solution? The tools, the architectures, the processes required. The metrics and measurements
we'll use to manage this and to keep track with its health.
Then we go into Service Transition. We're approving these changes, deploying those, and
releases, capturing the knowledge. Those types of things for transitioning that new service into
the life environment or life operation. Then Service Operation. We actually run and we support
the service at that point. CSI again. We use that from a Continual Service Improvement
perspective throughout this entire set of life cycle phases to help us continually improve,
monitor our metrics, measurements, KPIs.
Those things do actually help us understand where are these things set. We have mile markers
so we could know from improvement perspective. Of course, the ITIL official site, ITIL dash
official site, dot, com, is where you go for the most recent and up to date information on a
components of the service life cycle. Now, we've talked about what these phases are. A lot of
times folks really get the misconception that this is a waterfall approach. Just like the SDLC or
something like that. Now, you notice here that each one of these phases has outputs and has
feedback that comes from other phases.
Service Strategy for example. You notice Service Strategy has output in the Service Design. We'll
talk about what those pieces are in a little bit. But notice that every phase of the life cycle from

3
that point forward all provides feedback back in to the Service Strategy phase. Service Design
has outputs and has feedback that comes in to that, as well as Service Transition, Service
Operation. Notice CSI or Continual Service Improvement. From a life cycle standpoint touches
every one of those phases, as well as the service, in the services, including the processes we use
to support the life cycle of that.

Main concepts of the service life cycle

- What are some of the main concepts of the Service Lifecycle in the ITIL framework? I need
glasses, almost, to look at this, and you probably do to, but let's kind of look at each one of
these things just at a very high level. This first one we have is what we call Service Strategy.
Remember we taught Service Strategy as being one of the initial phases of the Service Lifecycle.
There are some processes in Service Strategy that we'll cover throughout this course, Processes
like Strategy Management, Financial Management for IT services, Demand Management,
Service Portfolio Management, and Business Relationship Management.
Part of the foundation level, of course. Actually, in the exam, you will only actually be examined
against Financial Management, Portfolio Management, and Business Relationship
Management, those three. Those are the processes that make up Service Strategy. Some key
concepts, of course, we'll talk about that throughout the course, things like Utility and
Warranty. It's really all based on that value proposition that we talked about earlier. So,
governance and decision-making, what we want to do, who we want to do it for, what value
does that provide to our customers within the Service Strategy side.
Next, we have what's called Service Design. Service Design, building the service integrity. I kind
of as the blueprinting phase, when we're designing from a strategic standpoint what we want
to accomplish, now we're going to the design, so there's aspects like what's the service
solution, what tools are required, architectures, processes, metrics and measurements, and so
on. A lot of processes in service design, things like Design Coordination, Service Catalog
Management.
We have things like Service Level Management, a hot topic you hear of a lot, Capacity and
Availability Management, Continuity, Information Security, and Supplier Management, those
are all key processes within Service Design. Some aspects we'll talk about in a later one of our
videos, and some of the key concepts we talk about a little later on, too. Now, Design, we kind
of put this whole piece together, and we wrapped this up and put it in something called a
Service Design Package, and we moved that into Service Transition, Which is the next phase,
right here.
Service Transition, preparing for and doing the actual changes, things that we talked about a
little bit earlier, Change Management, you hear about that a lot. Service Asset and
Configuration Management, SACM, or some folks just call it Config, Knowledge Management,
Transition Planning and Support, Release and Deployment Management, the actual bill, test,
and delivery, Service Validation Testing, and Change Evaluation. Scope of the Foundation Level
course, from an exam perspective, you'll be looking at Change Management, SACM, or Service
Asset and Configuration, Knowledge Management, Transition Planning and Support, Release

4
and Deployment Management, some key concepts we'll talk about in the Change Management,
or -- excuse me, in the Service Transition portion of the course.
Then we have Service Operation. The change is handed off over to the Service Operation side,
and in Service Operation, again, we're running and supporting that service. Some processes we
have there are Event Management, Incident Management, Problem Management, Request
Fulfillment, Access Management, those are the key processes. We also see the introduction of
something called Functions, these units of organization, as a part of the Service Operation,
which we're supporting that live service as it is today.
That's the Service Operation that we saw right here. Then we see the Continual Service
Improvement, or CSI, this purple box here. There's one process in here we call the Seven Step
Improvement Process, a lot of very neat, very powerful models from an improvement
perspective. You might have heard of PBCA, or the Deming Model, some other things around
here around CSI that we'll talk through in other modules we have. I want you to notice
something, though. Every one of these phases that we have, which includes those processes
and the key concepts, they have this central nucleus, this central theme, or this area, the
Service Knowledge Management System.
No service, no process, IT organizations cannot perform our duties without a means of
collecting, storing, having knowledge and information available for recall, so that we don't have
to learn the same things over and over again. We call that the Service Knowledge Management
System. There's a lot of details in here. We haven't covered these yet, these are part of the
course, but it's interesting, and I want you to make sure you remember that the SKMS, or
Service Knowledge Management System, really is that central glue that holds all these phases
and these processes together so we have consistent information, consistent data, consistent
knowledge and wisdom.
We'll talk about what those components are in a later video. Those are the main concepts of
the Service Lifecycle, so you can see this is a very big model, very big framework, and we're
going to take this piece by piece, coming up.

Summary: Service life cycle

Okay, so we covered a lot in the last few sections around the service lifecycle at a very high
level. What we're going to do in the future is talk about some specific processes that we have.
So let's review some of the key pieces here. So we've got five phases of the life cycle which
we've identified in the side board. We have service strategy. Service strategy, providing the
value for the business services, there we go, got it. Providing the value for the business services
that we have looking at what the customers are expecting.
This is really the kind of the core to the first step, to improvement or deployment. The process
we have in service strategy, we have a couple of them over here, we have strategy
management, IT financial management. We have portfolio management, demand
management, business relationship management, value creation through services. Perception,
we have to understand what the preferences are in the business outcomes of those things In

5
the business case, the significant item of expenditure, right, we have to have some type of
business case to help us out with that.
We go into service design, if we have the strategy, we know what we want to do and who we
want to do it here for and design how we want to do it. Service design, a lot of processes,
design coordination the service catalogs, service level management, capacity management,
availability, continuity, security and supplier. We had the five aspects of service design, you may
recall me using STAMP, Service solutions, Tools, Architectures, Processes, Metrics and
Measurements. We had the RACI chart.
Responsible, Accountable, Consulted, and Informed. SDP, the Service Design Package that puts
a nice package together from what we've accomplished in service design so that we can hand
that to service transition. The four P's, People, Process, Products and Partners. Service
transition, this is now where we take those new or changed services and we're transitioning
them from design phase into what's called service operation we had some processes, very key
here. Transition planning and support, change management SACM which is what I call Service
Asset and Configuration Management.
Release and Deployment Management. Service Validation and Testing. Change Evaluation,
Knowledge Management. What else we had here, we had SKMS. So the Service Knowledge
Management System we're talking about transition. We need to have a Service Knowledge
Management System, it's the go-to place. It's a collection of tools and databases where we
store our knowledge so we don't have to relearn things over and over. And part of that is KMS,
we have something called a CMS, or a Configuration Management System which includes one
or more CMDBs Managing risk and complexity, this is key in service transition because now
we're taking the design, we're putting in operations.
So we want to minimize the risk, I want to minimize the complexity because these are a lot of
moving processes that we have here. Service operation, this is were the rubber meets the road
remember it becomes visible to the customer at this point. The processes we have in service
operation. Event management, Incident management, Request fulfillment, Access
management, Problem management. We also had some functions, remember a function is not
a process, it's a unit of organisation that's designed to do a certain type of work. We had four of
those, the Service Desk, Technical Management, IT Operation Management, and Applications
Management.
Remember in the communication, very key, particularly in service operation, things like shift
change, projects, those things. Next we had the last phase we talked about, not because it's last
in the lifecycle, but it's the last one we talked about, Continual Service Improvement or CSI. One
process in there we call it, "The Seven Step Improvement Process." We have what's called a CSI
Register, I like to call that the backlog of our improvement initiatives, whether they're in
process or whether they're planned.
We have the PDCA model, that's the Deming Plan Do Check Act. Remember we also can align
that well with what we call the "CSI model" and we could also align that with the Seven Step
Improvement Process We have baselines and we start to look at metrics and measurement and
monitoring. We take baselines to give us a mile marker to know how far we've come in process

6
improvements and other improvements in general. Types of metrics, remember we have
technology metrics we have process metrics and we have service metrics.
The measurements system, if you think about the flow we talked about, we have a critical
success factor supported by one or more KPIs. They can be qualitative or quantitative then we
have the metrics to help us look at those things. A lot of stuff we just talked about on the phase
so stay tuned, we'll start breaking down the processe one by one.

IT today, IT opportunity
- So as we kick off and start to look at module three, Service Management as a Practice, I think
it's important for us over the next couple slides really to look at what we're dealing with IT
today. Some of the current challenges that we're up against and expectations the business
might have from us, as well as look at the opportunity we have within IT. Because there's a lot
of stuff within the service management world that we can do to improve our services and really
get more aligned with our customers. So today, IT, right? One of the things that will not go
away within our IT organizations, within the infrastructure in general, is change.
We will always have change and that's not going away. So we have to make sure that we are
using some advanced methods to help us really meet the business needs. Because that's why
we exist, we're supporting the business. And to take you to this first sub-bullet here, there's a
growing reliance of business on IT. We are woven into the fabric. IT services are in the fabric of
the business. And so, without IT the business cannot succeed in creating those vital business
functions that the business needs to be able to survive.
So therefore, IT exists because the business is there. So we're part of that. So because we are
so... Because the business is dependent on us for delivery of services, there is a high demand
for real business value. If we didn't provide value, there's no need to have an IT organization. So
we need to make sure we're providing, that the cost benefit that what we're supposed to
deliver, delivers, and it exceeds expectations on the customer's side. Greater business in IT
integration.
We're not talking about integration meaning we have a meeting per week with our business
units. What we're talking about is really understanding the vision, mission goals, objectives, of
the business, where the organization's going, and the IT organization is in line with that. And
that we're constantly integrated, providing the services that the business expects at the levels
of service they expect. Availability, capacity, all those pieces that are required there in order to
do that. So we have to provide high quality.
Of course, cost effective services. We provide or we are really investing high sums of money in
IT systems. So therefore we need to make sure that we're good stewards of the technology
that's being invested in, in order to provide these services. So, greater flexibility, faster
response to customer needs. We know this is a challenge that a lot of folks talk about IT. "It
takes too long to get this change in." "I need it yesterday!" There's some processes in part of
this whole Life Cycle phase that helps us plan these in a phased approach so that we're not so

7
reactive and we're not finding ourselves under capacity because we didn't expect certain
demands that are being put on the IT organization.
Diverse range of technologies. I would say this in every organization that I walked in. You will
not find a data center or an IT technology organization that's getting easier to manage. The
technology's complex, the technology's very powerful, so that we've got that challenge that we
have to make sure that we're managing that piece. And that's what we're supposed to be doing
to support the business value. Are we too reactive? When I'm talking about reactive, if I'm an
organization and I'm really good at managing incidents, handling incidents.
I had this happen to me in an organization. We were great. When an incident call came in
(snaps fingers) we could handle that thing and we were really good at it. But when you really
think about it, being good at managing the operational stuff like incidents, management,
problems, is that good enough? Or should we actually look ahead a little bit in the Life Cycle
and try to understand why those incidents are even coming in to the organization? So that's
why we wanna make sure we focus. So that we're not planning, we're not training, in many
cases we're not reviewing, investigating, and working with customers.
So there's... I shouldn't say we're not. I say there's too little time putting into that. Because we
keep putting our fingers in the hole of the pipe, and sooner or later, we run out of fingers, but
when we should've looked at why those holes are even there in the first place. Those are some
challenges we're running into. So why is it important to really understand those challenges? We
have the opportunity with an IT service management. And that IT opportunity we have is
basically adjust our working practices and embrace a service-oriented approach.
Right, what are the services we provide? What value do they provide for the customers? And
therefore have that approach so we can have some prioritization around understanding how
we're going to integrate with the business. Increase that service quality. Be more efficient so we
can control those costs and risks. Adopting that service-oriented approach for the efficient and
effective delivery of IT services to meet the business needs. That's what we need to do, the
opportunity we have in IT today.

What is a service?
- If we want to take a service oriented approach we have to really understand what a service is.
And so, a service is a means of delivering value to customers by facilitating outcomes the
customers want to achieve without the ownership of specific costs and risks. They're asking us
in IT to deliver this for them because the business isn't prepared or it does not want to actually
do it themselves, so that's we want to look at the service oriented approach. And so, as we're
taking a look at this, let's talk about what a service facilitates.
A service facilitates outcomes. These are, I'm going to read a little bit to you here you might
want to listen through this, so outcomes is the result of carrying out an activity, following a
process or delivering an IT service intended as well as actual results. So, by providing required
performance while reducing the influence of constraints, constraints could be resources,
regulations, contracts etc. So, moving towards an outcome based service delivery, moves the IT

8
beyond the business IT alignment and into integration which is really what we're talking about
of that outcome.
We want to be out of the integration and be truly aligned, grow in to that next piece of that. So
the key to this definition, the key to understanding this is understanding what value really
means. So value, we'll talk more about value and some other stuff too, but really value has two
key components to that, two pieces. One is what we call utility, utility fit for purpose, and fit for
purpose basically means the service meets a particular need, which is what the customer gets,
that's fit for purpose and that's utility.
Let's look at warranty next, warranty says fit for use. Well if fit for purpose meets a particular
need, what the customer gets, warranty is going to be basically do we have enough capacity, do
we have enough continuity, security, how it's actually delivered. What they get versus how it's
delivered that's utility and warranty. So, services facilitate these outcomes by enhancing the
performance of tasks, reducing the effect of those constraints that we talked about just a few
minutes ago. Now, we have kind of an understanding what a service is, what is an IT service?
So, when IT delivers functionality to the business, that functionality it the IT service.
So we are talking specifically about the IT service side. So, we've got an internal service and an
external service. The difference here we are talking about, internal services generally are
delivered to departments and business units that support the internal activities. Internal
activities those businesses use to support those. An external service would therefore be that
service that achieves business outcomes. So those are the differences, kind of, between the
internal and external side of this. We'll talk about some different types of services here in the
next slide, and I keep on messing that one up, so stay with me a second and I will just come up
here and go to the different types of service classifications.
So essentially three types we have, remember we have internal and external and the way we
might classify those is in what we call a core, enabling or an enhancing service. So the core
service delivers something the customer wants, what the customer is willing to buy, willing to
pay for. I like to use email for example, it's pretty, not always a simple service, but it seems
pretty well understood what email is, so we're not actually providing Microsoft Exchange or
Lotus, we're actually providing email, that's the actual service we are providing.
We might have an enabling service. Allows the customer to receive the core service, so to go
back to the email, a core, excuse me, an enabling service, when I think about it what service
might be required might be required in order to provide that core service? Might be something
like active directory, a service that we actually manage within IT. The customer is not
necessarily buying active directory from us, they're buying the core service, email, but we have
to have the enabling service, i.e. active directory in order for that to be successful.
And then we might have an enhancing service. That enhancing service is added to that core
service and they excitement factor, now this is something that may or may not be paid for but
think about like email, we have email service as our core service, an enabling part of that might
be active directory, now we might have OWA, online access, or might be additional security for
that email, those type of things are the, I hate to use bells and whistles, but it adds that extra
flavor, that extra piece to that service that the customers really, really get into that piece, so it's
more of the attractive side of each one of those things.

9
So those are the three classification types of the services that we have.

What is service management?

- Okay, so what is this thing called service management? We've talked about ITSM, IT service
management, as really being the ethos behind the whole ITIL framework and ITIL model, but
service management is a discipline required in order for us to provide services, high quality
services, from the IT for the business that provides value for the business. So therefore, if you
look at the definition up on the top yellow box it really hits you quite well, it says "service
management is a set of specialized "organizational capabilities for providing value "to
customers in the form of services." Exactly what we were just talking about a few minutes ago.
Now, when we take a look at this as we are transforming these resources, valuable resources,
we're transforming these resources in order to deliver these services and we exploit our
organizational capabilities. So let's talk about these things called resources and capabilities for a
few minutes because you need both in order to provide value from a service perspective. So,
first let's start with this thing we call resources over here, I'm going go over here and left hand
side start here. A resource, read this out of the book for you, so a resource is a generic term
that includes IT infrastructure, people, money or anything else that might help to deliver an IT
service.
And I think about a resource as, you know, this is something we are consuming in order to
provide or deliver this service. Now, if we take a look at this next thing here, we got this thing
called capabilities, on the capabilities side, it is the ability of a service or organization, person,
process, application, configuration item or IT service to carry out any activity. So we transform
resources and we exploit those capabilities. So, as we're looking at these things, the service
providers capability or as our capacity or skills and assurance for action, so we are looking at
how we combine these two things, the two major ingredients in order for us to provide those
services.
So, if take a look at these, kind of back again on this resource, used to deliver IT services,
obviously it's easier to acquire than capabilities, because the capabilities think about as the
oomph, it's the organizational capabilities that processes the things that you can't hold over
here, you can, these are actual items that you can use to consume to provide those capabilities,
again, includes infrastructure, people, finances and so on okay? Remember on the capabilities
side, are ability to coordinate, to control and deploy resources is the capacity, is to be able to
do that.
And so you have to have both of these ingredients together to understand that capabilities,
however, they require resources in order for us to deliver those services okay? So, let me just
pull this out of full screen for you again without capabilities the only thing the organization has
is useless resources, again, capabilities is the oomph we have, resources are required to build
and deliver those things okay? Now, if we take a look at the next piece, what is IT service
management? We talked about service management, resources and capabilities, so if we go
into the IT services management side, essentially this is the implementation and management
of quality IT services, so we're looking at it form a larger scale, service management, now we

10
are focusing in on the IT side that meets the needs of the business by IT service providers
through a mix of people, process and technology.

What comprises value?

- Okay, so we've talked about service management capabilities and resources, we've talked
about providing value for our customers. But what really are we talking about when we provide
value for our customers? So, it's important to remember that the sole purpose of an IT
organization is to provide value in the form of these services that we have been talking about to
the business so the business can achieve its overall objectives and its goals. Now, in order to do
that, we have to address two distinct areas and we called those utility and warranty we saw
those on a previous slide. So, remember, utility, what I like to say about utility it's what you
gonna get.
So I think about this, it's what. So we talk about utility, what the costumer gets and we called
that fit for purpose. So let me read you what utility from the book: "The functionality offered by
a product or service. "From the customers perspective, utility is operationalized "by achieving
specific results "or by preventig specific risks and costs." So that's utility, the what, it's fit for
purpose. It increases the probability of achieving our outcomes. That's utility, does it do what's
it supposed to do.
Next, the other important piece of this is what we call warranty and warranty, think about this
as the how. How it is delivered, fit for use. So if you look at utility fit for purpose warranty fit for
use, the what and the how. If utility looks at does it accomplish its objective, how is how is it
actually going to actually do that throughout the life of that service. And when we're talking
about is we are thinking about things like the guarantee or the promise that a product or
service will meet the agreed requirements and that decreases the possible losses because we
have reduced the amount of variations.
So, if I've told you earlier and I should have said this that we have to have both they are very
interconnected both of those have to address. So if you take a look at it from a flow chart
perspective, utility, right again, that's what we need to do always supporting the performance
of what we're supposed to be doing have we removed any constraints, in that case we have fit
for purpose. On the warranty side, lets think about some of the things you might have to have
from a warranty perspective. Is it available enough, when we think of a process I think we
would have called it availability management.
Do we have it available when it's supposed to be the up time the hours of availability, those are
some parts of what I might consider warranty. Do we have enough capacity in terms of
organizational growth, in terms of the capacity we need from the infrastructure side to support
performance makes sense, that's one of the things we might have for warranty. Is it continuous,
continuity in the event of a major disruption, disaster or major incident in which we have to
look at repairing any incidents can we provide continuity throughout the life of that and is it
secure enough, can I guarantee or can I give you a high level of probability that we can offer

11
confidentiality, integrity, availability of the services and of the information and the data that are
part of that.
So, both of those combined we have now looked at creating value and that's how we comprise
value. Utility, warranty, utility is fit for purpose, warranty is fit for use.

The 4 Ps of service design

- Okay let's talk about something called the four Ps of service design. - You have have also heard
this called in other areas people process technology. Well we wanna have a little bit more focus
on these areas and we call them the four Ps of service design. They're people, process, products
and partners. So a core focus area for managing the service life cycle is to use these four areas
to help us support and plan for business value.
You'll notice business value comes up a lot. So let's take a look at what each one of these are.
So first of all we've got people. Who does what? What's the organizational roles, the
responsibilities, the authorities of the folks involved, of the resources involved? What are their
local cultural impacts? So those are the things you're thinking about as far as the people side of
the house. The process side refers basically to what the organization does. The structured set of
activities. The organization's process that's used to fulfill the business requirements, satisfy the
business needs and stay in business essentially.
So the third one we have is what we call products. And the products, think about these as the
tools and the infrastructure. So some examples here are the systems, the networks, and the
tools. That was also kind of thinking about the technology on the people, process, technology.
That's what we're talking about on the products piece. And then finally we have partners, which
is really truly a sourcing strategy. This is not vendor, this is partner. This is supplier management
stuff. Because remember we may be doing a build versus a buy type of scenario, so this helps us
understand based on that strategy of the partners side.
So think about it this way, if an organization knows what has to be done. Right if we're talking
about on the what has to be done side we're basically talking about the process side. That's
what has to be done. Has the skills in place to do it, the people side of the house. Creates
supporting infrastructure, the products. And make sure that we have the appropriate suppliers
or partners in order to provide those.
Those are what we call the four Ps of service design. People, process, products and partners.

Key IT service management roles

- The service management and the ITIL framework, they are extremely heavily role based. And
what we are talking about on a role, a role is basically the set of responsibilities, the activities,
authorities that have been assigned to that role. Could be a person, could be a group, that is
assigned that certain role. We will talk about some other roles around some of our functions a
little bit later on. Some of the key roles we have here as a part of the model, basically three
types you'll see. We have first, what is called a Type I and that is what we consider an Internal
Service Provider.

12
Internal, you could have more than one of these in an organization, basically, same organization
Internal Provider, we provide all your services to you internally, OK. The next one we might
have is called a Type II, which is Shared Servics, which is becoming pretty popular. So, in a
Shared Service type of situation, you have an Internal Service Provider that provides Shared
Services across multiple business units. So, for example, I have a Single Share Service Provider,
and we have multiple business units, and they could have their own Internal Service Providers,
but we're providing a Shared Service across that entire spectrum for all them and that is what
we call a Shared Service.
Then the third type is what we call an External Service Provider. So, on a External Service
Provider, a external customers. This could be like an outsource type of situation, outside of the
business that we're in. So, those are the three types, I, II, III, Internal, Shared, and External
Service Provider. Two general types of customers, Internal and an External Customer. So, in a
situation that I was in as a CIO of a Managed Service Provider, we were a Shared Services Unit,
we also were an Internal Service Provider, we also used External Service Providers for certain
portions of our infrastructure.
Now, I had Internal Customers, these Internal Customers that I had, worked for the same
organization. These were the people that sat on the same floor, the same building, part of the
same organzation we had, those were my Internal Customers. I also had External Customers,
these were the paying customers that were outside of the organization. Generally if you look at
it from an external perspective, this is where you have contracts and legal obligations around
supporting those services for the customers. So, those are the two types, or the two roles that
we have here.
A couple of other roles we have, which shouldn't be too much of surprise here, a User. A User is
that role, that person who is actually on a day to day basis, consuming or using those services. I
think of it, as they are hitting the keyboard, right? They're using those services. And we have
Suppliers, remember we talked about Suppliers a little bit earlier. We have a lot more where we
talk Suppliers later on, but a Supplier, I need that Supplier in order for me to provide services to
my customer. So, that Supplier, I will have a contract with them and that might be under
pinning some of the service requirements or service level agreements that I have with my
customers, OK.
We also have multiple Stakeholders as part of the general ITSM Roles. Basically a Stakeholder
has an interest in the outcome, the resources, targets or activities of a business service or
activity that we have. Some Stakeholders we might have, Suppliers could be Stakeholders,
Owners, Shareholders, Employees, Managers, Partners, are own functions, the service desk for
example, could also be a Stakeholder within the model. So, those are some key roles at a very
high level.
We'll talk more specific roles and each one of the processes that we have, specifically around
Process Owner, Process Manager and so on, these are generally applied across the board. Key
roles Service Provider I, II, and III. Then we have Internal and External Customers, Users and we
have Suppliers and multiple Stakeholders.

13
Governance
-Okay governance. Governance can is served primarily with ensuring that there's an
appropriate management framework for making sound decisions in an organization. So if you
think about the ITIL framework with the many checks and balances that we have, it seems
appropriate that we're following very good practices from a governance perspective. However
there's some things that we wanna make sure that the governance program actually does for
us. And that is in the yellow box right there at the top of that slide that we are ensuring that
policies and strategies are actually implemented and their required processes are correctly
followed.
So having decision criteria, having levels of decisions. Making sure that we understand
organizational decision rights and thresholds and accountability of those decisions. And
understanding who can make decisions under what circumstances and so on as part of an
overall governance, enterprise governance model. So there's three types that we have. We
have what's called enterprise governance, we have corporate governance, and we have IT
governance. So if you take a look at each one of those, each one, we're not gonna go into each
detail between those.
But each one of those levels: corporate,enterprise and IT, they must be able to do three things
and they must be able to do evaluate, direct and monitor. Evaluate that the plan's programs
policies in place are effective. Direct, provide direction on the overall policies and plans of the
organization. And monitor, ensure that we have adequate reporting and feedback mechanisms
involved in order to do that. What's interesting here is that EDM or evaluate, direct and
monitor is really all part of an overall core concept of what's called ISO 38,500.
Now ISO 38,500 is the international standard for IT governance and it really talks a lot about
EDM evaluate, direct and monitor across the three types: enterprise, corporate, and IT
governance. If I can leave you with one key word that I always like to remember about
governance, it's transparency. In the midst of corporate scandals and all of the regulatory and
compliance concerns we have in an organization, the one thing that helps us the most or that
drives us the most is the transparency within the organization.
And that falls back to evaluate, direct, and monitor. Governance, transparency, ISO 38,500.

Other quality frameworks: ISO/IEC 20000 and the Plan-Do-

Check-Act (PCDA) model
- I want you to be very careful when you're looking at ITIL as a framework and not get caught up
into the we're a one framework organization and we cannot look at any thing else out there.
There are a multitude of frameworks, standards, models that can be used out in the market
today and they're really all designed to work together quite well. We know a little bit about ITIL
now we've talked through the basic concepts of service management. Let's look at a couple of
the other quality frameworks that exist and why they are important for you.
The first one out there is what we called ISO 20000. In ISO 20000 really started off as British
standard 15000 developed to address basically the 2000-2001 rewrite of ITIL became an

14
international standard which was called ISO 20000 in late 2005. This is extremely and is wholly
complimentary to ITIL was written to follow basically along what's called the Plan-Do-Check-Act
or the Deming model. We'll talk a little bit more about ISO 20000 here in just a few minutes.
Keep that in the back of your memory very quickly. The next framework that you have you
might have heard of this, it's called the Balance Scorecard. The Balanced Scorecard... What
really was taking place for a long time in businesses and organizations is we really focused on a
couple of key things that were important to us. We looked at just the financial aspects of
management and of goals and objectives or we looked at just the customer perspective. The
Balanced Scorecard was designed to give us four quadrants and four areas to have a balanced
approach to understanding, developing, and managing a business value from these four
different quadrants.
They were the financial quadrant, the customer quadrant. We had the internal quadrant and
the learning and growth quadrant. Why that's important is because that gives you a balanced
approach to understanding key performance indicators, goals and objectives and the cascading
of those from at the highest level in the organization all the way down to the process level so
that we can focus on the right key aspects of delivering services. The next thing we have is
called COBIT. COBIT actually is pretty cool. It stands for Control Objectives for Informational
related Technologies.
It was created by IT Governance Institute and ISACA. It has it's roots in IT control security and a
lot around IT governance, enterprise governance as well. This was really built around creating
controls for processes so that we can provide assurance activities to make sure that we are
meeting our quality, fiduciary, security responsibilities for information.
COBIT right now is on COBIT version five. It's broken down into domains. Domains around
what's called EDM or Evaluate, Direct and Monitor. We talked about that on the governance
side. There are processes within that domain. We have what's called APO, Align, Plan and
Organize. We have BAI, which is Build, Acquire and Implement. Then we have DSS, Deliver,
Service and Support. And finally MEA, Monitor, Evaluate and Access. That's important but what
I really want you to know is within those domains, there are 37 processes and those can be met
directly back to our ITIL processes.
When we're looking at ITIL on the process design on how we're supporting services, what the
COBIT side of the house will help you do is establish those controls for good IT governance for
those processes. So that's COBIT. On the Six Sigma side. Six Sigma has it's literally in looking at
defects and removing waste. If you remember your statistics class which I try to forget, it's
based on these things called standard deviations and if I'm, I don't know the math precisely but
if I'm six standard deviations away from the average that comes out from a calculations
standpoint at 3.4 errors for every million opportunities we have to fail.
Which is pretty good right? Six Sigma sometimes isn't good enough but that's kind of the goal
that the Six Sigma methodology helps us with. There is a methodology part of this to get us
towards that goal and they call it DMAC, that stands for Define, Measure, Define, Measure,
Analyze, Improve and Control. That's the basic concepts around Six Sigma. Why is it important,
how does it work with us on the ITIL side? Well we can look at errors.

15
Statistically manage the quality and reduce the variance of processes within the framework.
CMM, basically what we're looking at in CMM Capability Maturity Model. It's a process
improvement approach. It's really CMM which stands for Capability Maturity Model integration.
You might have seen CMM evaluations before where you see the zero, one, two, three, four
and five. Where they're ranked from a maturity ranking where if your a maturity ranking of zero
the process that we're investigating doesn't exist.
All the way up to five which means this process is actually performing well beyond what our
expectations or what the needs would be. What typically happens in a CMM type of audit or
type of evaluation. It's processes are looked at, they're evaluated, and given a maturity of zero
through five and then that number is aggregated from an organizational standpoint. You might
have somebody say, well we're an organization and we're CMMI level three. They've gone
through that. It's an official recognition of maturity for processes in an organization.
Next we have risk management. So on the risk management. There's something called MOR,
Management of Risk. Pretty interesting model. It's the overall process to help us control those
risks. We have positive, we have negative risks. And help us make better decisions. Risk based
decision making. Things like understanding the assets, what could possibly happen, what the
threats are, what our vulnerabilities are and having risk registers and also looking at what we're
going to do.
Are we going to except it? Are we going to avoid it? Are we going to mitigate? So it's a really
handy model for us when we're planning processes, planning services across the service
spectrum. We have ISO 27001. ISO 27000 as a family, those are standards that are generally
accepted. Best practice guidance on protecting three big things and we call them
confidentiality, integrity and availability. It's around the security around those three things I like
to call that CIA.
It's easy to remember CIA for something around the security world right? Confidentiality,
Integrity, Availability, CIA. That's what the 27000 family of standards are We also have this thing
around these bottom two here. Around the project management world there's two dominant
project management methodologies PRINCE2 and PIMBOK. PRINCE2 has it's roots in the UK.
Very, very powerful in the UK right now. It stands for Projects in Controlled Environments.
On the PRINCE2 basically this method which covers the organization management and control
of projects. You also may have heard of this thing called the PIMBOK. The PMI, Project
Management Institute. It provides the global leadership in project management methodologies
and the documentation or the guide, it's called the PIMBOK or the Project Management Body of
Knowledge. Those are some basic quality frameworks that you might see.
Every one of these things can work with your service management framework. In this case we
talked about ITIL. You don't just pick one and that's it. You can see where it's very powerful to
have multiple methodologies and models to help you to focus on certain aspects of each one of
these things. What I want to talk about on the next slide is after the quality frameworks, there's
something out there that we call the ISO 20000. We talked about this a little bit ago. I want to
share with you a few more comments on ISO 20000 because I think that it's really important to
understand the distinction between ITIL as a framework and ISO 20000 as a standard.

16
So ISO 20000 first international standard specifically aimed at IT service management formally
accepted in 2005. There's an update in the 2011 version so it's originated from what's called BS
15000 or British Standard 15000. To which ITIL V2 was the original reference of that. Of course,
20000 has been updated with the latest ITIL releases. When you look into ISO 20000 a couple of
things to remember.
is remember ITIL, the Information Technology Infrastructure Library is a best practice
framework. Individuals get certified in that. Organizations don't get certified in ITIL. Now ISO
20000 as a standard, it's an organizational certification okay, so that's kind of a difference to
show there. This shows some of the processes that we have as a part of ISO 20000. They should
look somewhat familiar. We have service delivery processes. Things like capacity management.
We've seen that in the ITIL framework. Service level, service reporting, information security,
control processes, configuration change, release and deployment.
We've got incident management. We've got problem management. You see, there's a lot of
relationship obviously between the processes that we have in ITIL and the processes that are
the standard within the ISO 20000. Just to tell you that at a high level there's a couple of parts
to the ISO 20000. As a matter of fact there are a total of eight parts. Part one is what they call
the specification. In the specification, these are the shells, these are the things or the
requirements that must be met for certification.
Part two, is what's called the code of practice. These are what they call the should's. They're
further best practice elements. If you're going for certification as an organization you definitely
use part two for information and supporting details to get to the requirements or the
specifications. Part three, guidance on scope definition and applicability of ISO 20000. So it's the
guidance on how to scope definition and those types of things. Part four, is the process
reference model.
Basically describes at a high level the processes including general service management
processes. Part five, is the implementation plan and then finally what we call part eight is the
process assessment model. That is also available, the process assessment model is available as
part of what's called ISO 15-504 is the process capability of the process assessment standard.
So a lot of stuff I just talked through on that. It's key for you to note, ISO 20000 is the standard,
ITIL is the framework.
As we take a look, let's see, we can back out of here. We have this next thing called PDCA. You
may have heard of the Deming model before. What's interesting here is ISO 20000 as a
management framework. As a management system rather. Really has it's roots in continuous
improvement. The Deming model is what we call Plan-Do-Check-Act and so Deming came out
with this years back and basically it's a repeatable simple model of continuous improvement
efforts.
You plan your efforts. What is it that we want to accomplish. You do those, you execute those.
You check those which means you collect metric measurements on how well your doing against
those. Then you act, so the whole idea is as we revolve in Plan-Do-Check-Act, the more
revolutions we go through. The general maturity of the process of the service that we're looking
at. They also go up as well. So that's what we call the Deming model or Plan-Do-check-Act.

17
I want to kind of tie some things together for you here. We talked about a lot of different
models and frameworks. We hit ISO 20000. We talked PDCA as the foundation for management
systems. Now ITIL and ISO 20000 just as kind of a follow up on these. ITIL guidance is used by
organizations worldwide to establish and improve capabilities in service management so that's
the ITIL side ISO 20000, the international standard where organizations can audit and certify
their capabilities. It's a very, very robust.
Very detailed audit that you have to go through in order to be certified in ISO 20000. Individuals
cannot get this certificate. It's an organizational based evaluation. ISO 20000 standard will be
achieved and maintained. So you don't just get the ISO 20000 achievement certification, you
have to maintain that throughout the life of your certification. ITIL offers the body of knowledge
useful for achieving the standard. There's a lot of congruence between the two.
One's a standard, one's a good practice framework. In closing on this piece, I want you to really,
really understand you have to look at multiple models for multiple pieces of your governess
program or of your service management program. ITIL is obviously what were talking about
here but we saw a few other models that work very well with these things.

Summary: Service management as a practice

- To summarize some of the key points of the things we just talked about over the last couple of
short videos. We talked about some key terms. In particular, what is a service? So, we're going
to kind of jog your memory on a few of these things. A service is a means of delivering value to
customers by facilitating outcomes customers want to achieve without the ownership of
specific costs and risks. We talked about specifically an IT service. When IT delivers functionality
to the business that functionality is an IT service.
And there were three basic parts or three types of those services that we had. First we had
what was called a core service. On the core service, this is the basic outcome. This is what our
customers are paying us to provide for them. And I used the example email. Then we had what
was called an enabling service. A service that we have to have in place and its required in order
for the core service to be delivered. And the example I used was say, active directory. And then
finally we had the enhancing service. The enhancing service was that additional, that additional
flare, that additional thing, add-on to that core service.
In this case, in our example, we used online email access. So these are the three types that we
looked at. The classification types. We have the internal and external service. Internal for our
own business, our own organization. External, generally we're looking at that service is required
contractually from a legal standpoint. We had IT service management. So an IT service
management, to refresh our memories on that, it's the set of specialized organizational
capabilities for providing value to customers in the form of services.
So, those outcomes are what we're talking about. Those quality services. And so we said those
services have to have two main ingredients and they have to be together. We have to look at
both of them. Utility and warranty. Utility, fit for purpose. It's what you're getting. Warranty, fit
for use. How it's actually delivered. We talked about service assets. Resources and capabilities.
Resources are required in order for us to be able to deliver services. And then we also have
capabilities.

18
And those capabilities are the organizational umph that processes the organization, those types
of pieces that we have there. We talked some other key terms. Different, three types of service
providers. Type one, internal. Type two, shared service. Type three, external. We talked about
stakeholders. They have an interest in the success of the service and the success of the process.
We have customers. Internal customers, external customers. That might go along with our
internal external services, too. We also had users, who are actually using the system or the
services.
And suppliers. Generally the suppliers are those vendors, I guess you could call them, that we
need in order to support those services and deliver those things. Key concepts. 4Ps of Service
Design. People, process, products, and partners. Governance, about transparency. We had
three basic types. We had enterprise. We have corporate. We have IT governance. You need to
understand those. ISO 20,000. That's the standard, the service management standard that we
talked about in the previous video.
And then we had the Deming Cycle. PDCA, stands for Plan-Do-Check-Act. It's important to also
remember that PDCA is really one of the basic elements of the management systems that we
have as a part of ISO 20,000. And that's the Deming log.

19