ITIL Foundations Certification Course

Service Management, Bangalore
ITIL Foundations Certification Course
Kashif Baig
ITIL is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office. IT Infrastructure Library is a Registered Trade Mark of the Central Computer and Telecommunications Agency which is now part of the Office of Government Commerce.
Introduction
ITIL History What is ITIL? The ITIL Framework ITIL Certifications Benefits of ITIL Remember about ITIL
Kashif Baig - Service Management, Bangalore
ITIL History
In the late 1980s, the British govt. asked the Central Computer and Telecommunications Agency (CCTA) to structure the IT organisations of the British government agencies. This resulted in the IT Infrastructure Library, a library of books describing best practices in IT management, and a detailed approach for the implementation of these best practices. The aims of the CCTA in developing the IT Infrastructure Library were: to facilitate the quality management of IT services. increase the efficiency with which the corporate objectives are met. to improve efficiency, increase effectiveness, and reduce risks. to provide codes of practice in support of total quality.
What is ITIL?
ITIL is a compilation of best practices in IT Service Management, developed by the OGC (Office of Govt. Commerce) and supported by publications, qualifications and an international user group.
ITIL defines the organisational structure and skill requirements of an information technology organisation and a set of standard operational management procedures to allow the organisation to manage an IT operation and associated IT infrastructure. ITIL does not set in stone every action you should do on a day-to-day basis as that is something which differs from organisation to organisation. Instead, it allows the IT Infrastructure Library to be utilised within organisations with existing methods and activities in Service Management. IT Service Management is concerned with delivering and supporting IT services that are appropriate to the business requirements of the organisation.
4
The ITIL Framework

ITIL comprises of seven distinct books:
Service Support
describes the processes associated with the day-to day support and maintenance activities associated with the provision of IT services
Service Delivery
covers the processes required for the planning and delivery of quality IT services and looks at the longer term processes associate with improving the quality of IT services delivered
ICT (Information & Communications Technology) Infrastructure Management

covers all aspects of ICT Infrastructure Management from identification of business requirements through the tendering process, to the testing, installation, deployment, and ongoing operation and optimisation of the ICT components and IT services
The ITIL Framework

Planning to implement Service Management
examines the issues and tasks involved in planning, implementing and improving Service Management processes within an organisation. It also addresses the issues associated with addressing Cultural and Organisational Change, the development of a vision and strategy and the most appropriate method of approach
Application Management
describes how to manage applications from the initial business need, through all stages in the application lifecycle, up to and including retirement. It places emphasis on ensuring that IT projects and strategies are tightly aligned with those of the business throughout the application lifecycle, to ensure that the business obtains best value from its investment
The ITIL Framework

The Business Perspective
provides advice and guidance to help IT personnel to understand how they can contribute to the business objectives and how their roles and services can be better aligned and exploited to maximise that contribution
Security Management
details the process of planning and managing a defined level of security for information and IT services, including all aspects associated with reaction to security Incidents. It also includes the assessment and management of risks and vulnerabilities, and the implementation of cost justifiable countermeasures
ITIL Framework
Service Desk Configuration Management Incident Management Problem Management Change Management Release Management
Planning to implement service management
Service Level Management Availability Management Capacity Management Financial Management for IT Services IT Services Continuity Management
Guidance on integrating the business perspective into every aspect of service management
Service management
The business perspective
Service support
ICT Infrastructure management
Design and Plan Deployment Operations Technical Support
The technology
The business
Service delivery
Security management
IT Infrastructure Security Management Security setup from the IT manager's point of view
Application management
What is the vision? Where are we now? Where do we want to be? How do we check our milestones? How do we keep momentum?
Manage the Business Value Align Service Delivery with Business Strategy Drivers and Organizational Capability Application Lifecycle Management Organization Roles and Functions Control Methods and Techniques
The ITIL Framework ( contd )

The two most commonly used disciplines are Service Support and Service Delivery
Service Support comprises of :

Service Desk Incident Management Problem Management Configuration Management Change Management Release Management
Service Delivery comprises of :

Service Level Management
Financial Management for IT Services

Capacity Management Availability Management IT Service Continuity Management
10
11

Resolve incidents as they occur
Service Management
Service Delivery
Availability Problem Capacity Change ITSCM Define what services and service levels will be supported and delivered Release SLM Ensure the agreed services are available at agreed levels Ensure agreed services have the required and agreed to capacity
12
Service Support
Incident
Identify root causes of incidents and submit RFCs to remove them
Service Desk
Single Point of Contact for users of IT Services Ensure standard methods and procedures are used from the RFCs to the PIR Manage major hardware and software releases as part of effective change management Manage technical information regarding the version, status, ownership and relationships among IT assets.
FMITS
Config
Ensure agreed-to services can recover after a disruption as a part of business continuity management
Budget, account and optionally charge for IT services
ITIL Certifications
ITIL accreditation demonstrates that an individual has met the standards in Service Management as set by an examination certification board comprising representatives of OGC, itSMF and the Examination Institutes
Official qualifications based on ITIL are currently offered by the following Examination Institutes : ISEB (The Information Systems Examination Board), a wholly owned subsidiary of the British Computer Society EXIN (the European Examination Institute for Information Science) in the Netherlands ITIL qualifications are recognised world-wide. Whether you passed your exam via ISEB or EXIN, the qualification is recognised by the industry
13
ITIL Certifications (contd..)

Foundations Certificate
This is designed to provide a foundation level of knowledge in IT Service Management and is aimed at all personnel who wish to become familiar with the best practices for IT Service Management
Practitioners Certificate
This is aimed at those who are responsible within their organisation for designing specific processes within the IT Service Management discipline, and performing the activities that belong to those processes
Managers Certificate
This is aimed at those who need to demonstrate a capability for managing ITIL-based solutions across the breadth of the Service Management subjects.
14
ITIL Certifications
Foundations
Essential (2 days)
Practitioners (9 certificates)
Change Manager (5 days)
Service Level Manager (5 days)
1 hour Multiple choice

(Know list of Basic Concepts)
1 hour Multiple choice
Prerequisites form assessed by Examination Board In course assessment 3 hour examination (essay form)
Service Delivery (5 days) Service Support (5 days)
3 hour examination (essay form)
Service Manager
15
Benefits of ITIL
Adopting ITIL guidance can provide such benefits as: Continuous improvement in the delivery of quality IT services Reduced long term costs through improved Return On Investment through process improvement Demonstrable Value For Money to the business, the board and stakeholders, through greater efficiency Reduced risk of not meeting business objectives, through the delivery of rapidly recoverable, consistent services Improved communication and better working relationships between IT and the business The ability to absorb a higher rate of Change with an improved, measurable rate of success Processes and procedures that can be audited for compliance to best practice guidelines
16
Remember about ITIL ..

Remember : ITIL describes what needs to be done but NOT how it should be done
ITIL does NOT define:

Every role, job or organisation design Every tool, every other equipment, every required customisation Every process, procedure and task required to be implemented
ITIL does NOT claim to be a comprehensive description of everything within IT, but it instead contains best practices that have observed and accepted in the industry
17
Service Support
Service Desk Incident Management Problem Management Change Management Release Management Configuration Management
18
Service Support
19
The Service Support set

Service Desk
Single point of contact between service providers and Users, on a day-to-day basis Focal point for reporting Incidents and making service requests
Keeps Users informed of service events, actions and opportunities that are likely to impact their ability to pursue their day-to-day activities
Incident Management
Restore normal service operations as quickly as possible
Should interface closely with Problem Management, Change management and the Service Desk Incident priorities and escalation procedures need to be agreed as part of the Service Level Management process and documented in the SLAs
20

Problem Management
Prevent and minimize the adverse effect on the business of errors in the IT Infrastructure Performs RCAs to establish the root causes of Problems
Requires the accurate and comprehensive recording of Incidents in order to identify effectively and efficiently the cause of the Incidents and trends
Liaises closely with Availability Management process to identify these trends and instigate remedial action
Change Management
Ensure standardized methods and procedures are used for efficient, prompt and authorized handling of all changes in the IT Infrastructure Close relationship with Configuration Management and Release Management
21

Release Management
Ensure that all technical and non-technical aspects of a release are dealt with in a coordinated approach Actual implementers of Changes
Responsible for secure and managed rollout of Changes
Configuration Management
Provide a logical model of the IT Infrastructure by identifying, controlling, maintaining and verifying the versions of all Configuration Items (CIs) Stores information in the CMDB of what CIs available, where are they available and how are they inter-connected
22
Service Support
Service Desk
Incident Management Problem Management Change Management Release Management Configuration Management
23
Service Desk
Service Desk acts as the Single Point of Contact (SPOC) between the users and the IT Services Organization
ITIL defines customers and users : Customers : People (generally senior managers) who commission, pay for and own the IT Services, sometimes referred to as "the business" Users : People who use the services on a day-to-day basis
24
Service Desk (contd..)

The primary functions of the Service Desk are : Incident Control : life cycle management of all Service Requests Communication : keeping the customer informed of progress and advising on workarounds
It handles all incoming calls and only directs them through to the second or third tier support when necessary : for the customer, the advantage is that they dont have to ring around searching for the right person to solve their problem for IT personnel, it means that they only have to deal with issues that are related to their skills or area of responsibility
Note:- The Service Desk is not a process - it is a FUNCTION
25
Service Desk - Types

The Service Desk function is known under various names :
Call Centre
main emphasis on professionally handling large call volumes of telephonebased transactions
HelpDesk
manage, co-ordinate and resolve incidents as quickly as possible
Service Desk
not only handles incidents, problems and questions but also provides an interface for other activities such as change requests, maintenance contracts, software licenses, Service Level Management, Configuration Management, Availability Management, Financial Management and IT Services Continuity Management
26
Service Desk - Types

Many Call Centres and HelpDesks naturally evolve into Service Desks to improve and extend overall service to the Customers and the Business
All three functions share common characteristics : they represent the service provider to the Customer and the User (internal or external) they operate on the principle that customer satisfaction and perception is critical
they depend on blending people, processes and technology to deliver a service
27
Service Desk - Structures

The three types of structure that can be considered are :
Local Service Desk

to meet local business needs - is practical only until multiple locations requiring support services are involved
Central Service Desk

for organisations having multiple locations - reduces operational costs and improves usage of available resources
Virtual Service Desk

for organisations having multi-country locations - can be situated and accessed from anywhere in the world due to advances in network performance and telecommunications reduces operational costs and improves usage of available resources
28
Service Desk - Local
29
Service Desk - Central
30
Service Desk - Virtual
31
Service Desk - Functions

The common Service Desk functions include : receiving calls and first-line customer liaison recording and tracking incidents and complaints
keeping customers informed on request status and progress

making an initial assessment of requests, attempting to resolve them or refer them to someone who can, based on agreed service levels managing the request life-cycle, including closure and verification communicating planned and short-term changes of service levels to customers coordinating second-line and third party support groups providing management information and suggestions for service improvement identifying or contributing to problem identification highlighting Customer training and education needs
closing incidents after confirmation with the Customer
32
Service Desk - Staff Profile

A Service Desk staff member should be : Customer-focused articulate and methodical
trained in interpersonal skills

multilingual (if required) able to understand the businesss objectives able to understand and accept that: the Customers Problem affects the business without the Customer there is no support department the Customer is an expert in their own field genuinely wanting to deliver a first-class service
33
Service Desk - Benefits

A Service Desk benefits an organisation by : improved customer service, perception and satisfaction increased accessibility through a single point of contact, communication, and information. better quality and speedier turnaround of customer requests improved teamwork and communication enhanced focus and a proactive approach to service provision reduced negative business impact better managed infrastructure and improved control improved usage of IT support resources and increased productivity of business personnel more meaningful management information for decision support
34
Service Desk - Critical Success Factors

To introduce and maintain a successful Service Desk, it is essential that: business needs and requirements are understood Customer requirements are understood
investment is made in training for customers, support teams and Service Desk staff
service objectives, goals and deliverables are clearly defined service levels are practical, agreed and regularly reviewed
35
Service Support
Service Desk
Incident Management
Problem Management Change Management Release Management Configuration Management
36
Incident Management
An Incident is defined as any event which is not part of the standard operation of a service and which causes or may cause, an interruption to, or a reduction in, the quality of that service
The primary goal of Incident Management is to restore normal service operations as quickly as possible with the least possible impact on business operations, at a cost-effective price, thus ensuring that the optimum levels of service quality and availability are maintained In lay-man terms, Incident Management is similar to fire-fighting
Inputs for Incident Management mostly come from users (through the Service Desk), but can have other sources as well like Automatic Detection Systems or Release Management
37
38
Incident Management Functions
39
Incident Management - Functions

The primary functions of Incident Management are : Incident detection and recording Classification and initial support
Investigation and diagnosis

Resolution and recovery Incident closure Incident ownership, monitoring, tracking and communication
40

Incident detection and recording
Inputs Incident details from Service Desk or event management systems
Actions
record basic details of the Incident alert specialist support group(s) as necessary start procedures for handling the service request Outputs updated details of Incidents the recognition of any errors on the CMDB notice to Customers when an Incident has been resolved
41

Classification and initial support
Inputs recorded Incident details configuration details from the CMDB response from Incident matching against Problems and Known Errors Actions matching against Known Errors and Problems informing Problem Management of the existence of new Problems and of unmatched or multiple Incidents assigning impact and urgency, and thereby defining priority providing initial support (assess Incident details, find quick resolution) closing the Incident/routing to a specialist support group, and informing User(s). Outputs RFC for Incident resolution updated Incident details, and Work-arounds for Incidents, or Incident routed to second- or third-line support
42
Incident Management - Incident Classification

Incident Classification is used to :
Specify the service with which the incident is related Associate with an SLA where appropriate
Select/define the best specialist/group to handle the incident

Identify the priority based upon the business impact & urgency Define what questions should be asked or information checked Identify a relationship to match against Known Errors or solutions
Typically classification consists of three parts:

Categorisation Prioritising Matching
43

Categorisation
Application Service not available Application bug/query Hardware Automatic alert Printer not printing Service Request Password forgotten Security Incident Virus
44
Incident Management - Example coding system for Incident

classification
45

Prioritising
The priority with which Incidents need to be resolved and therefore the amount of effort put into the resolution of and recovery from Incidents, will depend upon : The impact on the business The urgency with which a resolution/work-around is needed The size, scope and complexity of the Incident The resources available for coping in the meantime and for correcting the fault
46

All incidents are categorised in order to establish appropriate priorities and resolution lead times To facilitate lead-times of incident resolution, accurate classification and sufficient registration is imperative The criteria to consider when assigning priority are: Impact : To what extent an incident results in a deviation from the normal service level; aspects are the number of users and the service concerned Urgency : To what extent the solution of an incident can be postponed
Priority = Impact x Urgency
47
Incident Management - Example of a priority coding system
48

Matching
Matching is the process whereby the Incident details are compared to knowledge that is already present in the organisation. Successful matching could give access to proven resolution actions, which should require no further investigation effort.
49
50

Investigation and diagnosis
Inputs updated Incident details configuration details from the CMDB Actions assessment of the Incident details, collection and analysis of all related information, and resolution (including any Work-around) or a route to n-line support
Outputs
Incident details yet further updated, and a specification of the selection or required Work-around
51

Resolution and recovery
Inputs updated Incident details any response on an RFC to effect resolution for the Incident(s) any derived Work-around or solution Actions resolve the Incident using the solution/Work-around or, alternatively, to raise an RFC (including a check for resolution) take recovery actions Outputs RFC for future Incident resolution resolved Incident, including recovery details, updated Incident details
52

Incident closure
Inputs updated Incident details
resolved Incident
Actions the confirmation of the resolution with the Customer or originator close category Incident
Outputs
updated Incident detail closed Incident record
53

Ownership, monitoring, tracking and communication
Inputs Incident records
Actions
monitor Incidents escalate Incidents inform User Outputs management reports about Incident progress escalated Incident details; and Customer reports and communication
54
Incident Management - Escalation

There are two levels of escalation possible: Transferring an Incident from first-line to second-line support groups or further is called Functional Escalation and primarily takes places because of lack of knowledge or expertise Hierarchical Escalation can take place at any moment during the resolution process when it is likely that resolution of an Incident will not be in time or satisfactory
55
Incident Management - Tasks
56
Incident Management - Benefits

The benefits to be gained by implementing an Incident Management process are: For the business as a whole:
reduced business impact of Incidents by timely resolution, thereby increasing effectiveness the proactive identification of beneficial system enhancements and amendments the availability of business-focused management information related to the SLA.
For the IT organisation in particular: improved monitoring, allowing performance against SLAs to be accurately measured improved management information on aspects of service quality better staff utilisation, leading to greater efficiency elimination of lost or incorrect Incidents and service requests improved User and Customer satisfaction.
57
Incident Management - Critical Success Factors

The critical success factors for Incident Management are : A sound up-to-date CMDB really helps Create knowledge databases (KEDB) and make them easily accessible
Use tools whenever appropriate

Establish interfaces with other processes
58
Service Support
Service Desk Incident Management
Problem Management
Change Management Release Management Configuration Management
59
Problem Management
A problem is a condition identified from multiple incidents exhibiting common symptoms, or from a single significant incident, indicative of a single error, for which the cause is unknown.
The goal of Problem Management is to minimize the adverse impact of incidents and problems on the business caused by errors within the IT Infrastructure, and to prevent reoccurrence of incidents related to these errors.
While Incident Management focuses on quick resolution of incidents, Problem Management analyses the root cause of the incidents.
60
Problem Management
Problem Definition
(contd..)
Many criteria can be used to define a Problem including : A number of related incidents
Incident closed via work-around (temporary fix)

Major incident Information from third parties
61
Problem Management
Problem
(contd..)
Problem Management Terminology

The unknown root cause of one or more incidents (not necessarily or often solved at the time the incident is closed) Error A condition that exists after the successful diagnosis of the root cause of a Problem Known Error Error + solution and/or workaround has been found Known Error DataBase (KEDB)
Repository of known errors for the benefit and utilisation of Incident Management
62
Problem Management
(contd..)
Problems can be identified from incidents. When a problem is defined, diagnosis takes place to find the root cause of the problem, and then a change request is entered to correct the problem
63
Problem Management
(contd..)
The "Funnel Effect" is shown below - multiple incidents are usually, after investigation, re-classified as a smaller number of problems, which are also reanalyzed and (usually) reclassified as yet a smaller number of known errors, which usually, after further investigation, end up resulting in a smaller number of RFCs
64
Problem Management
(contd..)
The primary functions of Problem Management are : Problem Control: identifying the real underlying causes of incidents in order to prevent future reoccurrences
65
Problem Management
(contd..)
Error Control : the processes involved in successful correction of Known Errors. The objective is to change IT components to remove Known Errors affecting the IT infrastructure and thus to prevent any recurrences of incidents
66
Problem Management
(contd..)
Investigation and Diagnosis of Problems

The various methods include : Ishikawa diagrams
Kepner and Tregoe

Brainstorming sessions Voting Flowcharts
Common sense
Deduction
67
Problem Management
Trend Analysis
(contd..)
Proactive Problem Management comprises of :

Identifying fragile components of an IT Infrastructure and investigate the reasons for this fragility Targeting preventive actions Trend analysis can lead to the identification of faults in the IT Infrastructure which can then be analysed and corrected via Problem and Error Control Improving procedures Research other sources of knowledge about known errors
68
69
Problem Management
(contd..)
Known Error DataBase (KEDB) :
Problem Management reduces a Problem into an Error after it has successfully identified the root cause of the Problem. When a solution or a work-around is identified for this Error, it is transformed into a Known Error The Known Error DataBase is a repository containing all these Known Errors. The KEDB is essentially for the utilisation of the Incident Management process and to prevent Incidents from becoming Problems
70
Known Error DataBase (KEDB) :
71
Problem Management
(contd..)
Incident v/s Problem Management :

While Incident Management focuses on quick resolution of incidents, Problem Management analyses the root cause of the incidents
72
Problem Management
(contd..)
Incident v/s Problem Management :
Incident Management is the basis for defining Problems and information from Problem Management is made available for Incident Matching.
The differences between Incident & Problem Management are : Objectives are different
Different skills/expertise required

Time is less of an issue within Problem Management Activities carried out are different
73
Problem Management - Tasks
74
Problem Management
- Benefits
The benefits of Problem Management are : improved IT Service quality (by removing structural errors pro-actively) reduction in the number of incidents
providing permanent solutions thereby resolved problems stay resolved

improving the organisations knowledge by contributing known error data to the service desk / incident management / configuration management, etc.
75
Problem Management (contd..)

The critical success factors for Problem Management are : Keep Incident Management and Problem Management separate Start with re-active Problem Management and then progress towards developing pro-active Problem Management Makes use of tools to detect possible trends Interface with Incident Management and Change Management
76
Service Support
Service Desk Incident Management Problem Management
Change Management
Release Management Configuration Management
77
Change Management
A change is an event that results in a new status of one or more configuration items (CI's)
78
Change Management
The goal of Change Management is to ensure that standardised methods and procedures are used for efficient handling of all Changes, in order to minimise the impact of Change-related incidents and to improve day-to-day operations.
The main aims of Change Management are : Minimal disruption of services Reduction in back-out activities Economic utilisation of resources involved in the change
79
Change Management
Change Management Terminology
Change the addition, modification or removal of CIs
Request for Change (RFC) form used to record details of a request for a change and is sent as an input to Change Management by the Change Requestor
Forward Schedule of Changes (FSC) schedule that contains details of all the forthcoming Changes
80
Change Management
Change Categories
(contd..)
Category 0 : Is executed without prior contact. Used for workarounds/ temporary fixes
Category 1 : Little or no impact. Change Manager authorises this RFC

Category 2 : Significant impact. CAB discussion needed. Change Manager requests advice on authorisation and planning Category 3 : Major impact. Considerable resources required. Senior Management need to be a part of the CAB.
Change Priorities
Urgent: change is required now, in order to achieve the service levels High: as soon as possible, otherwise risk to current or future production
Normal: change solves serious mistakes or a lack in functionality

Low: change yields improvements that are not required by contract
81
Request for Change ( RFC) - Contents
82
Change Management
Request for Change ( RFC)
(contd..)
It is a formal document sent to Change Management by the Change Requestor requesting for a change.
Every RFC runs through a number of stages before the change can be implemented
83
Change Management
Change Review
(contd..)
All implemented changes must be reviewed to establish whether: The change has had the desired effect and met its objectives There have been no unexpected or undesirable side-effects The resources used to implement the change were as planned
Change Advisory Board (CAB)

The CAB is an advisory board that reviews RFCs and determines and provides detail of likely impact CAB participants include : Customers/users affected by the change Representatives of Service Management areas Application development teams
84
Change Management
(contd..)
Change Advisory Board/ Executive Committee (CAB/EC)

The CAB/EC is responsible for authorising urgent changes The members vary depending on their involvement with the urgent change, and their availability at the time
What the CAB discusses :

Failed or backed-out Changes
Changes applied without reference to the CAB by Incident Management

RFCs to be assessed by CAB Change reviews Change management process
85
Change Management
- CAB attendees
86
Change Management
Change Approval Process
Financial approval
(contd..)
Indicates costs are within budgetary limits or cost-benefit criteria are met
Technical approval Assurance that the Change is feasible, sensible and can be performed without serious interruptions to the business Customer approval To ensure that business managers are satisfied with the proposals and accept any impact to their requirements
87
Change Management - Tasks
88
Change Management
- Benefits
The benefits of Change Management are : increased visibility and better communication of changes improved risk assessment of changes
fewer backed-out or failed changes

better productivity of Users (fewer disruptions) and IT Staff (duties clearly planned) ability to absorb large number of changes reduction in the number of incidents and problems caused by changes
89
Change Management (contd..)

The critical success factors for Change Management are : Be prepared for dealing with Urgent Changes Integrate with Configuration and Release Management
Ensure management commitment is present and let them set the example
Choose appropriate Project Management methodologies
90
Service Support
Service Desk Incident Management Problem Management Change Management
Release Management
91
Release Management
Release Management undertakes the planning, design, build, configuration and testing of hardware and software to create a set of Release components for a live environment
Release Management takes a holistic view of a Change to an IT service and ensures that all aspects of a Release, both technical and non-technical, are considered
The input to the Release Management process comes from the Change Management process
92
Release Management (contd..)

Release Categories
A Release consists of the new or changed software and/or hardware required to implement approved Changes
Releases are categorised as : Major software Releases and hardware upgrades, normally containing large areas of new functionality, some of which may make intervening fixes to Problems redundant. A major upgrade or Release usually supersedes all preceding minor upgrades, Releases and emergency fixes Minor software Releases and hardware upgrades, normally containing small enhancements and fixes, some of which may have already been issued as emergency fixes. A minor upgrade or Release usually supersedes all preceding emergency fixes Emergency software and hardware fixes, normally containing the corrections to a small number of known Problems
93

Releases can be divided based on the release unit into : Delta Release : is a release of only that part of the software which has been changed. For ex: Security patches to plug bugs in a software Full Release : means that the entire software program will be release again. For ex : an entire version of an application Packaged Release : is a combination of many changes . For ex : an Operating System image containing the applications as well
94

Release Policy
A Release policy should include : Release naming and numbering conventions A definition of major and minor Releases, plus a policy on issuing emergency fixes Frequency of Releases Expected deliverables for Releases (e.g. installation instructions and Release notes) Guidance as to how and where Releases should be documented (e.g. which tool to use and how) A policy on the production of back-out plans
95

One of the main activities of Release Management is managing the Definitive Software Library (DSL) and the Definite Hardware Storage (DHS)
Definitive Software Library (DSL)

Secure compound in which the authorised versions of all software CIs are stored and protected. Includes copies of purchased software (along with the license documents) as well as the software developed on site
Definite Hardware Storage (DHS)

An area set aside for secure storage of hardware spares
96
Release Management - Tasks
97
Release Management - Benefits

The benefits of Release Management are : greater success rate of changes consistency in the release process
less disruptions to services by synchronizing releases

assurance that all CIs in use are of known quality and satisfy legal obligations controlling & safeguarding of CIs lower probability of illegal CIs easier detection of wrong & unauthorized versions
98

The critical success factors for Release Management are : Align with Change and Configuration Management Create test environments that represent the live hardware and software environments as closely as possible
99
Service Support
Service Desk Incident Management Problem Management Change Management Release Management
100
Almost every Service Management process depends upon accurate IT infrastructure information. Configuration Management : Provides accurate information on configurations and their documentation to support all the other Service Management processes Accounts for all the IT assets and configurations within the organisation Verifies the configuration records against the infrastructure and corrects any exceptions
Configuration Management v/s Asset Management

Configuration Management revolves around the lifecycles of CIs and their relationships, whereas Asset Management is primarily concerned with the financial value of assets
101
(contd..)
A configuration item (CI) is a component of, or directly related, to the ITinfrastructure. CI's include: hardware, software, documentation, processes and procedures
Examples of CIs : Personal computers, Network components, Service Level Agreements, Manuals, Applications, etc.
Examples of the relationships between CIs :

Hierarchically subjected to (parent-child relation) Is part of (a processor is part of a PC) Interfaced with (a system is connected to a printer)

102
Uses (a program uses a subroutine)

Is a copy of (program is a copy of...) Is related to (attribute) (serial number, location, status)
Configuration Management DataBase (CMDB)

Details about CIs are stored in the Configuration Management DataBase (CMDB) from which queries about the IT Infrastructure can be answered The details of a CI that are mentioned in a CMDB include : Unique Identifier (service tag) Attributes (supplier, price) Status (ordered, testing, production, archived) History (past incidents, applied changes) Category (hardware, software) Relationship (is connected to, is a part of) The scope of the Configuration Management database is defined by the area of responsibility of the IT organization The level of detail is defined by the need for information of the IT management processes, the control of the information and the costs and benefits of a CMDB
103
Configuration Management DataBase (CMDB)
104
Configuration Management (contd..)

Configuration Management Database (CMDB)
Change Management interfaces with Configuration Management to obtain information about a CI and then provides input on what the status of the CIs will be after a change Configuration Management will then update the CMDB to reflect the changed status of the CI
105
Configuration Management - Process
106

Planning
During the planning, define : Purpose, scope and objectives
Related policies and standards

Roles and responsibilities CI naming conventions CMDB design, including scope and key interfaces
107

Identification
The Identification activity addresses : Configuration, structures and the selection of CIs
CI types and life-cycles

CI relationships Identification of software and document libraries Identification of configuration baselines
Naming conventions
Labelling CIs
108

Control
The Control activity organises : Registration of new CIs and versions
Updating of CI records
Archiving of CIs and their associated records Protection of the integrity of configurations Updating of the CMDB after periodic checking
109

Status Accounting
Status reports should be produced on a regular basis listing, for all CIs under Control, their current version and history.
Status Accounting reports can be used to establish baselines and enable Changes between baselines and Releases to be traceable.
110

Verification and Audit
Before acceptance into the environment, new Releases, builds, equipment and standards should be verified against the contracted or specified requirements. Physical configuration audits should be carried out to verify that the asbuilt configuration of a CI confirms to its as-planned configuration and its associated documents.
111

Configuration BaseLines
A BaseLine is the configuration of a product or system established at a specific point in time, which captures both the structure and the details of that product or system and enables that product or system to be re-built at a later date. Configuration BaseLines and approved Changes to those BaseLines together constitute the Currently Approved Configuration.
112
Interaction with other processes
113
Change Management
- Benefits
The benefits of Configuration Management are : helps to minimize the impact of changes provides accurate information on CIs
improves security by controlling the versions of CIs in use

facilitates adherence to legal obligations helps in financial & expenditure planning
114

The critical success factors for Configuration Management are : Select the appropriate tool at the start of the process Ensure no one bypasses Change Management
Make use of Inventory Systems
115
Service Support
Incident Management
Problem Management
Change Management
Release Management
Identification
Detection & Recording
Problem Control
Accept & Classify Changes
Release Planning
Control
Classification & Initial Support
Error Control
Evaluate
Design, Build, Configure
Status Accounting
Investigation and Diagnosis
Proactive Prevention of Problems
Authorize & Schedule Changes
Test, Accept
Verification & Audit
Resolution & Recovery
Coordinate Implementation
Plan Roll Out
Closure
Monitor & Report
Communicate, Prepare, Train
Review & Close
Distribute & Install
116
117
Service Delivery
Capacity Management Availability Management Service Level Management IT Service Continuity Management Financial Management for IT Services
118
Service Delivery
119
The Service Delivery set

Capacity Management Ensure that capacity and performance aspects of the business requirements are provided timely and cost effectively
Availability Management
Optimize the capability of the IT Infrastructure and supporting organization to deliver a cost effective and sustained level of availability to satisfy business objectives Service Level Management Maintain and improve IT service quality through a constant cycle of agreeing, monitoring, reporting and reviewing IT service achievements
120
The Service Delivery set (contd..)

IT Service Continuity Management Ensuring that the required IT technical and service facilities can be recovered within the time scales required by Business Continuity Management

Provide cost effective stewardship of IT assets and resources used in providing IT services
121
Service Delivery
Capacity Management
Availability Management Service Level Management IT Service Continuity Management Financial Management for IT Services
122
Capacity Management
The objective of Capacity Management is to ensure the optimum use of IT resources for the performance agreed upon with the client
Capacity Management is needed to support the optimum and cost-effective provision of IT services by helping organizations to match their IT resources to the current and future demands of their business
The main tasks of Capacity Management are :
Match capacity and demand by increasing or managing available capacity

Ensure that existing capacity is used in an optimum manner
123
Capacity Management (contd..)

The main types of Capacity Management are :
Business Capacity Management

Trend, forecast, model, prototype and document future business requirements
Service Capacity Management

Monitor, analyse, tune and report on service performance, establish baselines and profiles of use service, manage demand for services
Resource Capacity Management

Monitor, analyse, tune and report on utilisation of components, establish baselines and profiles of use of components
124
125

Capacity Management activities can be subdivided into planning and monitoring activities
126
127

Demand Management (covers the management of users' demands for IT resources) Short-term: optimization Long-term: have an insight into future projects Workload Management (concerned with identifying and understanding the applications, their work patterns and peaks, and their use of hardware resources) Resource Management (storage management, assessment of new HW technology) Performance Management (measure, control and tuning of performance of components of the IT infrastructure)
Application Sizing (forecast for HW resources for new and changed applications)
128

Modelling (trend analysis, estimation, simulation, analytic modeling) Capacity Planning (Capacity plan which details the current levels of resource utilisation and service performance, and forecasts the future requirements for resources)
129

Capacity Management DataBase (CDB)
Capacity Management collects data from a variety of hardware platforms and software applications that could be widely distributed and stores the data in a CDB. The components of a CDB include : service data from SLAs business data from the business plans and strategy technical data from the manufacturers specification of the hardware and software components financial data
130
Capacity Management - Tasks
131
Capacity Management - Benefits

The benefits of Capacity Management are : Reduced risk of performance problems and failure Cost savings
Both achievable through:

Planned buying Deferring expenditure until really needed (but in a controlled way) Matching capacity to business need Ensures that systems have sufficient capacity to run the applications required by the business for the foreseeable future Provides information on current and planned resource utilization of individual components allowing decisions on which components to upgrade, when to do so, and how much it will cost.
132

The critical success factors for Capacity Management are : Interface with Availability and Financial Management Ensure business expertise is available, especially for Business Capacity Management
133
Service Delivery
Capacity Management
Service Level Management IT Service Continuity Management Financial Management for IT Services
134
A service is available when the service has been provided for an agreed number of direct users, within a maximum response time, maintaining the agreed functionality
Availability Management is concerned with the planning, and ongoing management activities, needed to ensure that the reliability and availability levels, as specified in the SLAs, are achieved and maintained
The goal of Availability Management is to optimise the capability of the IT Infrastructure, services and the supporting organisation to deliver effective and sustained levels of availability that enable the business to satisfy the business objectives
135
Availability Management (contd..)

Availability Management Terminology Availability
The extent that a CI or an IT service is able to perform the expected functionality of the CI or IT service over a specified time period
Reliability
Refers to the extent that an IT service is able to perform the expected functionality, over a certain period of time, under prescribed circumstances OR freedom from operational failure.
Maintainability
This indicates the ease of the maintenance of the IT service (preventative, inspective, corrective)
136

Serviceability
All relevant contractual conditions of external suppliers and third-party suppliers to maintain CIs
Resilience
The ability of an IT service to function correctly in spite of the incorrect operation of one or more subsystems
137
138
139
Availability = Host * Network * Server * Workstation = 0.98 * 0.98 * 0.98 * 0.975 * 0.96 = 0.8809 Total Infrastructure Availability = 88.09%.
140
141
142

Un-Availability Costs Tangible costs
Lost user and IT staff productivity, lost revenue, overtime payments, wasted goods and material, fines and penalties
Intangible costs
Loss of goodwill (customer dissatisfaction), loss of customers, loss of business opportunity (to sell, gain customers), damage to business reputation, loss of confidence, damage to staff morale
143

Calculating Un-Availability Costs
Determine the Vital Business Function (VBF)
Carry out CRAMM (Computer Risk Assessment Management Methodology)
144
Availability Management - Tasks
145
Availability Management - Benefits

The benefits of Availability Management are : IT services with an availability requirement are designed, implemented, and managed to consistently meet that target Improvement of capability of the IT infrastructure to attain the required levels of availability to support the critical business processes Improvement of customer satisfaction and recognition that availability is the prime IT deliverable Reduction in frequency and duration of incidents that impact IT availability
Single point for availability is established within the IT organization (process owner)
Levels of IT availability provided are cost-justified and support SLAs fully Shortcomings in provision of availability are recognized and coped with in a formal way
Mindset moves from error correction to service enhancement: from reactive to proactive attitude
146

The critical success factors for Availability Management are : Integrate with IT Service Continuity Management Understand the un-availability costs (both tangible and intangible costs)
147
Service Delivery
Capacity Management Availability Management

IT Service Continuity Management Financial Management for IT Services
148

A Service Level Agreement (SLA) is a two-sided written agreement between an IT Service Provider and the IT Customer(s), defining the key service targets and responsibilities of both parties
Service Level Management is the process of negotiating, defining, contracting, monitoring and reviewing the levels of customer service, that are both required and cost effective
Service Level Management helps to develop a better relationship between the IT Organisation and its customers
149
Service Level Management (contd..)

Service Level Management aims to : Strike a balance between customer requirements and service costs Identify customer requirements in terms of what customers want and what can be delivered Measurable service standards What you don't measure, you can't agree upon Enhance quality by implementing quality improvement programs What can be measured can be improved! Business relationship between customer and supplier
150

Service Level Management Contracts
The IT organization has several contracts: An SLA with customers, an OLA with an internal supplier and underpinning contracts with external suppliers
151

Functions of Service Level Management
As well as setting up and monitoring SLAs, maintaining underpinning contracts with suppliers and managing relationships with customers are also functions of SLM
152

Service Level Management consists of activities that are needed to set up a SLA, but also activities needed to see if the Service Levels are met
153

Balancing IT Service Supply & Demand
Important within a SLA is the balance between the demand for IT services and the supply of IT services
Demand and Supply for IT Services can be balanced by : Being aware of the business requirements
Being aware of the IT possibilities (technical and economical)

Alignment of expectations
154

Service Level Agreements consist of elements of the other Service Management processes Input from those processes is required for agreeing and monitoring Service Levels
155
Service Level Management - SLA Details
156

Elements of an SLA General
Introduction : Parties, Signatures, Service Description
Reporting & Reviewing : Content, Frequency Incentives & Penalties
Support
Service Hours, Support, Change Procedures, Escalation
Delivery
Availability, Reliability, Throughput, Transaction Response Time, Batch Turn-around Times, Contingency & Security, Charging
157

Service Level Reports (SLR)
Measured from the customers perspective Data like reaction times, escalation times and support should be made measurable Reports should be produced regularly Reports contain measuring values concerning the up-to-date supporting levels and the trend developments
158

Service Catalog
A Service Catalogue can be used to list the "normal" services provided by the IT organization whereas Service Level Agreements can be set up for "special" services
The Service Catalogue contains : Relevant characteristics of services Relevant information of the use of the services
159
Service Level Management - Tasks
160
Service Level Management - Benefits

The benefits of Service Level Management are : Improvement in IT service quality and reduction of service outages can lead to significant financial savings Satisfied customers and better customer relationship Clearer view between both parties on roles and responsibilities Specific targets that have to be achieved and that can be measured and reported Focusing of IT effort on what the business thinks is key
IT and customers have consistent expectations on the level of service required

Identification of weak areas that can be remedied subsequently SLM underpins supplier management and vice-versa IT services are designed to meet Service Level Requirements
SLAs can be the basis for charging, and are the demonstration of what customers receive for their money.
161

The critical success factors for Service Level Management are : Service Level Management should not just be limited to SLAs Ensure buy-in from all other Service Management processes
Create a definition of Service
162
Service Delivery
Capacity Management Availability Management Service Level Management
IT Service Continuity Management

163
IT Service Continuity Management

The objective of IT Service Continuity Planning is to restore IT services as quickly and as completely as possible after a disaster has taken place IT Service Continuity Management ensures that the required IT technical and services facilities (including computer systems, networks, applications, telecommunications, technical support and service desk) can be recovered within required, and agreed, business schedules. The reasons an organization should implement IT Service Continuity Management are : Avoid financial risks (insurance) Increased dependence on IT services; business protection Provides a competitive edge Legal requirements
Customers demands
164
IT Service Continuity Management (contd..)

Business Continuity Management and IT Service Continuity Management
Business Continuity Management (BCM) is concerned with managing

risks to ensure that at all times an organization can continue operating to, at least, a predetermined minimum level. The BCM process involves reducing the risk to an acceptable level and planning for the recovery of business processes should a risk materialize and a disruption to the business occur.
IT Service Continuity Management (ITSCM) must be a part of the overall

BCM (Business Continuity Management) process and is dependent upon information derived through this process. ITSCM is focused on the continuity of IT Services to the business. BCM is concerned with the management of Business Continuity that incorporates all services upon which the business depends, one of which is IT.
165

IT Service Continuity Management activities include : Risk Analysis Risk Management
Continuity Plan
Creation Testing Improving Maintenance Reporting
These activities are all engineered to provide IT Service continuity
166

The recovery options that can be used are : Do nothing !!! Insure for damage
Manual back-up procedures (on paper until IT is restored)

Take-over by other organization with similar equipment (reciprocal) Fortress approach; disaster-proof Gradual recovery {cold standby} 72-48 hours Intermediate recovery {warm standby} 24-1 hours Immediate recovery {hot standby} seconds Using internal / external / fixed / portable / mobile centres
167

Risk Assessment
168

Contingency Plan
Contents Administration
IT infrastructure
IT infrastructure management and procedures for operation Staff Security
Continuity site
Return to original situation
Scope Hardware, Software, Networks, Terminals/PCs, Accommodation (for IT and users), Building facilities and Staff
169
IT Service Continuity Management - Tasks
170
IT Service Continuity Management - Benefits

The benefits of IT Service Continuity Management are : Potential lower insurance premiums Business relationship with the rest of the enterprise is fostered because IT organization is forced to get a better understanding of the business Positive marketing of contingency capabilities. Effective ITSCM allows organization to provide high service levels and thus win business Organizational credibility is increased towards customers, business partners, and stakeholders Competitive advantage over organizations without it
171

The critical success factors for IT Service Continuity Management are : Ensure alignment to BCM If its not worth protecting, its not worth doing
Test under realistic circumstances
172
Service Delivery
Capacity Management Availability Management Service Level Management IT Service Continuity Management
173

Financial Management gives insight into the costs of the IT organization and options to charge the costs - making it possible to run IT as a business
The reasons why an organization should implement Financial Management for IT Services are : Cost/profits awareness (make users aware of what services actually cost) Decision-making support Cost recovery
Cost control (know the full cost of the provided IT services)

Planning Efficiency Influence on use (for instance providing incentives for using off-peak times
174

The goals of Financial Management for IT Services are to : Provide cost-effective stewardship of the IT assets and resources used in providing IT Services Be able to account fully for the spendings on IT Services and to attribute these costs to the services delivered to customers Assist management decisions on investments by providing detailed business cases for Changes to IT Services
175
Financial Management for IT Services (contd..)

Financial Management for IT Services activities include : Budgeting IT Accounting
Charging
Budgeting
The process of predicting and controlling the spending of money within the enterprise and consists of a periodic negotiation cycle (usually annual) to set limits on budgets and the day-to-day monitoring of the current budgets. Budgeting enables an organisation to : Predict the money required for a given period Ensure that actual spending can be compared with predicted spending
Reduce the risk of over-spending

Ensure that revenues are available to cover predicted spending
176

IT Accounting
The set of processes that enable the IT organization to fully account for the way its money is spent (particularly the ability to identify costs by customer, by service, by activity). It usually involves ledgers and should be overseen by someone trained in Accountancy. IT Accounting enables an organisation by : Account for the money spent Calculate the cost of providing IT Services to both internal & external services
Perform cost-benefit or return-on-investment analyses

Identify the cost of Changes
177

Charging
The set of processes required to bill a customer for the services supplied to them. To achieve this requires sound Accounting, to a level of detail determined by the requirements of the analysis, billing & reporting processes. Charging enables an organisation to : Recover the costs of the IT Services from the Customers of the service Operate the IT Organisation as a business unit, if required Influence User and Customer behaviour
178
Financial Management for IT Services - Costs
179
Financial Management for IT Services - Tasks
180
Financial Management for IT Services - Benefits

The benefits of Financial Management for IT Services are : IT accounting supports the IT Service Manager Statements about profitability of the individual IT services
Essential decisions about IT services and the required investments

Data for justifying IT expenditures Essential planning and budgeting Overview of costs, created by service failures, as a basis for expenditure justification in strategy planning Users can track costs of the services they have used
181

The critical success factors for Financial Management for IT Services are : Involve financial / accounting experts Interface with the other Service Management processes
Use customer-based charging units
182
Service Delivery
Capacity Management
IT Services Continuity Management
Identify Service Level Requirements
Determine Requirements
Business Capacity Management
Budget
Initiation
Verification of Feasibility
Perform BIA and assess design criteria
Service Capacity Management
Account
Requirements Analysis & Strategy Definition
Negotiate (Agreeing)
Define Targets & Measures
Resource Capacity Management
Charge (Optional)
Implementation
Establishment of Agreements
Monitoring & Trend Analysis
Operational Management
Monitor Service Levels
Investigate
Report & Review
Produce & Maintain the Availability Plan
183
184
Security Management
185
Security Management
Security Management is the process of managing a defined level of
security on information and IT services, including managing the responses to security incidents
The goal of Security Management is to counter risks of threats to one of the most important assets for business: information
Information is threatened in three main ways: Confidentiality Integrity (accuracy) Availability (accessibility)
186
Security Management
Confidentiality
- CIA
Protecting sensitive information from unauthorized disclosure or intelligible interception
Integrity Safeguarding the accuracy and completeness of information and software
Availability Ensuring that information and vital IT services are available and accessible when required
187
Security Management
- Why Security Management?
Information is the most important production factor of the world

Threat to information = threat to the organizations productivity
Security Management gets increasingly important, because... Public networks (Internet) are increasingly used Internal networks are opened to customers and business partners Internet usability is increasingly extended (e-commerce, online banking) Processes are controlled via networks
188
Security Management
Security organization
- Security Measures
With clear responsibilities and tasks Policies, codes of conduct Physical security measures Physical separation of the computer room Technical security measures Security in a computer system or network Procedural security measures How the staff are required to act in particular cases Work instructions
189

Defines its security requirements based on its business requirements Collect experiences, lessons learned Improvement will be considered for the next round of planning & implementation
The section security in SLA is negotiated between customer and service provider
Show conformity with SLA Management without information is impossible Define processes, functions, roles, responsibilities Organization structure between sub-processes Reporting structure/line of command
SLA Underpinning contracts OLA Policy statement
Internal audits External audits Self-assessments Security incident evaluation
Maintaining awareness - Security works only if disciplined and motivated Security incident handling responsiveness Security incident registration - measurement - classification - and reporting
190
Security Management
- Tasks
191
Security Management
Can only be qualified with difficulty
- Benefits
The costs are nevertheless clear if security is not sufficient
192
Thank you for your participation
193

ITIL Foundations Certification Course

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

ITIL Foundations Certification Course

Enviado por

Direitos autorais:

Formatos disponíveis

Service Management, Bangalore