PDCA FOR ITIL. Metrics, CSFs and workflows for implementing ITIL practices PDCA FOR ITIL PDCA FOR ITIL.

(1)

www.tso.co.uk 9 780117 082076 ISBN 978- 0- 11- 708207- 6

PDCA FOR ITIL

Metrics, csFs and workFlows For iMpleMenting itil practices

Numerous organizations spend their energy and funding on implementing ITIL practices. Most of them spend their time reinventing a wheel that was already created many times before in previous ITIL expeditions. If you’re facing this challenge, you’ll be interested in avoiding excessive cost. Although plenty of external guidance is available in the form of ITIL consultancies, you’ll need to have a decent idea of what to expect in the course of your own ITIL expedition before you go for it.

This book focuses on that specific target. Drawing on the experience of many ITIL practice implementations, it shows you in a very logical and practical way what to expect when you introduce ITIL to your organization, or when you increase the number of ITI L practices in your organization.

The book supports this by offering, in the style of a cookbook, a step-by-step guide to the implementation of individual ITIL practices, offering practical descriptions, terminology, objectives, workflows, CSFs, KPIs and other measures, in a Plan-Do-Check-Act approach. Using the cookbook analogy, it provides you with as many recipes as you are likely to need for composing your own menu. The book’s systematic approach means that once you get to grips with implementing one practice, you will be able to apply your newly developed skills to the next one, following the fundamental guidance of ITIL: adapt and adopt.

Your growing understanding of how ITIL works will greatly reduce your external costs, improve the skills of your own staff, and move your organization to higher maturity levels. You should use this guidance as a great resource for setting up and improving your own practice.

Published by: Produced by:

www.inform-it.org

PDCA FOR ITIL

Metrics, CSFs and workflows for implementing ITIL practices

KIrAN KUMAr PAbbAThI

K

Ir

A

N

K

U

M

A

r

P

A

b

AT

h

I

PDC

A F

OR I

TIL

(2)

PDCA FOR ITIL

Metrics, CSFs and workflows for

implementing ITIL practices

(3)

Published by TSO (The Stationery Office) and available from:

Online

www.tsoshop.co.uk

Mail, Telephone, Fax & E-mail

TSO

PO Box 29, Norwich, NR3 1GN

Telephone orders/General enquiries: 0870 600 5522 Fax orders: 0870 600 5533

E-mail: [email protected] Textphone: 0870 240 3701

TSO@Blackwell and other Accredited Agents

Author: Kiran Kumar Pabbathi

Copyright in the typographical arrangement and design is vested in the Stationery Office Limited. all rights reserved. no part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise without the permission of the publisher.

applications for reproduction should be made in writing to the Stationery Office Limited, St Crispins, Duke Street, norwich nr3 1PD.

the information contained in this publication is believed to be correct at the time of manufacture. Whilst care has been taken to ensure that the information is accurate, the publisher can accept no responsibility for any errors or omissions or for changes to the details given.

itiL®_{is a registered trademark of the Cabinet Office.}

a CiP catalogue record for this book is available from the british Library. a Library of Congress CiP catalogue record has been applied for. First published 2013.

iSbn 9780117082076.

Printed in the united Kingdom for the Stationery Office. P002570908 07/13

(4)

4

PDCa for itiL

3.4 measures 43

3.5 Demand management workflow 43

4 Financial management for IT services 45

4.2 Overview of financial management for it services 46 4.3 implementing financial management for it services 47

4.4 measures 50

4.5 Workflow for financial management for it services 50

5 Service portfolio management 53

5.2 Overview of service portfolio management 54 5.3 implementing service portfolio management 55

5.4 measures 57

5.5 Service portfolio management workflow 58

6 Business relationship management 61

6.2 Overview of business relationship management 62 6.3 implementing business relationship management 63

6.4 measures 65

6.5 business relationship management workflow 66

7 Service level management (SLM) 69

7.1 basic terminology 70 7.2 Overview of SLm 71 7.3 implementing SLm 71 7.4 measures 74 7.5 SLm workflow 75 8 Design coordination 79 8.1 basic terminology 80

8.2 Overview of design coordination 80 8.3 implementing design coordination 80

(6)

8.4 measures 82

8.5 Design coordination workflow 83

9 Information security management 85

9.2 Overview of information security management 86 9.3 implementing information security management 87

9.4 measures 89

9.5 information security management workflow 90

10 Availability management 93

10.2 Overview of availability management 94 10.3 implementing availability management 95

10.4 measures 98

10.5 availability management workflow 99

11 Capacity management 101

11.2 Overview of capacity management 102 11.3 implementing capacity management 103

11.4 measures 106

11.5 Capacity management workflow 107

12 Service catalogue management (SCM) 109

12.1 basic terminology 110 12.2 Overview of SCm 110 12.3 implementing SCm 111 12.4 measures 113 12.5 SCm workflow 114 13 Supplier management 117 13.1 basic terminology 118

13.2 Overview of supplier management 118 13.3 implementing supplier management 119

(7)

6

PDCa for itiL

13.4 measures 121

13.5 Supplier management workflow 122

14 IT service continuity management (ITSCM) 125

14.2 Overview of itSCm 126

14.3 implementing itSCm 127

14.4 measures 129

14.5 itSCm workflow 130

15 Transition planning and support 135

15.2 Overview of transition planning and support 136 15.3 implementing transition planning and support 136

15.4 measures 138

15.5 transition planning and support workflow 139

16 Change management 141

16.2 Overview of change management 142 16.3 implementing change management 143

16.4 measures 146

16.5 Change management workflow 146

17 Change evaluation 151

17.2 Overview of change evaluation 152 17.3 implementing change evaluation 152

17.4 measures 154

17.5 Change evaluation workflow 155

18 Release and deployment management 157

18.2 Overview of release and deployment management 158 18.3 implementing release and deployment management 159

(8)

18.4 measures 162 18.5 release and deployment management workflow 162

19 Service validation and testing 165

19.2 Overview of service validation and testing 166 19.3 implementing service validation and testing 167

19.4 measures 169

19.5 Service validation and testing workflow 169

20 Service asset and configuration management (SACM) 173

20.2 Overview of SaCm 174

20.3 implementing SaCm 175

20.4 measures 177

20.5 Service asset and configuration management workflow 178

21 Knowledge management 181

21.2 Overview of knowledge management 182 21.3 implementing knowledge management 183

21.4 measures 186

21.5 Knowledge management workflow 186

22 Access management 193

22.2 Overview of access management 194 22.3 implementing access management 195

22.4 measures 197

22.5 access management workflow 197

23 Event management 201

23.2 Overview of event management 203 23.3 implementing event management 203

(9)

8

PDCa for itiL

23.4 measures 205

23.5 Event management workflow 206

24 Request fulfilment 209

24.2 Overview of request fulfilment 210 24.3 implementing request fulfilment 211

24.4 measures 213

24.5 request fulfilment workflow 213

25 Incident management 217

25.2 Overview of incident management 218 25.3 implementing incident management 219

25.4 measures 221

25.5 incident management workflow 222

26 Problem management 227

26.2 Overview of problem management 228 26.3 implementing problem management 229

26.4 measures 232

26.5 Problem management workflow 232

27 Service desk 237

27.2 Overview of service desk 238

27.3 implementing service desk 240

27.4 measures 242

27.5 Service desk workflow 243

28 Application management 245

28.2 Overview of application management 246 28.3 implementing application management 247

(10)

28.4 measures 249 28.5 application management workflow 250

29 Technical management 253

29.2 Overview of technical management 254 29.3 implementing technical management 255

29.4 measures 257

29.5 technical management workflow 257

30 IT operations management 259

30.2 Overview of it operations management 260 30.3 implementing it operations management 261

30.4 measures 264

30.5 Operations control workflow 265 30.6 Facilities management workflow 266

31 Seven step improvement process 269

31.2 Overview of seven step improvement process 270 31.3 implementing seven step improvement process 271

31.4 measures 274

31.5 CSi methods 274

Acronyms 279 Index 285

(11)

(12)

Preface

numerous organizations spend their energy and funding on implementing itiL practices. most of them spend their time reinventing a wheel that was already created many times before in previous itiL expeditions. if you’re facing this challenge, you’ll be interested in avoiding excessive cost. although plenty of external guidance is available in the form of itiL consultancies, you’ll need to have a decent idea of what to expect in the course of your own itiL expedition before you go for it.

this book focuses on that specific target. Drawing on the experience of many itiL practice implementations, it shows you in a very logical and practical way what to expect when you introduce itiL to your organization, or when you increase the number of itiL practices in your organization.

the book supports this by offering, in the style of a cookbook, a step-by-step guide to the implementation of individual itiL practices, offering practical descriptions, terminology, objectives, workflows, CSFs, KPis and other measures, in a Plan-Do-Check-act approach. using the cookbook analogy, it provides you with as many recipes as you are likely to need for composing your own menu. the book’s systematic approach means that once you get to grips with implementing one practice, you will be able to apply your newly developed skills to the next one, following the fundamental guidance of itiL: adapt and adopt.

Your growing understanding of how itiL works will greatly reduce your external costs, improve the skills of your own staff, and move your organization to higher maturity levels. You should use this guidance as a great resource for setting up and improving your own practice.

(13)

12

PDCa for itiL

acknowledgements

i would like to express my sincere thanks to my lord Shri Krishna, who has blessed me with intellect, provided me with knowledgeable friends and colleagues, and has enabled me to gain strong it experience in some of the world’s best conglomerates. Without his benevolence, i wouldn’t have been able to write this book.

i am very grateful to my spiritual alma mater iSKCOn (international Society For Krishna Consciousness), his Divine Grace a.C. bhaktivedanta Swami Srila Prabhupada (Founder and acharya of iSKCOn) and his Grace Kalakanta Prabhu, who was my first spiritual guide.

i would also like to thank my manager and CEO Simon (Xiaogang, Wei) who helped me to achieve most of my certifications, and all my colleagues who have been a source of encouragement. my special thanks go to Jan van bon for recognizing my manuscript as a potential publication and helping me to edit it.

Finally i would like to express my thanks and indebtedness to inform-it and tSO for having the confidence to publish my first book – my first milestone in authoring.

(14)

about the author

Kiran Kumar Pabbathi has worked for various companies in the it industry which gave him detailed insight into itSm and itiL best practice. Currently, Kiran works as an it process manager in Shanghai bizenit information technology, China.

Kiran was privileged to work in different roles taking care of service desk operations, request fulfilment, incident management, SharePoint administration, project

management, and itiL Consulting.

Kiran is a certified professional in itiL v3 Expert, PrinCE2®_{(Foundation and}

Practitioner), Six Sigma Green belt, iSO/iEC20K – Foundation, tmaP – Foundation (test management Professional), mCP in SharePoint 2003 Customizations, and mCtS in mS Project 2007.

(15)

14

PDCa for itiL

Why this book?

this book answers many of the questions that arise in the minds of all itiL practitioners, whether beginners, intermediary or experts in the itSm domain. it provides clear direction on how to implement itiL processes, based on the questions raised by students and customers on itiL training courses and workshops. it deals with questions such as:

● how does itiL help organizations? ● Where and how should i start?

● Which process should i start with first? ● What are the prerequisites?

● as manager of it services in my organization, do i need to implement all of

the processes?

● is there a step-by-step approach for developing an itiL process? ● What are the inputs, throughputs, outputs and outcomes delivered by

the processes?

this book addresses all these questions and provides an easy-to-understand approach on itiL best practice.

(16)

how to read this book

although itiL has become the leading guidance for it service management worldwide, many countries and individual organizations are still taking their first steps on the itiL journey. this book will help you to understand the key concepts of itSm and itiL1_{, and}

will also show you how to implement itiL processes in your organization. it doesn’t provide detailed instructions, but describes the most important steps you should take during implementation. the book takes the approach of the Plan-Do-Check-act cycle, which builds on good practice and adds value for it managers and process managers. the intended audience for this book is the it stakeholder, responsible for the

planning, design, implementation and improvement of it operations and services. Students and it staff who perform different tasks in the it industry will also find this book useful.

in PDCA for ITIL, each process is structured in five sections, each section representing important aspects of the process: basic terminology, overview of the process, implementing the process, measures, and process workflow. Descriptions for each section are as follows:

1. Basic terminology – Description of the definitions used in the process. 2. Overview – the main structure, the objectives, and the business needs of

the process.

3. Process implementation – this section describes the prerequisites, and then the step-by-step implementation of the process through the Plan, Do, Check, act stages:

– _{the Plan phase details the important activities that have to be performed}

before making any investment in development and implementation. hence the process manager will need to present the business case, the goals of the process, the project plan, and the organization structure to gain the

confidence and approval from higher level management (hLm).

– the Do phase details the important activities that will initiate the design,

development and implementation of the process. here process managers and service owners will become actively involved in executing the process and its activities.

– the Check phase details the important activities that will monitor, verify and

validate the process implementation and daily it operations.

– the act phase details the important activities that will feedback to the

process owner, recommending different ways to improve the process and it operations.

(17)

16

PDCa for itiL

4. Measures – this section describes the metrics, critical success factors (CSF) and best practices.

5. Process workflow – this section describes the process workflow, which will be easy to understand and useful in designing itSm tools.

(18)

Frequently asked questions

If I want to implement ITIL in an organization, which process should I start with first?

itiL defines a set of best practices and it is up to you to select the process that you want to improve with respect to the issues in your organization.

if your organization’s service desk is inefficient, under-utilized and not providing good customer satisfaction, then you could refer to the service desk function and utilize itiL best practice to improve this function in your organization.

if your organization is not able to meet the service level agreements (SLas) and service level targets (SLts), despite utilizing its great technical resources, you could refer to the service level management process (SLm) to redefine feasible SLas and SLts. Which ITIL version should I refer to?

the latest version of itiL is the only version that you should refer to. itiL was last updated in 2011.

itiL follows a lifecycle-based approach, which is convenient and easy to understand for the it stakeholders. this lifecycle is categorized into five stages: Service Strategy, Service Design, Service transition, Service Operation, and Continual Service improvement. itiL contains 28 processes and four functions placed in the above five stages.

How can I win the confidence of my CTO/CEO that ITIL processes would help IT in my organization?

You could prepare a project charter outlining the business case, goal statement, project plan, project scope, and roles and responsibilities, and explain the benefits. the approach is explained in this book.

What kind of VOI, ROI and benefits can I see after ITIL implementation? after the implementation of an itiL process, you could expect to see maturity, improvement and clarity in every artefact of the it operations as follows:

● You would have clear documented policies and procedures to perform various

it tasks.

● there would be clear demarcation of roles and responsibilities, based on a

raCi matrix.

● You would not have to waste time reinventing the wheel again and again.

How do I implement an ITIL process? the book provides detailed insight.

(19)

18

PDCa for itiL

How much does it cost to implement an ITIL process?

there is no protocol or magical calculator that can estimate the costs; it depends on the organization and how effective it wants the process to be and its function to be developed.

Should I follow everything that is mentioned in ITIL best practice?

itiL is a collection of best practices for itSm; hence you can customize it as and how you want as per your company’s feasibility, cost allocation, resource allocation etc. Can a company or product be ITIL-compliant or certified?

Companies cannot be itiL-certified or itiL-compliant. Your company can follow itiL best practices but there is no authority that can certify that your company or product is itiL-compliant. if you are keen to win the confidence of your customers you can opt for iSO/iEC20000 certification.

Products can be itiL-compliant: software tool vendors can obtain endorsement of their tools for “itiL Process Compliance” under the official Cabinet Office itiL Software scheme (see: http://www.itil-officialsite.com/SoftwareScheme/ itiLSoftwareScheme.aspx).

(20)

1 introduction

to itSm

(21)

20

PDCa for itiL

1.1 basic terminology

Best practices: practices that are well recognized and that have proved the ability for demonstrating success in respective areas. E.g.: PmbOK for project management, itiL for it service management, mOF for it service management, CObit for it governance, etc.

Capability: the ability of an organization, person, process, application, it service or other configuration item (Ci) to carry out an activity. Capabilities are intangible assets of an organization.

Critical success factor (CSF): the vital elements necessary for the success of a business.

Functions: specific units of an organization (consisting of a group of people who have specific skills and responsibilities), performing specific and routine activities. Infrastructure: the combination of hardware, software, and people-ware in an organization.

Information technology service management (ITSM): management of it services to meet the organization’s business goals. it can also be defined as “a set of

organizational capabilities and resources that work together in providing value to customers in form of services”.

Key performance indicator (KPI): vital metrics necessary for an organization to meet its business goals, which reflect the CSFs of an organization.

Metric: measurements that quantitatively evaluate the performance of it operations. Policy: management directives that significantly influence the processes

and procedures.

Process: a set or sequence of activities that results in achieving an output or business goal.

Resources: a generic term that includes it infrastructure, people, money or anything else that might help to deliver an it service. resources are considered to be assets of an organization.

Service: provision of value to customers without any ownership of risks and internal costs associated in developing a service.

Standard: rules and conventions that help to implement policies and enforce required conventions.

(22)

1.2 What are it services?

it services can be represented in numerous forms, for example:

● internet that is available through an internet service provider ● end-user equipment with basic office functions

● financial information systems that are supported by applications, end-user

equipment, network, etc.

these services have to be well managed with defined roles and responsibilities, by following specific quality standards and processes, so the business can run without any breakdowns.

1.3 importance of best practices

Outcomes and results can be achieved in numerous ways with a variety of approaches and different strategies, each with their specific time schedules, cost structure, and resource consumption.

best practices guide us in doing things effectively, in the most appropriate way with low risks, economic costs, and optimum resources. at the same time it also ensures to attain the objective or outcome with the desired quality. Some of the best practices for itSm are itiL and mOF2_:

● itiL is a set of best practices for itSm that helps in managing the it services in an

organization with the help of processes and functions.

● mOF is another best practice for itSm, developed by microsoft. mOF best practice

is explained with the help of processes, functions and activities describing the management of services.

1.4 itiL lifecycle stages

itiL’s life cycle is divided into 5 stages: 1. Service Strategy

2. Service Design 3. Service transition 4. Service Operation

(23)

22

PDCa for itiL

1.5 Processes in itiL

Processes defined in itiL are categorized into these 5 stages:

1. Service Strategy – strategy management for it services, financial management for it services, demand management, service portfolio management, business relationship management.

2. Service Design – design coordination, availability management, SLm, service continuity management, service catalogue management, supplier management, information security management, capacity management.

3. Service Transition – transition planning and support, change management, change evaluation, release and deployment management, service validation and testing, service and asset configuration management, and

knowledge management.

4. Service Operations – access management, event management, request fulfilment, incident management, and problem management.

5. Continual Service Improvement – seven step improvement process.

1.6 Functions in itiL

Functions are units of an organization (groups of a people who have specific skills and responsibilities) that perform very specific activities.

Functions defined in itiL are:

● service desk

● applications management ● technical management ● it operations management.

1.7 Why do we need processes?

We need processes:

● to enable repeatability (avoiding reinventing the wheel) ● to measure and evaluate the effectiveness of operations

● to provide clarity in roles and responsibilities (enabling accountability)

● to maintain the knowledge uniform among all human resources, and to avoid

dependence on individuals.

(24)

1.8 Can itiL processes help in

managing business services?

Answer

Yes, itiL can also guide business. this can be explained more in detail through the concept called business service management (bSm).

Scenario

a software development company wants to implement itiL best practices to manage its services.

Understanding

We should understand that developing tools or applications and providing the support is an it service here. to provide the mentioned it service, the organization will use itiL best practices that provide a sequenced approach for maintaining and managing the organization’s services.

Implementation

Phase 1

the organization will first have to understand the customer’s demand, define the organization’s strategies, so they can build software applications with the technology that is feasible for the customers’ requirements.

the organization recruits people with necessary skill sets and experience, who can define the strategy for the software development business (or checks if there are any human resources in the organization who have the skill set or who have experience in developing Service Strategy for software development business).

because each organization is different in size, the concept of roles is useful. roles are specific sets of tasks and responsibilities for specific goals. individual people can be appointed to various roles. One individual can have more than one role. this way, the guidance can be applied in any size of organization including a one-person company. if an organization is big enough, it can have an individual or even a team for each role.

(25)

24

PDCa for itiL

the organization appoints an individual to the Service Strategy manager role, to carry out different activities. the Service Strategy manager would be accountable for all the strategy related activities with the help of processes like: strategy management for it services, financial management for it services, demand management, service portfolio management, and business relationship management.

the strategy management for it services process works:

● on understanding its internal customers, external customers, and mixed customers

(internal customers + external customers)

● on developing what kind of services are required and what kind of services should

be offered to its customers

● on developing strategic assets

● on proposing a draft of the services that will be offered to its customers.

the financial management process works:

● on estimating the costs, budgeting (fixed costs, operational costs, variable costs,

direct and indirect costs etc.) for developing software development services

● on defining the accounting procedure for it services

● on the charging procedure from internal customers, external customers, etc.

the demand management process works:

● on checking the demands of customers for the proposed services (what is the

front end technology in demand, what is the database that is preferred by the customers, middleware, web servers using patterns of business activity (Pba), and user profiles (uPs))

● on estimating the demand and supply needed (how many human resources

should be recruited for development, testing, business analysis, deployment, how many desktops, laptops, servers are needed, how much place is needed for the staff, etc.)

● on analyzing the live services that are in good demand, and reactively

communicating the needs and shortcomings to other processes. the service portfolio management process works:

● on defining the draft of services, which can be offered to customers ● on analyzing the services that should be offered

● on approving the proposed services that can provide value to the organization ● on chartering the final services (this will be the final list of current services, future

services, and retired services that are offered by the company). the business relationship management process works:

● on tracking and resolving various concerns and complaints of the customers ● on managing and developing good relationship with different stakeholders paying

special attention to customers.

(26)

With all these tasks, the Service Strategy manager has done his job in estimating, understanding and developing the strategic plans, using as many resources as necessary and available.

Phase 2

the organization checks for human resources, who have skills and experience in Service Design activities, so the strategic plans are activated and converted in appropriate designs and architectures, etc.

the organization appoints an individual to the Service Design manager role, who would be accountable for all the Service Design activities with the help of processes like: SLm, information security management, availability management, capacity management, service catalogue management, supplier management, and service continuity management.

the SLm process works:

● on defining SLas with the external customers and operational level agreements

(OLas) with internal business units, underpinning contracts (uCs) with third party suppliers

● on time duration for the project, scope of the project, service acceptance criteria

(SaC), number of defects that can be accepted, etc. the availability management process works:

● on defining availability plans, and understanding requirements in terms

of availability

● on defining the availability of the services (24*7 or only working days, holidays,

and timings)

● on setting up the reliable infrastructure assets.

the capacity management process works:

● on defining capacity plans and capacity requirements.

● on providing appropriate capacity in terms of network, hardware, and software.

the service catalogue management process works:

● on maintaining a list of current products or services that are offered by

organization to its customers.

the supplier management process works:

● on selecting suppliers to buy necessary assets required for the delivery of it

services (avaya phones, bridges, routers, dashboards) from suppliers at economic costs with good quality

(27)

26

PDCa for itiL

the information security management process works:

● on defining security policies, standards to bring awareness for the it staff. these

policies will be implemented by access management to safeguard the customer’s assets, information and also the organization’s assets.

the service continuity management process works:

● on defining it service continuity plans to continue the it services in case of natural

disasters, accidents, and other threats.

With all the above process activities, the Service Design manager completes all the Service Design tasks, using as many resources as necessary and available.

Phase 3

the organization checks for human resources, who have skills and experience in managing the transition of it services.

the organization appoints an individual to the role of service transition manager, who is accountable for all transition related activities with the help of processes

like transition planning and support, change management, release and deployment management, service and asset configuration management, knowledge

management, change evaluation, and service validation and testing. the transition planning and support process works:

● on planning transition activities like:

– developing plans for introducing a new service/products in an organization – _{coordinating the resources to ensure the transition or introduction of a}

new service.

the change management process works:

● on defining procedures for handling different types of changes

● on ensuring only valid and approved changes are implemented in the organization ● on ensuring that the changes bring positive effects in organization

● on ensuring that there is no disruption of services, while changes are implemented.

the change evaluation process works:

● on evaluating the complete service transition activities, from the change initiation

to the release deployment.

the release and deployment management process works:

● on ensuring the new changes are implemented and deployed well in the organization.

the service validation and testing process works:

● on ensuring new releases are validated and tested in terms of functionality

and usability.

(28)

the service and asset configuration management process works:

● on ensuring that all of the service assets and Cis in the organization are stored,

tracked, and controlled in the configuration management database (CmDb, providing relationships between Cis) and the configuration management system (CmS). the knowledge management process works:

● on developing best practices, knowledge for different projects, products and other

services (transforming data to information, information to knowledge, and knowledge to wisdom)

● on ensuring that the knowledge is accessible for authorized users.

With all the above activities, the service transition manager establishes all the necessary for smooth transition of services from Service Design to service transition, using as many resources as necessary and available. Service transition ensures that new assets and Cis are well planned, released, tested and evaluated.

Phase 4

the organization checks for human resources, who have skills and experience in managing the organization’s day to day operations.

the organization appoints an individual to the role of service operation manager, who is accountable for all the operational activities with the help of processes and functions. Processes in service operations are request fulfilment, event management, incident management, problem management, and access management.

the access management process works:

● on providing appropriate access privileges to the authorized users.

– For example: access management ensures that all the employees are provided

with necessary access to the knowledge base websites, respective tools and applications, and information systems.

the event management process works:

● on analyzing all the events logged and on the events so that they don’t get

converted into incidents.

– For example: before a network outage happens, there will be some kind of

events generated in the infrastructure tools. the event management process keeps a meticulous watch on events and prevents incidents from having too much impact.

the request fulfilment process works:

(29)

28

PDCa for itiL

the incident management process works:

● on restoring the breakdown of services as soon as possible

– For example: if there is a breakdown of a server, the incident management

process tries to fix the issue as soon as possible and restore the server. the problem management process works:

● on finding the root causes of the incidents and provide a permanent fix. – For example: there is a serious network/server outage and the incident

management process resolved the incident. now, to prevent the same incident from happening again, the problem management process tries to understand the root cause of the network outage. it will check with corresponding

processes and functions and investigates the devices, topology, software etc. to find a permanent fix.

Functions in service operations are service desk, applications management, technical management, it operations management.

the service desk function works:

● as a single point of contact for customers, users and stakeholders on different

kinds of issues

● as a point of contact for any kind of help or information regarding the organization

and its assets.

the applications management function works:

● on ensuring that necessary applications and tools are installed, maintained and

managed well in the organization. the technical management function works:

● on ensuring that all the technical knowledge is provided to employees of

the organization

● on ensuring all the technological constraints and conditions are taken

into consideration.

the it operations management function works:

● on ensuring all the operational activities are performed regularly, like network

management, database administration, desktop management, etc.

● on ensuring all the facilities are managed well for the organization premises.

With all these above activities, the service operation manager ensures smooth and effective operations of it services, using as many resources as necessary and available.

(30)

Phase 5

the organization finally checks for human resources, who have skills and experience in identifying improvements and managing these for all the different stages: Service Strategy, Service Design, Service transition, and Service Operation. Continual Service improvement provides feedback for doing things in a better way, providing value, saving time, in consideration with cost.

the organization appoints an individual to the role of CSi manager, who is accountable for all the improvement activities with the help of processes and functions.

the Continual Service improvement phase has only one process: the seven step improvement process.

the seven step improvement process works:

● on improving the it service operations.

With all the above 5 phases, an it service organization can manage and execute its services with the help of itiL best practices.

(31)

SERVICE STRATEGY

Service Strategy defines the strategy for an it organization that helps to achieve its business goals. this stage analyzes the demand for services, customer’s requirements, risks, costs, value creation and defines the service offerings. Processes involved in Service Strategy are:

●

● strategy management for it services ●

● demand management ●

● financial management for it services ●

● service portfolio management ●

● business relationship management.

30

PDCa for itiL

(32)

2 Strategy

management

for it services

(33)

32

PDCa for itiL

2.1 basic terminology

Access based positioning: a positioning strategy where service providers make themselves feasible to their customers, who have very distinguished needs and conditions which could be in terms of location, scale or structures.

Need based positioning: a positioning strategy where service providers deliver most or all the needs of customer or customers. here the service provider’s priority is the customer and his needs, so the service provider tries to fulfill most of the needs of customers.

Strategy: the objectives and direction that lays the foundation for the organization to run its business and operations.

Type I service provider: internal service providers that are a part of same business and that provide specific/explicit services to the business unit.

Type II service provider: the shared service units that exist in the same organization, but provide services for many business units.

Type III service provider: the external service providers who support the organization in its different businesses.

Variety based positioning: a positioning strategy where service providers deliver a variety of services to their customers. here service providers have their strength and experience in delivering a specific variety of services (could be technologies or products) and they focus on providing only that variety of services.

2.2 Overview of strategy

management for it services

Strategy management for it services defines a standardized process for building strategic assets with vision, strategic goals, innovation, value creation, and resilient attitude for adapting new changes.

its main focus is to define the market, propose the service offerings, develop the service offerings as strategic assets, execute the developed offerings, also measure and evaluate the strategies.

Strategy management for it services is the most critical process for long term sustainability of the organization’s offerings.

(34)

Objectives

● analyze and understand the it requirements.

● Develop strategic assets that will create value for customers and the service

provider, through a closed loop system.

● measure and evaluate the defined services as strategic assets.

Business needs

● Provides guidance in designing and deciding the necessary artifacts for it service

management as a strategic asset.

● improves service quality by strategic planning.

● Creates value and enables to create distinguished services for the organization. ● Enables in making effective decisions for investment.

2.3 implementing strategy

management for it services

Prerequisites

business goals, market analysis, competitor products/services.

Plan

Prepare the project charter, consisting of a business case, goal statement, project plan, project scope, and roles and responsibilities.

● Business case – should describe the benefits and opportunities of strategy

management for it services considering the following areas:

– business needs of strategy management for it services.

– What are the short term benefits and long term benefits of this project? – What impacts will this new initiative have on other business units and

employees? Pros and cons.

– What are the risks and issues involved, what are the dependencies? – monitoring and evaluation mechanism.

– Cost and benefit analysis.

● Goal statement – should be closely associated with the prepared business case.

Goals should be Smart and mention:

– Define the CSFs. – Define the KPis.

(35)

34

PDCa for itiL

– What is the time estimated to see the results?

● Project plan – should show the timeline, milestones for various activities to

establish strategy management process in place and run the process.

● Project interfaces – should define the boundaries, scope, relationships of the

strategy management.

● Roles and responsibilities – should identify the required roles and hire the

human resources. Primary roles needed for strategy management for it services can be defined as:

– it steering group – strategy manager.

Define a raCi model for clarity in roles and responsibilities.

Do

● Develop the statement of work (SOW) for strategy management for it services,

defining the:

– _{scope of services, that has to be considered by strategy management} – services that are out of scope

– _{hardware, software, people-ware and tools required}

– appropriate people for the defined the roles and responsibilities – _{risks and dependencies}

– issues and other conditions – _{costs involved.}

● Define the strategy as perspective, position, plan and pattern. – _{Perspective is defined by goals, through the following activities:}

• definition of CSFs • _{definition of KPis.}

– Position is defined by the distinctiveness of services for customers. it is defined by: • _{variety based positioning}

• need based positioning • _{access based positioning.}

– Plan is defined by the procedures of doing actions/milestones/activities, it is the

estimation of time duration and number of resources required for:

• strategy assessment

• _{development of the offerings} • execution of the strategy • _{measurement and evaluation.}

– Pattern is defined by the series of consistent decisions and actions embedded

in doing the business. it involves defining policies, processes, adopting best practices, etc.

(36)

● Perform assessments on the internal artifacts and external artifacts.

– internal artifacts are the service provider’s business goals, strategy, service

provider’s strengths, weakness, opportunities, threats, and CSFs.

– External artifacts are customers, customer services, needs of the customers,

opportunities of the customers, and competitor’s services.

● Develop a strategy for service offerings, with the provision of: – quality

– cost feasibility – timely delivery – objectives and CSFs – prioritization of investments.

● Select and implement the appropriate tool for recording all the activities performed

by the process.

● Execution of strategies developed.

Check

● Evaluate the services proposed, by methods like:

– _{Brainstorming – a method to generate ideas (potential solutions) on a specific}

issue and then determine ideas.

– _{Nominal group technique – an approach to generate additional ideas, surveys}

the ideas of a small group, and prioritizes brainstormed ideas.

– _{Delphi technique – a method of relying on a panel of experts to anonymously}

select their responses using a secret ballot process.

– _{Multi-voting – a mechanism to narrow down the list of ideas and select the}

correct subset for further investigation.

● Ensure there is innovation and value creation in the services offered.

● Ensure the organizational strategies sync with the regulations, compliances,

government, and environment laws.

● review and update the strategic plans and objectives as per changing business

plans and requirements.

● Ensure internal function objectives are linked with organization objectives and

strategic plans.

Act

● Perform a GaP analysis for the customer’s needs and requirements.

● analyze the major reasons, why a customer is seeking another service provider. ● identify the opportunities to explore new service offerings.

● identify areas of improvement for the current services. ● Develop plans to mitigate significant risks.

(37)

36

PDCa for itiL

2.4 measures

Metrics

● number of new proposals, plans defined ● number of new services proposed

● number of failed services (that have not been approved by strategy manager/it

steering group)

● total time taken for proposing a new service in service portfolio ● number of new customers developed

● number of lost customers.

CSFs

● awareness on the organizational strategies ● evaluation of the new strategies defined

● shared vision and active stakeholders’ involvement ● effective risk and impact assessment methodologies ● effective business and market analysis knowledge

● documentation of suggestions to other processes and lessons log is captured.

2.5 Strategy management for

it services workflow

analyze and assess  Define  Execute

Analyze and assess

an understanding is developed about the service provider’s current situation. assessments and analysis is made on current services, market spaces, risks associated, customer’s history, customer needs, customer feedbacks and recommendations, competitors, and competitors’ services.

assessments are made in form of: interviews, questionnaire, direct observation, simulations, etc.

(38)

Define

Definition of strategy can be done by adopting Porter’s five force analysis, value chain analysis, and SWOt analysis in consideration with perspective, position, plan and patterns. it defines strategic values like quality standards, cost justifiable approach, effective utilization of resources, and timely delivery of services. it defines service management as a closed-loop control system that can adapt to the changes, feedbacks provided.

Definition of strategy can be evaluated through some methods like brainstorming, nominal group technique, Delphi technique, multi-voting etc.

Execute

this is the process of implementing the mission, objectives, goals, and CSFs for a service provider and its services. it actually involves implementation of the strategies developed and evaluating them with assessments.

(39)

(40)

(41)

280

PDCa for itiL aba abandonment rate aht average handling time am asset management am availability management aSa average speed to answer aSP application service provider

amiS availability management information system bCm business continuity management

bCP business continuity plan bia business impact analysis brm business relationship manager brS business requirement specifications bSm business service management Cab change advisory board CaPEX capital expenditure

CFia component failure impact analysis Ci configuration item

CmDb configuration management database CmiS capacity management information system CmS configuration management system CSat customer satisfaction rating CSF critical success factor

CSi continual service improvement DCab deployment Cab

DiKW data, information, knowledge, wisdom DmL definitive media library

DSL definitive software library DhL definitive hardware library DrP disaster recovery plan

(42)

ECab emergency Cab ELS early life support

Ert emergency response function FCr first-call resolution

FmEa failure modes and effects analysis FSC forward schedule of changes Fta fault tree analysis

Gtb grow the business hLD high level document hLm higher level management

imiS incident management information system iSG it steering group

iSmS information security management system itSCm it service continuity management itSm it service management

itt invitation to tender KEDb known error database KPi key performance indicator LLD low level document

mOF microsoft Operations Framework mtbF mean time between failures

mtbSi mean time between system incidents mtO maximum tolerable outage

mtrS mean time to restore service mttr mean time to repair

OGC Office of Government Commerce OLa operational level agreement OPEX operational expenditure Pba pattern of business activity

(43)

282

PDCa for itiL

Pir post implementation review PmO project management office POr post outage review

PSO projected service outage rCa root cause analysis

rCb registered certification body rFa request for approval rFC request for change rFi request for information rOi return on investment rtO recovery time objective rPO recovery point objective SD Service Design

SO Service Operation SS Service Strategy St Service transition

SaC service acceptance criteria

SaCm service asset and configuration management SCD supplier and contract database

SCm service capacity management SCm service catalogue management SDP service design package SFa service failure analysis Sia service investment analysis SiP service improvement plan

SKmS service knowledge management system SLa service level agreement

SLm service level management SLP service level package

(44)

SLr service level requirement SLt service level target SmE subject matter expert

SOP standard operating procedures SPm service portfolio management SPOC single point of contact

SPOF single point of failure SQP service quality program

SrS software requirement specifications tCab technical Cab

trt target recovery time ttb transform the business uC underpinning contracts uP user profile

VbF vital business function ViP very important person VViP very very important person VOi value on investment VPn virtual private network VCD variable cost dynamics

(45)

(46)

(47)

286

PDCa for itiL

A

access 194

access based positioning 32, 34 access management 194 access manager 195 access request 198 accounting 46, 51 active monitoring 202 application management’s 246 application sizing 102 architectural requirements. 250 assessment 270 asset 46, 174 asset management 174 audit 270 authentication 86, 194 authorization 194 availability 86, 94 availability analyst 96 availability management 94 availability manager 96 availability monitoring 99 availability test analyst 96

B back-out plan 142 backup analyst 128 benchmarking 277 best practice 20, 21 brainstorming 37 budgeting 46, 51 build 158 build analyst 160

business capacity analyst 104 business capacity management 102 business case 33

business continuity management (bCm) 126 business impact analysis (bia) 48, 126 business relationship management 62 business relationship manager 64 business requirements 250

(48)

business requirement specifications 250 business service catalogue 110

C capability 20 capacity 102 capacity analyst 104 capacity forecasting 102 capacity management 102

capacity management information system (CmiS) 102 capacity manager 104

capacity plan 102

centralized service desk 238 change 142

change advisory board (Cab) 142 change analyst 144

change closure 149 change deployment 149 change evaluation 152

change evaluation report 152, 155 change implementer 144

change management 142

change management operations 145 change manager 144, 153

change schedule 142 charging 46, 52

closed-loop control system 37 closure 215, 225

component capacity analyst. 104 component capacity management 102 component failure impact analysis (CFia) 94 confidentiality 86

configuration analyst 176 configuration baseline 174 configuration control 179 configuration identification 179 configuration item (Ci) 174 configuration management 174

configuration management database (CmDb) 174 configuration management system (CmS) 174 console management 260

(49)

288

PDCa for itiL

continual service improvement (CSi) 270 continuity 126

contract development 66 critical event 207

critical success factor (CSF) 20 CSi manager 272

CSi methods 274 CSi register 270

customer based SLa 73 customer-based SLa 70 customer portfolio 62

customer survey questionnaire 62 customer survey response 62

D

data 182

deep-dive rCa 234

definitive media library (DmL) 174 definitive spare 174

Delphi technique 37 demand analysis 43 demand analyst 42 demand management 40 demand management tool 42 demand manager 42

demand modelling 44 demand monitoring 107 deployment 163, 246 deployment analyst 160 deployment Cab (DCab) 144 de-provisioning 194, 199 design 246

design coordination 80

design coordination process owner 81 development 246

deviation 152 diagnosis 223

differential charging 46 duplicate event detection 202

(50)

E

early life support (ELS) 164 editorial review 91, 188 ELS analyst 160

emergency action plan 260 emergency Cab (ECab) 144 emergency change 147 emergency release 158 environmental analyst 262 escalation 224 evaluation 166 event 202 event analyst 204 event closure 207

event filtering and correlation 202 event management 203

event manager 204 event notification 206 event record 202 event solving group 204 exception 206

external audit 46

external service provider 32

F

facilities administrator 262 facilities analyst 262 facilities head 262

facilities management 260 fault tree analysis (Fta) 94 financial analyst 48 financial audit 52

financial management 46 financial manager 48 five force analysis 37 fixed charging 46

forward for schedule changes 148 forward schedule of changes (FSC) 142 function 20

(51)

290

PDCa for itiL

G

goal statement 33

H

high level document (hLD) 250

I identity 194 identity management 194 incident 218 incident management 218 incident model 218 incident record 218

incident registration and categorization 223 incident ticket 233

information 182

informational event 202, 206 information security 86

information security management 86 information security plan 90

information technology service management (itSm) 20 infrastructure 20 initial rCa 234 integrity 86 interaction 238 internal audit 46 it operations management 260

it service continuity management (itSCm) 126 it steering group 34, 56

it user account management 194

J

job scheduling 260

K

key performance indicator (KPi) 20 knowledge 182

knowledge author 184 knowledge base 182

knowledge editorial reviewer 184 knowledge management 182

(52)

knowledge manager 184 knowledge publisher 184

knowledge technical reviewer 184 known error 228

known error database (KEDb) 228 known error record 228

L

local service desk 238 low level document (LLD) 250

M

maintainability 94 maintenance advisor 262 major event 207

major incident 218, 225 major incident criterion 225 major release 158

maximum tolerable outage (mtO) 126 medical advisor. 262 metric 20 minor event 207 minor releases 158 modeling 102 multi-level SLa 70, 73 multi-voting 37 N

need based positioning 32, 34 nominal group technique 37 normal change 146

notification 202 notional charging 46

O

operational demand analysis 43 operations control 260

operations level agreement (OLa) 70 operations manager 262

P

(53)

292

PDCa for itiL pattern 34

patterns of business activity (Pba) 40 perspective 34

plan 34 policy 20 position 34

post implementation review (Pir) 100 proactive monitoring 77

proactive problem management 228 problem 228

problem closure 235 problem management 228 problem model 228 problem record 228

problem registration and categorization 233 problem ticket 233 process 20 process benchmarking 270 process evaluation 270 project plan 33 provisioning 194 R reactive monitoring 77

reactive problem management 228 recovery plan 126

relationship management 67 release 158

release and deployment management 158 release approach 158 release package 158, 163 release planning 163 release request 163 release types 158 release unit 158 release window 158 reliability 94 remediation plan 142 request approver 211

request for approval (rFa) 210 request for change (rFC) 142, 210

(54)

request for information (rFi) 210 request for knowledge 186 request fulfilment 210

request fulfilment manager 211 request model 210 requirement 66, 246 resolution 224 resource 20 restoration plan 126 retired services 54 rights management 194

risk and performance evaluation manager 153

S SaC council 176 SaC manager 176 safety advisor 262 secure library 174 secure store 174 security 94 security advisor 262 security analysts 88 security manager 88 service 20 serviceability 94

service acceptance criteria (SaC) 70

service asset and configuration management (SaCm) 174 service based SLa 73

service-based SLa 71 service capacity analyst 104 service catalogue 54, 110

service catalogue management (SCm) 110 service catalogue manager 111

service continuity manager 128 service continuity plans 131 service design manager 81

service design package (SDP) 80, 84 service desk 238, 239

service failure analysis (SFa) 94 service improvement program (SiP) 70 service investment analysis (Sia) 48

(55)

294

PDCa for itiL service invoice 46

service knowledge management system (SKmS) 182 service level agreement (SLa) 70

service level analyst 72

service level management (SLm) 71 service level manager 72

service level package 70 service level package (SLP) 70 service level report 70

service level requirement (SLr) 70 service level target (SLt) 70 service measurement 275 service package 40, 70 service pipeline 54 service portfolio 54

service portfolio management 54 service portfolio manager 56 service quality program (SQP) 70 service reporting 270, 276 service reporting analyst 72 service request 210, 214 service review 270 service testing 171

service validation and testing 166

service validation and testing process owner 167 seven step improvement process 270

shared service unit 32

single point of failure (SPOF) 94 snapshot 174

software requirement specifications 250 standard 20

standard change 146 statement of work (SOW) 34 status accounting 174

status accounting and reporting 179 steady state 265

strategic demand analysis 43 strategy 32

strategy management for it services 32 strategy manager 34

supplier and contract database (SCD) 118

(56)

supplier management 118 supplier manager 119 supplier monitoring 123 SWOt analysis 37

T

target recovery time (trt) 126 technical Cab (tCab) 144

technical management function 254 technical review 91, 188

technical service catalogue 110 test 166

test analyst 160 test architect 167

test environment validation 170 threat 86

throttling 202 transition 136

transition planning and support 136 tuning 102

type iii service provider 32 type ii service provider 32 type i service provider 32

U

underpinning contract (uC) 71 use cases 250

user profile (uP) 40 user requirements 250

V

validation 166

validation and testing manager 167 value chain analysis 37

variable cost dynamics (VCD) 46 variety based positioning 32, 34 verification 166

virtual service desk 238

vital business function (VbF) 94 vulnerability 86

(57)

296

PDCa for itiL

W

warning 202, 206 wisdom 182

workplace emergency 260

(58)

PDCA FOR ITIL

Metrics, csFs and workFlows For iMpleMenting itil practices

Numerous organizations spend their energy and funding on implementing ITIL practices. Most of them spend their time reinventing a wheel that was already created many times before in previous ITIL expeditions. If you’re facing this challenge, you’ll be interested in avoiding excessive cost. Although plenty of external guidance is available in the form of ITIL consultancies, you’ll need to have a decent idea of what to expect in the course of your own ITIL expedition before you go for it.

This book focuses on that specific target. Drawing on the experience of many ITIL practice implementations, it shows you in a very logical and practical way what to expect when you introduce ITIL to your organization, or when you increase the number of ITI L practices in your organization.

The book supports this by offering, in the style of a cookbook, a step-by-step guide to the implementation of individual ITIL practices, offering practical descriptions, terminology, objectives, workflows, CSFs, KPIs and other measures, in a Plan-Do-Check-Act approach. Using the cookbook analogy, it provides you with as many recipes as you are likely to need for composing your own menu. The book’s systematic approach means that once you get to grips with implementing one practice, you will be able to apply your newly developed skills to the next one, following the fundamental guidance of ITIL: adapt and adopt.

Your growing understanding of how ITIL works will greatly reduce your external costs, improve the skills of your own staff, and move your organization to higher maturity levels. You should use this guidance as a great resource for setting up and improving your own practice.

PDCA FOR ITIL. Metrics, CSFs and workflows for implementing ITIL practices PDCA FOR ITIL PDCA FOR ITIL.

PDCA FOR ITIL

Metrics, csFs and workFlows For iMpleMenting itil practices

PDCA FOR ITIL

Metrics, CSFs and workflows for implementing ITIL practices

KIrAN KUMAr PAbbAThI

K

Ir

A

N

K

U

M

A

r

P

A

b

b

AT

h

I

PDC

A F

OR I

TIL

PDCA FOR ITIL

Metrics, CSFs and workflows for

implementing ITIL practices

Contents

4

6

8

Preface

12

acknowledgements

about the author

14

Why this book?

how to read this book

16

Frequently asked questions

18

1 introduction

to itSm

20

1.1 basic terminology

1.2 What are it services?

1.3 importance of best practices

1.4 itiL lifecycle stages

22

1.5 Processes in itiL

1.6 Functions in itiL

1.7 Why do we need processes?

1.8 Can itiL processes help in

managing business services?

Answer

Scenario

Understanding

Implementation

Phase 1

24

Phase 2

26

Phase 3

Phase 4

28

Phase 5

SERVICE STRATEGY

30

2 Strategy

management

for it services

32

2.1 basic terminology

2.2 Overview of strategy

management for it services

Objectives

Business needs

2.3 implementing strategy