Foreword. Copyright Statement

(1)

ITSM

(2)

Copyright Statement

the information contained in this classroom material is subject to change without notice. this material contains proprietary information that is protected by copyright.

no part of this material may be photocopied, reproduced, or translated to another language without the prior consent of itpreneurs B.V.

© Copyright 2006 by itpreneurs Nederland B.V. all rights reserved. itiL® is a registered trademark of office of government Commerce (ogC), rosebery Court, St. andrew’s Business park, norwich, norfolk, nr7 ohS, UK.

as you embark on your next step in your it Service management journey, i hope that this book is useful to you. it represents essential information that forms the basis for any Service management project.

when we first set out to create, educate and permeate best practices in our industry, we never imagined how popular and successful this venture would become. the ever increasing number of positive case studies around the application of service quality management should reassure you that your investment in this course is a good one.

we now have a very solid worldwide certification scheme for individuals as well as organizations.

as you complete this course, i would urge you to ensure that it is part of a roadmap to complete competence in this exciting field. there is Foundation, practitioners, Service managers, Service Quality management, institute of it Service management, CoBit, and iSo/ieC 20000 certification. every step in the

roadmap is supported by roi for you and your employer/clients, and will enable you to take your rightful place in the worldwide network of experts that shape the future of it.

thank you for taking this course, thank you for continuing your journey and welcome again to the brother/sisterhood!

Alan Nance FISM

(3)

1. INTrODucTION

1.1 introdUCtion to itSm

1.1.1 Commonly used terms

1.1.2 pre-requisites to implement itSm 1.1.3 Components of a process 1.1.4 roles in a process 1.1.5 principles of quality

1.2 introdUCtion to itiL

1.2.1 Commonly used terms 1.2.2 Structure of itiL 1.2.3 itiL Framework 1.2.4 Common problems

2. ServIce SuppOrT

2.1 SerViCe deSK

2.1.1 Commonly used terms 2.1.2 activities

2.1.3 roles and responsibilities 2.1.4 relationship with other processes 2.1.5 Common problem areas 2.1.6 Key performance indicators 2.1.7 Critical Success Factors

2.2 inCident management

2.2.1 Commonly used terms 2.2.2 process

2.3 proBLem management

2.3.3 roles and responsibilities

2.3.4 relationship with other processes 2.3.5 Common problem areas 2.3.6 Key performance indicators 2.3.7 Critical Success Factors

2.4 ConFigUration management

2.5 Change management

2.6 reLeaSe management

3. ServIce DelIvery

3.1 SerViCe LeVeL management

3.1.1 Commonly used terms 3.1. 2 process

3.1.3 roles and responsibilities

^

Á

Chapter 1.1

INTrODucTION

TO ITSM

the following terms and concepts are integral to it Service management (itSm). OBJecTIve

the primary objective of it Service management is to ensure that it Services are aligned to business needs. this can be achieved by:

® providing high quality, reliable, and cost–effective services

® maintaining effective it customer-supplier relationships

® Continuously improving the quality of it services

® Using the it services effectively to meet the current and changing business requirements

BeNeFITS

implementing it Service management has the following benefits for an organization:

® Business benefits: itSm provides business benefits, such as enhanced quality, increased productivity, and improved working relationships.

® Financial benefits: itSm provides financial benefits, such as cost justification for the following elements:

¨ implemented changes

¨ planned it service continuity expenditure ¨ estimated capacity requirements

® innovation benefits: itSm provides clarity of understanding, flexibility, and improved adaptability as part of its innovation benefits to organizations.

® employee benefits: itSm provides employee benefits, such as increased productivity, motivation, and transparency.

1.1.1 cOMMONly uSeD TerMS

IT Infrastructure Library (ITIL) is a generic framework created by using the practical experience of professional users to manage it infrastructure and services.

Quality is defined by all the characteristics of a product or service that has the ability to satisfy the stated and implied needs of the customer.

Service quality refers to the degree of service that fulfills the customers’ expectations and requirements.

Ongoing dialog is a continuous communication between the Customer and the

provider/supplier. it is used to refine the service and ensure that both parties are aware of the expected results of the service.

(5)

1.1 introdUCtion to itSm itSm handBooK 1.1 introdUCtion to itSm itSm handBooK

^

in Department-oriented organizations the departments, processes, and tasks are

usually based on specific customers, products, disciplines, or regions. in Process-oriented organizations, all departments together perform different activities of one process. roles and responsibilities are assigned according to the activities defined to deliver a particular service.

1.1.2 pre-requISITeS TO IMpleMeNT ITSM

® good it infrastructure in terms of tools and technology

® well-defined organization mission, objectives, and policies

® Competent and trained people to improve service culture

® effective and efficient itSm processes 1.1.3 cOMpONeNTS OF A prOceSS

each process has a clear-cut objective, set of activities, and defined inputs and outputs. these activities are executed using a set of procedures and working instructions. POLICY MISSION OBJECTIVES MEASURE/STEER MEASURE/USER PURCHASE A PRODUCEB SELL C

INPUT OUTPUT _RESULT

KEY PERFORMANCE INDICATOR’s for efficiency

KEY GOAL INDICATOR's for effectiveness COMPONENTS OF A PROCESS

(6)

10 itSm handBooK

_^

itSm handBooK 11

1.1.4 rOleS IN A prOceSS process owner

the process owner is accountable for the results of the process. they define the activities in the process. the process owner also determines that the actual performance matches the expected results. depending on many factors, such as the size of the it organization, the amount of cultural change and therefore levels of sponsorship required, the process owner role may or may not be combined with the process manager role.

process manager

the process manager is accountable for structuring the process. they control the day-to-day activities and operations. the process manager also generates the reports to help the process owner compare the actual and expected results, when these roles are separated.

roles Unique to each process

other process roles, unique to each process, are responsible for executing the defined activities. they may or may not have a direct organizational reporting line to the relevant process manager.

1.1.5 prINcIpleS OF quAlITy Quality management

the principle of Quality management involves cost-effective and systematic management of all the organizational activities, such as design, development, and implementation.

Quality assurance

the principle of Quality assurance specifies the complete set of measures and procedures for ensuring quality. these procedures help organizations ensure that the it services continuously and consistently fulfill the expectations of the customers.

Quality System

the principle of Quality System specifies the organization-wide processes that specify the:

Quality requirements

Steps for meeting these requirements

procedures for improving the quality standards methods for assuring the service quality levels

the European Foundation Quality Model (EFQM) is used to determine the maturity

of an organization. organizational maturity is defined by the levels of technology, processes, and organizational culture. the eFQm model helps identify areas on which an organization needs to focus while managing services. typically, a plan is developed to define the improvement areas in the organization. it also specifies the follow-up procedures for reviewing these areas. therefore, this cyclic process of self-assessment and planning helps the organiztion in systematically improving its service quality.

1. 2. 3. 4.

(7)

1.1 introdUCtion to itSm 12 itSm handBooK 1.1 introdUCtion to itSm 13 itSm handBooK

^

EF Q M M O D EL O R G A N IZ AT IO N R ES U LT S P E O P LE P O LI C Y A N D S TR A TE G Y P A R TN E R S H IP A N D R E S O U R C E S P E O P LE R E S U LT S C U S TO M E R R E S U LT S S O C IE TY R E S U LT S LE A D E R S H IP P R O G R E S S K E Y P E R FO R M A N C E R E S U LT S deming Circle

the deming Circle is a tool used for assuring quality and tracking improvement efforts.

® plan: this stage lists the planned actions for a service.

® do: this is the implementation stage in which all the planned activities are executed.

® Check: this stage specifies the measures to check whether or not the implemented actions have delivered the expected results.

® act: this stage suggests techniques to improve the service and current plans. these suggestions are based on the information that was collected during the check stage.

THE DEMING CYCLE

MA

TURITY

LEVEL

TIME SCALE

Effective Quality Improvement

Consolidate the level reached ACT CHECK PLAN DO

(8)

15 itSm handBooK

^

Chapter 1.2

INTrODucTION

TO ITIl

Á

the following terms and concepts are integral to itiL. OBJecTIve

the information technology infrastructure Library (itiL) provides an effective it Service management approach, which increases service quality and ensures consistent improvement in it strategy, design, development, and delivery requirements.

BeNeFITS

® Customers/Users

¨ improves the quality of service as the provision of it services

becomes more customer-focused and agreements about service quality improve the relationships with the customer.

¨ minimizes the disruptions in service delivery to the customers.

therefore, the costs at the customer end are also reduced because of effective and consistent it service. also, the customer gets a clear insight into the costs of the it services needed.

¨ itiL defines the roles in each process. this helps to channel

communication in the organization in a structured manner. in addition, itiL also provides a better description of services.

® it organizations

¨ process-oriented approach: itiL provides clear and defined processes

to help the organization:

∏ easily implement changes

∏ Focus on corporate objectives

∏ effectively outsource it services

∏ monitor the quality of services

∏ introduce a Quality management system

¨ Common terminology: itiL provides detailed definitions of terms to

help the people in it organizations understand each other and easily exchange information

¨ Standardization: itiL provides a uniform frame of reference for

internal and external communication and procedure identification

(9)

1.2 introdUCtion to itiL 16 itSm handBooK 1.2 introdUCtion to itiL 17 itSm handBooK

^

ITIL is a generic framework created by using the practical experience of professional users to manage it infrastructure and services.

ITIL Organizations include the office of government Commerce (ogC) and the

it Service management Forum (itSmF). these forums help improve the services by promoting the use of the itiL best practices and publishing a series of books written by experts from various leading companies and organizations. the itSmF also provides a platform for the organizations to share, discuss, and exchange information. exchange of information enables the organizations in standardizing the quality of services.

itiL Certification exams

the dutch exam Foundation (eXin) and the UK information Systems examination Board (iSeB) jointly provide a professional certification system in association with ogC and itSmF. organizations can apply for the following certifications:

® Foundation-level Certification in itiL

® practitioner-level Certification in itiL

® Service manager-level Certification in itiL 1.2.2 STrucTure OF ITIl

the itiL structure has five elements:

Business perspective:

the business perspective element of itiL provides information that helps bridge the gap between the organizations’ working needs and the customer’s requirements.

Service delivery

the Service delivery element provides information that helps identify the services that are required to provide adequate support to the business.

Service Support

the Service Support element ensures that the customer has the appropriate access to the required services that support business functions.

information Communication technology (iCt) infrastructure management

the iCt infrastructure management element provides information on:

® network Service management

® operations management

® Systems management

® Local processes management

applications management

the applications management element helps redefine business requirements according to the changes in the business. it also helps the organization in incorporating these changes in its processes and functions.

Context diagram is represented below:

The Business _{The T}

echnology

Suppliers

Planning To Implement Service Management Service Management Core Service Delivery Service Support Business

Perspective InfrastructureICT

Management

Application Management

Security Management

(10)

1 itSm handBooK

_^

itSm handBooK 1

these elements interface with each other and overlap to a certain extent. the boundaries of each element at these overlapping points cannot be clearly demarcated. in fact, these points are from the domains where the majority of the Service management problems occur. it is, therefore, critical for the organization to identify and effectively manage these boundaries.

1.2.3 ITIl FrAMeWOrK

the main focus of the itiL framework is on Service Support and Service Delivery.

ServIce SuppOrT prOceSSeS

Service desk

the Service desk is a function in the organization and not a process. the Service desk serves as the single point of contact between service providers and users. effectiveness of the Service desk determines the smooth functioning of the business operations.

® the Service desk can have multiple functions, such as: ¨ Facilitating the incident management process ¨ performing Standard Changes

¨ informing users about upcoming changes ¨ performing operational activities such as backups

incident management

an incident is an external event in the standard business operations that affects or may affect the service quality. the incident management process helps in resolving incidents to restore it services to the agreed service levels with minimum impact on business operations.

problem management

a problem is an undesirable situation created in the infrastructure, for which the causes are not known. the problem management process involves identifying, checking, eliminating, and controlling errors within the it infrastructure, preventing the recurrence of incidents.

CUSTOMER RELATIONSHIP MANAGEMENT

SECURITY MANAGEMENT Managing Confidentility Manage confidentility, integrity and availability SERVICE PLANNING

INTEGRATED SERVICE DESK

CHANGE MANAGEMENT SERVICE LEVEL MANAGEMENT

IT SERVICE DELIVERY

IT SERVICE SUPPORT

Manage services

Deﬁning agreements between the IT organizations and the business and managing the relationship with the business

AVAILABILITY

MANAGEMENT MANAGEMENTCAPACITY MANAGEMENTCONTINUITY MANAGEMENTFINANCIAL

Optimize

today tomorrowManage Manage the unthinkable Managecosts

Manage changes (Optimize the current IT infrastructure and cater to Availability requirements) (Project future expectations and

tune into new developments)

(Incorporate a disaster recovery

plan, platform survival, reduce user impact or major

unexpected failure risk and vulnerability)

(Define the budget and create transparency of the

cost of services)

Ensure changes are fast, easy, consistent and authorized

PROBLEM MANAGEMENT Manage errors INCIDENT MANAGEMENT Manage incidents RELEASE MANAGEMENT Manage software distributions CONFIGURATION MANAGEMENT Manage Configuration Items (Remove repetitive

problems from the infrastructure)

(Get users back online up and running and satisfied)

(Control software, updates and batch processes) Long term planning and improvement of IT services provision Day to day operations and support of IT services

(11)

1.2 introdUCtion to itiL 20 itSm handBooK 1.2 introdUCtion to itiL 21 itSm handBooK

^

Change management

a Change is regarded as a modification or addition to any part of the infrastructure, such as hardware, software, network, environment, or related documentation. the Change management process describes standard methods and procedures for implementing Changes with minimum adverse impact on it services, preventing change-related incidents.

Configuration management

the entire it infrastructure can be broken down into logical units called Configuration items (Cis). the attributes and location of each Ci is defined in a database called the Configuration management database (CmdB). the Configuration management process provides information to all other itiL processes by managing and controlling the Cis and their inter-relationships.

release management

a release is a new or changed software or hardware (Ci) that is introduced in the it infrastructure. the release management process controls the distribution of hardware and software, including integration, testing, and storage. it also ensures that only the correct and tested versions of the authorized software and hardware are implemented.

ServIce DelIvery prOceSSeS

Service Level management

the Service Level management process defines the services to be delivered to the Users. the service levels negotiated and agreed with the Customers are recorded in the Service Level agreements (SLas). the process involves ensuring that services are delivered at the agreed levels.

Financial management for it Services

the Financial management process aims at managing the financial dependencies between the it services and the it resources that are being used by each service.

availability management

the availability management process ensures uninterrupted business operations by measuring and maintaining the availability levels of it resources.

Capacity management

the Capacity management process aligns the resource levels with the requirements of the organization and the customers. the process also aims at providing the required it resources at acceptable costs.

it Service Continuity management

the it Service Continuity management process attempts to ensure Business Continuity by restoring it services immediately after any disasters.

Security management

the Security management process protects the it infrastructure against unauthorized access. this is achieved by specifying security requirements in terms of Service Level agreements, legislations, contractual requirements, and policies. the process is focused on Confidentiality, integrity, and availability. 1.2.4 cOMMON prOBleMS

Common problems encountered while implementing the itiL processes:

® organizational culture, such as attitude of the employees to change, work culture, and values of the people employed in the organization affect process implementation.

® Bureaucracy, as processes might have rigorous time-consuming aspects.

® Lack of understanding of processes, business strategy, and process objectives can hinder process implementation.

® Lack of management support by not providing additional personnel, finances, and support tools, such as training programs can hamper process implementation.

® Staff resistance can lead to non-acceptance of processes by employees, which can lead to a failure in process implementation.

(12)

23 itSm handBooK

^

Chapter 2.1

ServIce DeSK

Á

the following terms and concepts are integral to the Service desk function. OBJecTIve

the main objectives of Service desk are to:

® Serve as a single point of contact for users that have it-related queries and complaints

® ensure restoration of normal services to users for uninterrupted operation of business activities by facilitating the incident management process and providing ownership of the incident through the incident lifecycle

® guarantee access for all users to the it organization to ensure required service support

® reduce workload on other it departments by routing only specific and relevant queries to each department

BeNeFITS

the Service desk function offers many benefits to the it organization, such as:

® reducing the time and effort spent by users to resolve their it-related issues by prompt handling of user queries.

® Serving as an information source for other it departments by providing data and metrics about customers’ queries

® ensuring long-term customer retention for the it organization by providing the required services to users

Call Centers

Call Centers typically manage high volume call environments, such as financial business call centers. in some call centers, recording and routing of calls might be automated by using voice response systems. therefore, it is possible that the Service desk personnel do not have any role to play in these types of call centers.

Help Desk

Help Desk facilitates the incident management process. help desk staff typically have access to CmdB information.

(13)

2.1 SerViCe deSK 24 itSm handBooK 2.1 SerViCe deSK 25 itSm handBooK

^

Service Desk types:

® Unskilled or Call recording Service desk

this Service desk only records the call and immediately assigns the records to the appropriate solution group.

® Skilled Service desk

this Service desk has the competencies and the knowledge to resolve incidents until a certain level.

® expert Service desk

this Service desk resolves the majority of all incidents.

Service Desk Structures

depending on the business requirements, Service desks can be structured into the following three basic types:

® Centralized Service desk

all user queries are received and recorded at a central physical location. User queries can be divided into technical and business-related queries. depending on their approach to handle queries, it organizations can address these queries by using either a central entity or two separate entities.

® Local Service desk

multiple Service desks are spread across various locations to support local users with diverse cultural backgrounds.

distributed Service desks have three different types of points of contact with the user:

¨ Central point of Contact ¨ Local points of Contact ¨ Call Centers

® Virtual Service desk

Virtual Service desk uses network and telecom technologies to integrate a widespread network of Service desks. For instance, Service desks in different time zones around the world can ensure round-the-clock support to users by coordinating their activities and time differences.

Technology

it organizations use various technologies to:

® enhance interaction between Service desks and users

® track user data to provide inputs to other itiL processes

Service Desk technologies include:

® Computer telephony integration (Cti)

® Voice over internet protocol (Voip)

® interactive Voice response systems (iVr)

® internet gateways

® automated System management tools

® networking tools

® Call forwarding facilities

® e-mails, telephones, and fax servers 2.1.2 AcTIvITIeS

responding to User Calls

when a user contacts the Service desk, it is termed as a call to the Service desk. all calls are logged and recorded by the Service desk to enable:

® monitoring of the progress on user queries and resolving controllable delays

® provision of metrics on customer queries to other organizational departments

® resolving of complaints at the first level by referring to a set of standards and pre-existing solutions

providing information to Users

the Service desk is the main source of information for users of it services. it proactively informs users about:

® Current or expected errors

® new and existing services

® SLa provisions

® Change schedules

(14)

26 itSm handBooK

_^

itSm handBooK 27

Communicating with Suppliers

the Service desk manages a two-way communication process between the it organization and its maintenance suppliers. a key responsibility of the Service desk is to ensure the repair and replacement of infrastructure components, such as printers, workstations, and telecommunication equipment.

performing operational management tasks

in addition to resolving complaints, the Service desk performs various tasks for managing business operations of the it organization. these operational management tasks include:

® providing system backups

® managing the disk space on local servers

® Creating user accounts authorizing and resetting passwords

® installing Lan connections

monitoring the iCt infrastructure

the Service desk might be equipped with tools that detect faults in software and hardware. these tools examine equipment, such as routers, servers, and gateways, for defects. these tools can also estimate the possible impact of the detected defects. then, the Service desk notifies the incident management process. 2.1.3 rOleS AND reSpONSIBIlITIeS

the responsibilities and functional skills of the Service desk personnel vary according to the type of Service desk to which they are attached. the various Service desks can be categorized as:

Unskilled or Call recording Service desks:

Unskilled or Call recording Service desk personnel record the user’s call, describe it in general terms, and then route the call to the concerned department. this Service desk is efficient in incident recording, but has low first call resolution percentages.

Skilled or problem Solving Service desks:

Skilled or problem Solving Service desk personnel have the required technical skills to handle users’ incidents. they usually resolve incidents by using

documented or previously recorded solutions. only the unresolved incidents are routed to specialist support teams for incident resolution.

expert Service desks:

expert Service desks have personnel with specialist knowledge of the entire it infrastructure. these personnel also have the expertise to resolve most incidents on their own.

2.1.4 relATIONSHIp WITH OTHer prOceSSeS with incident management

most calls received by the Service desk are related to incidents. it reports these incidents to incident management. it also matches similar previous incidents and if possible, applies existing solutions to the newly reported incidents as part of the incident management process. in this regard, incident management provides solution-related information. the process also refers to the Service desk records for resolving and managing the incidents and restoring services to Users.

with Change/release management

the Service desk is responsible for activities, such as:

® installing software and hardware

® Standard Changes – for example relocating workstations, setting up Lan connections, etc.

these activities are closely coordinated with Change management and release management to:

® evaluate Changes in terms of development and distribution of applications and it infrastructure

® ensure that the timing of implementing the Changes has a very low impact on the existing service quality

(15)

2.1 SerViCe deSK 2 itSm handBooK 2.1 SerViCe deSK 2 itSm handBooK

^

with Configuration management

when responding to calls, the Service desk records the details of the users and their it resources. then, the Service desk validates these user-provided details with the records in the CmdB. Verifying the user details enables the Service desk to:

® ensure the accuracy of users’ details

® determine the level of service to be provided to users

with Service Level management

if a particular user request cannot be met, Service Level management is informed of the request. the Service desk also provides information to Service Level management on:

® Users’ perception of service quality

® Users’ feedback on service interruptions and response times 2.1.5 cOMMON prOBleM AreAS

effective performance of a Service desk is often interrupted by bottlenecks, such as:

® Limited understanding of business needs by the it organization

® inadequate investment in training

® Unrealistic service levels

® insufficient significance attributed to the Service desk 2.1.6 Key perFOrMANce INDIcATOrS

the key performance indicators for the Service desk are:

® average duration and answer time per call

® average time to resolve an incident

® percentage of incidents resolved without referring to other departments

® number of calls processed per workstation

® total number of calls to the Service desk

2.1.7 crITIcAl SucceSS FAcTOrS

the following critical success factors enhance the effectiveness of the Service desk function.

® User should be able to easily access the desk for resolving their issues.

® Users should be encouraged to approach the desk for recording and resolving each incident.

® Users should be discouraged from bypassing the desk.

® Users should clearly understand the Service desk function through effective use of SLas and product and service catalogs.

(16)

31 itSm handBooK

^

Chapter 2.2

INcIDeNT

MANAgeMeNT

Á

the following terms and concepts are integral to the incident management process.

OBJecTIve

the incident management process ensures that breakdowns and errors related to it infrastructure and services are resolved quickly and efficiently in an organization. the incident management process resolves these breakdowns (referred to as ‘incidents’) without adverse impact on the business processes, at affordable costs.

BeNeFITS

an organization that implements the incident management process derives dual benefits for its:

® it services:

¨ improved monitoring, allowing performance against SLas to be accurately measured

¨ accurate recording of incidents and Service requests

¨ elimination of lost or incorrect incidents and Service requests ¨ organized and efficient use of personnel for resolving incidents ¨ availability of information on it errors for effective management ¨ more accurate CmdB information for ongoing audit while registering

incidents

¨ improved user and customer satisfaction

® Business

¨ timely solution of incidents to reduce their impact on business ¨ proactive identification of beneficial system enhancements and

amendments

¨ Customer-specific monitoring of incidents

¨ availability of business-focused management information related to the SLa

(17)

2.2 inCident management 32 itSm handBooK 2.2 inCident management 33 itSm handBooK

^

Incident refers to any event that is not part of the standard operation of a service, and that may cause an interruption or a reduction in the quality of that service.

Service Requests are requests from a User to the Service desk for support, delivery, information, advice, or documentation. a password reset is also an example of a Service request.

a Standard Change is a change where the risk and costs are known, are fairly repetitive, and are pre-approved by the Change management process. the Service desk often performs these Standard Changes, for example, basic moves, adds and deletions.

Functional Escalation occurs when incidents are reported to higher Support

group levels to be solved.

Hierarchical Escalation occurs when the resources or authority required to resolve the incidents are not adequate, and the incident is passed on to higher authorities or departments until solved.

Impact of the incident refers to its adverse effect on a business process.

Urgency of the incident refers to the necessary speed (high, medium, low) for solving an incident of a certain degree of impact.

Priority of the incidents is based on the impact of the incident on the business and the urgency of the incident to be solved.

Known Error refers to a problem for which the root cause is known, and for which a temporary workaround or a permanent solution has been identified.

a workaround is either a temporary fix or technique to solve the incident. it is used to eliminate the customer’s dependency on the particular aspect of a service that is known to have a problem.

Service Level Agreement (SLA) is a written agreement between a service provider and customer(s). this agreement defines the agreed levels for a service.

2.2.2 prOceSS process inputs

incidents reported from various parts of the infrastructure by the:

® Users

® it departments

® automatically reported through System management tools

process outputs

® information related to the incidents of other processes and departments

® information related to the solution of the incidents of other departments and processes

detecting and recording incidents

® accepting the reported incident and assigning a unique incident number to each incident by the Service desk

® recording the details of the incidents, such as the user details, symptoms, time of occurrence, and location

® alerting the users and management about the incidents having a high impact on business

(18)

34 itSm handBooK

_^

itSm handBooK 35 ACTIVITIES OWNERSHIP, MONITORING, TRACKING, AND COMMUNICATON INCIDENT DETECTION AND RECORDING REQUEST? CLASSIFICATION AND INITIAL SUPPORT ANALYSIS AND DIAGNOSIS RESOLUTION AND RECOVERY INCIDENT CLOSURE MATCH? Incident Management process Service Request Procedure NO NO YES

Classifying incidents and providing initial First-line Support

® Sorting the incidents into categories, such as networking, workstations, and procedures

® assigning priority to each incident

® identifying the services related to the incidents

® identifying the Support groups for resolving the incidents

® informing the Users about the time for resolving the incident

® identifying the status of the incident

® providing First-line Support by the Service desk to solve incidents

® matching the incidents with the previously reported incidents, problems and Known errors

® applying solutions or workarounds to the incidents

® informing the User about the solution of the incident once it is solved

investigating and diagnosing incidents

the Support group with the required expertise and resources investigates the cause of the incident, diagnoses the cause, and solves the incident.

resolving and recovering incidents

record the solution of the incident and submit a request for Change (rFC), if necessary, to ensure correct implementation of the solution.

monitoring and tracking the incidents

® all the unresolved or open incidents are monitored and tracked at each stage by the Service desk

® the Service desk informs the Users about the status of the open incidents

® the Service desk maintains ownership of the incident throughout its lifecycle

Closure of incidents

® after resolving the incident, the Support group routes the incident back to the Service desk after implementing the solution

® the Service desk contacts the User who reported the incident

® the Service desk records the incident as closed after the User agrees to the solution and ensures all incident data is complete

(19)

2.2 inCident management 36 itSm handBooK 2.2 inCident management 37 itSm handBooK

^

2.2.3 rOleS AND reSpONSIBIlITIeS

the roles defined to perform the activities and tasks of the incident management process are:

® Incident Manager

® Service Desk (Level 1 support)

® Support Groups and external vendors (Level 2, 3, “n” support groups)

the Incident Manager is the owner of the incident management process. the

incident manager’s responsibilities include:

® preparing the process reports that detail the performance and efficiency trends of the incident management process

® organizing the management information required for the implementation of incident management. For example, collecting information, such as number of resources and inter-relationships with other processes

® recommending measures for improvements in incident management

® developing and maintaining the incident management system

® monitoring the responsibilities of the incident Support groups

the incident Support groups resolve incidents at different levels. the different levels of the Support groups include:

® First-line Support groups comprising the Service desk

® other Support groups that include the Second-line, third-line, Fourth/n-line Support groups

the responsibilities of the First-line Support group include:

® recording the reported incidents

® Classifying the incidents and providing initial Support

® routing incidents to other Support groups

® monitoring, tracking, and owning the incident

® resolving incidents

® Closing the solved incidents

the responsibilities of other Support groups include:

® handling incidents that are not solved by the First-line Support group

® investigating the incident details

® diagnosing the cause of the incidents

® recovering the solved incidents

2.2.4 relATIONSHIp WITH OTHer prOceSSeS with the Service desk

the Service desk assists incident management by recording the reported incidents. the Service desk also provides First-line Support to the Users by applying pre-identified solutions to the reported incidents. Similarly, incident management solves incidents and informs the Service desk, which further communicates these solutions to the Users.

with the Configuration management process

to classify the incidents, incident management requires details of the affected it components (Cis) like version number, date of purchase, license, and location. these details are stored in the Configuration management database (CmdB) of Configuration management.

with the problem management process

all the incidents for which the root cause is unknown can be defined as problems. incident management refers these unknown errors to problem management. problem management provides workarounds and permanent fixes for these problems to incident management.

with the Change management process

to implement the solutions for the incidents, certain Changes might be required in the infrastructure. these Changes are communicated to Change management, which records the Changes related to the it infrastructure components. Change management provides details of the scheduled Changes to the incident management process.

with the Service Level management process

the Service Level agreements (SLas) of Service Level management define service levels for solving incidents for the incident management process. the incident records assist Service Level management in generating reports related to the incident management process.

with the availability management process

availability management requires information from incident management about the availability of the levels of the it services agreed in the SLas. incident management informs availability management about the lifecycle of the incidents, which specifies the time duration right from when the incident was first detected to when it was solved. this time duration is referred to as downtime or mean time to repair (mttr).

(20)

3 itSm handBooK

_^

itSm handBooK 3

with the Capacity management process

Capacity management provides information related to diagnostic tools like simulation models and scripts to solve incidents. incident management ensures that the incidents are solved within the capacity levels mentioned in the SLas. incident management also provides Capacity management information about Capacity-related incidents.

2.2.5 cOMMON prOBleM AreAS

® if the Users are not properly trained on the process, they might not follow the proper procedures and try to resolve the incidents themselves

® there might be an overload of incidents if the categories of incidents are not clearly defined or if the procedures for allocating and routing incidents are not followed

® if the First-level Support groups do not have adequately skilled resources, more incidents might get escalated quickly to higher Support groups

® if the services and products that are supported by incident management are not clearly defined in the SLa, the incident management personnel do not know which reported errors or requests qualify as incidents

® a higher level of commitment, responsibility, and discipline is expected from the personnel. there can be resistance to such changes among personnel 2.2.6 Key perFOrMANce INDIcATOrS

the key performance indicators of the incident management process are:

® number of recorded incidents by group, by type, by service, etc.

® average time to resolve the prioritized and non-prioritized incidents

® number of resolved incidents per workstation or per Service desk, within the time duration specified in the SLas

® percentage of incidents resolved by the First-line support

® average support cost per incident

® total incidents solved without the Support groups needing to visit the user’s location

the critical success factors for the incident management process are:

® an up-to-date CmdB to estimate the impact and the urgency of incidents

® a knowledgebase is necessary to record incidents, their solutions or workarounds and to link it with the problem management process

® an automated system is necessary for recording, tracking, and monitoring incidents

® Close ties with Service Level management to ensure appropriate prioritization and resolution times for the incidents

(21)

2.3 proBLem management 41 itSm handBooK

^

Chapter 2.3

prOBleM

MANAgeMeNT

Á

the following terms and concepts are integral to the problem management process.

OBJecTIve

the problem management process aims at identifying the root causes of errors or incidents in the it infrastructure and provides permanent solutions to remove these errors from the infrastructure. this eliminates recurring incidents and prevents incidents from occurring in the first place.

BeNeFITS

the problem management process helps in rapidly improving the it service quality by:

® documenting and eliminating errors

® reducing the number of incidents

® providing permanent solutions to the problems in the it infrastructure the problem management process enables a better first-time-fix-rate (first-line resolution rate) of incidents at the Service desk. the efficiency of the Service desk is improved by capturing the incident resolution and workaround data.

Known Errors are problems where the root cause is known, and for which

a temporary workaround or a permanent solution has been identified.

Workarounds are temporary fixes or techniques for resolving an incident. they are used to eliminate the customer’s dependency on that aspect of the service, which is known to have a problem.

Reactive Problem Management activities help in identifying the root causes of the incidents and in identifying permanent solutions for incidents.

Proactive Problem Management activities aim at preventing incidents before they

occur, by identifying weaknesses in the it infrastructure and suggesting methods to eliminate these weaknesses.

problems are categorized into various groups or domains, such as hardware, software, and support software. problems can be allocated to the support staff on the basis of these categories.

(22)

42 itSm handBooK

_^

itSm handBooK 43

the problem management team identifies the impact of the problem on the business process of the organization.

the problem management team defines the urgency of a problem. Knowing the urgency of the problem helps determine the time for which solutions can be deferred.

the problem management team assigns the priority to a problem on the basis of its urgency, impact, risk, and resource availability. priority indicates the relative order in which a series of problems should be addressed.

® incident details from incident management

® workarounds defined by incident management

® Configuration details from the CmdB

® details of products (hardware and software) used in the it infrastructure from the suppliers

® details about the it infrastructure and its behavior, for example, registration of capacity and performance monitoring

® information about Known errors from the development environment

process outputs

® Known errors (root cause and workarounds)

® requests for Changes (rFCs)

® Up-to-date problem records

® Closed problem records for resolved problems

® management information to help monitor the effectiveness of problem management

activities

® problem Control, which includes activities, such as trend analysis, defining, and investigating problems

® error Control, which includes activities, such as monitoring Known errors and submitting rFCs

problem Control

® identifying and recording problems

® Classifying problems based on its impact on the existing service levels by assigning Category, impact, Urgency, and priority

® investigating and diagnosing the root cause, such as hardware and software errors, documentation errors, or human or procedural errors, behind each problem. Formal methodologies, such as Kepner-tregoe or ishikawa can be used

(23)

2.3 proBLem management 44 itSm handBooK 2.3 proBLem management 45 itSm handBooK

^

TRACKING AND MONITORING

IDENTIFICATION AND RECORDING

CLASSIFICATION

INVESTIGATION AND DIAGNOSIS ESTABLISH KNOWN ERROR

PROBLEM

TRACKING AND MONITORING

ERROR IDENTIFICATION

AND RECORDING _{ERROR ASSESSMENT}

RECORD ERROR RESOLUTION

CLOSURE ERROR PIR RAISE RFC aCtiVitieS error Control

® error identification (from the Known error identified in the output of problem Control)

® error assessment to identify the best solution to remove the error from the infrastructure

® recording the resolution for each Known error and raising a request for Change (rFC)

® post implementation review (pir) to confirm the effectiveness of the solution prior to final closure

® monitoring the progress of problems and Known errors during all stages of problem Control and error Control (continuous activity)

proactive problem management

® perform trend analysis to identify and remove repetitive incidents and to provide high-quality management information about the behavior of infrastructure

® perform preventative maintenance to prevent incidents from occurring

® perform major problem reviews to identify: ¨ what was done right?

¨ what was done wrong?

¨ what could be done better next time? ¨ how to prevent problems?

the Problem Manager is responsible for all the problem management activities. the responsibilities of the problem manager include:

® developing and maintaining the problem Control and error Control processes

® assessing the effectiveness of the problem Control and error Control activities

® providing problem-related information to the management

® managing the problem support staff

® allocating resources for the support activities

(24)

46 itSm handBooK

_^

itSm handBooK 47

the Support Group personnel assist the problem manager and have the following

two types of responsibilities:

® Reactive responsibilities

¨ identifying and recording problems by analyzing incident details ¨ investigating problems based on their priority

¨ Submitting rFCs to remove errors ¨ monitoring the resolution of Known errors

¨ advising the incident management team about workarounds and quick fixes

® proactive responsibilities

¨ identifying trends and potential sources of problems ¨ Submitting rFCs to prevent the recurrence of incidents ¨ preventing the replication of problems across multiple systems 2.3.4 relATIONSHIp WITH OTHer prOceSSeS

the Service Level management team provides information about the agreed service levels to the problem management team. the problem management team uses this information to classify the problems.

with Change management

the problem management team suggests Changes in the it components and submits them as rFCs to eliminate errors. Change management assesses the impact of the proposed Change and informs the problem management process about the progress and completion of the suggested Changes.

with Configuration management

Configuration management provides details about the components of the it infrastructure, such as the hardware and software configurations, services, and other relationships. problem management uses this information for identifying the impact and urgency of the problems.

with incident management

the problem management team uses incident records to identify the problems and suggests workarounds to the incident management team until permanent solutions for the incidents can been found.

with availability management

availability management specifies the availability levels to the problem management team. problem management identifies the problems causing the disparity between the actual and agreed availability levels and attempts to diagnose and eliminate these problems. the availability management team uses information from the problem management process to prevent such problems and incidents by optimizing availability planning.

with Capacity management

Capacity management provides capacity-related information to problem management. the problem management team helps the Capacity management team by identifying the causes of capacity-related problems and rectifying them. 2.3.5 cOMMON prOBleM AreAS

® if the incident management team does not properly record the details of the incident and the related it components, the problem management team will not be able to accurately classify the problem.

® For software applications that are transferred from the development environment to the live environment, details of Known errors should be properly communicated otherwise problem management will need to redefine these errors, leading to duplicate effort.

® if there is a lack of managerial commitment, the support staff might tend to ignore the proactive aspects of problem management.

® Strong management support is required in order to allow the time needed for the Support staff to perform the problem management activities. 2.3.6 Key perFOrMANce INDIcATOrS

the key performance indicators for an effective problem management process include trends in the:

® number of incidents resolved by closed problems

® time needed to resolve problems

® Costs (people, material, and resources) incurred during resolving a problem

(25)

2.3 proBLem management

4 itSm handBooK

the following critical success factors improve the performance of the problem management process:

® effective automated registration and classification of incident records

® Setting feasible objectives and making the best possible use of the expertise of personnel

® effective coordination between the incident management and the problem management processes

Chapter 2.4

cONFIgurATION

MANAgeMeNT

(26)

50 itSm handBooK

_^

itSm handBooK 51

the following terms and concepts are integral to the Configuration management process.

OBJecTIve

the Configuration management process ensures that all details about the it infrastructure components are accurately stored and updated in the Configuration management database (CmdB). this information is provided to other processes and departments for handling it infrastructure-related issues. BeNeFITS

® Effective problem-solving: the Configuration management process helps

identify the it components (Cis) related to problems. after determining the affected items you can easily trace the cause and identify the solution for the problem.

® Rapid implementation of changes: the Configuration management process

facilitates rapid and accurate analysis of the possible impact of a Change on other it components and their services. this helps in implementing Changes with minimum disruption to it services.

® Better control of software and hardware releases: the Configuration

management process ensures better control of software and hardware by: ¨ Combining hardware and software packages so that the whole

combination can be tested for effectiveness before implementation. ¨ Using the Configuration management database (which is a repository

of all relevant details of a Ci and its relationship with other Cis) and standard configuration (Baselines) to develop testing and distribution plans.

¨ Storing details about software versions that can be used for backouts.

® Improved security: the Configuration management process stores information

about the authorized changes in it components and the different software versions. this helps maintain security of the it infrastructure by blocking unauthorized changes and preventing use of incorrect software versions. the Configuration management process also assists in monitoring licenses to identify any unlicensed components.

® High-quality commercial services: the Configuration management process

helps the organization by providing the required information about all it components and services. this information aids the management in taking decisions about modifying the components and services as required. also, the information helps in reducing costs by preventing duplication of effort.

® Effective management of IT components: the Configuration management

process helps control all the it components (Cis) that are essential to the services. it helps maintain records of any changes in the it components and services.

® Support for other ITIL processes: the Configuration management process

helps, for example, the availability management and the Capacity management processes by providing correct configuration details for analyzing and planning the it services.

® Identification of hidden costs: the Configuration management process

identifies the unused it components that are still adding to the cost. also, most departments maintain records about the parts for which they are responsible. this leads to overlap of information between departments. the Configuration management process provides a way to store information in a central location and reduce workload for all other it departments.

® Expected expenditure planning: the Configuration management process

provides information about maintenance costs and contracts, licenses, and expiry dates to create the expenditure plans for the organization.

® Compliance with legal requirements: the Configuration management process

helps in identifying illegal copies when audit results are compared with the existing records. then, the identified illegal copies are destroyed or removed from the it infrastructure. this ensures compliance with legal requirements. 2.4.1 cOMMONly uSeD TerMS

Configuration Baseline is the configuration of a product or system established at a specific point in time. the Configuration Baseline captures both the structure and details of that product or system, and enables that product or system to be rebuilt later.

Configuration Management is the process of identifying and defining the it

components and services in a system, recording and reporting the status of Cis and rFCs, and verifying the completeness and correctness of Cis.

the Configuration Management Database (CMDB) contains all the relevant details

of all Cis and details of the important relationships between Cis.

a Configuration Item (CI) is an infrastructure component or item, such as an rFC, associated with the infrastructure. Cis can be hardware, software, documentation, and sometimes people related (such as process roles and job specifications). a Variant is a small differentiation between versions of Cis, for example the same versions of microsoft word for different languages.

(27)

2.4 ConFigUration management 52 itSm handBooK 2.4 ConFigUration management 53 itSm handBooK

^

Asset Management is an accounting process for monitoring assets. asset

management does not hold relationships between assets, whereas Configuration management does maintain relationships between Cis.

® information about changes in the organization

® information about the new it components

process outputs

® reports to other itiL processes and to the it management

® new and updated records in the CmdB, which other processes access for their activities

activities Planning

¨ defining the strategy, policy, and objectives of the process ¨ analyzing the information that is available for the process ¨ identifying the tools and resources required for the process

¨ Creating interfaces with other itiL processes, projects, and third party suppliers

Identification

¨ identify the associated it services and components, which need to be controlled by Configuration management

¨ define the scope of Configuration management ¨ Specify the level of detail for recording the information ¨ identify the relationships of the Cis

¨ determine the depth of information that needs to be recorded ¨ Create naming conventions

¨ assign attributes

SCOPE AND CI LEVEL

INFRASTRUCTURE INTERFACE APPLICATIONS DESIGN DOCUMENTS ENVIRONMENT DOCUMENTATION STAFF SKILL SETS Scope Level (Depth) KEYBOARD CPU MONITOR SERVER DISK

(28)

54 itSm handBooK

_^

itSm handBooK 55

Control

® Controlling all the it components received by the organization

® ensuring accurate representation of Cis in the CmdB through physical access security procedures and technology and through links with the Change management process

Status accounting

® assigning a status code to each of the status of the Cis for easy identification

® managing the lifecycle of the Ci

Verification and audits

® Verifying and auditing the details in the CmdB against the physical infrastructure

management of reports and performance indicators

® assessing the efficiency and effectiveness of Configuration management using regular management reports

STATUS ACCOUNTING: EXAMPLE OF CI STATUS MONITORING

PLANNED/ ON ORDER RECEIVED/ IN STOCK TESTED IMPLEMENTED OPERATIONAL MAINTENANCE ARCHIVED TIME

the Configuration Manager is the owner of the Configuration management

process. the Configuration manager’s responsibilities include:

® making proposals on the scope of Configuration management

® planning and populating the CmdB

® evaluating existing and implementing new Configuration management systems

® developing identification system and naming conventions for the Cis

® developing interfaces to other processes

® Creating reports and audits

® Communicating the process and conducting training 2.4.4 relATIONSHIp WITH OTHer prOceSSeS with incident management

to solve incidents, the incident management team needs to know the dependencies of each Ci related to the incident. the team uses data from the CmdB to identify:

® the Cis related to the incident

® the dependencies of each Ci related to the incident in order to assess impact and assigned priority

with problem management

to solve problems, the problem management team needs to know the

dependencies of each Ci related to the problem. the problem management team also needs to link any existing problems and Known errors to the related Cis. the team uses data from the CmdB to identify:

® the Cis related to the problem

® the dependencies of each Ci related to the problem

® any history for the problem

with Change management

For accurate impact analysis, the Change management team needs data about each Ci affected by a Change. Using this data, the Change management team determines the Changes that can be implemented with minimum disruption to the services. after the Changes have been implemented, the Change management team ensures the updates to the CmdB are completed with the information about all the new and modified Cis.

(29)

2.4 ConFigUration management 56 itSm handBooK 2.4 ConFigUration management 57 itSm handBooK

^

with release management

Before implementing a release, the release management team queries Configuration management for information about the status of the affected Cis. For example, the release management team needs to know the status, location, source code, etc., of an existing Ci.

the Service Level management team needs information about the service characteristics, relationships between the services, and the underlying

infrastructure. Configuration management provides the recorded documentation about the agreed levels of service and the relationships between the recorded Cis and it services.

with Financial management

the Financial management team needs to know the services being used by the customers so that they can Charge the customers accordingly. Configuration management provides this information to the Financial management team. the Financial management team combines this information with the SLas to determine the prices to charge the customer.

with availability management

the availability management team needs to know the Cis that are critical for providing a service. Using this information, the team can identify Cis that need to be immediately upgraded or phased out and to perform various analysis activities, such as Component Failure impact analysis (CFia).

with it Service Continuity management

the it Service Continuity management team uses the standard configurations (Configuration Baselines) from the CmdB to identify the disaster recovery requirements. the team also needs to know if these configurations are available at a particular back-up location (known as the disaster recovery site). Using this data, the it Service Continuity management team can ensure continuous flow of services to the users and customers.

2.4.5 cOMON prOBleM AreAS

® a considerable effort is required to maintain a Configuration management database (CmdB) with a high level of detail. too little effort might lead to recording insufficient information.

® Configuration management involves various manual processes that can cause delays and drain the organization’s resources.

® if the CmdB is not updated immediately after Changes, a number of problems, such as inaccurate information being stored in the CmdB, might result.

® over-ambitious scope can make Configuration management look like a bottleneck in the smooth functioning of an organization’s activities.

® Sometimes the management can unrealistically expect the Configuration management tool to deliver a total solution.

® Lack of commitment might lead to issues, such as incomplete and uncontrolled process implementation.

® individuals and groups might use the fact that Configuration management is a bureaucratic process as an excuse for not following the complete process.

® omitting activities in the Configuration management process affects the functioning of the organization.

® isolated implementation of the Configuration management process can result from inadequate analysis and design.

if the Configuration management process is not supported by software tools that are flexible, it is not easy to cater to new requirements and support all Ci categories

2.4.6 Key perFOrMANce INDIcATOrS

Key performance indicators related to Cis and CmdB:

® number of occasions on which a “Configuration” was found to be unauthorized

® number of refused rFCs as a result of incomplete data in the CmdB

® number of Changes to the CmdB per month because of identified errors in the CmdB

(30)

5 itSm handBooK

Key performance indicators related to the Service desk:

® the change in the ratio of calls that are received at the Service desk per month to the calls that are resolved immediately

® the change in the average time and cost of diagnosing and resolving the Service desk calls that cannot be immediately resolved

Key performance indicators related to other itiL processes:

® the change in the number and seriousness of incidents and problems

® incidents and problems that can be tracked back to incorrect Changes

® the cycle time to approve and implement Changes

® the change in the number and seriousness of occasions when a Service Level agreement has been breached

® Licenses that have been wasted or not used at a particular location

® number of observed differences between the Ci records and the actual situation found during an audit

the following critical success factors improve performance of the Configuration management process:

® identify clear process objectives

® ensure implementation of all stages in the process

® review all existing records before introducing the process to avoid duplicate data

® ensure that the Configuration management team has the required skills and attitude

® Close coordination with the Change management process to ensure accuracy of the information in the CmdB

Chapter 2.5

Foreword. Copyright Statement

ITSM

1. INTrODucTION

2. ServIce SuppOrT

3. ServIce DelIvery

cONTeNTS

^

Á

INTrODucTION

TO ITSM

^

^

^

THE DEMING CYCLE

^

INTrODucTION

TO ITIl

Á

^

^

^

^

ServIce DeSK

Á

^

^

^

^

INcIDeNT

MANAgeMeNT

Á

^

^

^

^

^

prOBleM

MANAgeMeNT

Á

^

^

^

cONFIgurATION

MANAgeMeNT

^

^

SCOPE AND CI LEVEL

^

^

cHANge

MANAgeMeNT

Á

_^

_^

_^

_^

_^

_^

_^

_^

_^