2. Goals for IT

The specific goals of IT are to develop and maintain IT services that:

Develop and maintain good and responsive relationships with the business

Meet the existing IT requirements of the business

Are easily developed and enhanced to meet future business needs, within appropriate time scales and costs

Make effective and efficient use of all IT resources

Contribute to the improvement of the overall quality of IT service within the imposed cost constraints.

3. What is a “Service?”

“A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks.”

A simple example of a customer outcome that could be facilitated by an IT service might be: “Sales people spending more time interacting with customers” facilitated by “a remote access service that enables reliable access to corporate sales systems from sales people’s laptops”.

4. What is a “Service Management?”

“Service Management is a set of specialized organizational capabilities (Strategy, Design, Transition, Operations, and Continuous Improvements) for providing value to customers in the form of services.”

These “specialized organizational capabilities” include all of the processes, methods, functions, roles and activities that a Service Provider uses to enable them to deliver services to their customers.

5. What is ITIL - The IT Infrastructure Library?

ITIL is a public framework that describes Best Practice in IT service management. It provides a framework for the governance of IT, the ‘service wrap’, and focuses on the continual measurement and improvement of the quality of IT service delivered, from both a business and a customer perspective.

ITIL was published between 1989 and 1995 by Her Majesty’s Stationery Office (HMSO) in the UK on behalf of the Central Communications and Telecommunications Agency (CCTA) – now subsumed within the Office of Government Commerce (OGC). Its early use was principally confined to the UK and Netherlands. A second version of ITIL was published as a set of revised books between 2000 and 2004. This second version became universally accepted and is now used in many countries by thousands of organizations as the basis for effective IT service provision. In 2007, ITIL V2 was superseded by an enhanced and consolidated third version of ITIL, consisting of five core books covering the service lifecycle, together with the Official Introduction.

6. Goals of ITIL

One of the main objectives of ITIL is to assist IT service provider organizations “to improve IT efficiency and effectiveness whilst improving the overall quality of service to the business within imposed cost constraints”.

7. Benefits from ITIL

Increased user and customer satisfaction with IT services

Improved service availability, directly leading to increased business profits and revenue

Financial savings from reduced rework, lost time, improved resource management and usage

Improved time to market for new products and services

Improved decision making and optimized risk.

8. A Conceptual Overview of ITIL Version 2.0

ITIL version 2.0 consists of seven modules constituting the core of ITIL. Figure 1 shows the environment and structure within which the Version 2.0 modules were produced. It illustrates the relationship that each of the modules has with the business and the technology.

9. Brief Description of the ITIL V 2.0 Seven Core Modules

   The Business Perspective: provides advice and guidance to help IT personnel to understand how they can contribute to the business objectives and how their roles and services can be better aligned and exploited to maximize that contribution.

   Application Management: describes how to manage applications from the initial business need, through all stages in the application lifecycle, up to and including retirement. It places emphasis on ensuring that IT projects and strategies are tightly aligned with those of the business throughout the application lifecycle, to ensure that the business obtains best value from its investment.

   ICT Infrastructure Management (ICT IM): covers all aspects of ICT Infrastructure Management from identification of business requirements through the tendering process, to the testing, installation, deployment, and ongoing operation and optimization of the ICT components and IT services.

   Security Management: details the process of planning and managing a defined level of security for information and IT services, including all aspects associated with reaction to security Incidents. It also includes the assessment and management of risks and vulnerabilities, and the implementation of cost justifiable countermeasures.

   Service Delivery: covers the processes required for the planning and delivery of quality IT services and looks at the longer term processes associate with improving the quality of IT services delivered.

   Service Support: describes the processes associated with the day-to day support and maintenance activities associated with the provision of IT services.

   Planning to Implement Service Management: examines the issues and tasks involved in planning, implementing and improving Service Management processes within an organization. It also addresses the issues associated with addressing Cultural and Organizational Change, the development of a vision and strategy and the most appropriate method of approach.

10. Key Processes and Activities in ITIL V2.0
1. Business Prespective

   Business Relationship Management - Business Relationship Management (BRM) is responsible for maintaining a good working relationship with the business. The BRM team works with the business at all levels, from strategic plans to day-to-day operations, to ensure the right services at the right price are in place to satisfy business needs. The primary goal of BRM is building a true partnership between IT and the business units with the business taking a leadership role in shaping and funding services that exploit IT technologies for business advantage.

   Liaison, Education, and Communication - These activities are performed in relation to the Business Perspective processes. Work includes tasks such as educating all parties in business and IT terms, sharing tactical and strategic plans among organizations, educating business units on the service catalogue, explaining and clarifying Service Level Agreements (SLAs), educating IT on business processes and the pressures they face and vice versa.

   Supplier Relationship Management - Supplier Relationship Management processes guide the interaction among IT, business, and vendors (both service providers and IT infrastructure suppliers). Through the effective use of these processes, not only do suppliers satisfy the organization’s immediate needs, the improved working relationship also ensures that suppliers cooperatively work to provide products and services that satisfy the organization’s tactical and long-term requirements.

   Review, Planning, and Development - These processes address the continuous improvement of the ITIL processes that the organization has opted to employ. The processes also guide the review and improvement of IT services, ensuring they continue to meet changing business needs and commissioning changes when appropriate.

2. Applications Management

   Requirements - Work with the business units to identify the functional and business process requirements for the change or new application. During this process, initial service level requirements will be identified.

   Design - The application team translates the requirements into a technical solution. At this point a Total Cost of Ownership (TCO) study is performed to identify development and ongoing support costs. Input from a number of other IT areas is included in developing the costs, such as Service Level Management, Capacity Management and Financial Management, and the results are shared with business leaders for approval. In many cases a negotiation process occurs, where requirements and service levels are fine-tuned in order to adjust costs to the level the business can afford.

   Build - This is the actual application coding and testing process. All the components and flows will be developed and tested both individually and systemically to uncover any functional and process flaws. Once final quality testing has been completed, management sign-offs are gathered to permit the new functions to be introduced into the production environment.

   Deploy - This covers the roll-out of the new application. Not only would this process include the movement of application modules into production libraries, it would also include any customer training required to effectively and efficiently use the new facilities.

   Operate - This process step covers the day-to-day "care and feeding" of the new application. Changes in regulatory requirements would be addressed in this step. If end users uncover flaws in the application, they are addressed in this step. In addition, service levels are monitored and application performance is measured and reported. When service levels are missed, this process step outlines the step-by-step actions required to address the problem. In all cases, the goal of this process is to minimize the impacts on the business of issues to normal application operation.

3. ICT Infrastructure Management

   Design and Planning - The Design and Planning function is responsible for all of the strategic issues associated with the running of an ICT function. They liaise with the business regarding future business plans and from the information provided, and in consultation with all other areas of the business and IT, develop the plans, architectures and strategies required for the provision of current and future ICT business solutions. One of the key tasks of Design and Planning is to include all requirements, not just the functional requirements, for a new service, considering them at the initial requirements stage and at each subsequent stage of the service lifecycle. This ensures that services are designed for “operational excellence” and that all business, Service Delivery, Service Support, operational and maintenance requirements are included at the earliest possible and most cost effective moment within the service lifecycle. Another vital role of Design and Planning is to work closely with all business managers and planners, ISG, IT managers and planners, following the Business Perspective approach, to ensure that all business and ICT plans and strategies, are closely coordinated and aligned.

   Deployment - The Deployment process deploys new and changed ICT solutions to the business to agreed quality, cost and timescales. Deployment principally involves establishing projects and project methodology to ensure that new ICT solutions are delivered to the business with minimum disruption to business processes and that use of ICT resources is optimized. This is achieved by liaising closely with the business and agreeing training, methodologies, handover processes and acceptance criteria.

   Technical Support - Technical Support ensures that the necessary support, skills and knowledge are available to underpin the overall service delivered by ICT IM. They maintain a pool of in-depth technical expertise to provide information guidance and actual resources for the research and development of new technology solutions, and third line technical support for all other areas of IT.

   Operations - The operational IT services and environments are managed and controlled within the Operations Management function. Operations use all of the management tools available to ensure that all services and components meet all operational targets, as agreed with the business and other teams in SLAs and OLAs. Operations are also responsible for the tuning and optimization of all operational areas of the ICT infrastructure.

4. Security Management - Security Management is an integral part of the other IT disciplines. It has both a business and service focus. Through the execution of the processes, the organization will meet regulatory agency requirements, such as Sarbanes-Oxley, FDIC, SEC and/or HIPAA.The ITIL Security Management process includes these components:

   Control – Policies, Organization, and Reporting

   Plan - SLA section, Underlying contracts, OLA section, and Reporting

   Implement – Classifications, Personnel security, Security policies, Access controls, and Reporting

   Evaluate - Self-assessment, External Audit, Internal Audit, Assessment as result of security incident, and Reporting

   Maintain - SLA sections, OLA sections, Requests for changes, additions, deletions, and Reporting.

5. Service Support

   Release Management - Release Management is responsible for all legal and contractual obligations for all hardware and software in use within the organization. In order to achieve this and protect the IT assets, Release Management establishes secure environments for both hardware in the Definitive Hardware Store (DHS) and software in the Definitive Software Library (DSL).

   Problem Management - The goal of Problem Management is to minimize the adverse impact of Incidents and Problems on the business. To achieve this, Problem Management assists Incident Management by managing all major Incidents and Problems, while endeavoring to record all workarounds and ‘quick fixes’ as Known Errors where appropriate, and raising Changes to implement permanent structural solutions wherever possible. Problem Management also analyses and trends Incidents and Problems to proactively prevent the occurrence of further Incidents and Problems.

   Change Management - A single centralized Change Management process, for the efficient and effective handling of Changes, is vital to the successful operation of any IT organization. Changes must be carefully managed throughout their entire lifecycle from initiation and recording, through filtering, assessment, categorization, authorization, scheduling, building, testing, implementation and eventually their review and closure. One of the key deliverables of the process is the Forward Schedule of Change (FSC) a central programme of Change agreed by all areas, based on business impact and urgency.

   Incident Management - Incident Management is responsible for the management of all Incidents from detection and recording through to resolution and closure. The objective of Incident Management is the restoration of normal service as soon as possible with minimal disruption to the business.

   Configuration Management - Configuration Management provides the foundation for successful IT Service Management and underpins every other process. The fundamental deliverable is the Configuration Management Database (CMDB), comprising one or more integrated databases detailing all of the organization’s IT infrastructure components and other important associated assets. It is these assets that deliver IT services and they are known as Configuration Items (CIs). What sets a CMDB apart from an ordinary asset register are the relationships, or links, that define how each CI is interconnected and interdependent with its neighbors. These relationships allow activities such as impact analyses and ‘what if?’ scenarios to be carried out. Ideally the CMDB also contains details of any Incidents, Problems, Known Errors, and Changes associated with each CI.

1. Service Desk - The Service Desk provides a single, central point of contact for all Users of IT within an organization, handling all Incidents, queries and requests. It provides an interface for all of the other Service Support processes.
6. Service Delivery

   Service Level Management - The SLM process negotiates, documents, agrees and reviews business service requirements and targets, within Service Level Requirements (SLRs) and Service Level Agreements (SLAs). These relate to the measurement, reporting and reviewing of service quality as delivered by IT to the business. The SLM process also negotiates and agrees the support targets contained in Operational Level Agreements (OLAs) with support teams and in underpinning contracts with suppliers, to ensure that these align with business targets contained within SLAs. The other major roles of the SLM process are the production and maintenance of the Service Catalogue, which provides essential information on the complete portfolio of IT services provided, and the development, co-ordination and management of the Service Improvement Programme (SIP) or Continuous Service Improvement Programme (CSIP), which is the overall improvement plan for continuous improvement in the quality of IT services, as delivered to the business.

   IT Service Continuity Management - IT Service Continuity produces recovery plans designed to ensure that, following any major Incident causing or potentially causing disruption of service, IT services are provided to an agreed level, within an agreed schedule. It is important for each organization to recognize that IT Service Continuity is a component of Business Continuity Planning (BCP). The objective of IT Service Continuity is to assist the business and BCP to minimize the disruption of essential business processes during and following a major Incident. To ensure that plans are kept in line with changing business needs Business Impact Analysis, Risk Analysis and Risk Management exercises are undertaken on a regular basis together with the maintenance and testing of all recovery plans.

   Financial Management for IT Services - Financial Management for IT Services provides the basis for running IT as a business within a business and for developing a “cost conscious” and “cost effective” organization. The principle activities consist of understanding and accounting for the costs of provision of each IT service or business unit and the forecasting of future expenditure within the IT Financial Plan. There is also another optional, but preferred activity, the implementation of a charging strategy, which attempts to recover the IT costs, from the business, in a fair and equitable manner.

   Capacity Management - The Capacity Management process ensures that adequate capacity is available at all times to meet the requirements of the business by balancing “business demand with IT supply”. In order to achieve this, a Capacity Plan closely linked to the business strategy and plans is produced and reviewed on a regular basis. This covers the three principle areas of Business, Service and Resource Capacity Management (BCM, SCM and RCM). These three areas comprise the activities necessary for ensuring that the IT capacity and the Capacity Plan are kept in line with business requirements. The common activities used within these areas are Performance Management, Workload Management, Demand Management and Application Sizing and Modeling.

   Availability Management - Availability is a key aspect of service quality. Availability Management is responsible for ensuring that the availability of each service meets or exceeds its availability targets and is proactively improved on an ongoing basis. In order to achieve this, Availability Management monitors, measures, reports and reviews a key set of metrics for each service and component, which includes availability, reliability, maintainability, serviceability and security.

11. Summary

Several organizations have already used this approach to significantly improve the quality of IT services delivered to the business. The benefits gained have included:

Greater alignment of IT services, processes and goals with business requirements, expectations and goals

Improved business profitability and productivity

Support staff that are more aware of business processes and business impact

A reduction in overall management and support costs leading to a reduced TCO

Improved service availability and performance, leading to increased business revenue

Improved service levels and quality of service.

However, care must be taken when developing IT Service Management within an organization. It is easy to focus on the internal aspects of IT process rather than on the Customer and business needs and requirements. The processes should always be designed primarily to make the Customer experience simple and enjoyable and secondly to make the backend IT processes effective and efficient. This can only be achieved when business and Customer driven measurements metrics, CSFs and KPIs are put in place to measure the quality of service and its continuous improvement.

References:

The IT Service management Forum. (2004). An Introductory Overview of ITIL.

The IT Service management Forum. (2007). An Introductory Overview of ITIL V3.

TeamQuest. (2008). ITIL.