Beginners Guide

Foundation Certificate in IT Service Management with ITIL

Copyright: The Art of Service Pty Ltd 2003.

Table of Contents

1Foundation Certificate in IT Service Management

1.1EXIN Exam requirements specifications

1.1.1The importance of IT Service Management

1.1.2Service Management processes

1.1.3The ITIL management model

1.1.4Basic concepts of ITIL

2IT Service Management

2.1Introduction to IT Service Management

2.2ITIL Service Management

2.2.1Business Alignment

2.2.2Processes

2.2.3Processes, Services and Functions

3ITIL Overview

3.1.1History of ITIL

4Implementing ITIL Service Management

4.1Introduction

4.2Cultural change

4.3Implementation Checklist

4.4Further reading

5ITIL Service Management Processes

5.1Service Delivery Set

5.1.1Service Level Management

5.1.2Financial Management for IT Services

5.1.3Availability Management

5.1.4Capacity Management

5.1.5IT Service Continuity Management

5.2Service Support Set

5.2.1Service Desk

5.2.2Incident Management

5.2.3Problem Management

5.2.4Change Management

5.2.5Release Management

5.2.6Configuration Management

6Security Management

6.1Introduction

6.1.1Basic concepts

6.2Objectives

6.2.1Benefits

6.3Process

6.4Activities

6.4.1Control - Information Security policy and organisation

6.4.2Plan

6.4.3Implement

6.4.4Evaluate

6.4.5Maintenance

6.4.6Reporting

6.4.7Relationships with other processes

6.4.8Security section of the Service Level Agreement

6.4.9The Security section of the Operational Level Agreement

6.5Process control

6.5.1Critical success factors and performance indicators

6.5.2Functions and roles

6.6Points of Attention and costs

6.6.1Points of attention

6.6.2Costs

7IT Service Management Tools

7.1.1Type of tools

7.1.2The Cost of a Tool

1Foundation Certificate in IT Service Management

Let’s begin with the end in mind. A lot of people who first hear of ITIL are surprised to learn that there are a variety of exams that can be taken. By far the most common is called the Foundation Certificate in IT Service Management. We’ll cover just what Service Management is later, but at this Foundation level, it is really the theory of the ITIL Framework that is being tested.

1.1EXIN Exam requirements specifications

EXIN are one of the global testing bodies authorised to set and mark questions to test knowledge in the area of IT Service Management and the ITIL Framework.

The large majority of people who take this Foundations course are interested in also sitting for the ITIL Foundation Certificate. The section discusses the factors that have to be considered by those wishing to pass the exam.

1.1.1The importance of IT Service Management

The candidate understands the importance of IT Service Management in the IT Infrastructure environment.

The candidate is able to discuss the merits of a process driven approach to information technology service provision both:

  • users and customers of IT Service
  • suppliers of IT Services.

1.1.2Service Management processes

The candidate understands Service Management processes and the inter-relationships between them.

The candidate is able to:

  • Describe the benefits of Service Management processes for an organisation
  • Distinguish between ITIL processes and organisational functions and business processes
  • Indicate the elements that contribute towards ITIL process implementation.

1.1.3The ITIL management model

Using the following diagram as a guide the exam candidate will be able to:

-Distinguish the objectives, activities and results of the various ITIL processes

-Provide examples of the data/information flows from one process to every other process.

1.1.4Basic concepts of ITIL

The exam participants will also understand the following terms and concepts (note this is not a comprehensive list, simply an indication):

Application Sizing / Financial Management for IT Services / Request for Change, RFC
Asset Management / First Line Support / Resilience
Assets / Forward Schedule of Changes, FSC / Resource Management
Audit / Full Release / Restoration of Service
Availability / Functional Escalation / Review
Availability Management / Help Desk / Risk
Budgeting / Hierarchical Escalation / Rollout
Business Process / Impact / Second Line Support
Call / Incident / Security
Capacity Database, CDB / Incident Life Cycle / Security Awareness
Capacity Management / Incident Management / Security Incidents
Capacity Planning / Integrity / Security Level
Category / IT Infrastructure / Security Management
Change / IT Service / Security Section
Change Advisory Board / IT Service Continuity Management / Service Catalogue
Change Management / IT Service Management / Service Desk
Chargeable Unit / Known Error / Service Improvement Programme
Charging / Maintainability / Service Level
CI Level / Mean Time Between Failures / Service Level Agreement, SLA
Classification / Mean Time To Repair / Service Level Management
Confidentiality / Priority / Service Level Requirements
Configuration Baseline / Proactive Problem Management / Service Request
Configuration Item, CI / Problem / Service Window
Configuration Management / Problem Control / Serviceability
Configuration Management Database, CMDB / Problem Management / Software Item
Costing / Procedure / Software Release
Customer / Process / Status
Customer Liaison / Process Manager / Strategic
Definitive Hardware Store, DHS / Quality Assurance / Tactical
Definitive Software Library, DSL / Quality Control / Third Line Support
Demand Management / Recoverability / Threat
Disaster / Recovery / Underpinning Contract
Downtime / Registration / Urgency
Elapsed Time / Release Management / Urgent Change
Emergency Release / Release Policy / User
Error Control / Verification
Escalation / Release Unit / Version
Failure / Reliability / Vulnerability
Fault / Report / Work-around

2IT Service Management

2.1Introduction to IT Service Management

Most organisations now understand the benefits of having Information Technology (IT) supporting the majority of their business activities. Few realise the potential of truly aligning the IT department’s objectives with the business objectives. However, more and more organisations are beginning to recognize IT as being a crucial delivery mechanism of services to their customers.

When the IT services are so critical, steps must be in place to ensure that the IT group adds value and delivers consistently.

So the starting point for IT Service Management (ITSM) and the ITIL Framework is not technology; it is the organisational objectives.

To meet organisational objectives, the organisation has business processes in place.

Examples of business processes are sales, admin and financial (who have a “sales process”) or logistics, customer service and freight who have a “customer returns process”.

Each of the units involved in these business processes needs IT Services (eg. CRM application, e-mail, word processing, financial tools).

Each of these services runs on IT infrastructure that has to be properly managed (Service Management). IT Infrastructure includes hardware, software, procedures, policies, documentation, etc. This IT Infrastructure has to be managed.

ITIL provides a framework for the management of IT Infrastructure.

Question:Why should we manage our infrastructure properly?

Answer: Proper management of the IT Infrastructure will ensure that the services required by the business processes are available, so that the organisational objectives can be met.

Historically, these processes delivered products and services to clients in an off-line environment (the ‘brick-and-mortar’ companies). The IT organisation provides support to the back-office and admin processes. IT performance is measured internally as the external clients are only indirectly influenced by the IT performance.

Today, with online service delivery, the IT component of the service delivery can be much stronger. The way of delivering the service is IT based and therefore internal and external clients consciously and unconsciously measure the performance of the IT group.

Service delivery is more important than a glimpse of brilliance every now and then. The internal clients (business processes) and external clients need availability of the IT services and to be able to expect a consistent performance. Consistency comes through the ability to repeat what was done well in the past.

IT Service Management is a means to enable the IT group to provide reliable Information Systems to meet the requirements of the business processes, irrespective of the way these services are delivered to the external customers. This in turn enables the organisation to meet its Business Objectives.

Definition:

IT Service Management is the effective and efficient process driven management regarding the quality of IT services, provided to end-users.

2.2ITIL Service Management

Any organisation that delivers IT services to their customers with a goal to support the business processes, needs inherent structure in place. Historically, that structure was based around functions and technical capabilities. With the ever-increasing speed of change and the associated need for flexibility a technology driven approach is no longer appropriate, in most situations.

That is why IT organisations are looking for alternatives. Some alternatives include:

Total Quality Management TQM processes and continuous improvement projects

COBIT as a control & measurement mechanism

CMM for control and structure in software (and system) development

ITIL for operational and tactical management of service delivery

Which single or combination of frameworks selected is entirely dependant on the needs of the organisation.

For many IT organisations, ITIL is a very good way of managing service delivery and to perform the IT activities in end-to-end processes.


2.2.1Business Alignment

By implementing IT Service Management in your IT organisation you support the IT objectives of delivering services that are required by the business.

You can’t do this without aligning the IT strategy with the business strategy.

You can’t deliver effective IT services without knowing about the demands, needs and wishes of the customer. IT Service Management supports the IT organisation to align IT activities and service delivery, with business requirements.

2.2.2Processes

IT Service Management helps the IT organisation to manage the service delivery by organising the IT activities into end-to-end processes. These processes have no functional boundaries within the IT group.

A process is a series of activities carried out to convert an input into an output. Information flow into and out of each process area will indicate the quality of the particular process.

We have monitoring points in the processes to measure the quality of the products and services provided.

Processes can be measured for effectiveness (did the process achieve its goal?) and efficiency (did the process use the optimum amount of resources to achieve its goal?).

The measurement points are at the input, the activities or the output of the process.

The standards (or ‘norms’) for the output of each process have to be defined such that the complete set of processes meets the corporate objectives.

If the result of a process meets the defined standard, then the process is effective. If the activities in the process are also carried out with the minimum required effort and cost, then the process is efficient.

The aim of process management is to use planning and control to ensure that processes are effective and efficient.

2.2.3Processes, Services and Functions

Most businesses are hierarchically organised. They have departments, which are responsible for a group of employees. There are various ways of structuring departments, for example by customer, product, region or discipline. IT services generally depend on several departments, customers or disciplines. For example, if there is an IT service to provide users with access to an accounting program on a central computer, this will involve several disciplines.

To provide the accountancy program service the computer centre has to make the program and associated database accessible. The data and telecommunications department has to make the computer centre accessible, and the PC support department has to provide users with an interface to access the application.

Processes that span several departments can monitor the quality of the service by measuring aspects, such as availability, capacity, cost and stability. IT Service Management to match these quality aspects with the customer’s demands.

ITIL provides a concise and commonsense set of processes to help with the management, monitoring and delivery of services.

A process is a logically related series of activities for the benefit of a defined objective. The following diagram illustrates cross functional process flows.

With ITIL we can study each process separately to optimise its quality. The process manager is responsible for the process results (i.e. is the process effective).

The logical combination of activities results in clear transfer points where the quality of processes can be monitored.

The management of the organisation can make decisions about the quality of an ITIL process from data provided by each process. In most cases, the relevant performance indicators and standards will already be agreed upon. The day-to-day control of the process can then be left to the process manager. The process owner will assess the results based on a report of performance indicators and whether they meet the agreed standard.

Without clear indicators, it would be difficult for a process owner to determine whether the process is under control or if improvements are required.

We have discussed processes and we have positioned services. We have highlighted the difference between functions and processes.

Functionally structured organisations are characterised by:

  • Somewhat fragmented
  • Focus on vertical and functional matters
  • With many control activities
  • Emphasis on high/low people relationships

In functionally driven organisations we may often see:

  • Concept of walls or silos; not my responsibility
  • A hint of arrogance - “We in IT know what’s good for you.”
  • Steering people instead of steering activities
  • Because we have to communication
  • Politically motivated decision making

In contrast once processes are introduced we often see a change towards:

  • Entire task focus
  • Horizontal processes focussed towards clients
  • Control measurements that add value
  • Interdependence and uniting leadership
  • Interdependence of independent persons
  • Accessibility of information

This leads to a culture of:

  • No boundaries, but interconnections
  • Customer focused: what is the added value?
  • Steering activities instead of steering people
  • Communication because it is useful (fulfilling the needs of the customer)
  • Decision making is matching & customising
  • IT service provision is a process

3ITIL Overview

The IT Infrastructure Library is a set of books with good practice processes on how to manage IT service delivery. The library consists of many books and CD-ROMs.

The core set of material is the following set of seven tightly coupled areas:

  • Service Delivery
  • Service Support
  • Security Management
  • The Business Perspective
  • Applications Management
  • ICT Infrastructure Management
  • Planning to implement Service Management

The Service Support, Service Delivery and Security Management manuals are regarded as the central components of the framework.

These books cover the processes you will need to delivery customer-focused IT services according to your customers’ needs, demands and wishes.

They help the IT group to be flexible and reliable enough to ensure consistent IT Service Delivery. The other core books in the library support these central components.

3.1.1History of ITIL

During the late 1980’s the CCTA (Central Computer and Telecommunication Agency) in the UK started to work on what is now known as the Information Technology Infrastructure Library (ITIL).

Large companies and government agencies in Europe adopted the framework very quickly in the early 1990’s and the ITIL framework has since become known as an industry best practice, for IT Service Management.

ITIL has become the de-facto standard in delivering IT Services for all types of organisations. Both government and non-government organisations benefit from the process driven approach, regardless of the size of the IT department.

ITIL is used globally. ITIL has no geographic boundaries. It is used extensively throughout Europe, Australia, Canada, USA, United Kingdom and many emerging countries in Asia.

In 2000 the British Treasury set up the OGC – Office for Government Commerce – to deal with all commercial activities within the government. All activities formerly under the control of the CCTA (Central Computer and Telecommunications Agency) were also taken up by the new department. Even though the CCTA no longer exists, it is noted that they were the original developers of the ITIL framework.

In 2000, Microsoft used ITIL as the basis to develop their proprietary Microsoft Operations Framework (MOF).

In 2001, ITIL version 2 was released. In this version the Service Support Book and the Service Delivery book were redeveloped into much more concise volumes.

ITIL is a pseudo Public Domain framework. ITIL is copyright protected. Copyright is owned by the OGC. However, any organisation can use the intellectual property to implement the processes in their own organisation. Training, tools and consultancy services support this. The framework is independent of any of the vendors.

EXIN and ISEB are the examination bodies that organise and control the entire certification scheme. They guarantee that the personal certification is fair and honest and independent from the organisations that delivered the course. Both bodies accredit training organisations to guarantee a consistent level of quality in course delivery.

At the time of writing the only generally recognised certification is awarded to individuals There is no independent tool certification or organisational certification.

People and organisations that wish to discuss their experiences with ITIL Service Management implementation can become a member of the IT Service Management Forum. The itSMF, just like ISEB and EXIN, aim to stimulate & encourage the best practice component of ITIL and to support the sharing of ‘war stories’ and to further the development of the framework.

There is an itSMF chapter in every country that is actively involved with ITIL Service Management.



EXTRA READING

The following story is about British Telecom. This is an organisation that faced major organisational change. As you read the following story, think about the implications on the delivery of IT Services. At the end of the story, one specific implication is introduced.

Case study: Service Management implementation: British Telecom

The Emergence of BT.

British Telecom (BT) is an international private sector company operating in the field of telecommunications. From 1912 telecommunications was as part of the Post Office, held in public ownership. It was originally nationalised to ensure the provision of an integrated telegraphic and telephonic service. British Telecom was split off from the Post Office in 1981 as a prelude to its own privatisation three years later. The aim was to make it easier for the management of the two organisations to focus on the business strategies of their respective operations.

Since 1981 BT has undergone major changes first with privatisation in 1984 and then because of Project Sovereign in the early 1990’s. What follows concentrates on the build up to and changes associated with Project Sovereign from the late 1980’s. It is arguable however that this represents some continuation of the earlier corporate restructuring that surrounded privatisation. The climate for these changes continues to be shaped by several significant factors including: the development of new technology which has changed the nature of telecommunications work; the opening up of the market for telecommunications to competition and the requirement for BT to be able to exploit new international markets for information technology.