Information Technology Infrastructure Library Standard

Document Sample
Information Technology Infrastructure Library Standard Powered By Docstoc
					Information Technology
Infrastructure Library
(ITIL)
History, Concepts and Alignment to CobiT and ISO 20000

Thursday, October 12, 2006
Today’s Objectives:

1. Learn about the history of ITIL
2. Understand ITIL’s key objectives
3. Discover all components of the ITIL Framework
4. Visit each of the core 10 ITIL SM Processes
5. Learn the importance of process interaction
6. Understand the ISO 20000 & alignment to ITIL
7. Understand the alignment to CobiT Framework
8. Learn about the future of ITIL
Dalibor Petrovic, I.S.P.
Consulting Manager,
IT Strategy and Management, Deloitte



      - Certified ITIL Service Manager
      - EXIN International Exam Marker for ITIL
       Service Manager Certifications
      - Certified CobiT Professional
      - Certified ISO 20000 Internal Auditor
      - Chair of itSMF Northern Alberta
WHAT IS ITIL?
      Framework for Best Practices in
              A Library of Books
          Defined Common Sense
          IT Service Management

                          Origins:


 • British Government’s effort to improve IT management
 • Developed by the CCTA in the late 1980’s
 • Originally, a library of over 40 books that documented
 various IT Service areas, processes and standards
 • Today, a library of 8 books, under the auspices of OGC
ITIL Objectives

Three Key Objectives of IT Service Management:


1. Align IT Services with the Current and Future
   Needs of the Business and its Customers
2. Improve Quality of IT Services
3. Reduce Long-Term Costs of IT Service
   Provision
In the beginning…




                    …there
                      was
                    Deming!
The Deming Cycle
The Deming Cycle
 The ITIL Library

                       Planning to Implement Service Management


                                              Service
                                              Support




                                                                              The Technology
 The Business




                                                                  ICT
                The Business           Security              Infrastructure
                 Perspective         Management               Management


                                Service
                                Delivery

                                Applications Management


                                Software Asset Management



Source: OGC
ITSM Components
                                          IT Service




                                                             security
                    Service Level        Continuity
                    Management          Management

       Availability
       Management                                        Release
                                                       Management
  Capacity
 Management
                             IT
                                                         Change
 Financial             Infrastructure                  Management
Management
 for IT services                           Configuration
                                           Management
                Incident
               Management   Problem Management
• Service Support
 – The Service Desk
 – Incident Management
 – Problem Management
 – Configuration Management
 – Release Management
 – Change Management

• Service Delivery
 – Service Level Management
 – Availability Management
 – IT Service Continuity Management
 – Capacity Management
 – Financial Management for IT Services
                                                                          The Service Desk


The Service Desk
  Goals




     To act as the single point of contact between the User and IT
     Service Management and track status of all customer interactions
     To handle   Incidents and requests, and provide an interface for other
     activities such as Change, Problem, Configuration, Release, Service
     Level, and IT Service Continuity Management
                             The Service Desk


Inputs to the Service Desk
  Information
                                                    The Service Desk


Why a Service Desk?
  Essentials



 • The Service Desk is more than just a Help Desk

 • The first and single point of contact

 • High quality support to meet business goals

 • Help identify costs of IT services

 • Proactive support and communication of changes

 • Increase user perception and satisfaction

 • Identification of business opportunities

 • Identification of Training Opportunities
                                                     The Service Desk


Responsibilities
   Activities




 • Receive and record all calls from users

 • Provide first-line support (using knowledge resources)

 • Refer to second-line support where necessary

 • Monitoring and escalation of incidents

 • Keep users informed on status and progress

 • Provide interface between ITSM disciplines

 • Produce measurements and metrics
                                                                 Incident Management


Incident Management
  Goals


      To restore normal service operation as quickly as possible with
      minimum disruption to the business, thus ensuring that the
      best achievable levels of availability and service are
      maintained


      Incident definition
      Any event which is not part of the standard operation of a
      service and which causes, or may cause, an interruption to, or
      a reduction in, the quality of that service

      Work-around definition
      A method of avoiding an Incident or Problem either by
      employing a temporary fix or technique so the user is no
      longer reliant on a Configuration Item (CI) that is known to
      cause failure
                                                         Incident Management


The Incident Life Cycle – the monitoring and
tracking of Incidents
Activities




                                            Including Impact and Urgency
                                                       selection




                                  Yes




                          No




                                        Note. This is not Problem Closure
                                                    Incident Management


Categorization
Activities



    •Service affected (and possibly by association the
     affected SLA)
    •User perception of failure in terms of the User’s
     inability to do something
      –Batch job output has not been received
      –I can’t print, connect to a server or access an
       application
    •Category and details of CI thought to be at fault
    •Category and details of CI eventually found to be
     at fault
    •The fault in the CI, the quick fix and the action
     taken, etc.
                                                   Incident Management


Impact, Urgency & Priority

  Definitions




  Impact  A measure of the business criticality of an
          incident or problem (e.g. numbers
          affected, magnitude)
  Urgency A measure of the speed with which an
          incident or problem requires resolution
          (i.e. how much delay will the resolution
          bear)
  Priority      The order in which an incident or
                problem needs to be resolved, based on
                impact and urgency
                                                                               Incident Management



Illustrative Example
Payroll Application: System run once per month to run payroll

                        Impact                  Urgency                 Priority
Failure of payroll      High: will effect all   Low : Payroll not run   Low (at the
server                  employees               for 3 weeks
                                                                        moment)
(first week in month)
Failure in payroll      High: will effect all   High : Fix needed       High
server (last week of    employees               before 06:00
month)                                          tomorrow morning


Bank Teller Application: System used by cashiers in bank to transact
 on accounts
                        Impact                  Urgency                 Priority
One Branch teller       Medium : one branch     High : Queues           High
application             out of 150              beginning to form
performing poorly
Router Interface down   Low : Cashiers and      Med : Router needs to   Med
                        customers not           be re-booted to
                        impacted due to         restore network
                        redundancy in           redundancy
                        network
                                                                                  Incident Management


Escalation
    Definitions

Hierarchical escalation would typically include authorization,
 resources and/or cost




                             Hierarchical (authority)




                                                        Functional (competence)




    Functional escalation might include specialist groups e.g. Unix Group
                                  Incident Management


Functional Escalation
  Activities

                         The use of support
                         teams is important
                         in efficient incident
                         resolution.

                        • First line support
                          deals with the
                          communication to
                          the user, resolution
                          of known incidents
                          (e.g. password
                          resets)…

                        • …allowing the
                          second and
                          subsequent levels
                          to focus on
                          resolving assigned
                          incidents.
                                                              Problem Management


Problem Management
  Goals




   To minimize the adverse effect on the business of Incidents and
   Problems caused by errors in the infrastructure, and to
   proactively prevent the occurrence of Incidents, Problems and
   Errors.

     Problem definition
     Unknown cause of one or more incidents

     Known Error definition
     An Incident or Problem for which the root cause is
     known and for which a temporary work around or
     permanent alternative has been identified
                                        Problem Management


Problem Flow
  Information




                 Incidents




                                     Service Desk




    Problem




           Known Error




                    Change Process
                                                                         Conf igueration Management


Configuration Management
  Goals




        Enabling control of the infrastructure by monitoring and maintaining
         information on:
            Configuration Items   (CI) needed to deliver services
            CI   status and history
            CI   relationships
            Valuable CIs   (monetary or service)
        Providing information on the IT infrastructure to all other processes and to
         IT Management
                                                           Conf igueration Management


Configuration Management
    Definitions




• Configuration Item (CI) – a component of an IT infrastructure
  which is (or is to be) under the control of Configuration
  Management and therefore subject to formal change control
• Configuration Management Database (CMDB) – a database
  which contains details of the attributes and history of each CI and
  the relationships between CIs
• Baseline – a snapshot of the state of a CI and its components or
  related CIs, frozen in time for a particular purpose, such as:
  – The ability to return a service to a trusted state if a change goes
    wrong
  – A specification for copying the CI or for a roll-out
  – The minimum CIs needed to maintain vital Business Functions
    after a disaster
                                                                                 Conf igueration Management


Major CI Types
  Definitions




                                   Documentation               Data Files
                             Designs; Reports;                What, Where,
                             Agreements; Contracts;           Most Important      Environment
                             Procedures; Plans; Process                        Accommodation; Light,
                             Descriptions; Minutes;                            Heat, Power; Utility
         People              Records; Events (Incident,                        Services (Electricity,
  Users, Customers,          Problems, Change Records);                        Gas, Water, Oil); Office
  Who, Where, What           Proposals; Quotations                             Equipment; Furniture;
  Skills, Characteristics,                                                     Plant & Machinery
  Experience, Roles




                                                Services
             Hardware                 Desktop Support,                               Software
    Computers, Computer               E-mail, Service Desk,           Network Mgmt Systems;
    components, Network               Payroll, Finance,               In-house applications; O/S;
    components & cables               Production Support              Utilities (scheduling, B/R);
    (LAN, WAN),                                                       Packages; Office systems;
    Telephones, Switches                                              Web Management
                          Conf igueration Management


CI Relationships and Attributes
  Activities
                                                                             Change Management


Change Management
  Goals




     Process of controlling changes to the infrastructure or any
     other aspect of services, in a controlled manner, enabling
     approved changes with minimum disruption.



         Change Management ensures that standardized methods and
          procedures are used for the efficient and prompt handling of all
          Changes, in order to minimize the adverse impact of any
          Change-related incidents upon service quality.

         Changes can arise as a result of Problems, Known Errors and their
          resolution, but many Changes can come from proactively seeking
          business benefits such as reducing costs or improving services
                                           Change Management


Change Management
  Definitions


 •Change – a deliberate action that alters the
  form, fit or function of Configuration Item (CI)
  such as an addition, modification, movement, or
  deletion that impacts the IT infrastructure
 •Request for Change (RFC) – a means of
  proposing a change to any component of an IT
  infrastructure or any aspect of an IT service
 •Forward Schedule of Change (FSC) – a
  schedule that contains details of all the changes
  approved for implementation and their proposed
  implementation date
                                             Change Management


Change Management
  Definitions



 •Standard Change – a Change that is recurrent,
  has been proceduralized to follow a pre-defined,
  relatively risk free path and where Change
  Management and budgetary authority is
  effectively give in advance
 •Service Request – a request, usually made
  through a Service Desk, for a Standard Change
  –Example: providing access to services for a new
   member of staff or relocating a few PCs
                                                               Release Management


Release Management
  Goals




    Release Management takes a holistic view of a Change to an
    IT service and should ensure that all aspects of a Release, both
    technical and non-technical, are considered together


    • Good resource planning and management are
      essential to package and distribute a Release
      successfully.

    • The focus of Release Management is the
      protection of the live environment and its services
      through the use of formal procedures and checks.
Service Support Process Model

  Management                                        Service             Enquiries,
   Tools & IT                         Incidents
                                                     Desk            Communications,           Users /
 Infrastructure                                                       Workarounds,
                                                                         Updates
                                                                                              Customers
                   Incident
                  Management
                                                                          Changes
                                     Problem                                                  Releases
                                    Management
      Services
      Reports,                                          Change
                                                      Management
     Incidents,
     Statistics,           Problem                                            Release
    Audit Reports         Statistics,                                       Management
                        Trend Analysis,
                           Problem
                           Reports,          Change                                           Configuration
                                           Schedule,             Release                      Management
                           Problem
                           Reviews,       CAB Minutes,          Schedule,
                          Diagnostic         Change              Release
                             Aids,         Statistics,          Statistics,        CMDB Reports,
                         Audit Reports       Change              Release          CMDB Statistics,
                                            Reviews,             Reviews,        Policy/Standards,
                                          Audit Reports       Source Library,      Audit Reports
                                                                  Testing
                                                                Standards,
                                                               Audit Reports

                  Incidents        Problems,              Changes          Releases        CI Relationships
                                  Known Errors
                                  Configuration Management Database
• Service Support
 – The Service Desk
 – Incident Management
 – Problem Management
 – Configuration Management
 – Release Management
 – Change Management

• Service Delivery
 – Service Level Management
 – Availability Management
 – IT Service Continuity
   Management
 – Capacity Management
 – Financial Management for IT
   Services
                                                             Service Level Management


Service Level Management
  Goals



    To maintain and gradually improve business aligned IT service
    quality, through a constant cycle of defining, agreeing,
    monitoring, reporting and IT service achievements and through
    instigating actions to eradicate unacceptable levels of service

          Service Level Management manages and
           improves the agreed level of service
           between two parties

          • The provider who may be an internal
            service department or the external
            organisation that provides an outsourced
            service

          • The receiver of the servers i.e. the
            customer who pays the bill.
                                                                Availabtily Management


Availability Management
  Goals




    To optimise the capability of the IT infrastructure and supporting
    organisations to deliver a cost effective and sustained level of
    availability that enables the business to satisfy its objectives
                                                                                      IT Service Coninuity Management


IT Service Continuity Management
   Goals




       To support the overall Business Continuity Management
       process by ensuring that the required IT technical services and
       facilities can be recovered within required and agreed business
       time-scales




   Note. IT Service Continuity Management used to be known as Disaster Recovery in the old ITIL books
                                                               Capacity Management


Capacity Management
  Goals




     To understand the future business requirements (the required
     service delivery), the organization's operations (the current
     delivery), and ensure that all current and future capacity and
     aspects of the business requirements are provided cost
     effectively
                                                                                   Financial Management For IT Services


Financial Management
  Goals




     To provide cost-effective stewardship of the IT assets and
     financial resources used in Services




  Note. Financial Management of IT Services used to be known as Cost Recovery in the old ITIL books
Participants in IT Service Management



                  Sr. IT          Sr.        Service
 Strategic        Mgt             Mgt        Delivery


 Tactical     Service Level   Customers         Service
              Management                        Support


Operational   Service Desk       Users


                   IT         The Business
            DISPATCH                 Emergency                  TESTS and




                                                                                Management
           AMBULANCE                   Room                     ANALYSIS




                                                                                 Problem
                                                                Root Cause                    Service Level Mgmt


                                                                                               Financial Mgmt
                                      Specialist
            DIAL 911                   Consult
                                                               DIAGNOSIS
                                    Problem Control             Error Control

            Incident
           Management
                                                                                    Request for
                                              Heart                             Operation/Procedure
   Capacity Management
  Availability Management                    Attack!!!
Service Continuity Management
                                                                                         Operations
                                                                                        & Scheduling
                                              Surgical Team
        Patient Lifecycle Medical                                                              Filter
                    File                            Develop
                                                    Strategy

                                                                                    Impact Analysis
       Medical Procedure Library                     Perform
                                                    Operation
                                                   /Procedure
                                                                                             Prioritize
             Medical Tools


    Configuration Management               Release Management                     Change Management
ITIL is more than a library of books


               Training                       Qualifications:
            •Fundamentals                   Certification at each
             •Practitioner                          level
           •Service Manager


         Information Technology Infrastructure Library

      Consultancy:
                                                            Tools: ITIL
      Provision of IT
                                                          “compliance” is
  consulting services to
                                                            driving tools
  clients based on a de
                                                          manufacturers
      facto standard
                              itSMF: User groups
                              providing seminars,
                                conferences, and
                                   workshops
Consistent and predictable results, process
improvement and cost saving top the list of
benefits from implementing defined IT Process
methods
                                                                                       *




* Source: Forrester Research – Stabilizing IT with Process Methodologies – May, 2005
CobiT



                •What Is It?
        •How Does It Relate To ITIL?
COBIT and ITIL–Process Perspective



      Strategic
                                                                COBIT
   Process Control
                              XY                   XY                  XY                   XY                   XY

                               ##                   ##                 ##                   ##                   ##




  Process Execution
                                                                       ITIL

   Work Instruction   • Work instruction
                      •2
                      •3
                                           • Work instruction
                                           •2
                                           •3
                                                                • Work instruction
                                                                •2
                                                                •3
                                                                                     • Work instruction
                                                                                     •2
                                                                                     •3
                                                                                                          • Work instruction
                                                                                                          •2
                                                                                                          •3
                      • 4,5,6….            • 4,5,6….            • 4,5,6….            • 4,5,6….            • 4,5,6….
CobiT


WHAT     COBIT
         Control



 HOW      ITIL
        Activities
Gartner Advisory on COBIT and ITIL

  COBIT      WHAT
 Control
  ITIL
Activities   HOW
                       Acquire and Implement
                            (AI Process Domain)

    Plan and
    Organise
 (PO Process Domain)




Monitor and
                        Deliver and Support
 Evaluate                  (DS Process Domain)
(M Process Domain)
     Plan and Organise                                                      Acquire and Implement

   Define           Define    Determine                            Acquire and                                    Acquire and     Develop and
                                                     Identify                     Install and
  Strategic      Information Technological                          Maintain                        Manage          Maintain       Maintain
                                                    Automated                      Accredit
   IT Plan       Architecture  Direction                           Application                      Change        Technology          IT
                                                     Solutions                     Systems
                                                                    Software                                     Infrastructure   Procedures


  Define IT
                                 Communicate
 Organisation     Manage IT
                                   Aims and
     and          Investment
                                   Direction
 Relationships
                                                                                            ITIL
  Manage
                    Ensure
                 Compliance        Assess
                                                      Service Support                                Service Delivery
   Human                                                                                          Service
                 with External      Risks          Service         Incident  Problem                          Availability Capacity
  Resource                                                                                         Level
                  Standards                         Desk         Management Management                       Management Management
                                                                                                Management


                                                  Change     Release   Configuration             Financial  Continuity
   Manage                          Manage        Management Management Management               Management Management
   Projects                        Quality




Monitor and Evaluate                                                         Deliver and Support
                       Assess
      Monitor          Internal                Define and
        the            Control                                Manage          Manage          Ensure         Ensure         Identify
                                                Manage                                                                                    Manage
      Process                                                Third-party    Performance      Continuous      System       and Allocate
                      Adequacy                  Service                                                                                  Operations
                                                              Services      and Capacity      Service        Security        Costs
                                                Levels


                                                             Assist and
      Obtain          Provide                   Educate                                       Manage
                                                              Advise          Manage                         Manage         Manage
   Independent      Independent                   and                                       Problems and
                                                                 IT         Configuration                     Data          Facilities
     Assurance         Audit                   Train Users                                    Incidents
                                                             Customers
     Plan and Organise                                                      Acquire and Implement

   Define           Define    Determine                            Acquire and                                    Acquire and     Develop and
                                                     Identify                     Install and
  Strategic      Information Technological                          Maintain                        Manage          Maintain       Maintain
                                                    Automated                      Accredit
   IT Plan       Architecture  Direction                           Application                      Change        Technology          IT
                                                     Solutions                     Systems
                                                                    Software                                     Infrastructure   Procedures


  Define IT
                                 Communicate
 Organisation     Manage IT
                                   Aims and
     and          Investment
                                   Direction
 Relationships
                                                                                            ITIL
  Manage
                    Ensure
                 Compliance        Assess
                                                      Service Support                                Service Delivery
   Human                                                                                          Service
                 with External      Risks          Service         Incident  Problem                          Availability Capacity
  Resource                                                                                         Level
                  Standards                         Desk         Management Management                       Management Management
                                                                                                Management


                                                  Change     Release   Configuration             Financial  Continuity
   Manage                          Manage        Management Management Management               Management Management
   Projects                        Quality




Monitor and Evaluate                                                         Deliver and Support
                       Assess
      Monitor          Internal                Define and
        the            Control                                Manage          Manage          Ensure         Ensure         Identify
                                                Manage                                                                                    Manage
      Process                                                Third-party    Performance      Continuous      System       and Allocate
                      Adequacy                  Service                                                                                  Operations
                                                              Services      and Capacity      Service        Security        Costs
                                                Levels


                                                             Assist and
      Obtain          Provide                   Educate                                       Manage
                                                              Advise          Manage                         Manage         Manage
   Independent      Independent                   and                                       Problems and
                                                                 IT         Configuration                     Data          Facilities
     Assurance         Audit                   Train Users                                    Incidents
                                                             Customers
     Plan and Organise                                                      Acquire and Implement

   Define           Define    Determine                            Acquire and                                    Acquire and     Develop and
                                                     Identify                     Install and
  Strategic      Information Technological                          Maintain                        Manage          Maintain       Maintain
                                                    Automated                      Accredit
   IT Plan       Architecture  Direction                           Application                      Change        Technology          IT
                                                     Solutions                     Systems
                                                                    Software                                     Infrastructure   Procedures


  Define IT
                                 Communicate
 Organisation     Manage IT
                                   Aims and
     and          Investment
                                   Direction
 Relationships
                                                                                            ITIL
  Manage
                    Ensure
                 Compliance        Assess
                                                      Service Support                                Service Delivery
   Human                                                                                          Service
                 with External      Risks          Service         Incident  Problem                          Availability Capacity
  Resource                                                                                         Level
                  Standards                         Desk         Management Management                       Management Management
                                                                                                Management


                                                  Change     Release   Configuration             Financial  Continuity
   Manage                          Manage        Management Management Management               Management Management
   Projects                        Quality




Monitor and Evaluate                                                         Deliver and Support
                       Assess
      Monitor          Internal                Define and
        the            Control                                Manage          Manage          Ensure         Ensure         Identify
                                                Manage                                                                                    Manage
      Process                                                Third-party    Performance      Continuous      System       and Allocate
                      Adequacy                  Service                                                                                  Operations
                                                              Services      and Capacity      Service        Security        Costs
                                                Levels


                                                             Assist and
      Obtain          Provide                   Educate                                       Manage
                                                              Advise          Manage                         Manage         Manage
   Independent      Independent                   and                                       Problems and
                                                                 IT         Configuration                     Data          Facilities
     Assurance         Audit                   Train Users                                    Incidents
                                                             Customers
     Plan and Organise                                                      Acquire and Implement

   Define           Define    Determine                            Acquire and                                    Acquire and     Develop and
                                                     Identify                     Install and
  Strategic      Information Technological                          Maintain                        Manage          Maintain       Maintain
                                                    Automated                      Accredit
   IT Plan       Architecture  Direction                           Application                      Change        Technology          IT
                                                     Solutions                     Systems
                                                                    Software                                     Infrastructure   Procedures


  Define IT
                                 Communicate
 Organisation     Manage IT
                                   Aims and
     and          Investment
                                   Direction
 Relationships
                                                                                            ITIL
  Manage
                    Ensure
                 Compliance        Assess
                                                      Service Support                                Service Delivery
   Human                                                                                          Service
                 with External      Risks          Service         Incident  Problem                          Availability Capacity
  Resource                                                                                         Level
                  Standards                         Desk         Management Management                       Management Management
                                                                                                Management


                                                  Change     Release   Configuration             Financial  Continuity
   Manage                          Manage        Management Management Management               Management Management
   Projects                        Quality




Monitor and Evaluate                                                         Deliver and Support
                       Assess
      Monitor          Internal                Define and
        the            Control                                Manage          Manage          Ensure         Ensure         Identify
                                                Manage                                                                                    Manage
      Process         Adequacy                               Third-party    Performance      Continuous      System       and Allocate
                                                Service                                                                                  Operations
                                                              Services      and Capacity      Service        Security        Costs
                                                Levels


                                                             Assist and
      Obtain          Provide                   Educate                                       Manage
                                                              Advise          Manage                         Manage         Manage
   Independent      Independent                   and                                       Problems and
                                                                 IT         Configuration                     Data          Facilities
     Assurance         Audit                   Train Users                                    Incidents
                                                             Customers
ISO 20000


                •What Is It?
        •How Does It Relate To ITIL?
ISO 20000: Basic Concepts

    • Quality standard for IT Service Management
    Formal specification defined requirements for an organization
    to deliver managed services to acceptable quality to customers


    • BS 15000 fast-tracked to become IS0 20000
    • ITIL forms the basis of the standard
    • Standard = a list of criteria that needs to be met

    The standard versus the framework
    • Standard = audit & certify against. Makes ITIL alive
    • Framework = best practice that the standard is based on
ISO 20000

  Capacity                     SERVICE DELIVERY              Information
  Management                                                 Security
                           Service Level Management          Management
                                 Service Reporting
  Availability and                                             Budgeting and
 The Business
   Service                                                  ICTAccounting for
  Perspective                     CONTROL              Infrastructure
  Continuity                                                   IT Services
                                                       Management
                         Configuration Management
  RELEASE                      Change Management        RELATIONSHIP

                                                      Business Relationship
  Release                         RESOLUTION          Management
  Management                    Incident Management
                                                      Supplier Relationship
                                Problem Management
                                                      Management

 Source: itSMF International
Example: Change Management
Specifications: Objective + Requirements


Objective:
To ensure all changes are assessed, approved, implemented and
 reviewed in a controlled manner

Requirement examples:
• All requests for change shall be recorded and classified, e.g.
 urgent, emergency, major, minor
• Requests for changes shall be assessed for their risk, impact
 and business benefit
• All changes shall be reviewed for success and any actions
 taken after implementation
Example: Change Management
Code of Practice: Objective + Detailed Best Practices

Objective (Sub-process: 8.2.2): Closing and reviewing the
 change request

Detailed Best Practice:
• All changes should be reviewed for success or failure after
  implementation and any improvements recorded
• A post-implementation review should be undertaken for major
  changes to check that:
  – a) the change met its objectives;
  – b) the customers are happy with the results;
  – c) there have been no unexpected side effects
• Any nonconformity should be recorded and actioned
• Any weaknesses or deficiencies identified in a review of the
  change control process should be fed in to service
  improvement plans
   … to this: ITIL V.3
ITIL Future – from this….

                        Planning to Implement Service Management

                  Service        Service     Service     Service       Continuous
                  Strategy       Design
                                                   Service
                                            Transition
                                                        Operation       Service
                                                  Support




                                                                                     The Technology
                                                                                     The Technology
                                                                       Improvmt
  The Business
  The Business




                                                                         ICT
                 The Business             PERSPECTIVE
                                LIFECYCLESecurity                   Infrastructure
                  Perspective          Management                    Management


                                   Service
                         Pocket Guides                     Case Studies
                                    Delivery
                                  ITIL Practice Working Templates
                                 Applications Management
                     Governance Methods         Certification-based Study Aids

                                   Software Asset Management
                        Executive Introduction to IT Service Management
 Various non-proprietary frameworks and methods exist to help
 IT organizations become more process centric and improve the
 quality of the services delivered

                     ITIL                     CMM                       CobiT                   Six Sigma                  ISO 2000
              The IT Infrastructure    The Capability Maturity   Control OBjectives        A data driven quality     A standard concerned
What is it?   Library is a             Model is a m ethod        for Inform ation and      m anagement program       prim arily with the
              customizable             of evaluating and         related Technology        to control variations     quality of IT Service
              fram ework               m easuring the            is a fram ework for       and thereby achieve       Managem ent. It
              of best practises that   m aturity of the          inform ation security     high levels of quality.   provides the basis to
              prom ote quality IT      software development      and provides                                        fulfill custom er
              service, build on a      process. Recent           generally accepted                                  requirem ents,
              process-model view       revisions (CMMI)          IT control objectives                               regulatory
              of controlling and       provide guidance for      to assist in developing                             requirem ents, enhance
              m anaging operations.    im proving organization   appropriate IT                                      customer satisfaction,
              ITIL was originally      process and m anage       governance and                                      and pursue continual
              developed by the UK      the development,          control                                             im provement
              governm ent and has      acquisition and
              since m atured into      m aintenance of
              an internationally       products and service
              recognized standard.




              IT Operations – IT       Development               Governance and            Process Im provement      Processes Consistency
Focus         Service Managem ent                                Control

              Yes                      Yes                       Yes                       No                        Yes
IT Specific

              Define and im plem ent   Determ ine extent of      Provide process           Im prove processes        Certify processes are
How it fits   processes                process m aturity         controls                                            being followed
Frameworks and Methodologies


           ISO20000
                   CobiT
             SIX SIGMA
                   CMMi
             Governance
                      Business
            ITIL      Process
                       Models
In summary:

                            ITIL is:


  • The international de-facto Best Practice for IT Service
  Management
  • Process Approach to improving Quality, Efficiency and
  Effectiveness
  • Service focused IT management, viewed from the
  perspective of IT customers and users
  • Evolving, vendor-neutral, non-proprietary framework
  • CobiT complementary, Certifiable through ISO20000
  • DEFINED COMMON SENSE

				
DOCUMENT INFO
Description: Information Technology Infrastructure Library Standard document sample