Title: Information Technology Infrastructure Library ITIL
1Information Technology Infrastructure Library
(ITIL)
- History, Concepts and Alignment to CobiT and ISO
20000 - Thursday, October 12, 2006
2Todays Objectives
- Learn about the history of ITIL
- Understand ITILs key objectives
- Discover all components of the ITIL Framework
- Visit each of the core 10 ITIL SM Processes
- Learn the importance of process interaction
- Understand the ISO 20000 alignment to ITIL
- Understand the alignment to CobiT Framework
- Learn about the future of ITIL
3Dalibor Petrovic, I.S.P.Consulting Manager, IT
Strategy and Management, Deloitte
- Certified ITIL Service Manager- EXIN
International Exam Marker for ITIL Service
Manager Certifications- Certified CobiT
Professional- Certified ISO 20000 Internal
Auditor- Chair of itSMF Northern Alberta
4WHAT IS ITIL?
Framework for Best Practices in IT Service
Management
A Library of Books
Defined Common Sense
- Origins
- British Governments effort to improve IT
management - Developed by the CCTA in the late 1980s
- Originally, a library of over 40 books that
documented various IT Service areas, processes
and standards - Today, a library of 8 books, under the auspices
of OGC
5ITIL Objectives
- Three Key Objectives of IT Service Management
- Align IT Services with the Current and Future
Needs of the Business and its Customers - Improve Quality of IT Services
- Reduce Long-Term Costs of IT Service Provision
6In the beginning
there was Deming!
7The Deming Cycle
8The Deming Cycle
9The ITIL Library
Source OGC
10ITSM Components
IT Service ContinuityManagement
Service Level Management
Availability Management
Release Management
Service Delivery Set
Capacity Management
Service Support Set
Change Management
FinancialManagementfor IT services
Configuration Management
Incident Management
Problem Management
11(No Transcript)
12- Service Support
- The Service Desk
- Incident Management
- Problem Management
- Configuration Management
- Release Management
- Change Management
- Service Delivery
- Service Level Management
- Availability Management
- IT Service Continuity Management
- Capacity Management
- Financial Management for IT Services
13The Service Desk
The Service Desk
Goals
- To act as the single point of contact between the
User and IT Service Management and track status
of all customer interactions - To handle Incidents and requests, and provide an
interface for other activities such as Change,
Problem, Configuration, Release, Service Level,
and IT Service Continuity Management
14Inputs to the Service Desk
The Service Desk
Information
15Why a Service Desk?
The Service Desk
Essentials
- The Service Desk is more than just a Help Desk
- The first and single point of contact
- High quality support to meet business goals
- Help identify costs of IT services
- Proactive support and communication of changes
- Increase user perception and satisfaction
- Identification of business opportunities
- Identification of Training Opportunities
16Responsibilities
The Service Desk
Activities
- Receive and record all calls from users
- Provide first-line support (using knowledge
resources) - Refer to second-line support where necessary
- Monitoring and escalation of incidents
- Keep users informed on status and progress
- Provide interface between ITSM disciplines
- Produce measurements and metrics
17Incident Management
Incident Management
Goals
To restore normal service operation as quickly as
possible with minimum disruption to the business,
thus ensuring that the best achievable levels of
availability and service are maintained
Incident definition Any event which is not part
of the standard operation of a service and which
causes, or may cause, an interruption to, or a
reduction in, the quality of that
service Work-around definition A method of
avoiding an Incident or Problem either by
employing a temporary fix or technique so the
user is no longer reliant on a Configuration Item
(CI) that is known to cause failure
18The Incident Life Cycle the monitoring and
tracking of Incidents
Incident Management
Activities
Including Impact and Urgency selection
Yes
No
Note. This is not Problem Closure
19Categorization
Incident Management
Activities
- Service affected (and possibly by association the
affected SLA) - User perception of failure in terms of the Users
inability to do something - Batch job output has not been received
- I cant print, connect to a server or access an
application - Category and details of CI thought to be at fault
- Category and details of CI eventually found to be
at fault - The fault in the CI, the quick fix and the action
taken, etc.
20Impact, Urgency Priority
Incident Management
Definitions
21Incident Management
Illustrative Example
Payroll Application System run once per month to
run payroll
Bank Teller Application System used by cashiers
in bank to transact on accounts
22Escalation
Incident Management
Definitions
Hierarchical escalation would typically include
authorization, resources and/or cost
Hierarchical (authority)
Functional (competence)
Functional escalation might include specialist
groups e.g. Unix Group
23Functional Escalation
Incident Management
Activities
- The use of support teams is important in
efficient incident resolution. - First line support deals with the communication
to the user, resolution of known incidents (e.g.
password resets) - allowing the second and subsequent levels to
focus on resolving assigned incidents. - Targets are often set for improving the
percentage of incidents resolved at first level.
24Problem Management
Problem Management
Goals
To minimize the adverse effect on the business of
Incidents and Problems caused by errors in the
infrastructure, and to proactively prevent the
occurrence of Incidents, Problems and Errors.
- Problem definition
- Unknown cause of one or more incidents
- Known Error definition
- An Incident or Problem for which the root cause
is known and for which a temporary work around or
permanent alternative has been identified
25Problem Flow
Problem Management
Information
Incidents
Service Desk
Problem
Known Error
Change Process
26Configuration Management
Configueration Management
Goals
- Enabling control of the infrastructure by
monitoring and maintaining information on - Configuration Items (CI) needed to deliver
services - CI status and history
- CI relationships
- Valuable CIs (monetary or service)
- Providing information on the IT infrastructure to
all other processes and to IT Management
27Configuration Management
Configueration Management
Definitions
- Configuration Item (CI) a component of an IT
infrastructure which is (or is to be) under the
control of Configuration Management and therefore
subject to formal change control - Configuration Management Database (CMDB) a
database which contains details of the attributes
and history of each CI and the relationships
between CIs - Baseline a snapshot of the state of a CI and
its components or related CIs, frozen in time for
a particular purpose, such as - The ability to return a service to a trusted
state if a change goes wrong - A specification for copying the CI or for a
roll-out - The minimum CIs needed to maintain vital Business
Functions after a disaster
28Major CI Types
Configueration Management
Definitions
Documentation Designs Reports Agreements
Contracts Procedures Plans Process
Descriptions Minutes Records Events (Incident,
Problems, Change Records) Proposals Quotations
Data Files What, Where, Most Important
Environment Accommodation Light, Heat, Power
Utility Services (Electricity, Gas, Water, Oil)
Office Equipment Furniture Plant Machinery
People Users, Customers, Who, Where, What Skills,
Characteristics, Experience, Roles
Services Desktop Support, E-mail, Service Desk,
Payroll, Finance, Production Support
Hardware Computers, Computer components, Network
components cables (LAN, WAN), Telephones,
Switches
Software Network Mgmt Systems In-house
applications O/S Utilities (scheduling, B/R)
Packages Office systems Web Management
29CI Relationships and Attributes
Configueration Management
Activities
30Change Management
Change Management
Goals
Process of controlling changes to the
infrastructure or any other aspect of services,
in a controlled manner, enabling approved changes
with minimum disruption.
- Change Management ensures that standardized
methods and procedures are used for the efficient
and prompt handling of all Changes, in order to
minimize the adverse impact of any Change-related
incidents upon service quality. - Changes can arise as a result of Problems, Known
Errors and their resolution, but many Changes can
come from proactively seeking business benefits
such as reducing costs or improving services
31Change Management
Change Management
Definitions
- Change a deliberate action that alters the
form, fit or function of Configuration Item (CI)
such as an addition, modification, movement, or
deletion that impacts the IT infrastructure - Request for Change (RFC) a means of proposing a
change to any component of an IT infrastructure
or any aspect of an IT service - Forward Schedule of Change (FSC) a schedule
that contains details of all the changes approved
for implementation and their proposed
implementation date
32Change Management
Change Management
Definitions
- Standard Change a Change that is recurrent, has
been proceduralized to follow a pre-defined,
relatively risk free path and where Change
Management and budgetary authority is effectively
give in advance - Service Request a request, usually made through
a Service Desk, for a Standard Change - Example providing access to services for a new
member of staff or relocating a few PCs
33Release Management
Release Management
Goals
Release Management takes a holistic view of a
Change to an IT service and should ensure that
all aspects of a Release, both technical and
non-technical, are considered together
- Good resource planning and management are
essential to package and distribute a Release
successfully. - The focus of Release Management is the protection
of the live environment and its services through
the use of formal procedures and checks.
34Service Support Process Model
ServiceDesk
Enquiries,Communications, Workarounds, Updates
ManagementTools IT Infrastructure
Users / Customers
Incidents
Incident Management
Changes
Problem Management
Releases
Change Management
Services Reports, Incidents, Statistics, Audit
Reports
Release Management
Problem Statistics, Trend Analysis, Problem
Reports, Problem Reviews, Diagnostic Aids, Audit
Reports
Configuration Management
Change Schedule, CAB Minutes, Change
Statistics, Change Reviews, Audit Reports
Release Schedule, Release Statistics, Release
Reviews, Source Library, Testing Standards, Audit
Reports
CMDB Reports, CMDB Statistics, Policy/Standards, A
udit Reports
Configuration Management Database
Problems,Known Errors
Incidents
Changes
Releases
CI Relationships
35(No Transcript)
36- Service Support
- The Service Desk
- Incident Management
- Problem Management
- Configuration Management
- Release Management
- Change Management
- Service Delivery
- Service Level Management
- Availability Management
- IT Service Continuity Management
- Capacity Management
- Financial Management for IT Services
37Service Level Management
Service Level Management
Goals
To maintain and gradually improve business
aligned IT service quality, through a constant
cycle of defining, agreeing, monitoring,
reporting and IT service achievements and through
instigating actions to eradicate unacceptable
levels of service
- Service Level Management manages and improves the
agreed level of service between two parties - The provider who may be an internal service
department or the external organisation that
provides an outsourced service - The receiver of the servers i.e. the customer who
pays the bill.
38Availability Management
Availabtily Management
Goals
To optimise the capability of the IT
infrastructure and supporting organisations to
deliver a cost effective and sustained level of
availability that enables the business to satisfy
its objectives
39IT Service Continuity Management
IT Service Coninuity Management
Goals
To support the overall Business Continuity
Management process by ensuring that the required
IT technical services and facilities can be
recovered within required and agreed business
time-scales
Note. IT Service Continuity Management used to be
known as Disaster Recovery in the old ITIL books
40Capacity Management
Capacity Management
Goals
To understand the future business requirements
(the required service delivery), the
organization's operations (the current delivery),
and ensure that all current and future capacity
and aspects of the business requirements are
provided cost effectively
41Financial Management
Financial Management For IT Services
Goals
To provide cost-effective stewardship of the IT
assets and financial resources used in Services
Note. Financial Management of IT Services used to
be known as Cost Recovery in the old ITIL books
42Participants in IT Service Management
Sr. IT Mgt
Sr. Mgt
Strategic
Customers
Service Level Management
Tactical
Users
Service Desk
Operational
IT
The Business
43DISPATCH AMBULANCE
Emergency Room
TESTS and ANALYSIS
Root Cause
Service Level Mgmt
Problem Management
DIAL 911
Specialist Consult
DIAGNOSIS
Financial Mgmt
Problem Control
Error Control
Incident Management
Heart Attack!!!
Request for Operation/Procedure
Capacity Management
Availability Management
Service Continuity Management
Change Management
Release Management
Configuration Management
44ITIL is more than a library of books
- Training
- Fundamentals
- Practitioner
- Service Manager
Qualifications Certification at each level
Information Technology Infrastructure Library
Consultancy Provision of IT consulting services
to clients based on a de facto standard
Tools ITIL compliance is driving tools
manufacturers
itSMF User groups providing seminars,
conferences, and workshops
45Consistent and predictable results, process
improvement and cost saving top the list of
benefits from implementing defined IT Process
methods
Source Forrester Research Stabilizing IT
with Process Methodologies May, 2005
46CobiT
- What Is It?
- How Does It Relate To ITIL?
47COBIT and ITILProcess Perspective
Strategic
COBIT
Process Control
XY
XY
XY
XY
XY
ITIL
Process Execution
Work Instruction
- Work instruction
- 2
- 3
- 4,5,6.
- Work instruction
- 2
- 3
- 4,5,6.
- Work instruction
- 2
- 3
- 4,5,6.
- Work instruction
- 2
- 3
- 4,5,6.
- Work instruction
- 2
- 3
- 4,5,6.
48CobiT
COBIT Control
WHAT
ITIL Activities
HOW
49Gartner Advisory on COBIT and ITIL
COBIT Control
WHAT
ITIL Activities
HOW
50Acquire and Implement (AI Process Domain)
Plan and Organise (PO Process Domain)
Deliver and Support (DS Process Domain)
Monitor and Evaluate (M Process Domain)
51Planning Organization Acquire and
Implement
Plan and Organise
Define Strategic IT Plan
Determine Technological Direction
Define Information Architecture
Identify Automated Solutions
Acquire and Maintain Application Software
Acquire and Maintain Technology Infrastructure
Develop and Maintain IT Procedures
Install and Accredit Systems
Manage Change
Define IT Organisation and Relationships
Manage IT Investment
Communicate Aims and Direction
ITIL
Service Delivery
Service Support
Manage Human Resource
Ensure Compliance with External Standards
Assess Risks
Service Level Management
Availability Management
Capacity Management
Service Desk
Incident Management
Problem Management
Manage Projects
Manage Quality
Financial Management
Continuity Management
Change Management
Release Management
Configuration Management
Deliver and Support
Monitor and Evaluate
Assess Internal Control Adequacy
Monitor the Process
Manage Performance and Capacity
Ensure Continuous Service
Ensure System Security
Identify and Allocate Costs
Manage Third-party Services
Define and Manage Service Levels
Manage Operations
Obtain Independent Assurance
Educate and Train Users
Assist and Advise IT Customers
Manage Configuration
Manage Problems and Incidents
Manage Data
Manage Facilities
Provide Independent Audit
52Planning Organization Acquire and
Implement
Plan and Organise
Define Strategic IT Plan
Determine Technological Direction
Define Information Architecture
Identify Automated Solutions
Acquire and Maintain Application Software
Acquire and Maintain Technology Infrastructure
Develop and Maintain IT Procedures
Install and Accredit Systems
Manage Change
Define IT Organisation and Relationships
Manage IT Investment
Communicate Aims and Direction
ITIL
Service Delivery
Service Support
Manage Human Resource
Ensure Compliance with External Standards
Assess Risks
Service Level Management
Availability Management
Capacity Management
Service Desk
Incident Management
Problem Management
Manage Projects
Manage Quality
Financial Management
Continuity Management
Change Management
Release Management
Configuration Management
Deliver and Support
Monitor and Evaluate
Assess Internal Control Adequacy
Monitor the Process
Manage Performance and Capacity
Ensure Continuous Service
Ensure System Security
Identify and Allocate Costs
Manage Third-party Services
Define and Manage Service Levels
Manage Operations
Obtain Independent Assurance
Educate and Train Users
Assist and Advise IT Customers
Manage Configuration
Manage Problems and Incidents
Manage Data
Manage Facilities
Provide Independent Audit
53Planning Organization Acquire and
Implement
Plan and Organise
Define Strategic IT Plan
Determine Technological Direction
Define Information Architecture
Identify Automated Solutions
Acquire and Maintain Application Software
Acquire and Maintain Technology Infrastructure
Develop and Maintain IT Procedures
Install and Accredit Systems
Manage Change
Define IT Organisation and Relationships
Manage IT Investment
Communicate Aims and Direction
ITIL
Service Delivery
Service Support
Manage Human Resource
Ensure Compliance with External Standards
Assess Risks
Service Level Management
Availability Management
Capacity Management
Service Desk
Incident Management
Problem Management
Manage Projects
Manage Quality
Financial Management
Continuity Management
Change Management
Release Management
Configuration Management
Deliver and Support
Monitor and Evaluate
Assess Internal Control Adequacy
Monitor the Process
Manage Performance and Capacity
Ensure Continuous Service
Ensure System Security
Identify and Allocate Costs
Manage Third-party Services
Define and Manage Service Levels
Manage Operations
Obtain Independent Assurance
Educate and Train Users
Assist and Advise IT Customers
Manage Configuration
Manage Problems and Incidents
Manage Data
Manage Facilities
Provide Independent Audit
54Planning Organization Acquire and
Implement
Plan and Organise
Define Strategic IT Plan
Determine Technological Direction
Define Information Architecture
Identify Automated Solutions
Acquire and Maintain Application Software
Acquire and Maintain Technology Infrastructure
Develop and Maintain IT Procedures
Install and Accredit Systems
Manage Change
Define IT Organisation and Relationships
Manage IT Investment
Communicate Aims and Direction
ITIL
Service Delivery
Service Support
Manage Human Resource
Ensure Compliance with External Standards
Assess Risks
Service Level Management
Availability Management
Capacity Management
Service Desk
Incident Management
Problem Management
Manage Projects
Manage Quality
Financial Management
Continuity Management
Change Management
Release Management
Configuration Management
Deliver and Support
Monitor and Evaluate
Assess Internal Control Adequacy
Monitor the Process
Manage Performance and Capacity
Ensure Continuous Service
Ensure System Security
Identify and Allocate Costs
Manage Third-party Services
Define and Manage Service Levels
Manage Operations
Obtain Independent Assurance
Educate and Train Users
Assist and Advise IT Customers
Manage Configuration
Manage Problems and Incidents
Manage Data
Manage Facilities
Provide Independent Audit
55(No Transcript)
56(No Transcript)
57ISO 20000
- What Is It?
- How Does It Relate To ITIL?
58ISO 20000 Basic Concepts
- Quality standard for IT Service Management
- Formal specification defined requirements for an
organization to deliver managed services to
acceptable quality to customers - BS 15000 fast-tracked to become IS0 20000
- ITIL forms the basis of the standard
- Standard a list of criteria that needs to be
met - The standard versus the framework
- Standard audit certify against. Makes ITIL
alive - Framework best practice that the standard is
based on
59ISO 20000
SERVICE DELIVERY
Capacity Management
Information Security Management
Service Level Management
The Business Perspective
Service Reporting
Availability and Service Continuity
Budgeting and Accounting for IT Services
ICT Infrastructure Management
CONTROL
Configuration Management
RELEASE
RELATIONSHIP
Change Management
Business Relationship Management
RESOLUTION
Release Management
Incident Management
Supplier Relationship Management
Problem Management
Source itSMF International
60Example Change Management
- Specifications Objective Requirements
- Objective
- To ensure all changes are assessed, approved,
implemented and reviewed in a controlled manner - Requirement examples
- All requests for change shall be recorded and
classified, e.g. urgent, emergency, major, minor - Requests for changes shall be assessed for their
risk, impact and business benefit - All changes shall be reviewed for success and
any actions taken after implementation
61Example Change Management
- Code of Practice Objective Detailed Best
Practices - Objective (Sub-process 8.2.2) Closing and
reviewing the change request - Detailed Best Practice
- All changes should be reviewed for success or
failure after implementation and any improvements
recorded - A post-implementation review should be undertaken
for major changes to check that - a) the change met its objectives
- b) the customers are happy with the results
- c) there have been no unexpected side effects
- Any nonconformity should be recorded and actioned
- Any weaknesses or deficiencies identified in a
review of the change control process should be
fed in to service improvement plans
62ITIL Future from this.
to this ITIL V.3
Service Strategy
Service Design
Service Transition
Service Operation
Continuous Service Improvmt
LIFECYCLE PERSPECTIVE
The Business
The Technology
Pocket Guides
Case Studies
ITIL Practice Working Templates
Governance Methods
Certification-based Study Aids
Executive Introduction to IT Service Management
63Various non-proprietary frameworks and methods
exist to help IT organizations become more
process centric and improve the quality of the
services delivered
ITIL
CobiT
CMM
Six Sigma
ISO 2000
The IT Infrastructure Library is a customizable
framework of best practises that promote quality
IT service, build on a process-model view of
controlling and managing operations. ITIL was
originally developed by the UK government and has
since matured into an internationally recognized
standard.
Control OBjectives for Information and related
Technologyis a framework for information
security and provides generally accepted IT
control objectives to assist in developing
appropriate IT governance and control
The Capability Maturity Model is a method of
evaluating and measuring the maturity of the
software development process. Recent revisions
(CMMI) provide guidance for improving
organization process and manage the development,
acquisition and maintenance of products and
service
A data driven quality management program to
control variations and thereby achieve high
levels of quality.
A standard concerned primarily with the quality
of IT Service Management. It provides the basis
to fulfill customer requirements, regulatory
requirements, enhance customer satisfaction, and
pursue continual improvement
What is it?
Focus
IT Operations IT Service Management
Development
Governance and Control
Process Improvement
Processes Consistency
IT Specific
Yes
Yes
Yes
No
Yes
How it fits
Define and implement processes
Determine extent of process maturity
Provide process controls
Improve processes
Certify processes are being followed
64Frameworks and Methodologies
ISO20000
CobiT
SIX SIGMA
CMMi
ITIL
Business Process Models
Governance
65In summary
- ITIL is
- The international de-facto Best Practice for IT
Service Management - Process Approach to improving Quality,
Efficiency and Effectiveness - Service focused IT management, viewed from the
perspective of IT customers and users - Evolving, vendor-neutral, non-proprietary
framework - CobiT complementary, Certifiable through
ISO20000 - DEFINED COMMON SENSE