Académique Documents
Professionnel Documents
Culture Documents
Industry Projections ............................................... 16 Conclusion ............................................................ 17 Reported Benefits................................................ 17 New Insights Into Old Questions............................ 18 Additional Information ............................................ 19
Executive Summary
ISO/IEC 20000 Released December, 2005 IT organizations focused on reducing costs and improving delivery of their critical business services now have a new international standard to help drive their service improvement initiatives. After gaining momentum globally under the names ITSM and ITIL, the new standard for IT Service Management, ISO/IEC 20000, was published in December 2005. Just as ISO 9000 became pervasive ten years ago as the standard for business process quality assurance, ISO 20000 is positioned to dominate as the audit framework for benchmarking the management of IT systems and services. Early predictions by industry analysts suggest that ISO 20000 will emerge as a minimum bid requirement over the next twelve to twenty-four months and will gain rapid acceptance among government, financial, manufacturing and supply chain organizations that require and place a premium on auditable standards. The new standard will appeal to organizations using outsource service providers, those whose systems interconnect with suppliers, and those that rely on service providers to store or transport sensitive data. These organizations will see ISO 20000 as a verifiable means to insure that suppliers have best practices in place and that they are meeting internationally standard service management criteria. Other corporate and pubic sector IT organizations more focused on internal service improvement can look to the standard as a means to demonstrate to senior management, boards of directors and external customers that their organizations are meeting global best practice standards. This whitepaper provides an overview of the new international standards, including background on why organizations are widely adopting the new standards in the US. It covers the benefits of using a standards-based framework, common deployment approaches along with issues that are commonly encountered and lessons learned that can improve overall project success.
Newly Released After gaining momentum globally under the names ITSM and ITIL, the new standard for IT Service Management, ISO/IEC 20000, was published in December 2005.
2. Industry share-groups, associations and councils that brought together infrastructure professionals to compare approaches and promote best practice development. 3. Product-based or proprietary vendor frameworks such as those from IBM, HP, and Microsofts Operations Framework (MOF). Prior to ITIL, however, none of these efforts gained dominance or rose to the level of becoming a recognized global standard. ISO 20000 rolls up the principles and practices established under the ITIL framework to provide a globally standard, nonproprietary, best practice framework now available to operations and support professionals for the first time.
Ke y Po int ITIL provides a globally standard, non-proprietary, best practice framework available to operations and support professionals for the first time.
Running IT as a Business
A cornerstone of the ITIL service management approach is the principle that IT should be run as a business. This concept assumes that customers will be engaged as full partners in setting the IT agenda and in defining the service levels they ultimately pay for and receive. Achieving this goal requires all of the rigor and discipline that comes with running any successful service business including: A strong service orientation with users viewed as customers. A supply-chain approach, where support groups must work in concert to produce and support the end service. A collaborative organization and culture with a focus on customer satisfaction and customer driven priorities. An understanding that customer-facing services cannot be put at risk through poor internal change, release and configuration management practices. A recognition that the most critical of the enterprises IT services should never fail.
In IT Service Management terms, these elements underpin the emerging service-oriented management philosophy and are promoted in the activities associated with documenting Service Level Agreements, implementing robust Incident and Problem Management processes, and ensuring well coordinated and tested Change and Release Management processes. These processes in turn are supported through good basic data
collection and detailed analysis of how effective the services are in meeting business needs.
1. Service Delivery The text that focuses on the practices required to provision and support the IT services used by the business. 2. Service Support The text that focuses on ensuring that the business has access to the appropriate IT services to perform their operational functions.
Although there are seven texts in the current series, the ITIL Foundation certification training focuses on two texts: Service Delivery and Service Support
IT Service Continuity Management Supports overall business continuity planning and ensures IT assets and services are protected and recoverable within acceptable business targets. Availability Management Focuses on delivering acceptable levels of availability at a cost that aligns to business needs and the stated availability objectives for the service.
ITIL and ISO20 000 ITIL promotes a fundamental shift away from the technology focused, isolationist IT organization of the past toward a more customer-centric, solution oriented organization of the future.
focused, isolationist IT organization of the past, toward a more customer-centric, solution oriented organization of the future. In a world where outsourcing is a very real alternative to marginal or unresponsive internal IT support, ITIL has gained prominence by offering a framework specifically targeting service management issues, and promoting a philosophy where the customer is king. The publication of ISO 20000 provides a badly needed audit standard for the ITIL best practices and a means to measure and benchmark compliance. One issue presented by this publication, is that process groupings and terms do not map to ITIL on a one-to-one basis. It may be that the revision of the ITIL texts currently underway will address these differences, but this issue still needs to be clarified at this point. (For an overview of the ITIL vs. ISO framework similarities and differences, see the Head-to-Head comparison in Table 1 below.) The new ISO standard is published in two parts and is available from the International Standards Organization at: http://www.iso.com. ISO/IEC 20000-1, Part 1: Specification 17 Pages Outlines the requirements for structuring the service management system and the processes and activities that must be in place for compliance certification. These form the required elements of the standard and are worded as such using the active phrasing management shall
IS0/IEC 20000-2, Part 2: Code of Practice 35 Pages Adds best practice guidance in support of the processes and certification requirements. Wording in this second part uses the more passive phasing management should.
Ado pters A few large manufacturing, retail and financial companies have moved ahead in adopting ITIL in the U.S. Beyond these companies, however, many organizations are just beginning to build awareness of ITIL and are even less aware of ISO 20000.
5. Comply with government, trading partner, or other industry standards. 6. Deploy a new infrastructure tool or support process such as Change Management. 7. Integrate multiple operating sites or develop a plan for a merger or acquisition. 8. Reduce costs to increase investment in application enhancement or new development. 9. Introduce new processes or more formal rigor in areas such as Change Management, Configuration Management, etc. 10. Develop or adapt current support processes to support a major or new application.
While project teams are rapidly completing solution development and preparing to declare victory, production support teams that may have been engaged toward the end of the project still refer to this latestage involvement as the throw-it-over-thewall approach.
front engagement of the business stakeholders through the IT Financial Management and Service Level Management planning processes drives improved prioritization of project investments as well as budgeting, accounting and service planning requirements.
Deployment Approaches
1. The Pain-Point Approach
There are many alternatives for developing a deployment approach. Targeting a pain-point based on a compelling business need, as touched on briefly above, is a common method used by many organizations. This can be a great way for organizations to get started with a minimum investment required.
Dev elo pment App roa ches Targeting a painpoint based on a compelling business need is a common method used by many organizations. This can be a great way for organizations to get started with a minimum investment required.
ITIL and ISO/IEC 20000 Page 10
If system failures are a highly visible management issue, for example, improving availability might start by building a Service Catalog and ranking the organizations top five or ten systems according to business criticality. Designing an Incident Management process then can begin by focusing on the most critical and most visible business systems. This helps the design efforts in several ways. First, having a specific mission-critical system or systems to focus on helps the designers analyze current processes and assess shortcomings that may be contributing to outages. Second, this narrow rather than generic focus helps zero-in on the most important actions to be taken by support staff during a service failure. Third, it provides real-life examples as test cases for process design validation. Forth, it allows the design team to map how a service failure crosses organizational boundaries and which workgroups need to be involved under varying scenarios. Finally, it provides a roadmap for defining roles, escalation and communication requirements, and ways to measure process effectiveness.
IT organizations facing this situation can begin by engaging their customers through the Service Level Agreement (SLA) process. SLA discussions serve to open up a requirements dialog with the people who depend on the service to get their jobs done. This dialogue provides insights for both sides on how current service levels are supported and steps that might be taken to drive improvement. SLAs also serve to identify Key Performance Indicators (KPIs) that provide the ability to track the actual levels of service being delivered. Once implemented, this fact vs. feeling approach provides a better understanding within the IT department of true business needs and the impact of poor service on the customer. Likewise, the business gains an understanding of ITs delivery capabilities and the increased costs associated with provisioning high availability solutions. When such costs are justifiable based on service need, the business units are more likely to become partners in rationalizing funding.