Itil Intermediate Capability Stream:: Operational Support and Analysis (Osa) Certificate

The Official ITIL Accreditor 2012. The Swirl logo is a trade mark of the Cabinet Office.
ITILis a registered trade mark of the Cabinet Office. ITIL Intermediate Capability OSASample2 QUESTION BOOKLET v6.1.
This document must not be reproduced without express permission from The Accreditor.
Page 1 of 9
Version 6.1 (Live) Owner The Official ITIL Accreditor

ITIL
Intermediate Capability Stream:

OPERATIONAL SUPPORT AND ANALYSIS (OSA)
CERTIFICATE

Sample Paper 2, version 6.1

Gradient Style, Complex Multiple Choice

QUESTION BOOKLET

Gradient Style Multiple Choice
90 minute paper
8 questions, Closed Book

Instructions

1. All 8 questions should be attempted.
2. You should refer to the accompanying Scenario Booklet to answer each question.
3. All answers are to be marked on the answer grid provided.
4. You have 90 minutes to complete this paper.
5. You must achieve 28 or more out of a possible 40 marks (70%) to pass this examination.
The Official ITIL Accreditor 2012. ITIL Intermediate Capability OSASample2 QUESTION BOOKLET v6.1.
Page 2 of 9
Question One

Refer to Scenario One

As the IT service manager you are the main sponsor of the transformation programme. You have not
been invited to the initial programme launch meeting.

Which one of the following options BEST describes the actions that should be taken?

A. You recognize that this is a major programme which will impact the services provided to your
customers. As the main sponsor of the programme it is important for you to demonstrate your support
and to understand in detail exactly what is going on, and you therefore ask to be included in the
meeting. You also ask to check the meeting invitation list so that you can ensure that all IT operations
areas and functions are appropriately represented in the different phases of the programmes life
cycle.

B. The programme is only just starting and has two years to run, so it is unlikely that any important
information will be provided at this meeting. You have learned that some of your direct reports have
been invited so you have asked them to update you following the meeting. Your plan is to let things
progress before you get involved as your main concern is the delivery and operation of the new
service.

C. You recognize that this is a major programme which will significantly impact the services provided to
your customers. As the main sponsor of the programme it is important for you to demonstrate your
support and to understand and sign off on the programmes components, especially programme risks,
assumptions, constraints, resources and costs. You therefore ask to be included in the meeting. You
also check the meeting invitation list to ensure that all IT operations areas and functions which will
play a role in the different phases of the programmes life cycle are appropriately represented.

D. You recognize that this is a major programme which will impact on the services being provided to
your customers. As the main sponsor of the programme it is important for you to understand exactly
what is going on and you therefore ask at this stage to be copied in on the minutes and actions from
the meeting. You may wish to be included in the meetings at a later date. You also check the meeting
invitation list to ensure that all IT operations areas and functions which will play a role in the different
phases of the programmes life cycle are appropriately represented.

Page 3 of 9
Question Two

Refer to Scenario Two

Which of the following BEST describes those items that could be handled using a request fulfilment
process?

A. 1, 2, 3, 4, 6, 7 and 8 can be handled by request fulfilment because they are common tasks that can
follow a predetermined procedure. 9 is a request for change and should be logged and handled using
the change management process. 5 and 10 require investigation to determine the nature of the issue
and therefore should be handled as incidents.

B. 3, 5, 7, 8, and 9 can be handled by request fulfilment because they are common tasks that can follow
a predetermined procedure. 2 is a request for change and should be logged and handled using the
change management process. 1, 4, 6 and 10 require investigation to determine the nature of the
issue and therefore should be handled as incidents.

C. 2, 3, 5, 7, 8, and 9 can be handled by request fulfilment because they are common tasks that can
follow a predetermined procedure. 1, 4, 6 and 10 require investigation to determine the nature of the
issue and therefore should be handled as incidents.

D. 3, 5 and 7 can be handled by request fulfilment because they are common tasks that can follow a
predetermined procedure. 2 and 9 are requests for change and should be logged and handled using
the change management process. 8 should be handled by the access management process. 1, 4, 6
and 10 require investigation to determine the nature of the issue and therefore should be handled as
incidents.

Page 4 of 9
Question Three

Refer to Scenario Three

Based on ITIL best practice, which one of the following solutions is CORRECT?

A. There is a clear need for the informational events to be retained. The data will be needed for
trending purposes and may be used by problem management, capacity management, availability
management and, potentially, by several other processes. You take into account the suggestions of
the organizations legal department regarding legislative and compliance issues and define a policy
that ensures the data will be retained for a minimum of six years and three months.

B. You believe that the informational events should be retained for a longer period than just one week,
but you are uncertain as to what the correct retention period should be. You decide to consult the
business users and those IT groups that might use the data, and to hold specific discussions with the
legal and compliance departments to decide exactly how long the data should be retained. You then
document a retention policy that ensures that all of the data is retained for the agreed period.

C. You agree with the senior technical groups that the data is extremely unlikely to be needed beyond
one week and that, on the balance of risk, the cost of retaining this data is a waste of resources. In
order to achieve the most cost-effective solution you document and implement the one-week
retention policy. You advise the legal department of your decision in case any related IT governance
issues arise in the future.

D. You believe that the informational events should be retained for a longer period than just one week,
but you are uncertain as to what the correct retention period should be. You decide to consult the
business users and those IT groups that might use the data, and to hold specific discussions with the
legal and compliance departments to decide exactly how long the data relating to each event type is
needed. You then document a retention policy that handles each event type in accordance with the
specific business need.

Page 5 of 9
Question Four

Refer to Scenario Four

Which one of the following options BEST describes how to utilize user profiles in support of business
goals?

A. Define a standard set of services (for example, messaging and office automation) and grant
access to all users.
On a case-by-case basis, determine the additional services that only select customers can
access.
Use directory services-type technology to automate the granting of access to individuals, based
on their needs.
Establish a process with information security management that ensures that the access
management team is informed when new employees join the company so that the appropriate
level of access can be granted.

B. Catalogue each user role requiring access and the services each role can access.
Determine any groups users belong to that require additional access or a different level of
access such as tighter security for example, contractors and customers.
Work with human resources to determine the secure data that identifies each user and how
changes to the status of users such as new hires, terminations, moves, and transfers will be
communicated.
Work with information security management to ensure compliance with local data protection
legislation and to automate the granting of access.

C. Document the role performed by each user, along with the standard and specialized services
that support each role.
Regularly review each role to ensure the appropriate level of access is being provided to the
associated services.
Establish a process that ensures access management is informed when new employees join the
company so that the appropriate level of access can be granted.
Use directory services-type technology to automate the granting of access to individuals based
on their roles.

D. Catalogue each user role requiring access and the services each role can access.
Determine any groups of users that may have unique requirements such as mobile users and
home office workers.
Work with the information security management team to develop procedures for the handling of
user data to ensure compliance with local data protection legislation.
Work with the information security management team to address the granting of access to roles
that require a tighter level of security, such as contractors and selected customers, and also to
automate the granting of access.

Page 6 of 9
Question Five

Refer to Scenario Five

Which one of the following options is the BEST approach to resolve these challenges and support the
chief executive officers (CEOs) goals?

A. Expand the scope of the centralized service desk to include all services
Ensure the service desk is logging all incidents and problems
Provide training and have the service desk update a known error database (KEDB) as
incidents are resolved
Provide users with self-service access to the KEDB
Ensure technical and application management resources are involved in continual service
improvement activities

B. Delegate routine maintenance, back-up, restore and monitoring activities to IT operations
management
Initiate a project to define and deploy a common set of incident and problem categories
Establish virtual teams to handle problems, using specialists as needed
Use technical and application management resources to populate and maintain the KEDB
Ensure technical and application management resources are engaged early in the service
lifecycle

C. Delegate back-up, restore and routine maintenance activities to IT operations management
Delegate monitoring activities to the centralized service desk
Provide users with self-service access to the KEDB
Ensure technical and application management resources are involved in continual service
improvement activities

D. Delegate monitoring activities to IT operations management
Initiate a project to define and deploy a common set of incident and problem categories
Ensure the service desk is logging all incidents and problems
Establish a corporate problem management team and hire or transfer individuals who are
skilled in problem investigation and diagnosis techniques

Page 7 of 9
Question Six

Refer to Scenario Six

Which one of the following actions BEST describes what the chief information officer (CIO) should do
regarding the user complaints?

A. As the statistics show clearly that IT support is functioning optimally no actions are required at this
time. The service desk is solving 81 percent of all incidents while on the phone. Incident management
is solving nearly all the remaining incidents inside the agreed resolution times and problem
management is particularly effective, solving 103 problems out of 104.

B. Increase the external consultancy budget so that service desk and incident management can call
external support earlier and as required to help deal with the additional incidents during peak periods.
Even though the service level agreements are being met, this will help to satisfy the user complaints.

C. As well as owning the problem management process, appoint the service desk supervisor as the
problem manager and ensure one day each week is spent looking at the cause of incidents to
determine if more problems can be identified to enable prevention of recurring incidents

D. Appoint a new problem manager to separate the role from the incident management and service desk
roles. The problem manager should be tasked with analysing existing data to see if more problems
can be identified to enable prevention of further recurring incidents.

Page 8 of 9
Question Seven

Refer to Scenario Seven

From the information contained within the report, which one of the following BEST identifies the issues?

A. Many requests are logged as incidents, indicating a deficiency in communicating the
difference between standard and normal changes
Re-routing of incidents by support teams indicates a lack of incident coordination by the
service desk (SD)
Evidence that resolution of many incidents is unrelated to the original category indicates a
lack of understanding of categorization
Poor and incomplete incident recording indicates a lack of guidance for, or training of, the
SD staff

B. Re-routing of incidents by support teams is evidence of poor first-line fix rate
Evidence of incorrect incident prioritization indicates a lack of guidance to, or training for, the
SD staff
Evidence suggests that the configuration management system is out of date or does not
support incident management (IM)
Evidence that some users are bypassing the SD is an indication that the awareness
campaign aimed at users about SDs role is incomplete

C. Evidence that the SD has no access to common solutions or workarounds indicates a poor
problem management process
Poor and incomplete incident recording indicates a lack of guidance to, or training for, the
SD staff
Simple requests are dealt with as incidents and escalated to support teams, indicating the
need for a request fulfilment process
Re-routing of incidents by support teams indicates an inadequacy in support teams
operational procedures

D. Evidence that the resolution of many incidents is unrelated to the original category indicates
inconsistent and incorrect use of categorization
Re-routing of incidents by support teams indicates a lack of incident coordination by the SD
Low first-line resolution rates and inconsistent handling of incidents of similar types indicate
a lack of knowledge, guidance and training
A lack of incident ownership by the SD
Page 9 of 9
Question Eight

Refer to Scenario Eight

Which of the following candidates would MOST LIKELY be called back for a second interview?

A. Candidate #1

B. Candidate #2

C. Candidate #3

D. Candidate #4
ITILis a registered trade mark of the Cabinet Office. ITIL Intermediate Capability OSASample2 SCENARIO BOOKLET v6.1.
Page 1 of 9

ITIL

CERTIFICATE



SCENARIO BOOKLET

This booklet contains the scenarios upon which the eight examination questions will be based. All
questions are contained within the Question Booklet and each question will clearly state the scenario
to which the question relates. In order to answer each of the eight questions, you will need to read the
related scenario carefully.

On the basis of the information provided in the scenario, you will be required to select which of the
four answer options provided (A, B, C or D) you believe to be the optimum answer. You may choose
ONE answer only, and the Gradient Scoring system works as follows:

If you select the CORRECT answer, you will be awarded 5 marks for the question
If you select the SECOND BEST answer, you will be awarded 3 marks for the question
If you select the THIRD BEST answer, you will be awarded 1 mark for the question
If you select the DISTRACTER (the incorrect answer), you will receive no marks for the
question

In order to pass this examination, you must achieve a total of 28 marks or more out of a maximum of
40 marks (70%).
The Official ITIL Accreditor 2012. ITIL Intermediate Capability OSASample2 SCENARIO BOOKLET v6.1.
Page 2 of 9
Scenario One

You are the IT service manager for a large financial services provider, and are responsible for the
end-to-end services provided by the existing legacy mainframe systems. You report to the chief
information officer (CIO). Reporting to you are the development teams, the project and programme
management team, the IT operations teams, including the data centre manager, and the continual
service improvement team.

In order to update the services and to position the company for the commercial challenges ahead, it
has been agreed at board level that the infrastructure will be redesigned and the current 20 systems
migrated and consolidated onto a single new service. This new service will greatly reduce IT operating
costs for both manpower and technology, and will enable the business divisions to radically
restructure their operating capability.

The transformation programme started three months ago. It is still in the planning phase and has only
just received final sign-off from the board. Resources are currently being identified and engaged to
join the programme team, the communication plan is being developed, and the programme risks,
assumptions and constraints are being refined. No detailed design has yet been undertaken, and the
overall programme is expected to last two years.

You have learned that the programme director is calling an initial meeting next week to officially
launch the programme, to outline the programme proposition, and to get input from all those involved.

Page 3 of 9
Scenario Two

A well-known insurance company has improved its business over the last 10 years by exploiting the
internet. It relies on many IT services to provide its external customers with the ability to obtain fast
and accurate quotes from the companys website.

It is a dynamic company that retains a competitive advantage by responding quickly to trends in the
insurance market with new offerings to external customers. This requires that the staff and business
processes are flexible so that the company can respond rapidly to market needs. Accordingly, the
company encourages staff to change or share roles regularly. This results in many requests to move
or purchase IT equipment. There are also frequent requests to make changes to system access when
users change roles.

You are the service desk manager and joined the company three months ago. Until now, the service
desk has dealt with all service requests as incidents. You are in the process of planning to implement
a request fulfilment process. The process will be initiated by service desk staff and involves other
support groups. Service requests will continue to be logged in the incident management system but
will be categorized as requests for workflow and reporting purposes.

You are analysing the most frequently occurring service requests that the new process will handle
and have produced a report of some of the common calls that are received by the service desk. This
report is shown below:

Item # Incident description
1 User reported error with PC faulty mouse replaced by desktop team
2 User request to add two new fields to the customer screen of the sales system
3 User request to purchase a new toner cartridge for printer
4 User reported slow response when using e-mail applications
5 User request for advice on how to use a spreadsheet application
6 User reported a printer failure
7 User forgot password password reset
8 User required additional access to the sales system
9 User submitted request to move their PC to a different office
10 User unable to log into PC

Page 4 of 9
Scenario Three

An organization has recently purchased a new event management support tool that the service
operation team is in the process of installing and configuring. A particular question has come up
regarding the retention of data relating to events that occur.

All people involved have agreed that events that are classified as warning or exception need to be
retained for a lengthy period after the event has been dealt with.

However, concerns regarding the amount of space that will be required and the volume of data to be
stored and potentially accessed, have caused some senior technical staff to propose that events
categorized as informational need only be retained for a minimal period. A retention period of one
week has been proposed, the logic being that if any follow-up issues have not occurred by then they
are extremely unlikely to occur at all.

Other team members have argued that this does not make sense. The data may be needed for some
time beyond this point, so should be retained indefinitely.

The organizations legal department has advised that there may also be legislative or compliance
issues and if so the data may need to be retained for up to six years.

Page 5 of 9
Scenario Four

A financial services organization with offices worldwide has begun a three-year project to replace
many of the legacy applications hosted on their mainframe with web-based services. The project is
part of a strategic corporate initiative to streamline key business processes and to make better use of
IT to create competitive advantage. The goals of this initiative are to:

Reduce costs
Maximize resources
Improve enterprise-wide information security
Ensure compliance with legislative and regulatory controls.

When the new web-based services are available, varying levels of access to these services will be
granted to employees, contractors and, in some cases, select customers. Business sponsors have
emphasized that because the current market place is extremely dynamic and competitive, it is critical
that access is granted as quickly as possible when requests are submitted. However, security is also
a concern and the business expects IT to play a key role in securing the organizations information
assets.

A new access management process has been implemented that is based on ITIL best practices. A
project is underway to clarify the procedures for creating and utilizing user profiles to grant and
manage access on an ongoing basis.

Page 6 of 9
Scenario Five

A large insurance company has grown rapidly in the past several years through a series of
acquisitions. The acquired companies continue to operate fairly autonomously, each with its own IT
department; however, several corporate systems, such as e-mail and an enterprise resource planning
(ERP) system, have been deployed. A new corporate document management system (DMS) is in the
process of being deployed.

A centralized service desk provides a single point of contact for managing incidents and the separate
IT departments each support their own systems and also provide second and third-line support for the
corporate systems to their respective user communities. A common set of high-level incident
management procedures is being followed, although each of the IT departments is still using its own
logging and management system.

The chief executive officer (CEO) oversees a chief information officer (CIO) group comprising the
CIOs from each of the separate IT departments. The CEO has challenged this group to identify
opportunities to reduce costs, share resources, and consolidate operational activities. The CEO is
also frustrated by recent problems encountered when deploying the new DMS and significant outages
affecting the ERP system. To date, a lack of data gathering standards has made it difficult to
investigate and analyse these problems. However, the CIO Group needs to quickly determine why
these problems are occurring and to establish ways of minimizing the impact, because both of these
systems are critical to the companys overall success.

Discussion is under way to determine how to make best use of existing resources particularly the
technical and application management resources to deal with these issues. Each of the IT
departments is experiencing staffing shortages and most CIOs indicate that their technical and
application management functions are currently over-utilized.
Page 7 of 9
Scenario Six

A construction company designs and implements customized projects for clients. The company is
heavily dependent on their IT organization which develops specialized in-house solutions for them.
Several times in the past, these solutions provided a clear strategic advantage over their competition
and for this reason the company has retained a high level of specialized experts. The company is also
using a standard enterprise resource planning (ERP) system and a standard desktop software
package and has acquired a high level of expertise in supporting these services.

ITIL best practices have been implemented within the company and most of the processes are
considered effective and efficient. The service desk owns the problem management process. It is
perceived as being very effective because it managed to solve 103 out of 104 identified problems last
year, and the mean time for solving a problem was five days. Service level agreements (SLAs) are
also in place and are actively used. The quality of service, together with the highly respected SLAs,
has built IT a solid reputation within the company.

For these reasons, the CIO is particularly shocked about recent user complaints that the number of
incidents is continually increasing and has reached an unacceptable level. You have been asked to
look into the situation and to make a proposal for the best way forward.

After analysing the incident reports from the last three years, you find that the number of incidents has
doubled to over 300,000 per year. In the same period the number of users has increased by just 12
percent. You also note that there appear to be 2,000 incidents of the same type for the ERP system.

Last year, the service desk was able to solve 81 percent of all incidents immediately while users were
on the phone. Over the course of the year there were only 29 major incidents, all of which were
solved inside the agreed resolution times. In fact, over 98 percent of all incidents were solved inside
of agreed SLA resolution times.

Page 8 of 9
Scenario Seven

The IT department of a large European supermarket chain consists of 250 staff. Generally the
department has a good reputation, but as the company has expanded, service levels have dropped.

The IT department started to implement service management six months ago; the service desk (SD)
was reviewed and improvements made, new staff employed and a revised incident management
process was introduced. While internal users welcomed this change, a number of issues were
identified.

The following report provides a representative sample of records from the incident management
system. You are the SD manager and must review the report to identify the issues that must be dealt
with.

No Category Incident description Resolution
1010 Desktop Unable to log in to the PC network
Escalated to network team.
Resolved by network team.
1030 Request Forgotten password
Could not verify user details.
Escalated to desktop team.
1060 Request User submitting RFC Escalated to SD manager.
1110 Server Windows server reboot Logged by server team.
1120 Request Request for new toner cartridge Escalated to desktop team.
1205 Desktop PC locked up when logging in Escalated to server team.
1240 Network Network slow
Escalated to server team.
Network team later confirming its
resolution.
1250 Printer Printing problems
Could not locate details of printer.
Escalated to network team.
1315 Request New PC request Escalated to SD manager.
1330 e-mail Slow response sending e-mail
Could not locate user details so user
requested to telephone back later if it does
not improve.
1350 Server Network is very slow
Escalated to desktop team.
Closed by network team.
1405 Network PC hung blue screen error
Escalated to server team.
Desktop team closed incident after visit to
user.
1425 Desktop PC log-in problems
Third occurrence today so escalated to SD
manager as possible problem.

Page 9 of 9
Scenario Eight

A company is seeking to recruit a service management expert to strengthen their service operation
teams, in particular the technical and operations management division. Through the standard
selection process each candidate was asked to prepare a statement outlining what they believed to
be the main objective and purpose of service operation.

The statements would then be used to select a candidate for second interview.

Candidate #1

Maintain operational stability while introducing new or changed services into supported
environments. The purpose of the service operation stage of the service lifecycle is to co-
ordinate and carry out the activities and processes required to deliver and manage services at
agreed levels from one state to another while managing risk to business users and customers.
Service operation is also responsible for the ongoing management of the technology that is used
to deliver and support services.

Candidate #2

Maintain stability in service operation, allowing for changes in design, scale, scope and
service levels. The purpose of the service operation stage of the service lifecycle is to co-
ordinate and carry out the activities and processes required to deliver and manage services at
agreed levels to business users and customers. Service operation is also responsible for the
ongoing management of the technology that is used to deliver and support services.

Candidate #3

Manage services in supported environments, achieving effectiveness and efficiency to
ensure value for the customer, the user and the service provider. The purpose of the service
operation stage of the service lifecycle is to achieve service quality, operational efficiency and
business continuity, and to ensure that the portfolio of supported services continues to be aligned
with business and user needs. Service operation is also responsible for management of the
technology used to deliver and support services.

Candidate #4

Maintain stability in the design and development of services and service management
practices. The purpose of the service operation stage of the service lifecycle is to co-ordinate the
principles and methods for converting strategic objectives into portfolios of services and service
assets to be managed. Service operation is also responsible for managing the ongoing
expectation of service performance and alignment of capabilities and business strategies.

ITILis a registered trade mark of the Cabinet Office. ITIL Intermediate Capability OSASample2 ANSWERSandRATIONALES v6.1.
Page 1 of 13

ITIL

CERTIFICATE



ANSWERS AND RATIONALES
The Official ITIL Accreditor 2012. ITIL Intermediate Capability OSASample2 ANSWERSandRATIONALES v6.1.
Page 2 of 13
Answer Key:

Scenario Question Correct:
5 Marks
2
nd
Best:
3 Marks
3
rd
Best:
1 Mark
Distracter:
0 Marks
One 1 C A D B
Two 2 B C D A
Three 3 D B A C
Four 4 B D C A
Five 5 B D C A
Six 6 D C B A
Seven 7 D A C B
Eight 8 B C A D

Page 3 of 13
QUESTION One Scenario One
Question Rationale

To be able to understand the following:
The importance of senior management sponsorship
The benefits of project/programme management in service operations; the
importance of risk assessment and risk management
The importance of involving IT operations staff in all phases of the programme,
especially during the design and transition phases
MOST CORRECT (5) C This option represents the most correct answer as it highlights that the
programme will have a significant impact on the services provided to current
customers.
Given that the IT service manager is the main sponsor, it is important that they
attend the meeting to make their support and commitment to the programme
visible.
This option also identifies the importance of recognizing that IT operations staff
need to be involved during the planning phases of the programme, rather than
after the solution has been developed and tested and is ready for operations.
The programme sponsor is actually verifying that this is the case by asking to
look at the list of invitees to the meeting.
This option also highlights the importance of risk assessment and
management. It shows that the sponsor will look at, and sign off on, the
identified risks, on the programmes assumptions and constraints, resourcing
(shows commitment) and costs or funding (again demonstrates commitment).
SECOND BEST (3) A This difference between this answer and the best answer is that it fails to
recognize the importance of risk management, project assumptions,
constraints, resourcing and costs.
THIRD BEST (1) D This answer is less accurate compared to the previous option. It does not
highlight the importance of making the sponsors support visible by attending
the meeting in person. It also shows that the sponsor is satisfied just to be
copied in on the meetings minutes, and the phrase may wish to be included
at a later date indicates less interest in the programme.
DISTRACTER (0) B This option demonstrates a totally relaxed approach on the part of the sponsor
of the programme. It shows the sponsors lack of interest in the early stages of
the programme, which is when the main decisions need to be made and buy-in
achieved. The sponsors actions do not demonstrate a committed or
supportive attitude towards the programme, and this attitude could be
replicated in his direct reports and copied by programme team members.
There seems to also be a lack of interest from the sponsor in making sure that
the right parties be involved in the programme from the beginning.
Syllabus Unit /
Module supported
ITIL SC: OSA09 Technology and implementation considerations

Blooms Taxonomy
Testing Level
Level 4 Analysis The ability to use the practices and concepts in a situation or
unprompted use of an abstraction. Can apply what is learned in the classroom, in
workplace situations. Can separate concepts into component parts to understand
structure and can distinguish between facts and inferences.

Application The candidate must apply their knowledge of the need for management
support, risk mitigation and acceptable project involvement in order to select the
correct option that provides a balanced approach.
Subjects covered

Categories covered:
Service operation and project management
Assessing and managing risk in service operation
Operational staff in service design and transition
Management support
Critical success factors and risks
Book Section Refs SO 8.2 Implementing service operation Service operation and project
management
Page 4 of 13
SO 8.3 implementing service operation Assessing and managing risk in service
operation
SO 8.4 Implementing service operation Operational staff in service design and
transition
SO 9.2 Challenges, critical success factors and risks Critical success factors
SO 9.3 Challenges, critical success factors and risks Risks
Difficulty Easy

Page 5 of 13
QUESTION Two Scenario Two
Question Rationale

This question focuses on the request fulfilment process and requires an
understanding of the types of requests that should be handled by the process.
MOST CORRECT (5) B All statements are correct.
Sentence 1 Correct. All are examples of service requests.
Sentence 2 This is a request to change a screen and therefore must be
handled by the change management process. It is possible that the service
desk could be used to log changes, but this will be done using the change
management system, not the incident management system.
Sentence 3 Correct. All are examples of incidents.
SECOND BEST (3) C Sentence 1 Mostly correct, with the exception that 2 is a request to change a
screen and therefore must be handled by the change management process. It
is possible that the service desk could be used to log changes, but this will be
done using the change management system, not the incident management
system.
Sentence 2 Correct.
THIRD BEST (1) D Sentence 1 All are examples of service requests.
Sentence 2 2 is a request to change a screen and therefore must be handled
by the change management process. However, 9 is a very low-risk request to
move a PC that could be handled via request fulfilment; particularly in an
organization such as the one in the scenario that often receives this type of
request.
Sentence 3 8 is an access request but these should be logged as service
requests which then trigger the access management process; particularly as it
is a user that is requesting access.
DISTRACTER (0) A Sentence 1 1 and 6 are incidents, not service requests. 2 is a request to
change a screen and therefore must be handled by the change management
process. It is possible that the service desk could be used to log changes, but
this will be done using the change management system, not the incident
management system.
Sentence 2 9 is a very-low risk change that can be handled via the request
fulfilment process; particularly in an organization such as the one in the
scenario that often receives this type of request.
Sentence 3 It is correct that 10 is a service request, but 5 is not. Questions
can be handled as service requests.
Syllabus Unit /
Module supported
ITIL SC: OSA04 Request fulfilment
Blooms Taxonomy
Testing Level
Level 3 Applying Use ideas, principles and theories in new, particular and concrete
situations. Behavioural tasks at this level involve both knowing and comprehension
and might include choosing appropriate procedures, applying principles, using an
approach or identifying the selection of options.

Application The candidate must be able to distinguish between service requests,
change requests and incidents to select the correct answer option.
Subjects covered

Categories covered:
Service desk
Request fulfilment
Book Section Refs SO 4.3.1 Service operation processes Request fulfilment Purpose and
objectives
SO 4.3.2 Service operation processes Request fulfilment - Scope
Difficulty Moderate

Page 6 of 13
QUESTION Three Scenario Three
Question Rationale

This question focuses on data retention in relation to event management and, in
particular, event categorization. The correct answers also involve good discussion
in this case discussion with the business and IT users to determine the most
appropriate data retention periods for each separate event type, so as to best meet
business needs and outcomes.
MOST CORRECT (5) D This is the best solution. Consulting all of the stakeholders will generate a
good discussion and will allow an accurate picture of retention needs to be
established. By treating each event type separately and establishing a policy
that matches the exact needs of each event type, no more or no less data than
necessary will be retained
SECOND BEST (3) B Consulting the stakeholders to determine exact retention needs is very valid
but, in this solution, all event types are treated in the same way, which will
inevitably mean retaining all of the data for the same amount of time as the
type which must be retained longest. Although no required data will be deleted
when it might still be needed, it is likely that a lot of data will be retained long
after it ceases to be required.
THIRD BEST (1) A To keep all data for more than six years on the basis that there MAY be a legal
requirement to retain some of the data for this period would be excessive. The
only redeeming feature is that the probably small amount of data that may be
needed will definitely be available.
DISTRACTER (0) C This is the wrong answer. Data will need to be kept, at least initially, long
enough for trends to be established or problems requiring investigation to
come to light. One week is likely to be totally insufficient for this. Stakeholders
should be consulted to determine a realistic and acceptable retention period.
Syllabus Unit /
Module supported
ITIL SC: OSA02 Event management
Blooms Taxonomy
Testing Level

Application The candidate must apply their knowledge of event management, and
balance the cost, risks and potential legislative requirements for data retention to
distinguish which option is the best to meet the issues described in the scenario.
Subjects covered Categories covered:
Event management
Book Section Refs SO 4.1.5.6 Service operation processes Event management Process activities,
methods and techniques - Significance of events
SO 4.1.5.9 Service operation processes Event management Process activities,
methods and techniques - Response selection
Difficulty Moderate

Page 7 of 13
QUESTION Four Scenario Four
Question Rationale

This question examines a candidates understanding of the access management
process, particularly relative to users, groups, roles and service groups.
MOST CORRECT (5) B This reflects all of the factors that must be considered.
Bullet 1 Having a catalogue of roles enables access management to function
more efficiently and so helps reduce costs and maximize resources. Defining
roles also makes it possible to grant and restrict access more quickly and as
required by the business.
Bullet 2 Supports the business goal to improve enterprise-wide information
security.
Bullet 3 Ensures security is considered throughout the user lifecycle.
Bullet 4 Supports the business goal to ensure compliance with legislative
and regulatory controls and also supports the business goal to reduce costs
and maximize resources by automating the granting of access.
SECOND BEST (3) D This answer addresses most factors but lacks some necessary specifics.
Bullet 1 - Having a catalogue of roles enables access management to function
more efficiently and so helps reduce costs and maximize resources. Defining
roles also makes it possible to grant and restrict access more quickly and as
required by the business.
Bullet 2 Supports the business goal to function more efficiently by defining
and using groups to grant and restrict access.
Bullet 3 - Supports the business goal to ensure compliance with legislative and
regulatory controls.
Bullet 4 - Supports the business goal to improve enterprise-wide information
security. Also supports the business goal of reducing costs and maximizing
resources by automating the granting of access.
While each of these answers is accurate, this answer fails to mention working
in conjunction with human resources (HR) to maintain the catalogue of roles.
As unclear roles and responsibilities is one of the challenges to be overcome,
this is not the best answer.
THIRD BEST (1) C This answer has some merit but lacks specifics.
Bullet 1 Defining roles enables access management to function more
efficiently and so helps reduce costs and maximize resources. Defining roles
also makes it possible to grant and restrict access more quickly and as
required by the business. This answer would be better if it suggested creating
a catalogue of roles.
Bullet 2 This is an accurate statement but does not address the need to work
with HR to maintain the catalogue of roles.
Bullet 3 While important, this answer fails to mention roles and
responsibilities, which is a key challenge to be overcome.
Bullet 4 - Supports the business goal of reducing costs and maximizing
resources by automating the granting of access.
This answer, in general, fails to clarify roles and responsibilities. It also fails to
mention engaging security at all and so does not support a key business goal.
DISTRACTER (0) A This answer is wrong. It is too broad and impractical and does not reflect ITIL
guidance, nor does it support business goals.
Bullet 1 While defining a standard set of services is appropriate, granting
access to all users is not. For example, customers and contractors are not
typically granted access to internal systems.
Bullet 2 This answer is highly impractical and so would not support the
business goals of reducing costs and maximizing resources.
Bullet 3 This answer incorrectly suggests using technology to grant access
based on individual needs. This would be a highly ineffective use of
technology. Using roles and groups would allow access to be granted and
restricted much more quickly, would be more cost-effective, and would be a
better use of resources.
Page 8 of 13
Bullet 4 This answer incorrectly states that information security will be
responsible for informing access management about new employees (vs. HR).
Neither does it address how to grant access to contractors and customers.
This answer, in general, fails to support business goals and accurately reflect
ITIL guidance. It does not clarify roles and responsibilities. It also fails to
mention the need to ensure compliance with local data protection legislation.
Syllabus Unit /
Module supported
ITIL SC: OSA06 Access management
Blooms Taxonomy
Testing Level

Application The candidate must apply their knowledge of access management and
also assess the objectives described in the scenario to select a balanced option that
meets the needs defined by the process and the business.
Subjects covered

Categories covered:
Access management
Book Section Refs SO 4.5.7.2 Service operation processes Access management Information
management Users, groups, roles and service groups
Difficulty Hard

Page 9 of 13
QUESTION Five Scenario Five
Question Rationale

This question tests the candidates understanding of the technical and application
management functions and their relationship to the service desk and IT operations
management functions.
MOST CORRECT (5) B This answer best addresses the issues in the scenario.
Bullet 1 Addresses the CEOs goal of consolidating operational activities.
This approach will also help relieve the over-utilization of the technical and
application management functions.
Bullet 2 Addresses the need to improve data gathering standards.
Bullet 3 Addresses the CEOs goal of sharing resources. It also
acknowledges the need to devote resources to problem management.
Bullet 4 Having a known error database (KEDB) will support problem
management activities and help reduce the impact and cost of outages.
Bullet 5 Addresses the need to reduce and/or prevent problems with new
services by engaging technical and application management staff in service
design and service transition activities.
SECOND BEST (3) D This answer is good but lacks some specifics.
Bullet 1 While accurate, this answer is a bit narrow in focus. Other activities
that could be delegated include back-up, restore, and routine maintenance and
operational activities.
Bullet 2 Addresses the need to improve data-gathering standards.
Bullet 3 Partially correct logging all incidents is important and is the
responsibility of the service desk. However, the service desk is not responsible
for logging all problems that is the responsibility of technical and application
management via the problem management process.
Bullet 4 Although this answer addresses the need to devote resources to
problem management it does not support the CEOs goal of sharing resources.
Bullet 5 Having a KEDB will support problem management activities and help
reduce the impact of outages.
THIRD BEST (1) C This answer has some merit but fails to address some of the issues presented
in the scenario.
Bullet 1 Partially supports the CEOs goal of consolidating operational
activities.
Bullet 2 While accurate, this answer is a bit narrow in focus. It does not state
what happens if incidents are detected. There is no indication that the service
desk is rectifying the situation, so significant technical support involvement
could still be required.
Bullet 3 Having a KEDB will support problem management activities and help
reduce the impact of outages.
Bullet 4 Providing users with access to a KEDB is a bit premature.
Bullet 5 While this is an accurate statement, involving technical and
application management resources early in the service lifecycle will better help
resolve the issues in this scenario.
This answer does not address devoting resources to problem management
activities and so does not address the CEOs challenge to determine why
problems are occurring. Furthermore, because there are no formal problem
management activities, it is unlikely that the KEDB will be accurate, complete,
and current at all times.
DISTRACTER (0) A This answer is incorrect.
Bullet 1 While it may be perceived that expanding the service desk will result
in cost savings, there is really nothing in the scenario to indicate this is
necessary or a priority.
Bullet 2 Partially correct logging all incidents is important and is the
responsibility of the service desk. However, without data-gathering standards,
the data will not be as valuable as it could be as input to the problem
management process. Also, the service desk is not responsible for logging all
Page 10 of 13
problems that is the responsibility of technical and application management
via the problem management process.
Bullet 3 It is technical and application managements responsibility to
validate and maintain the KEDB.
Bullet 4 Providing users with access to the KEDB is a bit premature
Bullet 5 While this is an accurate statement, involving technical and
application management resources early in the service lifecycle will better help
resolve the issues in this scenario.
This answer is wrong because it does not address many of the issues in the
scenario such as consolidating operational activities and sharing resources. It
does not address devoting resources to problem management activities and so
does not address the CEOs challenge to determine why problems are
occurring. Nor does it address defining data-gathering standards and so it is
unlikely that the KEDB will be accurate, complete, and current at all times.
Syllabus Unit /
Module supported
ITIL SC: OSA08 Functions
Blooms Taxonomy
Testing Level

Application The candidate must have a sound knowledge of service operation
functions in order to assess the issues in the scenario and the proper use of the
functions and to select the answer option which provide the best balance for each for
these.
Subjects covered

Categories covered:
Technical management
IT operations management
Application management
Book Section Refs SO 6.4.1 Organizing for service operation Technical management Technical
management role
SO 6.4.2 - Organizing for service operation Technical management Technical
management objectives
SO 6.4.3 - Organizing for service operation Technical management Generic
technical management activities
SO 6.5.1 Organizing for service operation IT operations management IT
operations management role
SO 6.5.2 - Organizing for service operation IT operations management IT
operations management objectives
SO 6.5.3 - Organizing for service operation IT operations management IT
operations management organization
SO 6.6.1 Organizing for service operation Application management Application
management role
SO 6.6.2 - Organizing for service operation Application management Application
management objectives
SO 6.6.5 - Organizing for service operation Application management Application
management generic activities
Difficulty Moderate

Page 11 of 13
QUESTION Six Scenario Six
Question Rationale

This question focuses on the value of the problem management process, its
separation from incident management and its impact on recurring incidents.
MOST CORRECT (5) D It is ITIL best practice to separate the incident and problem manager roles.
Also, this option focuses on the recurrence of incidents on the ERP system to
prevent them from recurring and to begin a more proactive problem
management practice.
SECOND BEST (3) C Getting the service desk manager to put more focus on problem management
will help the situation, but with this volume of incidents it is difficult to imagine
that this is a job that can be completed satisfactorily in only one day each
week.
THIRD BEST (1) B This will produce a small effect in terms of reducing the incident downtime, but
will have very little effect on preventing recurring incidents.
DISTRACTER (0) A This is the worst reaction. Not reacting to a rising number of user complaints,
that are proven to be justified, is the best way to compromise a good
reputation very quickly and to lose user confidence, impacting harshly on user
satisfaction.
Syllabus Unit /
Module supported
ITIL SC: OSA05 Problem management

Blooms Taxonomy
Testing Level


Application The candidate must apply their knowledge of problem management
and be able to determine that part of the issue described in the scenario stems from
a lack of role separation and that ITIL recommends separating them, thereby leading
to the correct answer option.
Subjects covered

Categories Covered:
Problem management
Book Section Refs SO 4.4 Service operation processes Problem management
SO 4.4.1 Service operation processes Problem management Purpose and
objectives
Difficulty Easy

Page 12 of 13
QUESTION Seven Scenario Seven
Question Rationale

This question requires candidates to apply their knowledge of incident management
(IM) and the service desk (SD) to a typical scenario. It involves analysing the incident
report provided to identify deficiencies and to identify areas of improvement within the
SD function and the IM process.
MOST CORRECT (5) D All statements are supported by evidence in the report. The resolution action in
the report shows that the incident category assigned during incident recording
is often inaccurate, which results in routing the incident to the wrong resolving
group. Further, the SD does not seem to own incidents throughout the incident
lifecycle as they do not solely close incidents or coordinate their re-routing
when required.
SECOND BEST (3) A Three of the four bullets within this option are supported to some degree by
evidence within the scenario. However, there is no evidence within the
scenario to support the first bullet.
THIRD BEST (1) C Two of the four bullets within this option are supported to some degree by
evidence within the scenario. However, there is no evidence within the
scenario to support either the first or fourth bullets.
DISTRACTER (0) B The fact that incidents are passed between support groups is not evidence of a
poor first-line fix rate. There is no evidence in the report to indicate poor
prioritization. There is no evidence in the report that users are bypassing the
SD. Nor is there evidence to support the claim that the CMS is at fault.
Syllabus Unit /
Module supported
ITIL SC: OSA03 Incident management
ITIL SC: OSA07 Service desk
Blooms Taxonomy
Testing Level


Application The candidate must be able to distinguish the cause and effect of how
the SD is handling incidents, the reasons that precipitate this and what this evidence
points to, along with what effect this has.
Subjects covered

Categories covered:
Incident management
Service desk
Book Section Refs SO 4.2.5.3 Service operation processes Incident management Process
activities, methods and techniques Incident categorization
SO 4.2.5.6 - Service operation processes Incident management Process
activities, methods and techniques Incident escalation
SO 6.3.5 Organizing for service operation Service desk Measuring service desk
performance
Difficulty Moderate

Page 13 of 13
QUESTION Eight Scenario Eight
Question Rationale

This question focuses on the overview and context of service operation within the
lifecycle. It tests the candidates knowledge of OSA01 Introduction.
MOST CORRECT (5) B Candidate #2: This candidate has described service operation correctly.
The purpose of the service operation stage of the service lifecycle is to
coordinate and carry out the activities and processes required to deliver and
manage services at agreed levels to business users and customers. Service
operation is also responsible for the ongoing management of the technology
that is used to deliver and support services.
SECOND BEST (3) C Candidate #3: This candidate begins to describe service operation correctly
but goes on to introduce too many elements of continual service improvement
such as achieving service quality, operational efficiency and business
continuity and ensuring that the portfolio of supported services continues to be
aligned with business and user needs. These are not elements of service
operation.
THIRD BEST (1) A Candidate #1: This candidates focus is very much confused with service
transition. While they have some elements referring to operation, the answer is
very much centred on moving the organization from one state to another.
DISTRACTER (0) D Candidate #4: Has no correct elements described. It is more focused on
service strategy, if anything.
Syllabus Unit /
Module supported
ITIL SC OSA: 01 Introduction
Blooms Taxonomy
Testing Level
Level 2 Comprehending - Understand or grasp the meaning of what is being
communicated and make use of the idea. Tasks include illustrating, inferring,
summarizing and interpreting.

Application This question requires the candidate to accurately recall the purpose
and main objectives of service operation in the context of the service lifecycle.
Subjects covered

Categories covered:
Overview
Introduction Context
Book Section Refs SO 1.1 Introduction Overview
SO 1.2 Introduction Context
Difficulty Easy

Itil Intermediate Capability Stream:: Operational Support and Analysis (Osa) Certificate

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Itil Intermediate Capability Stream:: Operational Support and Analysis (Osa) Certificate

Transféré par

Droits d'auteur :

Formats disponibles

The Official ITIL Accreditor 2012. The Swirl logo is a trade mark of the Cabinet Office.

Intermediate Capability Stream:

Intermediate Capability Stream:

Intermediate Capability Stream:

Vous aimerez peut-être aussi