Vous êtes sur la page 1sur 135

ITIL Foundation Course

IT Infrastructure Library
A series of documents, originally created by the Office of Government Commerce An integrated set of best-practice recommendations with common definitions and terminology. Divided into a series of eight documents / books, known as 'sets'. The sets themselves are sub-divided into 'disciplines', which cover individual subjects.

History of ITIL
ITIL was created in the 1980's by the UK governments CCTA (Central Computer and Telecommunications Agency) with the objective of ensuring better use of IT services and resources.

History continued
The ITIL concept emerged in the 1980s, when the British government determined that the level of IT service quality provided to them was not sufficient. The Central Computer and Telecommunications Agency (CCTA), now called the Office of Government Commerce (OGC), was tasked with developing a framework for efficient and financially responsible use of IT resources within the British government and the private sector. The earliest version of ITIL was originally called GITIM, Government Information Technology Infrastructure Management, focusing around service support and delivery. Large companies and government agencies in Europe adopted the framework very quickly in the early 1990s.

History continued
In year 2000, The CCTA merged into the OGC, Office for Government Commerce and in the same year, Microsoft used ITIL as the basis to develop their proprietary Microsoft Operations Framework (MOF). In 2001, version 2 of ITIL was released. The Service Support and Service Delivery books were redeveloped into more concise usable volumes. It is now, by far, the most widely used IT service management best practice approach in the world.

ITIL Benefits
Describes a systematic, professional approach to managing IT services. Emphasizes the central importance of meeting company requirements economically.

ITIL Benefits
Adhering to the best practice approach described in ITIL has the following benefits for an organization:
Support for the business processes and the tasks of IT decision makers Definition of functions, roles and responsibilities in the services sector Reduced expenditure in developing processes, procedures and job instructions. Improved customer satisfaction through better and measurable availability and performance of the IT service quality. Improved productivity and efficiency through the purposeful use of knowledge and experience. Basis for a systematic approach to quality management in IT service management. Improved employee satisfaction and reduced fluctuations in personnel levels. Improved communication and information between IT personnel and their customers. International exchange of experience (http://www.itsmf.com/)

ITIL Certification
An established and well defined certification scheme is in place to support ITIL. This comprises three distinct levels:
Foundation, Practitioner and Manager.

ITIL Certification
The Foundation Certificate enables understanding the terminology used within ITIL. A prerequisite for the Practitioner's and Manager's Certificates The Practitioner Certificate focuses upon the understanding and application of the specific processes within the IT Service Management discipline. The Manager's Certificate is aimed at experienced professionals, who will be involved in managing service management functions.

Contents of ITIL

ITIL comprises the following five basic elements: Business perspective; Application management; Service delivery (provision of IT services); Service support; Infrastructure management;

Contents of ITIL
ITIL is organized into a series of sets, which themselves are divided into two main areas:
service support and service delivery (i.e. Service Management)

The remaining six sets are:


Planning to Implement Service Management, Software Asset Management, Application Management, Security Management, The Business Perspective and ICT Infrastructure Management.

Service Management
Service Support Service Delivery

The focus of this course is Service Support and Service Delivery

Service Support
Service Desk Configuration Management Incident Management Problem Management Release Management Change Management

Service Delivery
Service Level Management Financial Management Capacity Management Availability Management IT Service Continuity Management Security Management

Service Management

Introduction
The realization that IT services assume ever-greater significance has led to the introduction of IT service management. Service management aims to provide a decision-making benchmark from a process-related perspective, and to provide professional implementation with defined contact partners. An unconditional willingness of both managerial and other staff to become more customer and service oriented is a prerequisite within organizations. While in the past attempts at problem solving were primarily focused on the investment in tools (product and technologyoriented approach), the ITIL approach primarily involves defining the processes with the particular services to be performed providing the framework for the definition.
Only in the second instance are the requisite supporting tools then procured.

Introduction
The introduction of effective service management makes it necessary to focus less on functions and components and more on an approach guided by the business process. In many enterprises, this requires a cultural change. This important point must always be taken into account when implementing service management.
Only if top management leads the way by example and promotes this new culture, successful implementation can be achieved.

Benefits
Improved IT service quality which takes into account the needs of the enterprise. Improved communication with users by using the same language and by exchanging up-to-date information. Greater flexibility and thus improved scope of action for the enterprise when market situations change. Improved customer satisfaction by assuring the best possible (measurable) quality of service. Qualitative increase in safety and security, availability and performance of IT services.

Implementation Strategy
Define the mission and the extent of the process. Initiate an awareness campaign. Describe process steps and procedures. Determine tasks, authority and responsibility of both managerial and other employees (roles). Determine training needs of employees. If required, select and implement tools. Define types of reporting (management and other processes). Implement processes. Initiate and monitor a continuous improvement process.

Factors Critical to Success


Develop a good understanding of customer requirements and business activities. Develop business-oriented rather than technology-oriented services. Improve customer satisfaction by ensuring measurable service quality. Improve resource utilization. Recruit target-oriented service employees who have a clear understanding of customer requirements.

Possible Problems
Excessive bureaucracy in process documentation. Employees who do not understand service processes. Lack of a clear understanding of the process objectives. No visible genuine benefit; no reduction in service costs; no improvements in quality. Unrealistic expectations that cannot be met

Service Desk

Definition
The service desk is the central point of contact between the customer and the IT area in all matters concerning IT services. This includes help desk functions as well as coordination of change requests, service level management, configuration management and all other service management processes of ITIL. The service desk is not a process but a function within the service organization.
In its special role as a first point of contact with the customer, the service desk is of great importance, all the more so since it embodies the image and the quality of service of the IT organization.

Description
The service desk is the single point of contact in a service organisation. The interests of customers are represented within the service organisation through the service desk. A principal task of the service desk is to coordinate and act as a central point of information between customers, internal service organisations and external providers.
Determining the service desk structure and selecting appropriate staff depends on a number of important factors concerning the form and type of the enterprise. As the enterprise changes, the structure of the service desk will need to be changed accordingly, on an ongoing basis.

Description
Basically, there are three service desk structures: Local service desk:
Each location or each department in an enterprise has its own local service desk unit. Advantages are optimal proximity to the customer and therefore the ability to reflect their individual needs more closely. Central coordination and standardisation of processes are some of the most demanding tasks required for the local service desk. A single service desk responsible for all organisational units. Advantage of easy handling and standardisation of processes however difficult to manage and problem with different languages and time zones. Combines aspects of both of the organisational forms described above. Information can be kept centrally and made available globally. Local service support units provide on-site support to customers, with the central service desk unit being responsible for all inquiries as well as for coordinating the service organisations involved.

Central service desk:


Virtual service desk organization:


Tasks
Act as a single point of contact for customers Register and follow up incident reports and complaints Keep customers informed about the status and progress of their inquiries Carry out initial screening of customer inquiries and initiate processing based on the agreed service level Monitor adherence to the service level agreements and take appropriate measures if there is a danger of failure to meet an agreement Formal conclusion of inquiries including monitoring customer satisfaction Coordinate second level support and third-party support units Provide management information to improve the service quality

Benefits
Improved customer service and thus greater customer satisfaction Improved access to information through a single point of contact Faster and qualitatively improved handling of customer inquiries Improved teamwork and communication within the service organisations Better focus on customers and a proactive approach to the provision of services Reduction of negative effects on the enterprise when troubleshooting Better controlled and managed IT infrastructure components Enhanced use of IT support resources and thus increased productivity Better and more meaningful management information for decision making Identification of customer training requirements for improved utilization of services

Key Performance Indicators


Increased customer satisfaction Reduction in incident reports and complaints Reduction in service costs Improved coordination of IT service tasks with the internal and external bodies involved More highly motivated service employees

Service Support
According to ITIL, IT service management distinguishes among three levels of processes to be supported. These levels are as follows: Strategic level:
Management of IT services; this includes quality management and IT service organisation, among others.

Tactical level:
Planning and control of IT services = Service Delivery

Operational level:
Support of IT services = Service Support.

Service Support
Service Support is synonymous with the efficient provision of IT services. Effective support of IT services is ensured by the following IT processes:
Incident Management Problem Management Configuration Management Change Management Release Management

Incident Management

Incident Management - Objective


The primary objective of incident management is to restore the service as soon as possible while minimizing any negative effect on business processes

Incident Management - Tasks


Identify and document all enquiries and incident reports. Prioritise (determine urgency) and categorise (risk-assess) the messages. Provide initial incident analysis and initiate first-level support. Hand on to second-level and third-level support if the fault cannot otherwise be fixed. Increase the resources if there is a danger of failing to meet the agreed service levels. Fix the fault and restore the service. Finalise and document the incident. Monitor, track and communicate progress in processing incidents. Evaluate incidents and prepare reports on service improvements; these reports will be used in discussions with customers and suppliers.

Incident Management - Description


Incident management involves processing enquiries and incidents of all types. This is achieved by a group of specialists who work in virtual unison. In line with the specialist skill levels of their members, these teams are grouped into first-level, second-level and third-level support units. In this function, incident management assumes the particular role of maintaining contact between IT systems and business. Together with the service desk, incident management is the first and most important point of contact for the customer.

Incident Management - Benefits


Reduction in the negative effect which incidents have on business processes. Reduction in support costs and hidden IT costs (duplication of resources). Service improvements can be detected early. Improved availability of business-related information concerning performance in the context of the service-level agreement. Performance increase as a result of improved use of human resources. Incidents and service requests are documented centrally; there is much less likelihood of loss of information. The use of the configuration management database in the incident management process results in more frequent updating of entries and thus a more up-to-date database. Increased user satisfaction thanks to better and faster incident handling.

Incident Management - Keywords


Incident: fault, error, malfunction, etc. SPOC single point of contact

Incident Management Key Performance Indicators


Adherence to the agreed service level; IT costs; Customer satisfaction; Response and processing times; Self-resolution rate;

Problem Management

Problem Management - Objective


The objective of problem management is to prevent and reduce incidents as well as to provide quick and effective problem solving to ensure a structured use of resources.

Problem Management - Description


Problem management is of central importance to the entire service support sector. It includes the handling all failures of IT services from the special aspect of identifying the actual underlying cause. This includes recommending changes concerning configuration items (CIs) to change management. Problem management processes use information provided by various other processes (e.g. by incident management or by change management). Moreover, problem management takes a proactive approach in which weaknesses are detected early and preventive measures are taken.

Problem Management - Benefits


Continuous and more stable IT services; Increased user productivity through reduced downtime; Increased productivity of support staff; Error prevention; Reduction of the effects by taking advantage of records which document earlier problems; Improved relationship between users and IT services due to higher quality of services; Better control of services through improved management information.

Problem Management - Tasks



Problem handling: Identify, document, classify and analyse the problem. Error handling: Identify, document and evaluate the error, plan and initiate troubleshooting (RC). Incident support: Support the handling of more involved incidents. Proactive Problem Management: Measures of error prevention: trend analyses, actions and measures, preparation of quality reports.

Problem Management Keywords


Known error (the error is documented, the cause of the problem is known, a workaround exists). RFC - Request For Change: proposal for rectifying the error.

Problem Management Key Performance Indicators


Reduction and absence of incidents (reduction of the pain factor); Increased availability of the service; Greater customer and employee satisfaction; Reduced support costs; Increased safety and security when expanding systems, through a systematic approach.

Configuration Management

Configuration Management - Objective The objective of configuration management is to provide up-to-date secure information via the configuration elements in use, thus ensuring direct interlinking with all other disciplines of IT service management

Configuration Management Description


Every enterprise depends on the economical provision of IT services. From the point of view of legal and financial aspects alone, operation and administration of IT assets is becoming ever more problematical. Configuration management makes it possible for IT management to be in control of these IT elements and assets (e.g. hardware, software, documentation, licences, etc.). According to ITIL terminology, such elements are called "configuration items" (CIs). CIs show the interconnection of the individual elements in the IT infrastructure.

Configuration Management Description


Well-functioning configuration management provides an enterprise with:
Precise and up-to-date information on all components which are required to perform a business process (from the point of view of service rather than of components) More direct control over the IT assets used The ability to economically perform high-quality informatics services

Apart from this, configuration management provides fundamental information for calculating costs and invoicing work performed, within service level management "

Configuration Management Tasks I


Configuration Management Planning Determine the objective and extent of configuration management Take into account existing instructions, standards and processes concerning the support organisations Develop nomenclature for the configuration items, if they do not exist already Determine the role and responsibilities of configuration management, together with management Determine what functions are required from configuration management Establish a workflow for operational processes Specify a timetable and a process for implementing configuration management activities (configuration identification, checking, documentation of status changes, auditing) Analyse integration requirements using third-party products Create a configuration management system design (CMDB, location, interfaces to system management and support tools etc.) Provide training and coaching for employees Configuration Identification
The IT infrastructure configuration should be divided into unambiguously identifiable items (CIs), so that these can be effectively checked, monitored and reported on, according to the requirements of the business. The degree of detail should be determined optimally, in line with the practical and individual requirements of the enterprise.

Configuration Management Tasks II


Control of Configuration Items (CIs) Register new CIs and their versions Document changes to CIs (status-update, changes to CI attributes, changes in responsibilities, licence control, relationship to other CIs etc.) Document changed CIs based on changes Protect the integrity of configuration data Proof of Configuration Status Proof of status is periodically furnished in the form of reports. As a rule this involves the following information: Unambiguous identification of the configuration elements including their current status (installed, being tested, under development, etc.) The configuration baseline, the current release and its status Nomination of the person who is responsible for changes Unsolved problems, change-requests in relation to individual configuration items Configuration Check and Audit Check that the processes of configuration management are being adhered to Check that changes in configuration items are entered in a timely manner
Check that the consistency and integrity of the data is ensured

Configuration Management Keywords


Configuration Management Database CMDB
The configuration management database CMDB contains all the data required for the production of goods and services, including a description of the individual configuration items and their interconnection (metadata). Providing the right degree of detail when defining this database is of central importance for successful and economical introduction of configuration management

CI
Configuration item: data entity to be described in the CMDB

Configuration Management Benefits


Increased effectiveness of the other disciplines within service support and service delivery, and thus improved quality of service Creation of an optimal overview of the IT infrastructure in use, as a basis for inventory data and planning data More efficient administration of the IT resources used More efficient handling of incidents and problems Better control of hardware and software changes Easier adherence to legal provisions Improved monitoring and control of the assets used Simplified expense budgeting Support for contingency planning

Configuration Management Key Performance Indicators


Quality and current status of data Completeness (degree of coverage) Availability to other service management processes Process costs

Change Management

Change Management - Objective


The objective of change management is to carry out changes economically and in a timely manner with minimal risk.

Change Management - Description


Experience shows that a high proportion of problems with IT service quality can be traced back to some change. Changes to the IT infrastructure always result in problems, which cost much more to rectify than the actual cost of the change itself. Such problems are enormously expensive, so that enterprises and customers are increasingly reluctant to accept them. To be sure, every development of the IT infrastructure, whether relating to capacity management or problem management, is associated with change measures which in turn pose a degree of risk. For this reason a very strict approach to effective change management is sensible.

Change Management - Tasks


Receive and record requests for change (RfCs); Assess the ramifications, costs, benefits and risks of the planned changes; Update the change / release plan; Coordinate and control the implementation (in change advisory board, CAB); Monitor the success of implementation and report on it; Update the configuration management database; Complete and review the RfCs (post-implementation review).

Change Management - Keywords


RfC (Request for Change) Requests for change (RfCs) are evaluated for possible ramifications, urgency, as well as costs and benefits. Subsequently, the changes are prioritised and released. CAB Change Advisory Board The change advisory board assists in assessing the ramifications of proposed changes, planning preparation and providing the required resources. Classification takes place based on the risk (category) and the priority (urgency and pain factor) involved. PIR Post Implementation Review Through subsequent review in the production environment, the quality of the change and of the change process is assessed. Measures should feed into the continuous process of improvement.

Change Management Key Performance Indicators


Number of successfully introduced changes; Ramifications of unsuccessful changes; Process costs; Track record for meeting deadlines.

Change Management Benefits


Controlled changes and thus fewer instances of loss of quality caused by changes; Early detection of risks; Fewer changes involving errors or incidents; Valuable management information about planned and implemented changes and their ramifications; More stable services and thus increased user productivity: Improved productivity of the IT specialists involved; Better ability to overcome times of high change-density; Ability to restore the original state, in the case of problems.

Release Management

Release Management - Objective


The objective of release management is successful planning and control of hardware and software installations.

Release Management - Description


Change measures are bundled to keep downtime and risks to a minimum during hardware or software changes. The term ""release"" refers to one or several authorised IT services change measures. Dependencies between a particular software version and the hardware required to run it determine bundling of software and hardware changes which together with other functional requirements constitute a new release. Release management ensures successful planning and control of hardware and software installations. The focus is on protection of the productive environment and its services by using formal procedures and checks. Release management is carried out based on the configuration management database so as to ensure that the IT infrastructure is up to date.

Release Management - Tasks


Determine the release policy; Define and implement releases; Carry out release tests and acceptance; Plan and implement rollout; Provide information and training prior to delivery; Install new or modified hardware; Store the released hardware in the definitive hardware store (DHS); Release, distribute and install the software; Store the released software in the definitive software library.

Release Management Release Types


Full release: All components of the release are developed, tested, distributed and implemented together. Delta release: Contains only those components (CIs) which have been modified since the last release. Package release: Individual independent releases as well as full releases or delta releases are combined in one package. Emergency release: Emergency release is required in the case of difficult or high-priority problem solutions. Emergency releases should be used very sparingly since they interrupt the normal release cycle and are extremely fault-prone.

Release Management - Keywords


DHS Definitive Hardware Store: Tested and released hardware is stored in a secure environment away from the production environment in one or several places. These replacement components and assemblies are kept at the same release level as the systems in the production environment. DSL Definitive Software Library: The contents of software releases are documented, and the currently approved software versions are stored as an autonomous component of the CMDB in a safe environment in the DSL . Backup copies are always stored away from the premises. Furthermore, the DSL contains documentation to identify the release status of all software in use.

Release Management Release Policy


The release policy defines the level of the IT infrastructure that is to be controlled by definable releases; Defines the nomenclature and the numbering system; Provides the delimitation between major and minor releases. In addition, the provisions for an emergency release are established; Maintenance-Windows for times, which are non-critical to business, are defined. After these waiting times, releases can be installed; The policy also serves as a guide for preparing the release documentation (release notes); A determination is made whether a rollback procedure is required in place, how the quality of the release is ensured (review meetings, impact analyses etc.); In the release policy, agreed roles and responsibilities are defined; Software requirements so that it can be accepted in the DSL.

Release Management Release Plan


Release planning comprises the following:
Define the release content; Coordinate roles and responsibilities; Coordinate phases (times, locations, business sectors and customers); Prepare a release schedule; Plan the use of resources (including overtime); Prepare backup plan (roll-back); Develop a quality plan for the release.

Release Management Benefits


In conjunction with configuration management, change management and the operational tests to be carried out, the following benefits arise:
Reduction of the error rate in released software and hardware; Minimization of service interruptions by synchronizing the release through bundling of software and hardware components; Certainty that the production hardware and software is of good (or known) quality; Stable test and production environments; Improved use of user resources through a combined effort during testing of new releases; Proper monitoring and protection of the hardware and software on which the organization is strongly dependent; Consistent software across all systems; Detection of incorrect versions or unauthorized copies; Reduction in the danger of virus infection or other unauthorized interventions.

Release Management Key Performance Indicators


Process costs Stability of hardware and software Number of fault-free roll-outs delivered on time Number of errors found during testing Software that has been installed in full compliance with licence laws Number of viruses in the system

Service Support Looking Back


Service Desk Configuration Management Incident Management Problem Management Change Management Release Management

Service Delivery
Service Delivery is synonymous with the provision of IT services that come up to customer expectations. This is ensured by the following processes:
Service Level Management Capacity Management Availability Management IT Continuity Management Financial Management

Service Level Management

Service Level Management Objective


The objective of service level management is to draw up, monitor and control the service level agreements and their underlying service quality.

Service Level Management Description


Service level management is a central function of IT service management and is responsible for qualitative and quantitative control of the services. The service level agreement (SLA) constitutes an essential element of service level management. An SLA is an agreement between the IT organisation and its customers, wherein the services to be performed are determined end-to-end. This includes both qualitative and quantitative specifications, such as performance and availability of these services. Internal safeguarding of service agreements is through operation level agreements, OLAs.

Service Level Management Description


In addition, support agreements or maintenance agreements are signed with external providers (underpinning contracts). It is essential that in assessing service quality, service level management takes into account all factors of service management. Clear and intelligibly worded SLAs, which can be measured in practical application, are an important prerequisite for the assessment and implementation of most activities within the IT organisation. Detailed information contained in an SLA is used to measure system values. It also provides the IT organisation with concrete figures for evaluation and subsequent measures.

Service Level Management Keywords


Service Level Agreements
At the very least, a service level agreement should document or contain the following elements: Parties involved and signatures; A simple description of the service and the performance characteristics; Agreed service times; Reaction times in relation to users, handling of incidents and RfCs; Targets of availability, safety and security, and continuity of service; Obligations of customers and providers; Critical business hours and exceptions.

Service Level Management Keywords


Operation Level Agreements
OLAs are internal agreements relating to the supply of services by other internal support organisations. OLAs separately describe the individual components of the overall services performed for the customer. Often they contain an OLA for each support group and an agreement for each supplier. OLAs and SLAs can be signed with external suppliers to supplement external agreements.

Service Level Management Keywords


Service Catalogue The service catalogue contains an overview of all services to be performed including their characteristics. This catalogue documents a mutual understanding of all the services offered, as well as their components, features, costs etc. The service catalogue should include the following: Information obtained about the services from the IT operations; Customer and user requirements; Persons responsible for maintaining and further developing the catalogue. SIP Service improvement program; measures for continued improvement of the SLM process.

Service Level Management Tasks


Negotiate and agree on service level requirements with business and customers; Monitor and report on the actual service level (service level reporting); Plan and implement continuous improvements in service levels; Coordinate service management and service support functions; Conduct service review meetings with customers; Implement service improvement programs; Monitor the changing requirements of the enterprise and amend the service level agreements accordingly; Amend the operation level agreements and the support agreements with external suppliers; Prepare and maintain a service catalogue.

Service Level Management Benefits


The required level of service is unambiguous, consistent and measurable; There is an appropriate balance between the desired level of services and the costs incurred through this; Exact specifications help achieve savings; Customer productivity is enhanced by the provision of improved services; Objective proof of the service quality delivered helps prevent differences of opinion; The number and the ramifications of requirements that were not planned-in are reduced; The relationship between the IT customer and the provider is improved.

Service Level Management Key Performance Indicators


Extent of coverage of the IT services; Number of deviations from the agreed service levels; Customer satisfaction; Availability of the services; Performance of the services; Process costs.

Capacity Management

Capacity Management Objective


Capacity management ensures that the resources necessary to meet the agreed customer requirements are provided economically.

Capacity Management Description


Capacity management ensures that quantitatively and economically tenable IT capacity is always available to cater for the requirements of the business in terms of transaction volume, processing time and response time. Capacity management ascertains business requirements for IT resources, forecasts the workloads necessary to provide them and carries out planning of the IT resources. By means of performance management, the effective performance of the resources provided is documented.

Capacity Management Tasks


Providing proof of economical capacity utilisation and the preparation of a capacity plan is one of the most important results of capacity management. Determine customer requirements (=demand management); Transpose the requirements to system utilisation (=workload management); Determine the required resources (=resource management); Prepare a capacity plan; Monitor the performance and carry out fine-tuning (performance and tuning); Carry out improvements to achieve the agreed service level.

Capacity Management Keywords I


CDB The capacity management database contains information about capacity utilisation and performance of IT services The input for the database comprises the following information: Business data; Service data; Technical data; Financial data; Capacity utilisation data. The following information can be compiled from the CDB: Service and components report (capacity utilisation); Exception reports; Capacity and planning data (forecasts).

Capacity Management Keywords II


Demand Management
Business requirements and growth expectations based on business development are determined by means of demand management. Business plans and business strategies form the basis for this.

Workload Management
The IT services are adapted (expanded, service times adapted, optimised etc.) on the basis of demand management. Techniques used for this include trend analysis, simulation, and baseline method.

Capacity Management Keywords III


Resource Management
Administration and procurement of resources (finances, physical resources, and employees)

Performance Management
Monitoring, checking and regulating (e.g. by prioritising) service performance

Capacity Plan The capacity plan contains:


Actual capacity utilisation; Desired capacity utilisation; Basis for budget planning.

Capacity Management Benefits


Improved economy in the production of goods and services through better utilisation of the resources used. Reduction in the probability of capacity bottlenecks occurring; Better use of available resources; Basis for monitoring capacity costs and thus early detection of step costs; Improvement in customer relationships; More precise definition of performance requirements; More precise forecasting concerning the expected performance behaviour of systems; More efficient use of employees; Better structured procurement of hardware expansions; Improved understanding of the interrelationship between performance problems and capacity problems.

Capacity Management Key Performance Indicators


Workload of IT services; Reserves; Number of bottlenecks; Capacity utilisation rate of human resources and systems; Costs: economic use of resources; Ability to meet deadlines when providing resources.

Availability Management

Availability Management Objective


Using availability management, ensure the availability of IT services as specified by the customer.

Availability Management Description


Availability management provides for reliable access to IT services. Availability means that the customer will always receive the expected services when they are needed. Good availability requires a low error or failure rate. If there is an incident or malfunction, it has to be rectified quickly. Furthermore, availability management ensures that maximum benefit is gained from the existing IT infrastructure and services. Such maximum benefit is ensured by reliability of the services, and the ability to service and maintain the IT infrastructure.

Availability Management Tasks



Determine availability requirements; Prepare availability forecasts and plan the required measures; Prepare an availability plan; Determine the actual availability; Prepare reports; Improve the agreed availability. Improvement of availability, for example, is achieved by applying the following methods: CFIA component failure impact analysis; Fault-tree analysis; CRAMM: risk analysis with a counter-measure plan; SOA system outage analysis; structured cause analysis; Ongoing improvement in conjunction with support organizations.

Availability Management Keywords


Reliability (mean time between system incidents or MTBSI)
Reliability is the capacity to maintain operational services. Maintenance or restoration of services takes place in the following steps:
Error prevention; Error detection (incidents); Error diagnosis (problems); Error repair (known errors); Restoration of the service.

Availability Management Keywords


Maintainability (mean time to repair or MTTR)
Maintainability is the ability to keep the services operational. Maintenance or restoration of services takes place in the following steps:
Error prevention; Error detection (incidents); Error diagnosis (problems); Error repair (known errors); Restoration of the service.

Availability Management Keywords


Serviceability
Serviceability describes the performance to which external suppliers are committed in relation to certain components of the IT infrastructure or services"
MTTR mean time to repair (maintainability); MTBF mean time between failures (availability); MTBSI mean time between systems incidents (reliability).

Availability Management Benefits


IT services are designed and controlled so that contracted availability is achieved; Service quality improves; New systems become more economical; The requirement for problem support diminishes; Maintenance and down time are reduced; Supplier performance is improved; More detailed information is available for service level negotiations; Existing IT resources are used more efficiently.

Availability Management Key Performance Indicators


Costs can also be determined by assessing nonavailability: Productive time lost by customers; Productive time lost by IT resources; Income lost; Overtime supplements for support teams; Materials consumed; Penalty for contract non-performance; Image loss vis--vis customers; Lost business opportunities; Reduced customer satisfaction.

IT Service Continuity Management

IT Service Continuity Management - Objective


The objective of IT continuity management is to safeguard the performance of services in any eventuality based on planning and implementation of preventive measures.

IT Service Continuity Management - Description


Enterprises depend to a significant extent on the availability and functionality of the information technology in use. Therefore, preparation for an eventuality, combined with business continuity management, assumes ever greater importance, with the specific goal of safeguarding the availability of services, taking preventative measures to reduce the probability of failures and, if a catastrophic event should occur, restoring services in the required time.

IT Service Continuity Management Description


The IT continuity plan is always based on a higher-level business continuity management plan (BCM). Strategic and business policy risk evaluation of IT services has to be undertaken by business management. Feasibility and expenditure are determined by IT; in the final analysis they thus have an influence on the service level required.

IT Service Continuity Management - Tasks


Carry out risk analyses as part of business continuity management; Prepare recovery plans for IT services; Provide the required means; Provide employee training; Test and verify plans to be able to restore the services in an emergency in the time required, safely and in a controlled way; Keep the recovery plans up to date.

IT Service Continuity Management Tasks


Options for eventuality planning:
Do nothing; Manual conversion; Mutual agreement; Cold standby; Warm Standby; Hot Standby.

IT Service Continuity Management - Keywords


Risk:
Risk refers to the possibility of suffering loss, damage, disadvantage or destruction. It is thus the potential of undesirable negative effects arising from an event.
A cold standby solution for the case of a disaster exists if a suitable failure location is provided for an eventuality, but no replacement plant is kept readily In the case of a warm standby solution, bypass systems for restarting IT services are available in a second location. However, after an event has occurred, the data will first have to be loaded before the service is available again. In the case of a hot standby solution, the data on the bypass environment is always kept up-to-date. In the case of an event, this system is immediately available for the user to continue operations.

Cold standby:

Warm standby:

Hot standby:

IT Service Continuity Management - Benefits


Restrictions to daily business in the case of a catastrophic event are reduced; By implementing preventative measures, the number of failures is reduced to a minimum; Based on modern infrastructures, data loss in the case of a catastrophic event can be / is prevented; In the case of a catastrophic event, IT services are checked and brought back into service by trained personnel.

IT Service Continuity Management Key Performance Indicators


Business continuity service level (time delay and data loss in case of a catastrophic event); Investment and maintenance costs of the IT recovery solution; Test successes (technology, business cases, and current status of data); Process costs.

Financial Management

Financial Management Objective


Financial management provides the basis for information on economical control, finance planning and cost accounting.

Financial Management Description


Financial management is responsible for the identification, calculation, monitoring and onward allocation of costs for the customer's contracted IT services. By creating cost awareness, financial management can influence the behaviour of users and customers alike determining the true costs for providing IT services serves as the basis for financial management. The pricing policy for the use of services by users must be fair and transparent. Financial management also provides IT management with the basis for budget planning.

Financial Management Tasks


Budgeting (budget planning)

Accounting (target/performance accounting)

Prepare cost targets and performance targets; Prepare budget cost estimates; Prepare investment and financing plans.
Determine the true cost of services offered; Determine standard cost unit rates; Monitor expenditure, target/performance comparison; Cost type, cost centre and cost unit accounting. Prepare invoicing bases for each service; Calculate transparent and understandable prices for services rendered; Influence customer behaviour through pricing; Allocate costs onward based on actual services received; Prepare invoices.

Charging (costing; invoicing for services)

Financial Management Keywords I


Costs:

Expenditure: Income:

Actual costs, delimited physically and in time.


Accounting expenditure which includes undisclosed reserves. Actual income, delimited physically and in time.

Earnings:

Accounting earnings which have not yet been delimited physically and in time.

Financial Management Keywords II


Cost types:
Cost-type accounting shows the costs which have arisen during a particular period. All costs are classified according to cost types (e.g. cost of materials, personnel costs, cost of premises, hardware costs, or software costs) and accrued against the expenditure in financial accounting.
Cost-centre accounting shows in which department of the enterprise costs have been incurred. For this reason, cost centres are formed, i.e. the enterprise is divided into sectors which provide uniform and calculable services. In cost-centre accounting, overheads are charged to the cost centres according to the principle of causation. In job-order cost accounting, direct costs and overheads within a particular period of time are charged to the individual cost units. Costing objects, such as IT services, which are listed in the service catalogue, are cost units.

Cost centres:

Cost unit:

Financial Management Keywords III


Prime costs:
Prime costs or direct costs can be charged directly to the individual service (cost unit). There is thus a directly measurable causal relationship between the creation of an IT service and the use of the service.
In contrast to the above, overheads or indirect costs cannot be charged directly to the individual service because they are incurred jointly for several services or because individual charging is too cumbersome and too expensive (e.g. maintenance costs of central server units). Fixed costs are costs which are not affected by fluctuations in output and use over a particular period. They are incurred irrespective of the capacity utilisation rate and are thus constant (e.g. insurance premiums). Variable costs react directly to fluctuations in output and in the capacity utilisation rate (e.g. consumables such as printer cartridges).

Overheads:

Fixed costs:

Variable costs:

Financial Management Keywords IV


Step costs:
Step costs are fixed only for particular utilisation intervals; they increase in a stepped shape (e.g. acquisition of a new server unit because the capacity of the old unit is no longer sufficient).
Costing or cost calculation serves the purpose of determining the costs of individual IT services. In this way the costs for controlling business behaviour can be determined. Costing also provides the basis for pricing. In profitable pricing, a business enterprise attempts to indicate a profit target from which the price can be derived. This is based on the prerequisite that apart from the desired profit, the business enterprise knows the total cost curve and has sufficient IT service capacity to satisfy the need (capacity management; demand management). The break-even analysis helps show the interrelationships between the variables mentioned. The break-even point represents the intersection between the cost curve and the income curve.

Costing:

Break-even:

Financial Management Benefits


Cost finding helps to:
Promote cost-consciousness and thus economic use of resources within IT departments; Support the IT investment strategy; Assess change measures from the point of view of costs; Provide a basis for planning and budgeting; Make business decisions about each service provided; Set performance targets and monitor costs in the context of the budget; Justify investments for new or improved services; Substantiate reasons for technical infrastructure renewal; Prioritise the use of resources. Monitoring services and investment plans; IT refinancing costs incurred; Influencing customer behaviour and thus overall cost reduction.

Charges resulting are an accessory to:

Financial Management Key Performance Indicators


Adherence to the budget; Degree of cost coverage; Liquidity; Process costs.

Security Management

Security Management Objective


Using security management, the data and infrastructures are to be protected so that
Confidentiality is appropriately preserved; Integrity of information is ensured; Availability is ensured; Conducting a transaction is not denied; Obligations imposed by law, contractual arrangements and supervisory bodies can be fulfilled.

Security Management Description


Security is a moving target and almost invariably difficult to plan and calculate because changes often originate from the outside in particular when understanding a necessary technical innovation. However, the integrity as well as protection of customer and business data and of IT resources is crucial to the very survival of an enterprise. Corporate management must therefore determine and document the security policy of the enterprise or the business sectors to be secured, set objectives and specify commitments for IT security. Corporate management must further ensure that such objectives and commitments are understood at all levels and are implemented and maintained. In particular the following must be emphasised:
Clearly determined security objectives; A defined area of application; Principles and codes of conduct to be implemented; Maintenance of the security process in all disciplines of service management.

Security Management Tasks I


Determine a corporate strategy for handling infrastructure critical to the enterprise; List all IT processes and components, taking into account interdependencies; Determine and document respective criticality: Identify possible weak points; Assess the probability of damage occurring; Estimate the effects and extent of damage, taking into account availability, confidentiality and integrity; Determine the criticality category: non-critical, critical, or highly critical.

Security Management Tasks II



Verify the decision: Improve objectivity by comparisons and ranking tables; Assess the ability to influence sectors; Set priorities; if necessary, accept risk that some sectors might be less well protected; Make a concluding assessment or management decision taking into account possible consequences which are critical to the enterprise. Measures and concepts: Provide the necessary resources (finance, personnel, time, and training); Safeguard and monitor basic protective measures for IT; Prepare a catalogue of measures to improve protection of the systems rated as being highly critical; Prepare and extrapolate emergency plans; Implement and monitor measures and concepts (management responsibility).

Security Management Keywords


Confidentiality
Confidentiality means ensured protection against disclosure of information without permission of the owner.

Integrity

Availability

Integrity means ensured that protection against modification of information by unauthorised persons is ensured.
Supply facilities, which are critical to maintaining business operations, are designed taking into account the use, risk of failure, necessary availability and confidentiality, and integrity of the data resulting from the protective requirements.

Security Management Benefits


Increase in the level of security for data, systems and applications; Prevention of data loss; Ensured data integrity; Guarantee of data confidentiality; Compliance with statutory obligations concerning data protection; Increased customer confidence; Increased awareness of employees about security issues.

Security Management Key Performance Indicators


Internal and external security audits; Number of intrusions detected, firewall attacks, virus attacks etc.; Damage which occurs during security infringements (image and repair); Process costs.

Links ITIL Pages


ITIL Online; the official ITIL Page The ITIL and ITSM Directory The ITIL Tooling Page IT SMF Forum OGC Office of Government Commerce ITIL Portal Service Management Institute ITIL Service Support Management TV: IT-Services and Innovation EXIN ITIL Examination Institute ISEB Examination Institute http://www.itil.co.uk http://www.itil-itsm-world.com/ http://tools.itsmportal.net http://www.itsmf.com/ http://www.ogc.gov.uk http://www.interpromusa.com/ http://www.itsmi.com http://www.itil-service-supportmanagement.com http://www.tuv-secure-it.com/ http://www.exin-exams.com/ http://www.bcs.org/iseb/

Where you can get the ITIL books


ITIL Homour

http://www.itilbooks.com/
http://web.inter.nl.net/users/pwilkins/

ITIL Community

www.itilcommunity.com

Links Service Management


Change Management Resource Library
The Service Marketing Advisors EFQM European Foundation for Quality Management Helpdesk

http://www.changemanagement.org/
http://www.itsma.com/ http://www.efqm.org/new_websit e/ http://www.helpdesk.com/

The IT Service Capability Maturity http://www.itservicecmm.org/ Model

SLM Learning Community

http://www.slm-info.org/

Links IT Revision & OD


IT Revision
The ISACA Foundation ISACA Schweiz COBIT Control Objectives for Information and realated technology IT Governance http://www.isaca.org http://www.isaca.ch http://www.isaca.org/cobit.htm

http://www.itgovernance.org/index 2.htm

Organizational Development
Human Synergistics
Human Synergistics New Zealand

http://www.hscar.com
http://www.hsnz.co.nz

Links Business Continuity


The Business Continuity Planning & Disaster Recovery Planning Directory Business Continuity Planning: Are you getting it right? Contingency Planning & Management Online Business Continuity, Contingency Planning & Disaster Recovery The Contingency Planning Guide http://www.disasterrecoveryworld.com/ http://www.businesscontinuityplan.co.u k/bcp/index.htm http://www.contingencyplanning.com/ http://www.business-continuityworld.com/ http://www.contingency-planningdisaster-recovery-guide.co.uk/ http://www.drj.com/

The Disaster Recovery Journal

Links Security Management


Information Security Introduction to Security Risk Analysis IT Audit http://www.security.kirion.net/ http://www.security-riskanalysis.com/index.htm http://www.theiia.org/itaudit/

The Encyclopedia of Computer Security


The SANS Institute BSI Bundesamt fr Sicherheit in der Informationstechnik Enterprise Security Wold Information Security Forum The standard of Good Practice for information security

http://www.itsecurity.com/
http://www.sans.org/ http://www.bsi.de/

http://www.e-securityworld.com/ http://www.securityforum.org http://www.isfsecuritystandard.com

Links Systems Management


CMG Computer Measurement Group, Inc. Enterprise Storage Forum http://www.cmg.org/ http://www.enterprisestorageforum.co m/ http://www.snia.org/

SNIA Storage Networking Industry Association SNIA Europe

http://www.snia-europe.org/

Telemanagement Forum

http://www.tmforum.org/

The Open Group

http://www.opengroup.org

Links Project Management


Project Management Online Prince2 Home Page Key Skills Ltd (Prince2) International Project Management Association The Project Management Institute The Gantthead http://www.allpm.com/ http://www.prince2.com http://www.ksl.org http://www.ipma.ch/ http://www.pmi.org/ http://www.gantthead.com/Gantthead

Consultancy
Swiss Service Management Consultancy Company http://www.glenfis.ch

ITIL Summary
Service Management Service Support
Service Desk Configuration Management Incident Management Problem Management Release Management Change Management Service Level Management Financial Management Capacity Management Availability Management IT Service Continuity Management Security Management

Support Delivery