itsm201 - service operationitsmsolutions.com/wp-content/uploads/2013/01/itil-foundation-book... ·...
TRANSCRIPT
ITIL Foundation
ITIL Foundation Certification
Acknowledgements
COPYRIGHT
Publisher – itSM Solutions Publishing, LLC. 31 S. Talbert Blvd. #295. Lexington, NC 27292 USA
Phone: +1 336.243.4876, Fax +1 336.499.1172
Part Number: itSM004 Rel. 1.6
Find us on the web at http://www.itsmsolutions.com.
Copyright itSM Solutions Publishing, LLC. ITIL Glossaries CrownCopyright office of the CabinetOffice. Reproduced with the permission of the Controller of HMSO and the Cabinet Office.
Authors: David Nichols & Janet Kuhn
NOTICE OF RIGHTS / RESTRICTED RIGHTS LEGEND –All rights reserved. Reproduction ortransmittal of this publication or any portion thereof by any means whatsoever without prior written per-mission of the Publisher is prohibited. All itSM Solutions products are licensed in accordance with theterms and condition of the itSM Solutions Partner License. No title or ownership of this publication,any portion thereof, or its contents is transferred and any use of the guide or any portion thereofbeyond the terms of the previously mentioned license, without written authorization of the Publisher,is prohibited.
NOTICE OF LIABILITY – This publication is distributed “As Is,” without warranty of any kind, eitherexpressed or implied, respecting the content of this publication, including but not limited to impliedwarranties for the publications quality, performance, merchantability, or fitness for any particular pur-pose. Neither the authors, nor itSM Solutions LLC, its dealers or distributors shall be liable withrespect to any liability, loss or damage caused or alleged to have been cause directly or indirectly bythe contents of this guide.
TRADEMARKS – itSM Solutions is a Registered TradeMark of itSM Solutions LLC. ITIL is a Reg-istered TradeMark, and a Registered Community TradeMark of the Office of the Cabinet Office, andis registered in the U.S. Patent and Trademark Office, and is used here by itSM Solutions LLC underlicense from the Cabinet Office (TradeMark License No. 0002). Other product names mentioned inthe publicationmay be trademarks or registered trademarks of their respective companies.
DOCUMENT INFORMATION
Type - ITIL Certification Course
Program - ITIL Foundation
Page iii
Page iv
Acknowledgements
Contents
Chapter 1: Course Introduction 1
Objectives 2
Terms-to-Know 2
Lesson 1 Welcome & Introductions 3
Welcome to the Course! 4
Classroom Introductions 5
Mentoring Community Introductions 6
Why Are You Here? 7
Using Bloom's Taxonomy 8
What do you Expect? 9
Housekeeping in the Classroom 10
Housekeeping in the Online Classroom 11
Housekeeping Online 12
Lesson 2 Course Conventions & Agenda 13
Conventions Used 14
Quizzes & Exercises 15
ITIL Qualification Scheme 16
ITIL Foundation Certification Exam 17
Getting Started in the Classroom 18
Getting Started in anOnline Classroom 19
Getting Started with anOnline Class 20
Chapter 2: Introduction to ITSM 21
Objectives 22
Terms-to-Know 22
Page v
Contents
Lesson 3 ITSM as a Practice 23
IT ServiceManagement 24
Critical Success Factors 25
ITIL History 26
ITIL Description 27
Need-to-Know ITSM Concepts 28
Good Practice 29
Customers 30
Service 31
Service Value 32
Utility Effect 33
Warranty Effect 34
Function–Process–Role 35
What is a Process? 36
Process Characteristics 37
Service Owner & Process Owner 38
The RACI Model 39
ITSM as a Practice Summary 40
Lesson 4 ITSM Lifecycle 41
The IT ServiceManagement Lifecycle 42
Lifecycle-Oriented ITIL 43
Service Lifecycle Processes 44
IT Governance & Service Lifecycle 45
The Service Lifecycle – Value to the Business 46
ITSM Lifecycle Summary 47
Lesson 5 ITSM Summary 49
ITIL Concepts Summary 50
Checkpoint Instructions 51
Quiz- ITSM Introduction 52
Page vi
Contents
Chapter 3: Continual Service Improvement 59
Objectives 60
Terms-to-Know 60
Lesson 6 Introduction to CSI 61
CSI & the Service Lifecycle 62
Managing Across the Lifecycle 63
Purpose, Goals & Objectives of CSI 64
Scope of CSI 65
Value of CSI 66
Principles of CSI 67
Governance 69
CSI & Organizational Change 70
PDCA & Continual Improvement 71
CSI Approach 72
Baselines 73
Metrics & Measurement 74
Critical Success Factors 75
Lesson 7 7-Step Improvement Process 77
Purpose, Goals & Objectives 78
Scope 79
Business Value 80
Policies, Principles & Concepts 81
7-Step Improvement Process 82
Lesson 8 CSI Summary 83
Continual Service Improvement Summary 84
Checkpoint Instructions 85
Quiz- CSI 86
Chapter 4: Service Operation 95
Objectives 96
Page vii
Contents
Terms-to-Know 96
Lesson 9 Introduction to Service Operation 99
Service Operation & the Service Lifecycle 100
Managing Across the Lifecycle 101
Purpose, Goals & Objectives of Service Operation 102
Scope of Service Operation 103
Value of Service Operation 104
Principles of Service Operation 105
Organizing Service Operation 106
Balancing External & Internal Views 107
Balancing Stability & Responsiveness 108
Balancing Quality & Cost of Service 109
Balancing Reactive & Proactive 110
Providing Service 111
Integrating Service Operation, Transition & Design 112
Communication's Role in Service Operation 113
Service Operation Documentation 114
Lesson 10 Service Operation Processes 115
The Service OperationModel 117
The Process of Service Operation 118
Incident Management Introduction 119
Purpose, Goals & Objectives of Incident Management 120
Scope of Incident Management 121
Value of Incident Management 122
Concepts of Incident Management 123
Activities of Incident Management 124
Incident Logging 125
Incident Categorization 126
Categorization 127
Page viii
Contents
Priority 128
Incident Diagnosis 129
Escalation 130
Incident Resolution & Recovery 131
Incident Closure 132
Expanded Incident Lifecycle 133
Incident Management Relationships 134
Incident Management Summary 135
Event Management 136
Event Management Measures & Outcomes 137
Request Fulfillment 138
Request Fulfillment Measures & Outcomes 139
ProblemManagement Introduction 140
Purpose, Goals & Objectives of ProblemManagement 141
Scope of ProblemManagement 142
Value of ProblemManagement 143
Concepts of ProblemManagement 144
Activities of ProblemManagement 145
ProblemManagement Relationships 146
ProblemManagement Summary 147
Access Management 148
Access Management Measures & Outcomes 150
Lesson 11 Service Operation Functions 151
Introduction to Service Operation Functions 152
Introduction to Service Desk 153
Service Desk Function 154
Role of the Service Desk 155
Purpose, Goals & Objectives of the Service Desk 156
Organizational Structures of Service Desk 157
Page ix
Contents
Service Desk - Staffing 158
Service Desk - Metrics 159
Introduction to Technical Management 160
Role of Technical Management 161
Introduction to ApplicationManagement 162
Role of ApplicationManagement 163
Introduction to IT Service Operations Management 165
Role of Operations Management 166
Service Operation Functions Summary 167
Lesson 12 Service Operation Summary 169
Service Operation Summary 170
Checkpoint Instructions 171
Quiz- Service Operation 172
Chapter 5: Service Transition 181
Objectives 182
Terms-to-Know 182
Lesson 13 Introduction to Service Transition 183
Service Transition & the Service Lifecycle 184
Managing Across the Lifecycle 185
Purpose, Goals & Objectives of Service Transition 186
Scope of Service Transition 187
Value of Service Transition 188
Principles of Service Transition 189
Lesson 14 Service Transition Processes 191
Service TransitionModel 193
Transition Planning & Support 194
Transition Planning & Support Measures & Outcomes 195
Introduction to ChangeManagement 196
Purpose, Goals & Objectives of ChangeManagement 197
Page x
Contents
Scope of ChangeManagement 198
Value of ChangeManagement 199
Concepts of ChangeManagement 200
Activities of ChangeManagement 201
The Change Advisory Board (CAB) 202
Change Types 203
ChangeModel 204
Change Proposal 205
Change Process Flow 206
Create & Review aRequest for Change 207
Assess & Evaluate Request for Change 208
Authorize a Change 209
Coordinate Change 210
Review & Close Change 211
Standard Change 212
ChangeManagement Relationships 214
ChangeManagement Summary 215
Service Asset & ConfigurationManagement (SACM ) 216
ConfigurationManagement System 217
SACMMeasures & Outcomes 218
Release & Deployment 219
DefinitiveMedia Library 221
Release & Deployment Measures & Outcomes 222
KnowledgeManagement Summary 223
KnowledgeManagement Measures & Outcomes 224
Lesson 15 Service Transition Summary 225
Service Transition Summary 226
Checkpoint Instructions 227
Quiz- Service Transition 228
Page xi
Contents
Chapter 6: Service Design 237
Objectives 238
Terms-to-Know 238
Lesson 16 Introduction to Service Design 241
Service Design & the Service Lifecycle 242
Managing Across the Lifecycle 243
Purpose, Goals & Objectives of Service Design 244
Scope of Service Design 245
Value of Service Design 246
Principles of Service Design 247
Lesson 17 SD Processes 249
Introduction to Design Coordination 251
Design Coordination Overview 252
Purpose, Goals & Objectives 253
Scope 254
Value to the Business 255
Introduction to Service Level Management 256
Purpose, Goals & Objectives of Service Level Management 257
Scope of Service Level Management 258
Value of Service Level Management 260
Concepts of Service Level Management 261
Activities of Service Level Management 262
Overview of Service Level Management Process 263
SLA Frameworks 264
SLRs & SLAs 265
SLA Monitoring 266
Service Level Agreement Monitoring Chart 267
Improving Customer Satisfaction 268
Managing Underpinning Agreements 269
Page xii
Contents
Service Reporting 270
Service Improvement Plan 271
Managing & Revising SLAs & UCs 272
Contacts & Relationships 273
Feedback 274
Service Level Management Relationships 275
Service Level Management Summary 276
Service CatalogManagement 277
Service Catalog Views 278
Service CatalogManagement Measures 279
Capacity Management 280
Concepts of Capacity Management 281
Capacity Management Measures & Outcomes 282
Availability Management 283
Concepts of Availability Management 284
Levels & Aspects of Availability 285
Availability Management Measures & Outcomes 286
IT Service Continuity Management 287
Value of ITSCM 288
Concepts of ITSCM 289
Service Continuity Management Measures & Outcomes 290
Information Security 291
Concepts of Information Security 292
Information Security Management Measures & Outcomes 293
Supplier Management 294
Activities of Supplier Management 295
Supplier CategorizationMatrix 296
Supplier Management Measures & Outcomes 297
Lesson 18 Service Design Summary 299
Page xiii
Contents
Service Design Summary 300
Checkpoint Instructions 301
Quiz- Service Design 302
Chapter 7: Service Strategy 311
Objectives 312
Terms-to-Know 312
Lesson 19 Introduction to Service Strategy 313
Service Strategy in the Service Lifecycle 314
Managing Across the Lifecycle 315
Purpose, Goals & Objectives of Service Strategy 316
Scope of Service Strategy 317
Value of Service Strategy 318
Service Strategy Principles 319
Value Creation 320
Utility & Warranty Combined 321
Service Assets 322
MarketingMindset 323
Service Provider Types 324
Service Structures 325
Service Strategy Fundamentals 326
Service Portfolio 327
Service Automation 328
Lesson 20 Service Strategy Activities 329
Introduction to Service Portfolio Management 330
Service Portfolio Overview 331
Purpose, Goals & Objectives 332
Scope 333
Value to the Business 334
Introduction to Financial Management 335
Page xiv
Contents
Purpose, Goals & Objectives of Financial Management 336
Scope of Financial Management 337
Value of Financial Management 338
Introduction to Business Relationship Management 339
Purpose, Goals & Objectives 340
Scope 341
Business Value 342
Lesson 21 Service Strategy Summary 343
Service Strategy Summary 344
Checkpoint Instructions 345
Quiz- Service Strategy 346
Appendix: Foundation Syllabus 355
Appendix: 7-Step Improvement Process 369
7-Step, Activities, Methods & Techniques 370
Step 1 - Strategy for Improvement 371
Step 2 - DefineMeasurement 372
Step 3 - Gather Data 373
Step 4 - Process Data 374
Step 5 - Analyze Information & Data 375
Step 6 - Present & Use Information 376
Step 7 - Implement Improvement 377
Appendix: Service Design Package 379
Requirements 379
Service Design 379
Organizational Readiness Assessment 379
Service Lifecycle Plan 379
ITIL v3 Glossary 381
Page xv
Page xvi
Contents
Chapter 4:
Service Operation
Objectives 96
Terms-to-Know 96
Lesson 9 Introduction to Service Operation 99
Lesson 10 Service Operation Processes 115
Lesson 11 Service Operation Functions 151
Lesson 12 Service Operation Summary 169
Page 95
Chapter 4: Service OperationObjectives |
Objectives
l Account for main goals & objectives of Service Operation.l Briefly explain what value Service Operation provides to the business.l Explain the high-level objectives, basic concepts, process activities and relationships for Inci-
dent Management & ProblemManagement.l State the objectives and basic concepts for Event Management, Request Fulfillment &
Access Management.l Explain the role, objectives & organizational structures for the Service Desk function.l State the role, objectives & organizational overlap of the Technical Management function,
ApplicationManagement function & IT Operations Management function.
Terms-to-Know
Alert – A warning that a threshold has been reached, something has changed, or a failure hasoccurred. Alerts are often created andmanaged
Event – A change of state that has significance for themanagement of a Configuration Item or ITService. The term Event is also used tomean an alert or notification created by any IT Service, Con-figuration Item ormonitoring tool.
Impact – A measure of the effect of an incident, problem or change on business processes. Impact isoften based on how service levels will be affected. Impact and urgency are used to assign priority.
Incident – An unplanned interruption to an IT Service or reduction in the quality of an IT Service. Fail-ure of a Configuration Item that has not yet affected a IT Services is also considered an Incident.
IT Operations Control – The function responsible for monitoring and Control of the IT Services andIT Infrastructure.
Known Error – A Problem that has a documented root cause and a workaround. Known Errors arecreated andmanaged throughout their lifecycle by ProblemManagement. Known Errors may also beidentified by development or Suppliers.
Known Error Database – A database containing all Known Error records. This database is createdby ProblemManagement and used by Incident and ProblemManagement. The known Error Data-base is part of the Service KnowledgeManagement system.
Operations Bridge – A physical location where IT Service and IT infrastructure aremonitored andmanaged.
Priority – A Category used to identify the relative importance of an incident, problem or change. Prior-ity is based on impact and urgency, and is used to identify required times for actions to be taken. Forexample the SLA may state that Priority 2 incidents must be resolved within 12 hours.
Problem – A cause of one or more Incidents. The cause is not usually known at the time a ProblemRecord is created, and the ProblemManagement Process is responsible for further investigation.
Service Request – A request from a user for information, advice, a standard change, or access to anIT Service. Service Requests are usually handled by a Service Desk and do not require a Request forChange (RFC) to be submitted.
Page 96
Chapter 4: Service OperationTerms-to-Know |
Urgency – A measure of how long it will be until an incident, problem or change has a significantimpact on the business. For example a high-impact Incident may have low Urgency if it will not affectthe business until the end of the financial year. Impact and Urgency are used to assign priority.
Workaround – Reducing or eliminating the impact of an incident or problem for which a full resolutionis not yet available; for example by restarting a failed Configuration Item. Workarounds for problemsare documented in Known Error Records, and workarounds for incidents without associated ProblemRecords are documented in the Incident Record.
Page 97
Page 98
Chapter 4: Service OperationTerms-to-Know |
Chapter 4: Service OperationLesson 9 Introduction to Service Operation |
Lesson 9
Introduction to Service Operation
Service Operation & the Service Lifecycle 100
Managing Across the Lifecycle 101
Purpose, Goals & Objectives of Service Operation 102
Scope of Service Operation 103
Value of Service Operation 104
Principles of Service Operation 105
Organizing Service Operation 106
Balancing External & Internal Views 107
Balancing Stability & Responsiveness 108
Balancing Quality & Cost of Service 109
Balancing Reactive & Proactive 110
Providing Service 111
Integrating Service Operation, Transition & Design 112
Communication's Role in Service Operation 113
Service Operation Documentation 114
Page 99
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Service Operation & the Service Lifecycle
Service Operation & the Service LifecycleService Operation coordinates the processes and activities for delivering andmanaging services attheir agreed levels. It is wheremost of the business community comes in contact with IT becauseService Operation “makes IT services happen” in the eyes of the customer.
Page 100
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Managing Across the Lifecycle
Managing Across the LifecycleService Operation delivers and supports IT services. It directly touches the business side of theorganization, and, thus, represents the face of IT to themajority of the user community.
Although Service Operation executes the actual operation of services as prioritized by ServiceStrategy, designed by Service Design, and transitioned by Service Transition, its responsibilitiesextend far beyond the technical side of IT Operations.
It provides inputs to the Continual Service Improvement phase (CSI) on how to improve services, aswell as their accompanying support and delivery processes. It also actively participates in theStrategy, Design and Transition processes as both consultant and hands-on practitioner.
Page 101
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Purpose, Goals & Objectives of Service Operation
Purpose, Goals & Objectives of Service OperationThe delivery and support of an IT service requires a tremendous amount of coordination of resources(people, technology, processes and functions). This effort provides the IT service at the agreed levelof service within the defined resource constraints.
On a day-by-day basis, Service Operationmanages the technology under its purview and continuallymonitors its services and technology to ensure that it is meeting the agreed objectives. Service Oper-ation also continually seeks ways to improve its performance..
Page 102
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Scope of Service Operation
Scope of Service OperationService Operation's scope extends over all of the services provided by IT in support of business proc-esses. This includes services provided by internal staff, as well as those provided by external serviceproviders. Its scope also includes various touch points within the other Service Lifecycle domainssuch as Continual Service Improvement, Service Transition, Service Design, and Service Strategy.
The functions and processes of Service Operation involve highly complex tasks associated with man-aging its technology.This requires that all of the technology that supports or manages the IT infra-structure thoroughly integrate into the support processes to enable efficient and effective delivery ofIT services.
Similarly, supporting today’s complex technological infrastructures demands that IT become a serv-ice provider within amulti-provider environment. Many of today’s services consist of both internallyand externally provided services. However, from the customer’s viewpoint, it all "belongs" to the inter-nal IT organization.
Page 103
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Value of Service Operation
Value of Service OperationService Operation brings together the outcomes of all of the phases of the IT Service Lifecycle. Serv-ice Strategy models the IT service, Service Design validates it, Service Transition builds it andmoves it into operation, and Continual Service Improvement optimizes it.
Up to this point in the IT Service Lifecycle, all of these efforts are transparent to the vast majority ofthe business customers and user community. However, Service Operation is “where the rubber hitsthe road.” It is the face or visible part of IT that the average business person comes into contact withmost often
If there is an upside to Service Operation, it is that the business customers form much of their per-ception of IT and the services it provides through their interactions with the functions and processesof Service Operation.
If there is a downside to Service Operation, it is that the activities become part of the landscape. Itbecomes difficult to justify necessary resources to support aging deficient services, support staff andtools, or make an IT service better.
Page 104
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Principles of Service Operation
Principles of Service OperationIn the book Alice inWonderland, Alice and theQueen were discussing believing in impossible things.TheQueen remarked that “Why, sometimes I’ve believed as many as six impossible things beforebreakfast.” This quote often seems to describe Service Operation as it tries to achieve an overall bal-ance between a number of very strong opposing forces.
Service Operation demands a service provider wholeheartedly embrace a “culture of service.” It mustactively participate in all aspects of the Service Lifecycle because Service Operationmust live andoperate with the decisions and actions made elsewhere.
Communication, both up and down as well as in and out of the organization, is key to achieving highlevels of performance from the functions and processes of Service Operation.Further leading the way,it promotes the documentation of its collective actions. This results in the IT service providerbecome a learning organization, not one dependant on “tribal knowledge.”
Page 105
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Organizing Service Operation
Organizing Service OperationA key observation about organizing Service Operation is that there aremany organizational com-positions the service provider must address.
A function represents a team or group of people and the tools it uses to carry out one or more proc-esses or activities. Groups and teams are groups of people assembled to perform a specific functionor task. Although these terms lack standard definitions, a group is often an informal collection of staffknowledgeable about a particular issue or function, and a team is usually a formally designated groupof people assigned to a particular function. Themembers of a team or group do not necessarily residein the same department, but work together with staff from several departments.
Departments and divisions connote organizational structures, each of which has its own hierarchy ofresponsibilities and control. The exact nature of departments and divisions differs in every organ-ization, depending on its size, business structure, location and corporate culture.
A role is a set of responsibilities, activities and authorities granted to a person or team. A role isdefined within a process. A functionmay includemany individual roles, and, in turn, a functionmayplay a role within a larger process or activity.
Page 106
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Balancing External & Internal Views
Balancing External & Internal ViewsITIL defines a service as “ameans of delivering value to customers by facilitating outcomes cus-tomers want to achieve without the ownership of specific costs and risks.” This affords us someinsight into the difficulty Service Operation faces in balancing its “internal view” of a service with thecustomer's “external view” of the same service.
The external view of a service is from the perspective of the business customers and users who “con-sume” the service; it is their experience with the service.They neither know, nor care, what elegantcombinations of hardware, software and engineering genius go into its delivery (nor should they).They experience only the utility and warranty of the service.
On the other hand, IT’s internal view of the service is of all of those elegant pieces of hardware andwonderfully written software programs supported by really great tools that make it all work together.Moreover, becausemost of that elegant technology belongs to vertically integrated functional groups,it is often difficult for one group to see (or care) what other elegant pieces of hardware or softwarecome from other groups.
Although the two views above represent the opposite ends of the spectrum, the challenge is to makesure the IT organization canmeet the demands of the business and not under-deliver on its promisesto the business.
Page 107
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Balancing Stability & Responsiveness
Balancing Stability & ResponsivenessStriking the balance between being responsive to the business while maintaining a stable IT infra-structure and high service availability is a challenging goal to achieve. The business wants to imple-ment changes right away, while IT appreciates the contribution a “steady state” makes to its quality ofservice (QoS) objectives.
This ongoing demand for changes to technology-enabled business processes can result in a patch-work of infrastructure that places a disproportionate demand on IT resources.
If left unchecked, this environment creates a situation in whichmany IT organizations act more as“gatekeepers” than service providers. IT finds itself relegated tomaintaining the status quo (stableinfrastructure) at the cost of responding to the business’ need for change. The short-term objectivesoften seem to outweigh the long-term strategies.
Page 108
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Balancing Quality & Cost of Service
Balancing Quality & Cost of ServiceLife is full of compromises, and balancing the quality of something with its cost creates difficulty formany IT service providers and businesses.
We have all heard the saying, “You can have it good, fast or cheap. Pick any two.” The difficultycomes in balancing Quality of Service (QoS) with the Cost of Service (CoS) while viewing “good,”“fast” and “cheap” as absolutes.
Goodness and quality are, in effect, the same; the ability of a product, service or process to providethe intended value. How quickly IT can deliver a product, service or process is a direct function ofresources, which impact time-to-deliver and cost. Increase one and something, somewhere, mustchange to accommodate it.
Balancing QoS and CoS focuses on bringing quality in line with the value of the service, NOT its cost!Many businesses tend to confuse cost and value and end up seeing service quality fall off afteracross-the-board cost-cutting. One basic truth in IT ServiceManagement is “cheap” NEVER ends upbeing least expensive.
Often Service Provider organizations base their decisions primarily on cost. When thishappens at the expense of other considerations such as time or quality, hidden costs endup exceeding any apparent savings in cost. Therefore, the cheapest approach to doingsomething is not always the least expensive.
Page 109
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Balancing Reactive & Proactive
Balancing Reactive & ProactiveAny IT professional who has been around for any length of time has probably accumulated a wholedrawer full of “hero badges.” These are the accolades or kudos bestowed upon our IT service pro-vider's heroes for rushing in and saving the day through their extraordinary efforts.
In a “reactive organization,” where fire fighting is the normal way of life, the heroes are revered, get bigraises and coveted promotions. But organizations that are constantly fire fighting tend to consumetheir valuable technical functional resources "fixing stuff” instead of "doing stuff” that would help thebusiness bemore successful.
A “proactive organization,” on the other hand, is always looking for ways to improve things. Here fireprevention is a way of life. Although heroes are recognized for their contribution to the organization, aproactive organization always investigates the situation that led to the need for a hero and sees ifthere are ways to avoid the use of heroism again.
Making themove to a proactive organization depends on a number of different things:
l The overall maturity of the IT organizationl The organizational culturel IT’s role within the businessl Level of process and tool integrationl Maturity and scope of KnowledgeManagement
Page 110
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Providing Service
Providing ServiceThe concept of a service culture undoubtedly manifests itself most clearly within the Service Oper-ation portion of the Service Lifecycle. All of the other domains lay the foundation, but it is here that theservice culture actually goes to work.
In short, a service culture recognizes that its major objective is customer satisfaction as it helps cus-tomers achieve their business objectives. Looking inward, this means that IT values its technical andperformance achievements as mileposts in the journey to customer satisfaction.
IT achieves a service culture by making each staff member aware of the larger picture of businessgoals and objectives, and the value of his or her participation in it. IT must look upon service as a pro-fession and adjust its performancemetrics and recruitment requirements accordingly.
Page 111
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Integrating Service Operation, Transition & Design
Integrating Service Operation, Transition & DesignIn addition to performing daily Service Operation activities, Service Operation staff participate in Serv-ice Design and Service Transition activities. Occurring early in the Service Design and Service Tran-sition stages, this participation ensures that new services are fit for purpose from a Service Operationperspective,are supportable, and integrate with Service Transition capabilities.
Page 112
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Communication's Role in Service Operation
Communication's Role in Service OperationIn its daily activities, Service Operation communicates frequently with both internal and external recip-ients about topics such as inter-shift operations handover, performance and project reporting,changes, exceptions, emergencies, training on new processes and service designs, and strategy anddesign information for internal Service Operation teams.
Themost important thing to remember about communication is that it derives from the word "to com-mune" or "to share." In other words, communicationmust always be a two-way process. It mustalways have an intended audience, and it must always communicate themessage to the audience inthe language andmethod the audience expects.
Themost effective communication relies on a checklist similar to the journalist's credo of Who?What?Where?When?Why? and How? A successful communications document or campaignanswers each of these questions and specifically targets its intended audience.
The 5 "Ws" and 1 "H" of Communications–Who?Who is the communicationintended for?Who initiated the communication?What?What is the topic of the com-munication?Where?Where does the communication apply?What is its scope?When?When does the subject topic of the communication take place? In the future? Has italready happened?Why?Why is it necessary to release the communication? Does therecipient need to do or know something?How? How will the subject topic of the com-munication happen? Does the communication need to include instructions for doing some-thing?
Page 113
Chapter 4: Service OperationLesson 9 Introduction to Service Operation | Service Operation Documentation
Service Operation DocumentationDocumentation is one of the keys to ensuring the consistent execution of operations procedures andactivities. Service Operation documentation breaks down into four areas.
Standard Operation Procedures, known as SOPs, represent the detailed instructions the operationsstaff follows in the day-to-day execution of the procedures and activities of managing the IT infra-structure. The scope of SOPs extends over all of the devices and systems under management, andincludes defined standards of performance. Operational Level Agreements (OLAs) often referencethese performance standards.
Operations logs record what was done, by whom, when and what the outcomes were. The logs pro-vide the “paper trail” for the execution of operations procedures. They can be in hardcopy written formor electronic, andmust be covered by a policy that includes guidance on the retention of the logs.
Shift schedules and reports document the schedule of activities that the Operations staff carry out ineach shift. It coordinates activities across multiple shifts and ensures consistency in their execution.Tools used to support operations scheduling can be as simple as a handwritten sheet of paper or assophisticated as an enterprise scheduling product.
Operations schedules provide a high-level overview of planned operations. They not only include nor-mal operations activities, but also outline changes to routine jobs, anything added on a one-off basis,and scheduledmaintenance by Technical Management staff or external service providers.
Page 114
Chapter 4: Service OperationLesson 10 Service Operation Processes | Service Operation Documentation
Lesson 10
Service Operation Processes
The Service Operation Model 117
The Process of Service Operation 118
Incident Management Introduction 119
Purpose, Goals & Objectives of Incident Management 120
Scope of Incident Management 121
Value of Incident Management 122
Concepts of Incident Management 123
Activities of Incident Management 124
Incident Logging 125
Incident Categorization 126
Categorization 127
Priority 128
Incident Diagnosis 129
Escalation 130
Incident Resolution & Recovery 131
Incident Closure 132
Expanded Incident Lifecycle 133
Incident Management Relationships 134
Incident Management Summary 135
Event Management 136
Event Management Measures & Outcomes 137
Request Fulfillment 138
Request Fulfillment Measures & Outcomes 139
Page 115
Chapter 4: Service OperationLesson 10 Service Operation Processes | Service Operation Documentation
Problem Management Introduction 140
Purpose, Goals & Objectives of Problem Management 141
Scope of Problem Management 142
Value of Problem Management 143
Concepts of Problem Management 144
Activities of Problem Management 145
Problem Management Relationships 146
Problem Management Summary 147
Access Management 148
Access Management Measures & Outcomes 150
Page 116
Chapter 4: Service OperationLesson 10 Service Operation Processes | The Service OperationModel
The Service Operation ModelThis is a high-level diagram of how the functions and processes of Service Operation relate to eachother, other Service Lifecycle processes and the business users.
Page 117
Chapter 4: Service OperationLesson 10 Service Operation Processes | The Process of Service Operation
The Process of Service OperationThe five Service Operation processes will be examined in the following sections.
l Incident Management - Coordination of IT resources needed to restore an IT service.l Event Management - Monitoring events throughout the IT Infrastructure.l Request Fulfillment - Managing customer & user requests that are not the result of an incident.l ProblemManagement - Finding the root cause of events & incidents.l Access Management - Granting authorized users the right to use a service.
Page 118
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Management Introduction
Incident Management IntroductionThe Incident Management process is normally the responsibility of the Service Desk function. Itsobjective is to coordinate the rapid restoration of IT services. By itself, Incident Management does notrepair any failed component within the IT infrastructure. Its sole purpose is to coordinate that effortthrough other functional areas within the IT Service Provider’s organization.
Many IT organizations mistakenly identify the Incident Management process activities as ProblemManagement. While seemingly insignificant on the surface, the objectives of the two processes arequite dissimilar. The IT Infrastructure Library forces rigorous definitions of both terms and processesto help IT organizations better understand, and communicate.
Many organizations create Incident Models that pre-define the steps for handling particular types ofincidents that may reoccur. Incident Models document the steps the Incident Management processshould follow, who holds responsibility for various actions in the Incident process, time scales andthresholds for completion of actions, and escalation procedures.
Page 119
Chapter 4: Service OperationLesson 10 Service Operation Processes | Purpose, Goals & Objectives of Incident Management
Purpose, Goals & Objectives of Incident ManagementThe Incident Management process minimizes the impact an IT Service failure has on the business. Itseeks tomaintain IT Service quality and availability. It also optimizes the Service Provider's ability todeploy its staff in the best interests of the business.
It accomplishes its goals by coordinating resources and assets to efficiently and effectively restoreIT Services within the service boundaries established within the Service Level Agreement.
An incident is an unplanned interruption to an IT Service or reduction in the quality of anIT Service. Failure of a configuration Item that has not yet affected service is also an inci-dent.
Page 120
Chapter 4: Service OperationLesson 10 Service Operation Processes | Scope of Incident Management
Scope of Incident ManagementThe scope of Incident Management extends over any event within the IT infrastructure that disruptsan IT Service. This concept extends even to events that by themselves do not represent an outage,but may cause a degraded service or put a service at risk
An examplemight be the loss of a disk drive's mirrored drive. Although the event may not disrupt theservice, the service is at risk of disruption should the primary disk drive fail. An example of adegraded servicemight be the loss of one of the dual input/output (I/O) channels to a disk array.While, as in the previous example, the servicemay be at risk should the other channel fail, the failedchannel may reduce overall throughput, adversely affecting the service's performance.
Detecting and reporting Incidents may derive frommany different sources, including both users andavailability- and performance-monitoring tools. In addition, as part of its normal daily activities, thetechnical staff of the IT organizationmay become aware that something is amiss and is impacting orputting an IT Service at risk of disruption.
Page 121
Chapter 4: Service OperationLesson 10 Service Operation Processes | Value of Incident Management
Value of Incident ManagementFrom the business perspective, Service Operation lies at the heart of realizing IT Service value. TheIncident Management process becomes a highly visible area of attention for the business when“things break.” A well-managed Incident Management process sets the stage for, or can provide thejustification for, adequate funding of the entire set of Service Operation processes and functions.
The business realizes (captures) the value of IT Service through Incident Management whenever itsteps up to address IT Service downtime, thereby reducing a disruption's negative impact to the busi-ness. It also provides a flexible mechanism to dynamically allocate IT resources in response to busi-ness priorities.
Finally, Incident Management provides the context for identifying potential improvements to IT Serv-ices and to IT and business user training needs.
Page 122
Chapter 4: Service OperationLesson 10 Service Operation Processes | Concepts of Incident Management
Concepts of Incident ManagementFundamental to the Incident Management process is the idea that not all incidents are equal, and,therefore, they do not require the same level of response in the same time frame. An incident's priority(business impact & urgency) dictates the IT organization's response and the subsequent deploymentof its resources.
Incident Management response time frames support the targets specified within the relevant ServiceLevel Agreements (SLA). Within the IT organization, as well as any external product or service pro-vider, Operational Level Agreements (OLA) and Underpinning Contracts (UC)must also support theSLA's restoration targets. Enabling tools can automate this to a certain extent.
Very seldom do IT organizations run into something brand new. They have seenmost of the incidentsthat occur, and they will see them again. To aid in the rapid restoration of IT Services, an IT organ-ization can create Incident Models that lay out the progression of steps for restoring a service, staffinvolvement and responsibilities, timescale, criteria for escalation, and required documentation.
Major Incidents are Incidents that either have, or will have, amajor impact on the business. They oper-ate with compressed timeframe for restoring the service, and often a dedicated team oversees the res-toration effort. There is normally a separate set of procedures for handlingMajor Incidents.
Page 123
Chapter 4: Service OperationLesson 10 Service Operation Processes | Activities of Incident Management
Activities of Incident ManagementThe activities of the Incident Management process perform the full lifecycle of the Incident.
Incident Logging captures basic information about the Incident and records it in the Incident database.Incident Categorization gathers more information about it, determines what portion of the infra-structure it is impacting, assigns priority, and attempts tomatch its symptoms to a knowledge data-base.
During Incident Diagnosis, Incident Management coordinates the investigation of the incident, esca-lates it if needed, coordinates the development of a workaround if available, andmaintains constantcommunication with the user.
Incident Resolution & Recovery applies workarounds, updates any knowledge databasematches,oversees any service restoration activity and updates the Incident record.
Finally, the Incident Closure activity performs a final review to determine that service has beenrestored to the user, does a final classification of the Incident and closes the Incident record.
Page 124
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Logging
Incident LoggingThe definition of an Incident is an unplanned interruption to an IT service or reduction in the quality ofan IT service. Failure of a Configuration Item (CI) that has not yet affected service is also an Incident.
The definition of an Incident includes anything that is not part of the standard operation of a serviceand which causes or may cause disruption to or a reduction in the quality of services and customerproductivity. Thus, a degraded IT service could be an Incident, just as if that service were totallydown.
Themost common source of Incidents is users calling the Service Desk, and the operations groupalso commonly reports Incidents. Network and Systems Management andmonitoring tools can pro-vide automatic event notification directly to an automated Incident management system.
Once detected, the Incident Lifecycle begins by recording the details of the Incident. It creates an Inci-dent Record that links to the Incident and the affected CIs in the ConfigurationManagement System(CMS).
Incident Management often receives the first notification of an Incident from the users; i.e., physicaldamage such as lightning strikes. In these cases, it is common for Incident Management to alertother IT domains. Throughout the entire Incident Management Lifecycle, Incident Management staffupdates the Incident Record as additional information becomes available, and the Service Desk main-tains continual contact with the user.
Page 125
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Categorization
Incident CategorizationThis activity gathers information, identifies the characteristics of an Incident, andmatches it to pre-vious Incidents, Problems and Known Errors. Gathering information facilitates diagnosis, but doesnot determine the root cause of the Incident.
Categorization identifies an Incident by origin and symptoms and assigns a standard priority based onbusiness impact and urgency. It references the Service Level Agreements (SLA) for this information.
The Service KnowledgeManagement System (SKMS) stores Incidents, Problems, and KnownErrors as part of a “knowledge base.” Matching an incident to the knowledge base provides a res-olution or aWorkaround. The SKMS maintains known errors in the Known Error Database (KEDB).
The Incident Matching activity uses these common terms:
l Workaround– the interim reduction of impact or elimination of an Incident or Problem forwhich a full resolution is not yet available
l Problem – a cause of one or more Incidentsl Known Error - a Problem that has a documented root cause and a workaround
When Incident Management needs higher-level support or more resources, it can escalate the Inci-dent, making other areas within the business or IT aware of the situation.
Page 126
Chapter 4: Service OperationLesson 10 Service Operation Processes | Categorization
CategorizationCategorization (also known as classification) bounds which component of the infrastructuremight becausing the disruption of an IT Service. A typical categorization scheme establishes a hierarchy ofcategories, and each subsequent level narrows the scope of possible infrastructure components
A categorization scheme is normally unique to each IT organization because the details of suchschemes depend greatly on the size and complexity of the IT infrastructure. This requires each ITorganization to figure it out “on its own.”
Although no specific guidance exists, generally the steps to arrive at a workable scheme involve gath-ering knowledgeable members of the IT staff, putting together a strawman” scheme, trying it out,analyzing the results and tweaking as required. Most enabling tools that support the Service Oper-ation processes have the capability to support three or four levels of granularity. This is normallyenough to provide the necessary scoping and data necessary to support the Incident and ProblemManagement processes.
Categorization is a technique used to group like things together. Multi-level categorizationtakes this technique one step further by "grouping like groups" together. By doing this aService Provider can createmeaningful groupings of things (components of the infra-structure) to aid in quickly identifying which portion of the infrastructuremight be involvedin an incident or problem.
Page 127
Chapter 4: Service OperationLesson 10 Service Operation Processes | Priority
PriorityPriority is a category used to identify the relative importance of an Incident, Problem or Change. Prior-ity is based on impact and urgency and is used to identify required times for actions to be taken.
Business Impact - Business impact is ameasure of the business criticality of an Incident. Normally,higher business impact yields higher priority; however, this is not always the case
Business Urgency - Business urgency is ameasure of how quickly the Incident needs to beresolved to avoid business impact.
Priority Assignment - Priority can change as the progress toward an incident’s resolution advances.User input and SLA targets factor into the assignment of the incident’s Priority. An Incident withinSLA limits may reduce the priority while an Incident outside SLA limits may increase the priority. Forexample, an Incident might involve a single individual who cannot access an application, whichseems minor. However, the Incident might have amajor impact and require urgency in its resolution ifthe application impacted is a treasury funds transfer program for a brokerage firm.
Page 128
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Diagnosis
Incident DiagnosisThe goal of Incident Diagnosis is to diagnose and understand the incident and to coordinate the devel-opment of a workaround that allows the user to continue business even if this might mean the use of adegraded service. The Incident Management process coordinates the investigation and the diagnosisof the Incident. Diagnosing an Incident is often an iterative process involving different technical sup-port groups and support staff from different vendors.
Depending on the Service Level Agreement (SLA), failure to resolve an Incident within a specifiedperiod can initiate the escalation of an Incident. This includes escalating to second- or third-level (orline) support specialists with special skills; for example, developers, architects, or even third-partysupport staff.
The Incident Management process can coordinate the identification of a workaround for an Incident toget the user working again, even if that means in a degraded capacity. For example, the workaroundfor the inability to print to a local printer may be printing to a remote printer. Although the users mayhave to walk a bit farther to get their documents, they can still print until their printer is working again.During the Diagnosis phase, the Service Desk keeps the user informed of the status and progress ofthe Incident.
A workaround reduces or eliminates the impact of an incident or problem for which a fullresolution is not yet available. Known Error Records document workarounds for prob-lems, and Incident Records document workarounds for incidents that do not have asso-ciated problem records.
Page 129
Chapter 4: Service OperationLesson 10 Service Operation Processes | Escalation
EscalationEscalation - Escalation takes place when information about requesting action upon an Incident, Prob-lem or Change is passed tomore senior staff or other specialists.There are two types of escalation:functional and hierarchical. Escalation can be Functional (requires higher-level support), Hierarchical(requires higher-level management visibility) or both.
Reasons for escalation include:
l Incidents exceeding SLA allowed downtimel Increased and unforeseen impact, dimension, or scope of outagel Notification that timing is such that a critical business activity that is outside the scope of the
defined priority matrix may be in jeopardy
Functional Escalation - Functional Escalation represents the requirement for additional functional ortechnical expertise. This type of escalation takes into account the SLA and duration of the Incidentwith the intent to avoid potential service level breaches; for example, passing the Incident from first-level support to second-level (or line) support.
Hierarchical Escalation - Hierarchical Escalation invokes themanagement chain-of-commandwhen the resolution of the Incident is not likely to occur in time to avoid a service level breach. Whenused in advance of the service level breach, additional resources and timely actions can prevent serv-ice outages; for example, alerting senior management to ensure resource commitment occurs.
Page 130
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Resolution & Recovery
Incident Resolution & RecoveryThe Incident Management process owns the responsibility for restoration (repair & recovery) for sim-ple or routine incidents. At times, it may be necessary to pass responsibility to other groups that per-form ProblemManagement activities.
It always involves ProblemManagement when it is not clear which support group should investigateor resolve an Incident. In all cases, Incident Management updates the Incident Record as the Incidentprogresses and keeps the user informed of the status.
Resolution of the Incident results in the restoration of service to the user through recovery of arepaired Configuration Item (CI). The resolution of the Incident may encompass the application of aworkaround determined through Incident matching, or involve other processes such as Problem andChangeManagement
Repair, or the break/fix of the failed CI, may still leave the service unavailable. For example, replacinga failed hard drive leaves a workstation unavailable until the support team reinstalls the operating sys-tem and the user's data. Depending on the scope of the failure, it may be necessary to raise aRequest for Change (RFC) beforemaking the repair.
Following repair, Recovery brings the failed CI to its last recoverable state. This includes any requiredtesting, final adjustments or configuration. Examples include restoring files and rebooting. Recoveryalso includes a step by the Service Desk to notify the user of the restoration. Following Recovery,service Restoration occurs when the user indicates the service is acceptable, and he is able toresumework.
Page 131
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Closure
Incident ClosureThe Incident Closure Activity ensures constant and accurate updating and closure of an Incident.
After restoring the IT service, Incident Management staff review the Incident to establish its final clas-sification. This takes advantage of “20-20 hindsight” and allows the reviewer, using a standard codingscheme, to accurately record information about the Incident.
Such efforts at the end of the Incident Lifecycle enable the Incident Management process to providethe information necessary to do quality analysis. Final classification also helps ensure accuratematching of new Incidents in the future.
The final step of Incident Closure entails a detailed review of the Incident, the steps taken to restorethe IT service, refinement of the data necessary to close the Incident, and agreeing with the originatorof the Incident that it is satisfactorily resolved.To reduce the temptation for first-line staff to “re-writehistory,” Service Desk supervisory or senior personnel normally perform this activity.
Page 132
Chapter 4: Service OperationLesson 10 Service Operation Processes | Expanded Incident Lifecycle
Expanded Incident LifecycleThe Expanded Incident Lifecycle models the progression of activities between the occurrence of anIncident and the restoration of service.
l Detection –When a user or an automated system detects an error with a Configuration Item(CI). Theremay be a time lag between the incident and its detection.
l Diagnosis –Staff members categorize the Incident, andmatch it to previous Incidents, Prob-lems and Known Errors. If there are nomatches, diagnosis activities should start.
l Repair –Repair may require the involvement of ChangeManagement. After the CI is repaired,it may still be unavailable to the user until recovery activities take place.
l Recovery –Recovery activities, such as required testing, adjustments, etc.l Restoration –Service restoration occurs when the service is available to the user, the user
has accepted the service, and the user resumes work.
Metrics–Management metrics associated with Incident resolution:
l MTTR (Mean Time to Repair) –mean elapsed time between detection and repairl MTRS (Mean Time to Restore Service) –mean elapsed time between detection and res-
torationl MTBF (Mean Time Between Failures) –mean elapsed time between restoration and detec-
tionl MTBSI (Mean Time Between System Incidents) – average elapsed time between incidents
Page 133
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Management Relationships
Incident Management RelationshipsIncident Management shares relationships with several other processes in the IT Service Lifecycle.
Within the Service Operation stage, the Service Desk function normally owns the Incident Man-agement process. Event Management may notify Incident Management of a disruption to an IT Serv-ice, which triggers the Incident Lifecycle. Incidents are an input to the ProblemManagement processandmay trigger the creation of a Problem record. Incident Management should also raise an Incidentwhen there is an unauthorized access attempt or a security breach.
The Incident Management process may raise (initiate) a Request for Change (RFC) if its restorationactivity uncovers a defect to the infrastructure that requires a change. Information from the ServiceAsset & ConfigurationManagement processes often facilitates the investigation and diagnosis of theincident.
The Incident Management process references targets established within Service Level Agreementsto help define the Incident timescale. Incident data provides information on unavailability events toboth Availability and Capacity Management. In addition, the Incident Management process may util-ize Service Design information and staff in the restoration of an IT Service and any capacity-relateddisruption.
Page 134
Chapter 4: Service OperationLesson 10 Service Operation Processes | Incident Management Summary
Incident Management SummaryThe Incident Management process minimizes the impact an IT Service failure has on the business. Itseeks tomaintain IT Service quality and availability. It also optimizes the Service Provider's ability todeploy its staff in the best interests of the business.
From the business perspective, Service Operation lies at the heart of realizing IT Service value. TheIncident Management process becomes a highly visible area of attention for the business when“things break.” A well-managed Incident Management process sets the stage for, or can provide thejustification for, adequate funding of the entire set of Service Operation processes and functions.
Fundamental to the Incident Management process is the idea that not all incidents are equal, and,therefore, they do not require the same level of response in the same time frame. An incident's priority(business impact & urgency) dictates the IT organization's response and the subsequent deploymentof its resources.
Incident Management responds to the targets specified within the relevant Service Level Agreements(SLA). Operational Level Agreements (OLA) and Underpinning Contracts (UC)must also support theSLA's restoration targets. Enabling tools can automate this to a certain extent.
Page 135
Chapter 4: Service OperationLesson 10 Service Operation Processes | Event Management
Event ManagementEvent Management has the responsibility for ensuring themonitoring of all of the events throughoutthe IT infrastructure. This supports normal on-going operations and enables the detection and esca-lation exception events. There are three types of events;
l Informational - An event that does not require any action and does not represent an exceptionl Warning - An event that is generated when a service or devise is approaching a thresholdl Exception - An event that means a service or device is currently operating abnormally.
An Event is defined as a change of state that has significance for themanagement of a ConfigurationItem or IT service. Sometimes the term is also used tomean an Alert or notification created by any ITservice, Configuration Item ormonitoring tool. In this context, it is imperative that the Service LevelAgreement (SLA) defines what normal service operation is.
In today’s IT infrastructure there are a lot of “moving parts.” Many events occur during a typical dayand the Event Management process helps make sense out of them through:
l Early detection and warning of Incidentsl Exceptionmonitoringl Integration with Availability & Capacity Managementl Support of automated operations
.
Page 136
Chapter 4: Service OperationLesson 10 Service Operation Processes | Event Management Measures & Outcomes
Event Management Measures & OutcomesMost organizations have a number of sophisticated event monitoring tools that closely follow thehealth of the infrastructure's components.
Although themonitoring tools can identify every hiccup and discrepancy in a system, they spew forthmore information than can be integrated within a short time. The art of successful Event Managementis to determine the appropriate levels at which to filter the information coming from these tools.
If youmonitor too closely, you will spendmany resources investigating Events that turn out to be nor-mal processing events; if youmonitor at too high of a level, an Event may turn into an Incident beforeyou have time to correct it.
The key to Event Management is to establish triggers to initiate the investigation of an event and tobuild Event Management into the specifications of any new or changed services.
Page 137
Chapter 4: Service OperationLesson 10 Service Operation Processes | Request Fulfillment
Request FulfillmentA Service Request is defined as a non-incident related request from a user for information, or advice,for a standard change, or for access to an IT service. This includes requests such as a request for apassword, or standard change such as the installation of a common off-the-shelf software package.
The Request Fulfillment process provides a conduit for users to request and receive standard serv-ices. They can also get information about available services or be told how to request them.
The Service Desk is the normal entry point for users placing requests. However, the actual fulfillmentof the request may fall to members of the various technical functional groups responsible for theimpacted technology, or with the required skill set to act on the request.
Page 138
Chapter 4: Service OperationLesson 10 Service Operation Processes | Request Fulfillment Measures & Outcomes
Request Fulfillment Measures & OutcomesAn IT Service Desk routinely handles many types of Service Requests. The large ones are known asRequests for Change (RFC) and provide input to Service Transition.
However, by far, themost common requests will be small, frequently occurring, inexpensive requestsfor password resets, copies of documentation, desktop software installations, etc.
The Request Fulfillment process builds the channels and procedures for users to request these stand-ard services. It has a dual objective - to provide quick response to user requests and to avoid con-gesting and obstructing the Incident and ChangeManagement processes.
Page 139
Chapter 4: Service OperationLesson 10 Service Operation Processes | ProblemManagement Introduction
Problem Management IntroductionAs one of the processes of the Service Operation phase in the Service Lifecycle, the ProblemMan-agement process provides a systematic approach to identifying problems and diagnosing their rootcauses. Once it diagnoses a problem, ProblemManagement manages activities from the KnownError stage through to a Request for Change (RFC) and then tracks the Problem through the Changeand the Release & Deployment Management processes. It also synchronizes problems between theDevelopment and the Live Environments.
ProblemManagement activities cover both reactive and proactive aspects of dealing with systemicerrors in the infrastructure.
Page 140
Chapter 4: Service OperationLesson 10 Service Operation Processes | Purpose, Goals & Objectives of ProblemManagement
Purpose, Goals & Objectives of Problem ManagementProblemManagement effects the removal of systemic errors in the infrastructure. It seeks to preventfurther incidents by finding and removing the error, thus minimizing the impact of future incidents.
The process oversees the execution of the process' activities and coordinates assets and resourcesacross the departments and functional areas within the Service Provider's organization to seek theroot cause of problems.
A Problem is the cause of one or more incidents. The cause is not usually known at thetime a problem record is created, and the ProblemManagement process is responsiblefor further investigation.
Page 141
Chapter 4: Service OperationLesson 10 Service Operation Processes | Scope of ProblemManagement
Scope of Problem ManagementThe scope of the ProblemManagement process extends over the entire Problem lifecycle andincludes its interactions with other IT Service Lifecycle domain processes.
Because the Incident and Problem lifecycles closely intertwine with each other, ProblemMan-agement shares a common coding scheme for categorizing and prioritizing Incidents and Problems.This significantly improves the likelihood of early Problem detection.
ProblemManagement's interaction with the Change and the Release & Deployment processesaccomplishes the actual removal of a Known Error from the infrastructure. It tracks the Known Erroragainst its progress through the Change and Release Lifecycle.
Information about Incidents, Workarounds, Problems, Known Errors and Resolutions is fundamentalto the successful execution of the ProblemManagement process. It is also key to an IT organ-ization's ability to create and reuse knowledge formulated in the Known Error Database (KEDB),which participates in the overall Service Lifecycle KnowledgeManagement process.
Incident Management is about restoring services. ProblemManagement is about findingout what caused the services to fail.Service Providers who fail to understand the dis-tinction between the two will either become really good at "fixing stuff" but not prevent thestuff from breaking, or they will become really good at "finding out" what is causing thingsto break, but at the expense of the timely restoration of services.
Page 142
Chapter 4: Service OperationLesson 10 Service Operation Processes | Value of ProblemManagement
Value of Problem ManagementProblemManagement creates value for the business in conjunction with the other Service Lifecyclephases and their processes, particularly the Service Desk function and the Incident, Change,Release & Deployment, and Availability Management processes. Through its successful execution,ProblemManagement creates value in three areas. First, it improves the overall productivity of bothbusiness and IT staff by removing systemic errors in the infrastructure. This reduces the overallnumber and impact of related incidents. The business users experience fewer disruptions that inter-fere with their work, and IT staff can spendmore time on other activities.
Second, fewer Incidents, better workarounds, and fixes that permanently remove errors from the infra-structure reduce the overall cost of Incidents. These cost savings directly relate to business costsand reduction in IT resources consumed in dealing with Incidents.
Third, ProblemManagement creates real value for the business through the overall reduction inresources consumed in dealing with Incidents. Fewer recurring Incidents free IT staff resources towork on providing new or improved IT Services to the business. The result is amore stable IT infra-structure that provides stable IT Services.
A workaround reduces or eliminates the impact of an incident or problem for which a fullresolution is not yet available. Known Error records document workarounds for Problems,and Incident records document workarounds for Incidents that do not have an associatedProblem record.
Page 143
Chapter 4: Service OperationLesson 10 Service Operation Processes | Concepts of ProblemManagement
Concepts of Problem ManagementSimilar to the Incident Management process, ProblemManagement deals with managing the IT organ-ization's resources to identify and resolve an abnormal situation. In the case of an Incident, it is therestoration of the impacted IT Service. In the case of a Problem, it is the identification, diagnosis andsubsequent removal of the error from the infrastructure.
This commonality lends itself to developing and applyingmodels to aid in the efficient execution ofthe process. Although not all Problems are the same, the process can create templates or modelsthat provide a pre-defined response to the Problem.
A generic ProblemModel lays out the steps to progress a Problem though the Problem Lifecycle.These steps follow a time-sequence, and include any intra- and inter-process dependencies. Clearlydefined responsibilities detail who does what, when, and under what circumstances
It defines Problem Lifecycle timescale (timelines), thus allowing for the development of variousthresholds for functional and hierarchical escalation. It documents escalation procedures, andmeas-ures performance against both time and conformance.
Similar to Incident Management, the ProblemManagement process is a key contributor to the overallaccumulation of organizational knowledge about infrastructure faults, and it plays an important role inthe development and retention of the associated information.
Page 144
Chapter 4: Service OperationLesson 10 Service Operation Processes | Activities of ProblemManagement
Activities of Problem ManagementThere are two aspects to ProblemManagement – reactive and proactive.
Reactive ProblemManagement is a two-step process that consists of managing the Problem, fol-lowed by managing Known Error.
Managing the Problem involves detecting and recording the Problem, subsequently categorizing andprioritizing it, and, finally, investigating and eventually diagnosing it. It also vets workarounds in con-junction with the Incident Management process.
Managing Known Errors deals with the disposition of each Known Error. It tracks the Known Errorthrough its recording and handoff to the Change and Release & Deployment processes. It closes outthe Known Error record upon removal of the error from the infrastructure. It is also conducts MajorProblem Reviews and synchronizes the live and development Known Error Databases (KEDB).
Proactive ProblemManagement essentially follows the Continual Service Improvement (CSI)phase's 7-Step Improvement Process by: (1) baselining the existing service, defining what needs tobemeasured, defining what can bemeasured, measuring performance, processing the data into infor-mation, analyzing the information, and implementing corrective action.
The Known Error Database (KEDB) contains all Known Error records. This database iscreated by ProblemManagement and used by Incident and ProblemManagement. TheKnown Error Database is part of the Service KnowledgeManagement Systems (SKMS)
Page 145
Chapter 4: Service OperationLesson 10 Service Operation Processes | ProblemManagement Relationships
Problem Management RelationshipsProblemManagement shares a relationship with several other IT Service Lifecycle processes.
Within the Continual Service Improvement (CSI) phase, ProblemManagement contributes to theoverall improvement of service levels and addresses the need tomanage Problems proactively. Italso follows CSI's 7-Step Improvement Process for proactive ProblemManagement.
Along with the Service Desk function and the Incident Management process, ProblemManagementcomplements Service Operations's overall effort to stabilize the IT infrastructure and improve theoverall quality of service (QoS).
Known Errors that result in the raising of a Request for Change (RFC) involve Service Transition'sChange and Release & Deployment processes. Successful removal of an infrastructure error resultsin the closure of the Known Error and subsequent updating of the Known Error Database (KEDB).
Often Problems require the involvement of Service Design's Availability, Capacity and ContinuityManagement processes, primarily from the proactive perspective in an attempt to improve the overallquality of service, and to evaluate a problem's impact on continuity of operations.
Service Strategy's Financial Management process provides the necessary information to evaluatethe cost impact of proposed resolutions or workarounds. It also gathers information about the cost ofthe ProblemManagement process.
Page 146
Chapter 4: Service OperationLesson 10 Service Operation Processes | ProblemManagement Summary
Problem Management SummaryProblemManagement removes systemic errors to the infrastructure. It prevents further incidents byfinding and causing the removal of the error, thus minimizing the impact of future incidents.
Similar to the Incident Management process, ProblemManagement deals with managing the IT organ-ization's resources in identifying and resolving an abnormal situation. Incident Management focuseson the restoration of the impacted IT Service, and ProblemManagement focuses on identifying, diag-nosing and subsequently removing the error from the infrastructure.
Through the successful execution of the process, it creates value in three areas. It improves the over-all productivity of both business and IT staff by removing systemic errors in the infrastructure. FewerIncidents, better workarounds, and fixes that actually permanently remove errors from the infra-structure reduce the overall cost of Incidents. Finally, it creates real value for the business throughthe overall reduction in resources consumed in dealing with Incidents.
Page 147
Chapter 4: Service OperationLesson 10 Service Operation Processes | Access Management
Access ManagementAccess Management holds responsibility solely for executing the security procedures that the organ-ization's Security policies define.
Requesting Access - Requests to change an access generally emanate from a few, well-definedareas, such as HumanResources, Requests for Change (RFC) or Service Requests. Security pol-icies define whomay request access, and Access Management provides themechanisms to carryout that request.
Verification - This activity ensures that the user requesting the access is who he/she says he/she is,and legitimately requires the service. Security policies may define different levels of verifications toaccess different services.
Providing Rights - The Security policy defines the rights available to an individual, and Access Man-agement grants rights based on this information. It also looks for role conflicts or duplications, andinforms the originators of the requests about them.
Monitoring Identity Status - Security policies define trigger events, and Access Management buildsways to capture them. Typical triggers are job changes, promotions or demotions, transfers, res-ignation or death, retirement, disciplinary actions and dismissals.
Logging & Tracking Access - The Security group develops requirements for monitoring and track-ing, and Access Management develops the underlying capabilities. All Technical and ApplicationMan-
Page 148
Chapter 4: Service OperationLesson 10 Service Operation Processes | Access Management
agement monitoring activities should review Access rights and utilization to ensure that they arebeing properly used.
Removing or Restricting Rights - Users often change jobs or roles. When a User's status oraccess requirement changes, Access Management adjusts access rights accordingly.
Page 149
Chapter 4: Service OperationLesson 10 Service Operation Processes | Access Management Measures & Outcomes
Access Management Measures & OutcomesIn the not-so-distant past, IT departments, eager to protect the business against security risks, imple-mented very stringent security procedures. This created problems that actually voidedmany of thesecurity efforts as users simply taped their multitude of login names and passwords to their monitor orunderneath their desk drawer.
Other processes and parts of the business define who should have access to particular ConfigurationItems (CI) and services. Access Management executes those policies and actions.
Its goal is to grant the right to use a service to authorized users while preventing non-authorizedaccess to it. Corollary to that is its ability to verify that a user qualifies to access the service.
It canmeasure its effectiveness by looking at the requests for access and incidents caused by incor-rect levels of access. Looking at the number requests for access will indicate whether the AccessManagement procedures are working properly and efficiently. If the processes are good, it will takevery little time to verify the required authorization level of a new user. If the processes are slack, itmay take several rounds of collectingmore information before IT can grant access.
Likewise, the incorrect levels of access can cause incidents. While incidents caused by users whoshould not have been granted access immediately come tomind, there can also be incidents causedbecause a user who should have had access to a service did not have proper access.
Page 150
Chapter 4: Service OperationLesson 11 Service Operation Functions | Access Management Measures & Outcomes
Lesson 11
Service Operation Functions
Introduction to Service Operation Functions 152
Introduction to Service Desk 153
Service Desk Function 154
Role of the Service Desk 155
Purpose, Goals & Objectives of the Service Desk 156
Organizational Structures of Service Desk 157
Service Desk - Staffing 158
Service Desk - Metrics 159
Introduction to Technical Management 160
Role of Technical Management 161
Introduction to Application Management 162
Role of Application Management 163
Introduction to IT Service Operations Management 165
Role of Operations Management 166
Service Operation Functions Summary 167
Page 151
Chapter 4: Service OperationLesson 11 Service Operation Functions | Introduction to Service Operation Functions
Introduction to Service Operation FunctionsITIL defines a function as a team or group of people and the tools it needs to carry out one or moreprocesses or activities. Large organizations may devote entire departments, teams and groups to per-forming a single function. Smaller organizations may task a single individual or group with multiplefunctions.
Many organizations newly exposed to ITIL and to some of its core processes tend to organize func-tional groups around each process. ITIL, however, emphasizes an environment in which traditionalorganizational structures easily accommodate ITIL's roles and processes.
ITIL describes four key functions within Service Operation. The Service Desk is the single point ofcontact between IT and the user community, usually managing the Incident Management andRequest Fulfillment processes. Technical Management provides the technical expertise andresources for the overall management of the IT infrastructure.
ApplicationManagement manages the enterprise's applications throughout their lifecycle, andIT Operations Management includes the functional groups involved in the day-to-day operational activ-ities. Prior to undertaking any significant restructuring, an organization should consider carefully itssize, required technology skill sets, geographical distribution, operating environment, and businessobjectives.
Page 152
Chapter 4: Service OperationLesson 11 Service Operation Functions | Introduction to Service Desk
Introduction to Service DeskThe definition of a function is a team or group of people and the tools they need to carry out one ormore processes or activities. As discussed in the ITIL Concepts chapter, many organizations newlyexposed to the ITIL and to some of the core processes tend to try to organize their functional groupsaround the process. In some cases, this is appropriate. In many cases, however, the processextends beyond a single functional group and calls for functional group participation, not a reor-ganization by functional group.
Page 153
Chapter 4: Service OperationLesson 11 Service Operation Functions | Service Desk Function
Service Desk FunctionThe Service Desk function plays an important part in the provision and delivery of IT services. It isvery often the first contact the users and customers have in their use of IT services. The ServiceDesk performs first-line support of IT services. While responsible for two of Service Operation's proc-esses, the Service Desk itself is not a process, but a function; i.e., an organizational unit of IT.
Another word often used to refer to the Service Desk is “Help Desk,” but unlike a Help Desk a ServiceDesks offers a range of services and amore integrated or holistic approach to support by striving tointegrate business and customers into the servicemanagement infrastructure. A skilled or expertService Desk extends this concept even further by also providing a contact point between third-partysupport organizations as well.
Page 154
Chapter 4: Service OperationLesson 11 Service Operation Functions | Role of the Service Desk
Role of the Service DeskThe Service Desk provides a single point of contact within the IT organization for the users of IT serv-ices. As such, it is the conduit for service access, communication between IT and its users, and infor-mation about the services themselves. In effect, it acts a “one-stop-shop” for all incidents, questions,comments and requests for service and changes regardless of their reason or source
It is important to draw a clear distinction between the Service Desk's role in an IT organization and itsrelationship to the Incident Management process. The Service Desk function normally “owns” the Inci-dent Management process. In other words, it fulfills the role of the Incident Management processowner; therefore, it has the responsibility for executing the Incident Management process and isaccountable for the outcomes of the process.
Of course, the intent of having a Service Desk is to improve the business user's level of satisfactionwith IT services and to help IT achieve a higher level of service quality. It does this through its role asthe Incident Management process owner and the coordination of IT resources in the restoration of ITservices as well as fulfillment of non-incident related requests. This results in lowering the impact ofIncidents, improving overall business and IT resource utilization, and enabling the generation ofhigher quality management reporting.
Page 155
Chapter 4: Service OperationLesson 11 Service Operation Functions | Purpose, Goals & Objectives of the Service Desk
Purpose, Goals & Objectives of the Service DeskAs the single point of contact between IT and its users, the Service Desk function considers its pri-mary objective to log all user-reported Incidents and Requests.
One of the reasons for the blurred line between the Service Desk function and the Incident Man-agement process is that Service Desk staff normally act as first-line support staff for the IncidentManagement process. In this role, Service Desk staff engage in investigating and diagnosing Inci-dents and with processing Service Requests. If restoring the impacted service or fulfilling a requestexceeds their capabilities, they escalate the Incident or Service Request to second-line support staffmembers.
Communicating with the customer about the progress of an Incident or Service Request is key tomaintaining customer satisfaction, which the Service Desk frequently surveys by either manual orautomatedmeans. In addition, in conjunction with the ChangeManagement process, the ServiceDesk communicates the status and impact of scheduled changes to existing services.
Typically the Service Desk function alsomanages the entire Incident Management proc-ess, thus the restoration of an IT Service. Although it is tempting to "pass the baton"when an incident escalates to other functional areas in search of higher-level technicalskills, such an approach creates a situation where incidents can fall through the cracks.
Page 156
Chapter 4: Service OperationLesson 11 Service Operation Functions | Organizational Structures of Service Desk
Organizational Structures of Service DeskThe organizational structure of the Service Desk varies, based on the needs of both the business andthe IT organization. Some organizations find it necessary to combine two or more of these structurestomeet the needs of the business.
Local - Co-located with the users it serves, a Local Service Desk improves communication but isresource intensive andmay lead to significant duplication of resources
Centralized - A Centralized Service Desk may represent a number of individual or local ServiceDesks, consolidated into a single location. This provides for a better pattern of resource utilization.
Virtual - A Virtual Service Desk utilizes technology to provide the appearance of a centralized Serv-ice Desk. This structuremay allow the required resources to be located anywhere and enables theinclusion of specialized groups that normally could not be part of a centralized structure
Follow-the-Sun - As the name implies, a Follow the Sun approach uses multiple Service Desk loca-tions tied together via technology and situated in locations around the globe. This enables an IT organ-ization with a worldwide presence to offer 24-hour Service Desk availability without the expense ofpaying an off-shift differential.
Specialized Service Desk Groups - Technology can support the creation of specialist groups withinan organization and allow direct routing
Page 157
Chapter 4: Service OperationLesson 11 Service Operation Functions | Service Desk - Staffing
Service Desk - StaffingStaffing Level - The business' demand for its resources should establish the base criteria for ServiceDesk staffing levels and should include variations in that demand based on the natural cycles of thebusiness.
Skill Levels- Selected for their existing skills, Service Desk staff members should further hone theirskills by training to improve their interpersonal skills, their awareness of the business they support,their ability to communicate effectively, and the necessary technical skills to support the IT services.
Training - Service Desk staff should receive on-going skills training. In addition, part of the transitionof new services to operations is support staff training on the new service. The Service Desk staff isnormally a very tightly knit organization that must work well with other Incident and Request Ful-fillment staff members. Team-building skills facilitate the establishment of closer working rela-tionships within IT.
Retention - The retention of Service Desk personnel is key to the long-term success of the ServiceDesk function, Incident Management and the Request Fulfillment processes. Management shouldclearly establish the appropriate career path planning and salary structure, as well as promotion pos-sibilities, to ensure the retention of high-quality Service Desk staff members
Super Users - Under some circumstances, it may be advantageous to designate individuals withinspecific business units as “Super Users.” They receive special training and act as a liaison betweenthe Service Desk staff and the business users. This is an effective approach if specialized businessknowledge provides critical input in facilitating the restoration of service or filtering requests.
Page 158
Chapter 4: Service OperationLesson 11 Service Operation Functions | Service Desk - Metrics
Service Desk - MetricsAs with all processes and functions, it is important to identify the desired outcomes and themetricsthat can helpmanage the achievement of those outcomes. The list above is representative of sometypical Service Desk metrics, but does not present a full list. The outcomes andmeasures willchange over time as the organization, functions and processes mature.
Page 159
Chapter 4: Service OperationLesson 11 Service Operation Functions | Introduction to Technical Management
Introduction to Technical ManagementITIL defines a function as, “a team or group of people and the tools they use to carry out one or moreprocesses or activities.”Within the Service Operation Lifecycle domain, the Technical Managementfunction provides the technical expertise and resources for the overall management of the IT infra-structure, thus its IT Services. It works in conjunction with the other Service Operation functions;Service Desk, IT Operations and ApplicationManagement.
Page 160
Chapter 4: Service OperationLesson 11 Service Operation Functions | Role of Technical Management
Role of Technical ManagementSimilar to the ApplicationManagement Function, Technical Management plays two roles within theService Operation domain.
Its first role is to establish andmaintain the technical knowledge and expertise within the function tosupport the design, creation, transition, operation and improvement of IT Services. This requires theIT organization to carefully balance the cost of acquiring andmaintaining the necessary expertise toits benefit in the support of IT Services. IT organizations may employ different strategies that rangefrom the exclusive use of internal IT staff to the exclusive use of external staff (contract employees)or any combination of the two extremes.
Its second role is to provide the actual resources; the “hands and feet” necessary to support the ITService Lifecycle processes as well as perform the technical support tasks and activities of the func-tion. This requires that skill levels are established andmaintained at the required levels to support theprocess and IT Services. In addition, these resources play an integral role in the actual design of ITServices, their creation (the build) and the subsequent transition of IT Services into operation andongoing efforts to improve their value to the business.
Page 161
Chapter 4: Service OperationLesson 11 Service Operation Functions | Introduction to ApplicationManagement
Introduction to Application ManagementApplicationManagement manages the enterprise's applications throughout their lifecycle. It is similarto the Technical Management Function because it provides expertise and resources to the enterprisefor planning, designing, developing, transitioning, operating and improving the applications usedwithin IT Services to support business processes.
Page 162
Chapter 4: Service OperationLesson 11 Service Operation Functions | Role of ApplicationManagement
Role of Application ManagementSimilar to the Technical Management Function, ApplicationManagement plays two roles within theService Operation phase.
Its first role is to establish andmaintain technical knowledge and expertise within the function to sup-port the design, creation, transition, operation and improvement of applications within IT Services.This requires the IT organization to balance the cost of acquiring andmaintaining the necessaryexpertise against the benefit received in supporting the applications.
IT organizations may employ different strategies that range from the exclusive use of internal IT staffto the exclusive use of external staff (contract employees) or any combination of the two extremes.This also includes enterprise application suites (ERP, MRP and HR) that support the business' majorbusiness functions.
ApplicationManagement's second role is to provide the actual resources necessary to support the ITService Lifecycle processes, as well as perform the function's support tasks and activities. Thisrequires that ApplicationManagement establish andmaintain skill sets at the required levels to sup-port the process and IT Services.
These resources play an integral role in designing the applications within IT Services, creating them(the build), subsequently transitioning the applications into operation, and continuing efforts toimprove its value to the business.
Page 163
Chapter 4: Service OperationLesson 11 Service Operation Functions | Role of ApplicationManagement
There are differences between Application Development and the ApplicationMan-agement Function: application development deals with a specific instance of a devel-opment effort, while ApplicationManagement deals with the continual management of allapplications regardless of source (See table below).
Application Development Application ManagementActivities Limited to specific development
instanceContinual management of applicationsthroughout their entire lifecycle
Scope Normally for internally developedapplications
Performed for all applications; internally devel-oped or purchased
Focus Utility focus; fit for purpose Utility & warranty focusManagement Managed via Project Management
methods (beginning, middle & end)Managed via process (on-going)
Measurement Creativity & completion Consistency & avoidance of inci-dents/problem, etc.
Cost Resources are known and quan-tifiable
Difficult to measure due to dispersed andshared resources
Lifecycle Software Development Lifecycle IT ServiceManagement Lifecycle; ServiceOperation & Continual Service Improvement
Page 164
Chapter 4: Service OperationLesson 11 Service Operation Functions | Introduction to IT Service Operations Management
Introduction to IT Service Operations ManagementITIL defines a function as “a team or group of people and the tools they use to carry out one or moreprocesses or activities.”Within the Service Operation Lifecycle domain, the IT Operations Man-agement Function performs the day-to-day activities involved in ongoingmanagement andmain-tenance of the IT infrastructure. Its purpose is the delivery of IT Services at agreed levels to meetstated business objectives..
Page 165
Chapter 4: Service OperationLesson 11 Service Operation Functions | Role of Operations Management
Role of Operations ManagementOperations Management plays a dual role similar to other Service Operation functions.
First, it maintains the status quo. It executes clearly defined procedures within clearly defined activ-ities within clearly defined processes. IT Operations drives the stability of the delivery of an IT Serv-ice, which helps ensure the consistency of the IT Service.
Its second role is to add value in support of the enterprise value network. It accomplishes this throughthe day-to-day delivery of stable IT Services, while maintaining constant watch on the business' ITService support requirements. While compelled tomaintain stability in the delivery of services, itmust remain flexible and responsive to changing business needs.
IT Operations control may be consolidated in a single location where IT Services and Infrastructurecan bemonitored andmanaged. This is often referred to as the Operations Bridge or Network Oper-ation Center (NOC). Here, the actual activities of IT Operations run the gamut from consoleman-agement to managing the printed output of applications. They also extend tomanaging the physicalenvironment in which the IT infrastructure operates, such as the computer room, recovery sites, heat-ing ventilation and air conditioning (HVAC), and electrical power distribution and backup.
Page 166
Chapter 4: Service OperationLesson 11 Service Operation Functions | Service Operation Functions Summary
Service Operation Functions SummaryThe Service Operation phase of the service lifecycle encompasses four functions. The Service Deskserves as the single point of contact between IT and the user, and, as such, presents the “face” of ITto the user. As a result, it improves customer service and customer satisfaction with IT. CommonService Desk structures are local, centralized, virtual, and “follow-the-sun.”
ApplicationManagement performs the day-to-day activities of managing installed applications, andTechnical Management provides the technical skills and expertise for overall management of the ITinfrastructure. It also participates in design, build and implementation activities. Finally, IT OperationsManagement performs the day-to-day “touch” activities involved in ongoingmanagement andmain-tenance of the IT infrastructure. It also provides operations control and facilities management.
Page 167
Page 168
Chapter 4: Service OperationLesson 11 Service Operation Functions | Service Operation Functions Summary
Chapter 4: Service OperationLesson 12 Service Operation Summary | Service Operation Functions Summary
Lesson 12
Service Operation Summary
Service Operation Summary 170
Checkpoint Instructions 171
Quiz- Service Operation 172
Page 169
Chapter 4: Service OperationLesson 12 Service Operation Summary | Service Operation Summary
Service Operation SummaryService Operation is the heartbeat of the IT service provider. It is where all the improvements,strategy, design and transitions culminate to provide IT services to the business customer.
Effective and efficient Service Operation is always a balancing act. It balances what the IT serviceprovider needs to know to do its job against what the customer sees and understands about IT serv-ices, and it balances between the stability of continually refining an existing IT service and respon-siveness to the constantly changing needs of the business. It also balances the quality of IT servicesagainst the cost to provide increasing levels of quality, and the allocation of staff to reactive supportversus proactive development.
Its scope extends over the entire organization, as well as external service providers. It actively par-ticipates in other phases of the IT Service Lifecycle to ensure the integration of new services into theoperational environment.
Service Operation encompasses five processes (Event Management, Incident Management,Frequent fulfillment, ProblemManagement, and Access Management) and four functions (ServiceDesk, Technical Management, Operations Management and ApplicationManagement).
Finally, Service Operation provides value to the business by successfully providing operational serv-ices.
Page 170
Chapter 4: Service OperationLesson 12 Service Operation Summary | Checkpoint Instructions
Checkpoint InstructionsThe Checkpoint is an end-of-chapter quiz. It checks your understanding and knowledge of the fun-damental concepts and principles of the Continual Service Improvement phase of the IT ServiceMan-agement Lifecycle. It uses Bloom's Level 1 & 2 type questions; i.e., recall, recite, name, andunderstand themeaning of ITIL terminology and basic practice fundamentals. This correlates to thelevel of the ITIL Foundation certification examination.
This quiz is a preparation exercise for the ITIL Foundation certification exam. Sample papers for thecertification exam are available at the end of the course.
The Checkpoint quiz employs different question types, such as multiple choice, multiple answer(more than one correct answer), partial credit (accumulate points for the correct parts of an answer),fill-in-the-blank, sequence (put things in the correct order) andmatching. Answers and their rationalefollow the quiz. Each question is worth 10 points for a total of 100 points for the quiz. The passingscore is 75.
Good luck!
Page 171
ITIL v3 Glossary
Page 381
AAcceptanceFormal agreement that an IT Service, process,plan, or other deliverable is complete, accu-rate, reliable andmeets its specified require-ments. Acceptance is usually preceded byEvaluation or Testing and is often requiredbefore proceeding to the next stage of a projector process.
Access ManagementThe Process responsible for allowing users tomake use of IT Services, data, or otherassets. Access Management helps to protectthe Confidentiality, Integrity and Availability ofAssets by ensuring that only authorized usersare able to access or modify the assets.Access Management is sometimes referred toas Rights Management or Identity Man-agement.
Account ManagerA role that is very similar to Business Rela-tionship Manager, but includes more com-mercial aspects. Most commonly used whendealing with external customers.
AccountingThe Process responsible for identifying actualCosts of delivering IT Services, comparingthese with budgeted costs, andmanaging var-iance from the Budget.
AccreditedOfficially authorized to carry out a role. Forexample, an Accredited body may be
authorized to provide training or to conductaudits.
Active MonitoringMonitoring of a Configuration Item or an ITService that uses automated regular checks todiscover the current status.
ActivityA set of actions designed to achieve a par-ticular result. Activities are usually defined aspart of processes or plans, and are doc-umented in procedures.
AgreementA document that describes a formal under-standing between two or more parties. Andgreement is not legally binding unless it formspart of a contract.
AlertA warning that a threshold has been reached,something has changed, or a Failure hasoccurred. Alerts are often created andman-aged by SystemManagement tools and aremanaged by the Event Management Process.
ApplicationSoftware that provides functions that arerequired by an IT Services. Each Applicationmay be part of more than on IT Service. AnApplication runs on one or more Servers orClients. See also ApplicationManagement,Application Portfolio.
Application ManagementThe Function responsible for managing Appli-cations throughout their lifecycle.
Glossary
Application PortfolioA database or structured document used tomanage Applications throughout their life-cycle. The Application Portfolio contains keyattributes of all applications. The ApplicationPortfolio is sometimes implemented as part ofthe Service Portfolio, or as part of the Con-figurationManagement System.
Application SizingThe activity responsible for understanding theresource requirements needed to support anew application, or amajor change to an exist-ing application. Application Sizing helps toensure that the IT Service canmeet it agreedService Level Targets for capacity and per-formance.
ArchitectureThe structure of a system or IT Service, includ-ing the relationships of components to eachother and to he environment they are in. Archi-tecture also includes the standards, and guide-lines that guide the design and evolution of thesystem.
AssessmentInspection and analysis to check whether astandard or set of guidelines is being followed,that records are accurate, or that efficiencyand effusiveness targets are beingmet.
AssetAny Resource or Capability. Assets of a Serv-ice Provider including anything that could con-tribute to the delivery of a service. Assets canbe one of the following types; Management,Organization, Process, Knowledge, People,Information, Applications, Infrastructure, andFinancial Capital.
Asset ManagementAsset Management is the process responsiblefor tracking and reporting the value and own-ership of financial assets throughout their life-cycle. Asset Management is part of an overallService Asset and ConfigurationManagementProcess.
AttributeA piece of information about a ConfigurationItem. Examples are; name, location, Version
number and Cost. Attributes of CIs arerecorded in the ConfigurationManagementDatabase (CMDB).
AuditFormal inspection and verification to checkwhether a standard or set of guidelines is beingfollowed, that records are accurate, or that effi-ciency and effectiveness targets are beingmet. An Audit may be carried out by internal orexternal groups.
Authority MatrixSeeRACI
Automatic Call Distribution (ACD)Use of the information Technology to direct anincoming telephone call to themost appro-priate person in the shortest possible time.ACD is sometimes called Automated Call Dis-tribution.
AvailabilityAbility of a Configuration Item or IT Service toperform its agreed Function when required.Availability is determined by Reliability, Main-tainability, Serviceability, Performance, andSecurity. Availability is usually calculated as apercentage. This calculation is often based onAgreed Service Time and Downtime. It is BestPractice to calculate Availability usingmeas-ures of the Business output of the IT Service.
Availability ManagementThe process responsible for defining, analyz-ing, Planning, measuring and improving allaspects of the availability of IT Services. Avail-ability Management is responsible for ensuringthat all IT infrastructure, processes, tools,roles, etc. are appropriate for the agreed Serv-ice Level Targets for availability.
Availability Management Information Sys-tem (AMIS)A set of tools, data and information that isused to support Availability Management. Seealso Service KnowledgeManagement Sys-tem.
Availability PlanA plan to ensure that existing and future Avail-ability Requirements for IT Services can beprovided cost effectively.
Page 382
Glossary
BBack-outSeeRemediation
BackupCopying data to protect against loss of Integ-rity or Availability of the original.
Balanced ScorecardA management tool developed by Drs. RobertKaplan (Harvard Business School) and DavidNorton, A Balanced Scorecard enables aStrategy to be broken down into Key Per-formance Indicators. Performance against theKPIs is used to demonstrate how well theStrategy is being achieved. A Balanced Score-card has four major areas, each of which has asmall number of KPIs. The same four areasare considered at different levels of detailthroughout the Organization.
BaselineA Benchmark used as a reference point. Forexample: An ITSM Baseline can be used as astarting point to measure the effect of a Serv-ice Improvement Plan. A Performance Base-line can be used tomeasure change inPerformance over the lifetime of an IT Service.A ConfigurationManagement Baseline can beused to enable the IT Infrastructure to berestored to a knownConfiguration if a Changeor Release fails.
BenchmarkThe recorded state of something at a specificpoint in time. A Benchmark can be created fora configuration, a process, or any other set ofdata. For example, a benchmark can be usedin Continual Service Improvement, to estab-lish the current state for managing improve-ments or Capacity Management, to documentperformance characteristics during normaloperations.
BenchmarkingComparing a Benchmark with a Baseline orwith Best Practice. The term Benchmarking isalso used tomean creating a series of Bench-
marks over time, and comparing the results tomeasure progress or improvement.
Best Management Practice (BMP)The Best Management Practice portfolio isowned by the Cabinet Office, part of HMGovermnent. The BMP portfolio includes guid-ance on IT ServiceManagement and Project,Program, Risk Portfolio and ValueMan-agement.
Best PracticeProven Activities or Processes that have beensuccessfully used by multiple Organizations.ITIL is an example of Best Practice.
BillingPart of the charging proces. Billing is the activ-ity responsible for producing an invoice or a billand recovering themoney from customers.See also Pricing.
BrainstormingA technique that helps a team to generateideas. Ideas are not reviewed during the Brain-storming session, but at a later stage. Brain-storming is often used by ProblemManagement to identify possible causes.
British Standards Institution (BSI)The UK national standards body, responsiblefor creating andmaintaining British Standards.
BudgetA list of all themoney an organization or busi-ness Unit plans to receive, and plans to payout, over a specified period of time.
BudgetingThe Activity of predicting and controlling thespending of money. Consists of a periodicnegotiation cycle to set future budgets (usuallyannual) and the day-to-day monitoring andadjusting of current budgets.
BuildThe Activity of assembling a number of Con-figuration Items to create part of an IT Service.The term Build is also used to refer to a releasethat is authorized for distribution. For exampleServer Build or laptop Build.
Page 383
Glossary
BusinessAn overall corporate entity or organizationformed of a number of Business Units. In thecontext of ITSM, the term Business includespublic sector and not-for-profit organizations,as well as companies. An IT Service Providerprovides IT Services to a customer within aBusiness. The IT Service Provider may be partof the same Business as its customer (InternalService Provider), or part of another Business(External Service Provider).
Business Capacity ManagementIn the context of ITSM, Business CapacityManagement is the sub-process of CapacityManagement responsible for understandngfuture business requirements for use in theCapacity Plan.
Business CaseJustification for a significant item of expen-diture. Includes information about costs, ben-efits, options, issues, Risks, and possibleproblems.
Business Continuity ManagementThe business process responsible for man-aging risks that could seriously affect the busi-ness.
Business CustomerA recipient of a product or a service from thebusiness. For example, if the business is a carmanufacturer then the business customer issomeone who buys a car.
Business Impact Analysis (BIA)BIA is the activity in Business Continuity Man-agement that identifies Vital Business Func-tions and their dependencies. Thesedependencies may include Suppliers, people,other business processes, IT Services etc.BIA defines the recovery requirements for ITServices. These requirements include Recov-ery TimeObjectives, Recovery Point Objec-tives andminimum Service Level Targets foreach IT Service.
Business ObjectiveTheObjective of a business process, or of thebusiness as a whole. Business Objectives sup-port the business vision, provide guidance for
the IT Strategy, and are often supported by ITServices.
Business OperationsThe day to day execution, monitoring andman-agement of business processes.
Business PerspectiveAn understanding of the Service Provider andIT Services from the point of view of the busi-ness, and an understanding of tthe businessfrom the point of view of the Service Provider.
Business ProcessA Process that is owned and carried out by theBusiness. A Business Process contributes tothe delivery of a product or service to a busi-ness customer.
Business Relationship ManagementThe process or function responsible for main-taining a relationship with the business. Busi-ness Relationship Management usuallyincludes: managing personal relationships withusiness managers, providing input to ServicePortfolio Management, ensuring that the ITService Provider is satisfying the businessneeds of the customers.
Business Relationship ManagerA role responsible for maintaining the rela-tionship with one or more customers. This roleis often combined with the Service Level Man-ager role.
Business ServiceAn IT Service that directly supports a businessprocess, as opposed to an infrastructure serv-ice, which is used internally by the IT ServiceProvider and is not usually visible to the busi-ness.
Business Service Management (BSM)An approach to themanagement of IT Serv-ices that considers the business processessupported and the Business value provided.The term alsomeans themanagement of Busi-ness Services delivered to business cus-tomers.
Business UnitA segment of the business that has its ownplans, Metrics, income and costs. Each Busi-
Page 384
Glossary
ness Unit owns assets and uses these tocreate value for customers.
CCallA telephone call to the Service Desk from auser. A call could result in an incident or a Serv-ice Request being logged.
Call CenterAnOrganization or Business Unit that handleslarge numbers of incoming and outgoing tel-ephone calls.
Call TypeA Category that is used to distinguish incom-ing requests to a Service Desk. Common calltypes are Incident, Service Request and Com-plaint.
CapabilityThe ability of an organization, person, process,application, IT Service or other ConfigurationItem to carry out an activity. Capabilities areintangible assets of an organization. See alsoresource.
Capability Maturity Model Integration(CMMI)A process improvement appoach developedby the Software Engineering Institue (SEI) ofCarnegieMellon University. CMMI providesorganizations with the essential elements ofeffetive processes.It can be used to guide proc-ess improvement across a project, a divisionor an entire organization. CMMI helps integratetraditionally separate organizational functions,set process improvement goals and priorties,provide guidance for quality processes and cur-rent process.
CapacityThemaximum throughput that a ConfigurationItem or IT Service can deliver while meetingagreed Service Level Targets. For some typesof CI, Capacity may be the size or volume, forexample a disk drive.
Capacity ManagementThe process responsible for ensuring that theCapacity of IT Services and the IT
Infrastructure is able to deliver agreed ServiceLevel Targets in a cost effective and timelymanner. Capacity Management considers allresources required to deliver the IT Serviceand plans for short, medium and long term busi-ness requirements.
Capacity Management Information Sys-temA set of tools, data and information that isused to support Capacity Management Seealso Service KnowledgeManagement Sys-tem.
Capacity PlanA Capacity Plan is used tomanage theresources required to deliver IT Services. Theplan contains scenarios for different pre-dictions of business demand, and costedoptions to deliver the agreed Service Level Tar-gets.
Capacity PlanningThe Activity within Capacity Managementresponsible for creating a Capacity Plan.
Capital CostThe cost of purchasing something that willbecome a financial asset. The value of theasset depreciates over multiple accountingperiods.
Capital Expenditure (CAPEX)The cost of purchasing something that willbecome a financial asset, for example, com-puter equipment and buildings. The value ofthe asset is depreciated over multiple account-ing periods.
CategoryA named group of things that have somethingin common. Categories are used to group sim-ilar things together. For example, Cost Typesare used to group similar types of Cost, Inci-dent Categories are used to group similartypes of Incidents, CI Types are used to groupsimilar types of configuration Items.
CertificateIssuing a certificate to confirm Compliance toa standard. Certification includes a formalaudit by an independent and accredited body.The term Certification is also used tomean
Page 385
Glossary
awarding a certificate to verify that a personhas achieved a qualification.
CertificationIssuing a certificate to confirm compliance to astandard. Cetrification includes a formal auditby an independent and accredited body. Theterm is also use dtomen awading a certificateto provide evidence that a person ahasacheived a qualification.
ChangeThe addition, modification or removal of any-thing that could have an effect on IT Services.The scope should include all IT Services, Con-figuration Items, processes, documentation,etc.
Change Advisory Board (CAB)A group of people that advises the ChangeManager in the assessment, prioritization andscheduling of Changes. This board is usuallymade up of representatives from all areaswithin the IT Service Provider, representativesfrom the business and third parties such assuppliers.
Change CaseThe Process responsible for controlling the life-cycle of all changes. The primary objective ofChangeManagement is to enable beneficialChanges to bemade, with minimum disruptionto IT Services.
Change EvaluationThe process responsible for formal assess-ment of a new or changed IT Service to ensurethat risks have beenmanaged and to helpdetermine whether to authorize the change.
Change ManagementThe process responsibile for controlling the life-cycle of all changes, enabling beneficialchanges to bemade with minimum disruptionto IT Services.
Change ModelA repeatable way of dealing with a particularCategory of Change. A ChangeModel definesspecific pre-defined steps that will be followedfor a change of this Category. ChangeModelsmay be very simple, with no requirement forapproval (e.g. Password Reset) or may be
very complex with many steps that requireapproval (e.g. major software release). Seealso Standard Change, Change AdvisoryBoard.
Change ProposalA document that includes a high level descrip-tion of a potential service introduction or sig-nificant change along with a correspondingbusiness case and an expected imple-mentation schedule. Change proposals are nor-mally created by the Service PortfolioManagement process and are passed toChangeManagement for authorization.ChangeManagement will review the potentialimpact on other services, on shared,r-esources, and on the overall change schedule.Once the change proposal has been author-ized, Service Portfolio Management willcharter the service.
Change RecordA Record containing the details of a Change.Each Change Record documents the lifecycleof a single Change. A Change Record iscreated for every Request for Change that isreceived, even those that are subsequentlyrejected. Change Records should referencethe Configuration Items that are affected bythe Change. Change Records are stored in theConfigurationManagement System.
Change ScheduleA document that lists all approved Changesand their planned implementation dates. AChange Schedule is sometimes called a For-ward Schedule of Change, even though it alsocontains information about Changes that havealready been implemented.
ChargingRequiring payment for IT Services. Chargingfor IT Services is optional andmany Organ-izations choose to treat their IT Service Pro-vider as a Cost Center.
Charging PolicyA policy specifiying the objective of the charg-ing process and the way in which charges willbe calculated.
Page 386
Glossary
Charging ProcessThe process responsible for deciding howmuch customer should pay (pricing) and recov-eringmoney from them (billing). This processis not described in detail within the core ITILpublications.
CharterA document that contains details of a new serv-ice, a signficant change or other significantproject. Charters are typically authorized byService Portfolio Managmeent or by a ProjectManagement Office. The term charter is alsoused to describe the act of authorizing thework required to complete the service changeor project.
Chronological AnalysisA technique used to help identify possiblecauses of Problems. All available data aboutthe problem is collected and sorted by dateand time to provide a detailed time line. Thiscanmake it possible to identify which eventsmay have been triggered by others.
ClassificationThe act of assigning a category to something.Classification is used to ensure consistentmanagement and reporting. CIs, Incidents,Problems, Changes etc. are usually classified.
ClientA generic term that means a Customer, theBusiness or a Business Customer. For exam-ple, Client Manager may be used as a syn-onym for AccountingManager.
ClosedThe final status in the Lifestyle of an Incident,Problem, Change etc. When the status isclosed no further action is taken.
ClosureThe act of changing the Status of an Incident,Problem, Change etc. to Closed.
CoBITControl Objectives for information and relatedTechnology (CoBIT) provides guidance andBest Practice for themanagement of IT Proc-esses. CoBIT is published by the IT Gov-ernance Institute. See www.isaca.org for moreinformation.
Code of PracticeA guideline published by a public body or astandards organization, such as ISO or BSI.Many standards consist of a code of practiceand a specification. The code of practicedescribes recommended best practice.
Commercial Off-The-Shelf (COTS)Application software or Middleware that can bepurchased from a Third Party.
ComplianceEnsuring that a Standard or a set of Guidelinesis followed, or that proper, consistent account-ing or other practices are being employed.
ComponentA general term that is used tomean one part ofsomethingmore complex. For example, a com-puter Systemmay be a Component of an ITService, an Applicationmay be a Componentof a Release Unit. Components that need tobemanaged should be Configuration Items.
Component Capacity ManagementThe Process responsible for understanding theCapacity, Utilization and Performance of Con-figuration Items. Data is collected, recordedand analyzed for use in the Capacity Plan. Seealso Service Capacity Management.
Component CIA Configuration Item that is part of anassembly. For example, a CPU ormemory CImay be part of a server CI.
Component Failure Impact Analysis(CFIA)A technique that helps to identify the impact ofCI failure on IT Services. A matrix is createdwith IT Services on one edge and CIs on theother. This enables the identification of criticalCIs (that could cause the failure of multiple ITServices) and of fragile IT Services (that havemultiple Single Points of Failure.)
Computer Telephony Integration (CTI)Computer telephony Integration (CTI) is a gen-eral term covering any kind of integrationbetween computers and telephone Systems. Itis most commonly used to refer to systemswhere an application displays detailed screensrelating to incoming or outgoing telephone
Page 387
Glossary
calls. See also Automatic Call distribution,Interactive Voice Responses.
ConcurrencyA measure of the number of Users engaged inthe sameOperation at the same time.
ConfidentialityA security principle that requires that datashould only be accessed by authorized people.
ConfigurationA generic term used to describe a group of Con-figuration Items that work together to deliveran IT Service, or a recognizable part of an ITService. Configuration is also used to describethe parameter settings for one or more CIs.
Configuration BaselineThe baseline of a configuration that has beenformally agreed and is managed through theChangeManagement process. A Con-figuration Baseline is used as a basis for futurebuilds, releases and changes.
Configuration ControlThe activity responsible for ensuring that add-ing, modifying or removing a CI is properlymanaged, for example by submitting aRequest for Change or Service Request.
Configuration Item (CI)Any component that needs to bemanaged inorder to deliver an IT Service. Informationabout each CI is recorded in a ConfigurationRecord within the ConfigurationManagementSystem and is maintained throughout its Life-cycle by ConfigurationManagement. CIs areunder the control of ChangeManagement. CIstypically include IT Services, hardware, soft-ware, buildings, people, and formal doc-umentation such as Process documentationand SLAs.
Configuration ManagementThe Process responsible for maintaining infor-mation about Configuration Items required todeliver an IT Service, including their Rela-tionships. This information is managed through-out the Lifestyle of the CI. ConfigurationManagement is part of an overall ServiceAsset and ConfigurationManagement Proc-ess.
Configuration Management Database(CMDB)A database used to store Configuration Rec-ords throughout their Lifecycle. The Con-figurationManagement Systemmaintains oneor more CMDBs, and each CMDB storesAttributes of CIs, and Relationships with otherCIs.
Configuration Management System(CMS)A set of tools and databases that are used tomanage an IT Service Provider’s ConfigurationData. The CMS also includes informationabout Incidents, Problems, Known Errors,Changes and Releases; and it may containdata about employees, Suppliers, locations,Business Units, Customers and Users. TheCMS includes tools for collecting, storing, man-aging, updating, and presenting data about allConfiguration Items and their Relationships.The CMS is maintained by ConfigurationMan-agement and is used by all IT ServiceMan-agement Processes. See also ConfigurationManagement Database, Service KnowledgeManagement System.
Continual Service Improvement (CSI)A stage in the Lifestyle of an IT Service andthe title of one of the Core ITIL publications.Continual Service Improvement is responsiblefor managing improvements to IT ServiceMan-agement Processes and IT Services. The per-formance of the IT Service Provider iscontinually measured and improvements aremade to Processes, IT Services, and IT Infra-structure in order to increase Efficiency, Effec-tiveness, and Cost Effectiveness. See alsoPlan-Do-Check-Act.
ContractA legally binding Agreement between two ormore parties.
ControlA means of managing a Risk, ensuring that aBusiness Objective is achieved, or ensuringthat a Process is followed. Example: Controlsinclude policies, procedures, roles, RAID, doorlocks etc. A Control is sometimes called acountermeasure or safeguard. Control also
Page 388
Glossary
means tomanage the utilization or behavior ofa Configuration Item, System or IT Service.
Control ObjectiveAn approach to themanagement of IT Serv-ices, Processes, Functions, Assets, etc.There can be several different Control Per-spectives on the same IT Service, Process,etc., allowing different individuals or teams tofocus on what is important and relevant to theirspecific Role. Example Control Perspectivesinclude Reactive and Proactivemanagementwith IT Operations, or a Lifecycle view for anApplication Project team.
Control Objectives for Information andrelated Technology (CoBIT)SeeCoBIT.
Control PerspectiveAn approach to themanagemetn of IT Serv-ices, processes, functions, assets tec. Therecan be several different Control Perspectiveson the same IT Services, process etc., allow-ing different individuals or teams to focus onwhat is important and relevant to their specificrole.
Core ServiceA service that delivers the basic outcomesdesired by one or more customers. A CoreService provides a specific level of utility andwarranty. Customers may be offered a choiceof utility and warranty through one or more serv-ice options.
CostThe amount of money spent on a specificActivity, IT Service or Business Unit. Costsconsist of real cost (money), notional costsuch as people's time, and Depreciation.
Cost Benefit AnalysisAn Activity that analyses and compares theCosts and the benefits involved in one or morealternative courses of action. See also Busi-ness Case.
Cost CenterA business unit or project to which costs areassigned. A Cost Center does not charge forservices provided. An IT Service Provider canbe run as a Cost Center or a Profit Center.
Cost EffectivenessA measure of the balance between the Effec-tiveness and Cost of Service, Process or activ-ity. A Cost Effective Process is one thatachieves the Objectives at minimum Cost.See also KPI, Value for Money.
Cost ElementThemiddle level of category to which costsare assigned in budgeting and accounting. Thehighest-level category is cost type.
Cost ManagementA general term that is used to refer to budg-eting and accounting, and is sometimes usedas a synonym for Financial Management
Cost ModelA framework used in budgeting and accountingin which all know costs can be recorded, cat-egorized and allocated to specific customers,business units or projects.
Cost UnitThe lowest level of category to which costsare assigned, Cost Units are usually thingsthat can be easily counted or things easilymeasured. Cost Units are included within costelements.
CountermeasureCan be used to refer to any type of Control.The term Countermeasure is most often usedwhen referring tomeasures that increase Resil-ience, Fault Tolerance or Reliability of an ITService.
Course CorrectionsChanges made to a plan or activity that hasalready started to ensure that it will meet itsobjectives. Course corrections aremade as aresult of monitoring progress.
Crisis ManagementThe process responsible for managing thewider implications of Business Continuity. ACrisis Management team is responsible forstrategic issues such as managingmedia rela-tions and shareholder confidence, and decideswhen to invoke Business Continuity Plans.
Critical success Factor (CSF)Something that must happen if a Process,Project, Plan or IT Service is to succeed. KPIs
Page 389
Glossary
are used tomeasure the achievement of eachCSF. For example a CSF of 'protect IT Serv-ices whenmaking Changes' could bemeas-ured by KPIs such as 'percentage reduction ofunsuccessful Changes', 'percentage reductionin Changes causing Incidents', etc.
CSI RegisterA database or structured document used to rec-ord andmanage improvement opportunitiesthroughout their lifecycle.
CultureA set of values that is shared by a group ofpeople including expectations about howpeople should behave, their ideas, beliefs andpractices. See also Vision.
CustomerSomeone who buys goods or services. TheCustomer of an IT Service Provider is the per-son or group that defines and agrees the Serv-ice Level Targets. The term Customer is alsosometimes informally used tomean Users, forexample 'this is a Customer focusedOrgan-ization.
Customer Agreement PortfolioA database or structured document used tomanage service contracts or agreementsbetween an IT Service Provider and its cus-tomers. Each IT Service Delivered to a cus-tomer should have a contract or otheragreement that is listed in the Customer Agree-ment Portfolio.
Customer AssetAny resource or capability of a customer.
Customer-facing ServiceAn IT Service that is visible to the customer.These are normally services that support hecustomer’s business process and facilitateone or more outcomes desired by the cus-tomer. All live Customer-facing Services,including those available for deployment, arerecorded in the Service Catalog along with cus-tomer-visible information about deliverables,prices, contact points, ordering and requestprocesses. Other information such as rela-tionships to supporting services and other CIs
will also be recorded for internal use by the ITService Provider.
DDashboardA graphical representation of overall IT ServicePerformance and Availability. Dashboardimages may be updated in real time and canalso be included inmanagement reports andweb pages. Dashboards can be used to sup-port Service Level Management, Event Man-agement or Incident Diagnosis.
Data-to-Information-to-Knowledge-to-Wis-dom (DIKW)A way of understanding the relationshipbetween data, information, knowledge and wis-dom. DIKW show how each of these builds onthe others.
Definitive Media Library (DML)One ormore locations in which the definitiveand approved versions of all software Con-figuration Items are securely stored. The DMLmay also contain associated CIs such aslicenses and documentation. The DML is a sin-gle logical storage area even if there aremul-tiple locations. All software in the DML isunder the control of Change and ReleaseMan-agement and is recorded in the ConfigurationManagement System. Only software from theDML is acceptable for use in a Release.
DeliverableSomething that must be provided tomeet acommitment in a Service Level Agreement or aContract. Deliverable is also used in amoreinformal way tomean a planned output of anyProcess.
Demand ManagementActivities that understood and influence Cus-tomer demand for Services and the provisionof Capacity to meet these demands. At aStrategic level DemandManagement caninvolve analysis of Patterns of Business Activ-ity and User Profiles. At a tactical level it caninvolve use of a Differential Charging to encour-
Page 390
Glossary
age Customers to use IT Services at lessbusy times. See also Capacity Management.
Deming CycleSee Plan-Do-Check-Act
DependencyThe direct or indirect reliance of one Processor Activity on another.
DeploymentThe Activity responsible for movement of newor changed hardware, software, doc-umentation, Process, etc. to the Live Envi-ronment. Deployment is part of the Releaseand Deployment Management Process. SeeAlso Rollout.
DesignAn activity or Process that identifies Require-ments and then defines a solution that is abletomeet these Requirements. See also ServiceDesign.
Design CoordinationThe process responsible for coordinating allService Design activities, processes andresources. Design Coordination ensures theconsistent and effective design of new orchanged IT Services, ServiceManagementInformation Systems, architectures, tech-nology, processes, information andmetrics.
DetectionA stage in the incident Lifecycle. Detectionresults in the Incident becoming known to theService Provider. Detection can be automatic,or can be the result of a user logging an inci-dent.
DevelopmentThe Process responsible for creating or mod-ifying an IT Service or Application. Also usedtomean the Role or group that carries outDevelopment work.
Development EnvironmentThe Process responsible for creating or mod-ifying an IT Service or Applications. Devel-opment Environments are not typicallysubjected to the same degree of control asTest Environments or Live Environments. Seealso Development.
DiagnosisA stage in the Incident and Problem Life-cycles. The purpose of Diagnosis is to identifya workaround for an Incident or the RootCause of a Problem.
Diagnostic ScriptA structured set of questions used by ServiceDesk staff to ensure they ask the correct ques-tions, and to help them Classify, Resolve andassign Incidents. Diagnostic Scripts may alsobemade available to Users to help them diag-nose and resolve their own Incidents.
Directory ServicesAn Application that manages information aboutIT Infrastructure available on a network, andcorresponding User access Rights.
DocumentInformation in readable form. A Document maybe paper or electronic. For example, a Policystatement, Service Level Agreement, IncidentRecord, diagram of computer room layout. Seealso Record.
DowntimeThe time when a Configuration Item or IT Serv-ice is not Available during its Agreed ServiceTime. The Availability of an IT Service is oftencalculated from Agreed Service Time andDowntime.
DriverSomething that influences Strategy, Objec-tives or Requirements. For example, new leg-islation or the actions of competitors
EEarly Life Support (ELS)Support provided for a new or Changed IT Serv-ice for a period of time after it is Released. Dur-ing Early Life Support the IT Service Providermay review the KPIs, Service Levels andMon-itoring Thresholds, and provide additionalResources for Incident and ProblemMan-agement.
Economies of ScaleThe reduction in average Cost that is possiblefrom increasing the usage of an IT Service or
Page 391
Glossary
Asset.
Economies of ScopeThe reduction in cost that is allocated to an ITService by using an existing asset for an addi-tional purpose. See also Economies of Scale.
EffectivenessA measure of whether the Objectives of a Proc-ess, Service or Activity have been achieved.An Effective Process or activity is one thatachieves its agreedObjectives. See also KPI
EfficiencyA measure of whether the right amount ofresources has been used to deliver a Process,Service or Activity. An Efficient Processachieves its Objectives with theminimumamount of time, money, people or otherresources. See also KPI.
Emergency ChangeA Change that must be introduced as soon aspossible. For example, to resolve aMajor Inci-dent or implement a security patch. TheChangeManagement Process will normallyhave a specific Procedure for handling Emer-gency Changes. See also Emergency ChangeAdvisory Board (ECAB)
Emergency Change Advisory Board(ECAB)A subset of the Change Advisory Board thatmakes decisions about high-impact Emer-gency Changes. Membership of the ECABmay be decided at the time ameeting is called,and depends on the nature of the EmergencyChange
Enabling ServiceA Service that is needed in order to deliver acore service. Enabling Services may or maynot be visible to the customer, but they are notoffered to customers in their own right. Seealso Enhancing Service
Enhancing ServiceA Service that is added to a core service tomake it more attractive to the customer.Enhancing Services are not essential to thedelivery of a core service but are used toencourage customers to use the core servicesor to differentiate the Service Provider from its
competitors. See also Enabling Service;Excitement Factor
Enterprise Financial ManagementThe function and process responsible for man-aging the overall organization’s budgeting,accounting and charging requirements. Enter-prise Financial Management is sometimesreferred to as the “corporate” Financial Depart-ment. See also Financial Management for ITServices.
EnvironmentA subset of the IT Infrastructures that is usedfor a particular purpose. For Example: LiveEnvironment, Test Environment, Build Envi-ronment. It is possible for multiple Envi-ronments to share a Configuration Item, forexample Test and Live Environment may usedifferent partitions of a single mainframe com-puter. Also used in the term Physical Envi-ronment to mean the accommodation, airconditioning, power system, etc. Environmentis also used as a generic term tomean theexternal conditions that influence or affectsomething.
ErrorA design flow ormalfunction that causes a Fail-ure of one or more Configuration Items or ITServices. A mistakemade by a person or afaulty Process that affects a CI or IT Serviceis also an Error.
EscalationAn Activity that obtains additional Resourceswhen these are needed tomeet Service LevelTargets or Customer Expectations. Escalationmay be needed within any IT ServiceMan-agement Process, but is most commonly asso-ciated with Incident Management, ProblemManagement and themanagement of Cus-tomer complaints. There are two types of Esca-lation: Functional Escalation and HierarchicEscalation.
eSourcing Capability Model for ClientOrganizations (eSCM-CL)A framework to help organizations in their anal-ysis and decision-making or service sourcingmodels and strategies. It was developed byCarnegieMellon University in the US. See
Page 392
Glossary
also eSourcing Capability Model for ServiceProviders.
eSourcing Capability Model for ServiceProviders (eSCM-SP)A framework to help IT Service Providersdevelop their IT ServiceManagement Capabil-ities from a Service Sourcing perspective.eSCM-SP was developed by CarnegieMellonUniversity, US.
EstimationThe use of experience to provide an approx-imate value for aMetric or Cost. Estimation isalso used in Capacity and Availability Man-agement as the cheapest and least accurateModelingmethod.
EvaluationThe Process responsible for assessing a newor Changed IT Service to ensure that Riskshave beenmanaged and to help determinewhether to proceed with the Change.
EventA change of state that has significance for themanagement of a Configuration Item or ITService. The term Event is also used tomeanan Alert or notification created by any IT Serv-ice, Configuration Item orMonitoring tool.Events typically require IT Operations per-sonnel to take actions and often lead to Inci-dents being logged.
Event ManagementThe process responsible for managing Eventsthroughout their Lifecycle. Event Managementis one of themain Activities of IT Operations.
Exception ReportA Document containing details of one or moreKPIs or other important targets that haveexceeded defined Thresholds. Examplesinclude SLA targets beingmissed or about tobemissed, and a PerformanceMetric indi-cating a potential Capacity problem.
Excitement FactorAn attribute added to something tomake itmore attractive or more exciting to the cus-tomer. See also Enhancing Service.
Expanded Incident LifecycleDetailed stages in the lifecycle of an incident.The stages are detection, diagnosis, repair,recovery and restoration. The Expanded Inci-dent Lifecycle is use to help understand all con-tributions to the impact of incidents and to planfor how these could be controlled or reduced.
External CustomerA Customer who works for a different Busi-ness than the IT Service Provider. See alsoExternal Service Provider.
External MetricA Metric that is used tomeasure the deliveryof IT Service to a Customer. External Metricsare usually defined in SLAs and reported toCustomers. See also Internal Metric.
External Service ProviderAn IT Service Provider that is part of a differentOrganization from its Customer. An IT ServiceProvider may have both Internal Customersand External Customers.
FFacilities ManagementThe Function responsible for managing thephysical Environment where the IT Infra-structure is located. Facilities Managementincludes all aspects of managing the physicalEnvironment, for example power and cooling,building Access Management, and envi-ronmental Monitoring.
FailureLoss of ability to Operate to Specification, or todeliver the required output. The term Failuremay be used when referring to IT Services,Processes, Activities, Configuration Items,etc. A Failure often causes an Incident.
FaultSee Error.
Fault ToleranceThe ability of an IT Service or ConfigurationItem to continue to Operate correctly after Fail-ure of a Component part. See also Resilience,Countermeasure.
Page 393
Glossary
Fault Tree Analysis (FTA)A technique that can be used to determine thechain of events that leads to a Problem. FaultTree Analysts represents a chain of eventsusing Boolean notation in a diagram.
Financial ManagementThe Function and Processes responsible formanaging an IT Service Provider's Budgeting,Accounting and Charging Requirements.
Financial Management for IT ServicesThe function and processes responsible formanaging an IT Service Provider’s budgeting,accounting and charging requirements. Finan-cial Management for IT Services secures anappropriate level of funding to design, developand deliver services that meet the strategy ofthe organization in a cost-effectivemanner.See also Enterprise Financial Management.
First Line SupportThe first level in a hierarchy of Support Groupsinvolved in the resolution of Incidents. Eachlevel contains more specialist skills, or hasmore time or other resources. See also Esca-lation.
Fishbone DiagramSee IshikawaDiagram
Fit for PurposeAn informal term used to describe a Process,Configuration Item, IT Service, etc. that iscapable of meeting its objectives or ServiceLevels. Being Fit for Purpose requires suitabledesign, implementation, control andmain-tenance.
Fit for UseThe ability to meet an agreed level of warranty.Being fit for use requires suitable design, imple-mentation, control andmaintenance.
Fixed Asset ManagementThe process responsible for tracking andreporting the value and ownership of fixedassets throughout their lifecycle. Fixed AssetManagement maintains the asset register andis usually carried out by the overall business,rather than by the IT organization. Fixed AssetManagement is sometime called Financial
Asset Management and is not described indetail within the core ITIL publications.
Follow the SunA methodology for using Service Desks andSupport Groups around the world to provideseamless 24/7 Service. Calls, Incidents, Prob-lems and Service Requests are passedbetween groups in different time zones.
FulfillmentPerforming Activities tomeet a need orRequirement. For example, by providing a newIT Service, or meeting a Service Request.
FunctionA team or group of people and the tools theyuse to carry out one or more Processes orActivities. For example the Service Desk. Theteam Function also ha two other meanings; anintended purpose of a Configuration Item, Per-son, Team, Process or IT Service. For exam-ple one Function of an e-mail Servicemay beto store and forward outgoingmails, one func-tion of a Business Process may be to dispatchgoods to Customers, and to perform theintended purpose correctly. The computer isFunctioning.
Functional EscalationTransferring an Incident, Problem or Change toa technical team with a higher level of expert-ise to assist in an Escalation.
GGap AnalysisAn activity that compares two sets of data andidentifies the differences. Gap Analysis is com-monly used to compare a set of requirementswith actual delivery. See also benchmarking.
GovernanceEnsuring that Policies and Strategy are actu-ally implemented and that required Processesare correctly followed. Governance includesdefining Roles and responsibilities, measuringand reporting, and taking actions to resolveany issues identified.
Page 394
Glossary
GuidelineA Document describing Best Practice, whichrecommends what should be done. Compli-ance with a guideline is not normally enforced.See also standard.
HHelp DeskA point of contact for Users to log Incidents. AHelp Desk is usually more technically focusedthan a Service Desk and does not provide aSingle Point of Contact for all interaction. Theterm Help Desk is often used as a synonymfor Service Desk.
Hierarchical EscalationInforming or involvingmore senior levels ofmanagement to assist in an Escalation.
High AvailabilityAn approach or design that minimizes or hidesthe effects of Configuration Item Failure on theUsers of an IT Service. High Availability solu-tions are designed to achieve an agreed levelof Availability andmake use of techniquessuch as Fault Tolerance, Resilience and fastRecovery to reduce the number of Incidents,and the impact of incidents.
IIdentityA unique name that is used to identify a User,person or Role. The identity is used to grantRights to that User, person or Roles. Exampleidentities might be the user name Smith or theRole 'ChangeManager'.
Immediate RecoveryA Recovery Option that is also known as HotStandby. Provision is made to recover the ITService with no loss of Service. ImmediateRecovery typically uses Mirroring, Load Bal-ancing and Split Site technologies.
ImpactA measure of the effect of an Incident, Prob-lem or Change on Business Processes.Impact is often based on how Service Levels
will be affected. Impact and Urgency are usedto assign Priority.
IncidentAn unplanned interruption to an IT Service orreduction in the Quality of an IT Service Failureof a Configuration Item that has not yetaffected service is also an incident. For exam-ple Failure of one disk from amirror set.
Incident ManagementThe Process responsible for managing the Life-cycle of all incidents. The primary Objective ofIncident Management is to return the IT Serv-ice to Customers as quickly as possible.
Incident recordA Record containing the details of an incident.Each Incident record documents the Lifecycleof a single Incident.
Indirect CostA cost of providing an IT Service, which can-not be allocated in full to a specific customer.For example, the cost of providing sharedServers or software Licenses. Also known asOverhead.
Information recoveryA Recovery Option that is also known asWarm Standby. Provision is made to Recoverthe IT Service in a period of time between 24and 72 hours. Intermediate Recovery typicallyuses a shared Portable or Fixed facility thathas Computer Systems and Network Com-ponents. The hardware and software will needto be configured and data will need to berestored as part of the IT Service ContinuityPlan
Information Security Management (ISM)The Process that ensures the Confidentiality,Integrity, and Availability of an Organization’sAssets. Information, data and IT Services.Information Security Management usuallyforms part of an Organizational approach toSecurity Management that has a wider scopethan the IT Service Provider, and includes han-dling of paper, building access, phone calls,etc. for the entire Organization.
Page 395
Glossary
Information Security Management Sys-tem (ISMS)The framework of policy, processes, func-tions, standards guidelines, and tools thatensures an organization can achieve its Infor-mation Security Management objectives. Seealso Security Management Information Sys-tem.
Information Security PolicyThe Policy that governs the Organizationsapproach to Information Security Man-agement.
Information Technology (IT)The use of technology for the storage, com-munication or processing of information. Thetechnology typically includes computers, tel-ecommunications, Applications and other soft-ware. The informationmay include Businessdata, voice, images, video, etc. InformationTechnology is often used to support BusinessProcesses through IT Service.
InsourcingSee Internal Sourcing.
IntegrityA security principle that ensures data and Con-figuration Items aremodified only by author-ized personnel and Activities. Integrityconsiders all possible causes of modification,including software and hardware Failure, envi-ronmental Events and human intervention.
Interactive Voice Response (IVR)A form of Automatic Call Distribution thataccepts User input such as key presses andspoken commands, to identify the correct des-tination for incoming calls.
Internal CustomerA customer who works for the same businessas the IT Service Provider. See also ExternalCustomer; Internal Service Provider.
Internal MetricA Metric that is used within the IT Service Pro-vider to Monitor the Efficiency, Effectivenessor Cost Effectiveness of the IT Service Pro-vider's internal Processes. Internal Metrics arenot normally reported to the Customer of the ITService. See Also External Metric.
Internal Rate of Return (IRR)A technique used to helpmake decisionsabout capital expenditure. It calculates a figurethat allows two or more alternative invest-ments to be compared. A larger Internal Rateof Return indicates a better investment. Seealso Net Present Value; Return on Invest-ment.
Internal Service ProviderAn IT Service Provider that is part of the sameOrganization as its Customer. An IT ServiceProvider may have both Internal Customersand External Customers.
Internal SourcingUsing an Internal Service Provider to manageIT Services.
International Organization for Stand-ardization (ISO)The International Organization for Stand-ardization (ISO) is the world’s largest devel-oper of Standards. ISO is a non-governmentalorganization that is a network of the nationalstandards institutes of 156 countries. Seewww.iso.org for further information about ISO.
Internet Service Provider (ISP)An External Service Provider that providesaccess to the Internet. Most ISPs also provideother IT Services such as web hosting
InvocationInitiation of the steps defined in a plan. Forexample initiating the IT Service ContinuityPlan for one or more IT Services.
Ishikawa DiagramA technique that helps a team to identify all thepossible causes of a Problem. Originallydevised by Kaoru Ishikawa, the output of thistechnique is a diagram that looks like a fish-bone.
ISO 9000A genetic term that refers to a number of inter-national Standards andGuidelines for QualityManagement System. See www.iso.org formore information. See also ISO.
ISO 9001An international standard for quality man-agement. See also ISO 9000
Page 396
Glossary
ISO/IEC 27001An international specification for InformationSecurity Management. The correspondingcode of practices is ISO/IEC 27002. See alsostandard.
ISO/IEC20000ISO Specification and Code of Practice for ITServiceManagement. ISO/IEC20000isaligned with ITIL Best Practice
IT InfrastructureAll of the hardware, software, networks, facil-ities, etc. that are required to develop, test,deliver, Monitor, Control or support IT Serv-ices. The term IT Infrastructure includes all ofthe Information Technology but not the asso-ciated people, Processes and documentation.
IT OperationsActivities carried out by IT Operations, Con-trol, including ConsoleManagement. JobScheduling, Backup and Restore, and PrintandOutput Management. IT Operations is alsoused as a synonym for Service Operation.
IT Operations ControlThe function responsible for Monitoring andControl of the IT Services and IT Infra-structure. See also Operations Bridge.
IT Operations ManagementThe function within an IT Service Provider thatperforms the daily Activities needed toman-age IT Services and the supporting IT Infra-structure. IT Operations Management includesIT Operations Control and Facilities Man-agement.
IT ServiceA Service provided to one or more Customersby an IT Service Provider. An IT Service isbased on the use of Information Technologyand supports the Customer's Business Proc-esses. An IT Service is made up from a com-bination of people, Processes and technologyand should be defined in a Service Level Agree-ment.
IT Service Continuity Management(ITSCM)The Process responsible for managing Risksthat could seriously affect IT Services. ITSCM
ensures that the IT Service Provider canalways provideminimum agreed Service Lev-els by reducing the Risk to an acceptable leveland Planning for the Recovery of IT Services.ITSCM should be designed to support Busi-ness Continuity Management.
IT Service Continuity PlanA plan defining the steps required to Recoverone or more IT Services. The plan will alsoidentify the triggers for invocation, people to beinvolved, communications etc. The IT ServiceContinuity Plan should be part of a BusinessContinuity Plan
IT Service Management (ITSM)The implementation andmanagement of Qual-ity IT Services that meet the needs of the Busi-ness. IT ServiceManagement are performedby IT Service Providers through an appropriatemix of people, Process and Information Tech-nology. See also ServiceManagement.
IT Service Management Forum (itSMF)The IT ServiceManagement Forum is an inde-pendent Organization dedicated to promoting aprofessional approach to IT ServiceMan-agement. The ITSMF is a not-for-profit mem-bership Organization with representation inmany countries around the world (ITSMF Chap-ters). The ITSMF and its membership con-tribute to the development of ITIL andassociated IT ServiceManagement Stand-ards. See www.itsmf.com for more infor-mation.
IT Service ProviderA Service Provider that provides IT Servicesto internal or external customers.
ITILA set of Best Practice guidelines for IT ServiceManagement. ITIL is owned by theOGC andconsists of a series of publications giving guid-ance on the provision of Quality IT Services,and on the Processes and facilities needed tosupport them. See www.itil.co.uk for moreinformation.
Page 397
Glossary
JJob DescriptionA Document that defines the Roles, respon-sibilities, skills and knowledge required by aparticular person. One Job Description canincludemultiple Roles, for example the Role ofConfigurationManager and ChangeManagermay be carried out by one person.
KKempner Trego AnalysisPlanning andmanaging the execution of soft-ware tasks that are required as part of an ITService. Job Scheduling is carried out by ITOperations Management and is often auto-mated using software tools that run batch oronline tasks at specific times of the day,week, month or year.
Key Performance Indicator (KPI)A Metric that is used to helpmanage a Proc-ess, IT Service or Activity. Many Metrics maybemeasured but only themost important ofthese are defined as KPIs and used to activelymanage and report on the Process, IT Serviceor Activity. KPIs should be selected to ensurethat Efficiency, Effectiveness and Cost Effec-tiveness are all managed. See also CriticalSuccess Factor.
Knowledge BaseA logical database containing the data used bythe Service KnowledgeManagement System.
Knowledge ManagementThe Process responsible for gathering, analyz-ing, storing and sharing knowledge and infor-mation within anOrganization. The primarypurpose of KnowledgeManagement is toimprove Efficiency by reducing the need torediscover knowledge. See also ServiceKnowledgeManagement System.
Known ErrorA Problem that has a documented Root Causeand aWorkaround. Known errors are created
andmanaged throughout their Lifecycle byProblemManagement. Known Errors may alsobe identified by Development or Suppliers.
Known Error Database (KEDB)A database containing all Known Error Rec-ords. This database is created by ProblemManagement and used by Incident and Prob-lemManagement. The known Error Databaseis part of the Service KnowledgeManagementsystem.
Known Error RecordA Record containing the details of a KnownError. Each Known Error Record documentsthe Lifecycle of a Known Error, including theStatus, Root Cause andWorkaround. In someimplementations a Known Error is documentedusing additional fields in a Problem Record.
LLifecycleThe various stages in the life of an IT Service,Configuration Item, Incident, Problem, Changeetc. The Lifecycle defines the Categories forStatus and the Status transitions that are per-mitted. The Lifecycle of an Applicationincludes Requirements, Design, Build,Deploy, Operate, Optimize. The ExpandedIncident Lifecycle includes Detect, Respond,Diagnose, Repair, Recover, Restore. The Life-cycle of a Server may include: Ordered,received, In Test, Live, disposed, etc.
LiveRefers to an IT Service or Configuration Itemthat being used to deliver Service to a Cus-tomer.
Live EnvironmentA controlled Environment containing Live Con-figuration Items used to deliver IT Services toCustomers.
Page 398
Glossary
MMaintainabilityA measure of how quickly and effectively an ITService or other Configuration Item can berestored to normal working after a failure. Main-tainability is oftenmeasured and reported asMTRS. Maintainability is also used in the con-text of software or IT Services development tomean ability to be changed or repaired easily.
Major IncidentThe highest Category of Impact for an Inci-dent. A Major Incident results in significant dis-ruption to the Business.
Management InformationInformation that is used to support decisionmaking by managers. Management Infor-mation is often generated automatically bytools supporting the various IT ServiceMan-agement Processes. Management Informationoften includes the values of KPIs such as Per-centage of Changes leading to Incidents orfirst-time fix rate.
Management Information Systems (MIS)
Management of Risk (MoR)TheOGC methodology for managing Risks.MoR includes all the Activities requir4ed toidentify and Control the exposure to Risk,whichmay have an impact on the achieve-ment of an Organization's Business Objec-tives. See www.m-o-r.org for more details.
Management SystemThe framework of Policy, Processes and Func-tions that ensures anOrganization canachieve its Objectives.
Manual WorkaroundA workaround that requires manual inter-vention. Manual workaround is also used asthe name of a recovery option in which the busi-ness process operates without the use of ITServices This is a temporary measure and isusually combined with another recoveryoption.
Market SpaceOpportunities that an IT Service Provider couldexploit to meet the business needs of cus-tomers. Market Spaces identify the possible ITServices that an IT Service Provider may wishto consider delivering.
MaturityA measure of the reliability, efficiency andeffectiveness of a process, function, organ-ization tc. Themost mature processes andfunctions are formally aligned to businessobjectives and strategy, and are supported bya framework for continual improvement.
Maturity LevelA named level in amaturity model, such as theCarnegieMellon Capability Maturity ModelIntegration (CMMI).
Mean Time Between Failures (MTBF)A Metric for measuring and reporting Relia-bility. MTBF is the average time that a Con-figuration Item or IT Service can perform itsagreed Function without interruption. This ismeasured from when the CI or IT Servicestarts working, until it next fails.
Mean Time To Repair (MTTR)The average time taken to repair a Con-figuration Item or IT Service after Failure.MTTR is measured from when the CI or ITService fails until it is repaired. MTTR does notinclude the time required to Recover orRestore. MTTR is sometimes incorrectly usedtomeanMean Time to Restore Service.
Mean Time to Restore Service (MTRS)The average time taken to restore a Con-figuration Item or IT Service after a Failure.MTRS is measured from when the CI or ITService fails until it is fully restored and deliv-ering its normal functionality. See alsoMeanTime ToRepair.
MetricSomething that is measured and reported tohelpmanage a Process, IT Service or Activity.See also KPI
MIddlewareSoftware that connects two or more softwareComponents or Applications. Middleware is
Page 399
Glossary
usually purchased from a Supplier, rather thandeveloped within the IT Service Provider. Seealso Off the Shelf.
MissionA short but complete description of the overallpurpose and intentions of an organization. Itstates what is to be achieved, but not how thisshould be done. See also Vision.
ModelA representation of a System, Process, ITService, Configuration Item, etc. that is usedto help understand or predict future behavior.
ModelingA technique that is used to predict the futurebehavior of a System, Process, IT Service,Configuration Item, etc. Modeling is commonlyused in Financial Management, Capacity Man-agement and Availability Management.
Monitor Control LoopMonitoring the output of a Task, Process, ITService or Configuration Item; comparing thisoutput to a predefined Norm; and taking appro-priate action based on this comparison.
MonitoringRepeated observation of a Configuration Item,IT Service or Process to detect events and toensure that the current status is known.
MyTerm
NNet Present Value (NPV)A technique used to helpmake decisionsabout capital expenditures. It compares cashinflows with cash outflows. Positive netpresent value indicates that an investment isworthwhile. See also Internal Rate of Return;Return on Investment.
OObjectiveThe defined purpose or aim of a Process, anActivity or anOrganization as a whole,
Objectives are usually expressed as meas-urable targets. The term Objective is also infor-mally used tomean a Requirement. See alsoOutcome.
Off the ShelfSeeCommercial off the Shelf
Office of Government Commerce (OGC)OGC (formater owner of Best ManagementPractice_ and its functins havemoved into theCabinet Office as part of HMGovernment.See www.cabinetoffice.gov.uk
Off-shoreProvision of Services from a location outsidethe country where the Customer is based,often in a different continent. This can be theprovision of an IT Service or of supportingFunctions such as Service Desk.
OperateTo perform as expected. A Process or Con-figuration Item is said to Operate if it is deliv-ering the Required outputs. Operate alsomeans to perform one or more Operations. Forexample, to Operate a computer is to do theday-to-day Operations needed for it to performas expected.
OperationDay-to-day management of an IT Service, Sys-tem, or other Configuration Item. Operation isalso used tomean any pre-defined Activity orTransaction. For example loading amagnetictape, acceptingmoney at a point of sale, orreading data from a disk drive.
OperationalThe lowest of three levels of Planning anddelivery. (Strategic, Tactical, Operational).Operational Activities include the day-to-day orshort-term Planning or delivery of a BusinessProcess or IT ServiceManagement Process.The term Operational is also a synonym forLive.
Operational CostCost resulting from running the IT Services.Often repeating payments. For Example staffcosts, hardwaremaintenance and electricity(also known as current expenditure or revenueexpenditure). See also Capital Expenditure.
Page 400
Glossary
Operational ExpenditureSee also Operational Cost
Operational Level Agreement (OLA)An Agreement between an IT Service Providerand another part of the same organization. AnOLA supports the IT Service Provider's deliv-ery of IT Services to Customers. TheOLAdefines the goods or Services to be providedand the responsibilities of both parties. Forexample there could be anOLA between the ITService Provider and a procurement depart-ment to obtain hardware that covers agreed-times. or between the Service Desk and aSupport Group to provide Incident Resolutionin agreed-times.
Operations BridgeA physical location where IT Services and ITInfrastructure aremonitored andmanaged
Operations ControlSee also IT Operations Control
Operations ManagementSee also IT Operations Management
OptimizeReview, Plan and request Changes, in order toobtain themaximum Efficiency and Effec-tiveness from a Process, Configuration, Item,Application, etc.
OrganizationA company, legal entity or other institution.Examples of Organizations that are not com-panies include International Standards Organ-ization or ITSMF. The term Organization issometimes used to refer to an entity that hasPeople, Resources and Budgets. For examplea Project or Business Unit.
OutcomeThe result of carrying out an Activity; followinga Process; delivering an IT Service, etc. Theterm Outcome is used to refer to intendedresults, as well as to actual results. See alsoObjective.
OutsourcingUsing an External Service Provider to manageIT Services. See also Service Sourcing.
OverheadSee indirect cost.
PPareto PrincipleA technique use dot prioritize activities. ThePareto Principle says that 80% of the value ofany activity is created with 20% of the effort.Pareto Analysis is also used in ProblemMan-agement to prioritize possible problem causefor investigation.
PartnershipA relationship between twoOrganizations thatinvolves working closely together for commongoals or mutual benefit. The IT Service Pro-vider should have a Partnership with the Busi-ness, and with Third Parties who are critical tothe delivery of IT Services.
Pattern of Business Activity (PBA)A workload profile of one or more businessactivities. Patterns of Business Activity areused to help the IT Service Provider under-stand and plan for different levels of businessactivity. See also User Profile.
PerformanceA measure of what is achieved or delivered bya System, person, team, Process, or IT Serv-ice.
Performance ManagementThe Process responsible for day-to-day Capac-ity Management Activities.. These includemonitoring, threshold detection, Performanceanalysis and Tuning, and implementingchanges related to Performance and Capacity.
PilotA limited Deployment of an IT Service, aRelease or a Process to the Live Environment.A pilot is used to reduce Risk and to gain Userfeedback and Acceptance. See also Test,Evaluation.
PlanA detailed proposal that describes the Activ-ities and Resources needed to achieve anObjective. For example, a Plan to implement anew IT Service or Process. ISO/IEC 20000
Page 401
Glossary
requires a Plan for themanagement of each ITServiceManagement Process.
Plan-Do-Check-ActA four stage cycle for Process managementattributed to Edward Deming Plan. Do-Check-Act is also called the Deming Cycle.
PlanningAn Activity responsible for creating one ormore Plans. For example. Capacity Planning.
PMBOKA Project Management Standardmaintainedand published by the Project ManagementInstitute. PMBOK stands for Project Man-agement Body of Knowledge. Seewww.pmi.org for more information. See alsoPRINCE2.
PolicyFormally documentedmanagement expec-tations and intentions. Policies are used todirect decisions, and to ensure consistent andappropriate development and implementationof Processes, Standards, Roles, Activities, ITInfrastructure, etc.
Post-Implementation Review (PIR)A Review that takes place after a Change or aProject has been implemented. A PIR deter-mines if the Change or Project was successfuland identifies opportunities for improvement.
PracticeA way of working, or a way in which work mustbe done. Practices can include Activities, Proc-esses, Functions, Standards andGuidelines.See also Best Practice.
PricingThe Activity for establishing how much Cus-tomers will be Charged.
PRiNCE2The standard UK government methodology forProject management. Seewww.ogc.gov.uk/prince2. See also PMBOK
PriorityA Category used to identify the relative impor-tance of an incident, Problem or Change. Prior-ity is based on Impact and Urgency, and isused to identify required times for actions to be
taken. For example the SLA may state thatPriority 2 Incidents must be resolved within 12hours.
Proactive Problem ManagementPart of the ProblemManagement Process.TheObjective of Proactive ProblemMan-agement is to identify Problems that mightotherwise bemissed. Proactive ProblemMan-agement analyses Incident Records, and usesdata collected by other IT ServiceMan-agement Processes to identify trends or sig-nificant problems.
ProblemA cause of one or more Incidents. The causeis not usually known at the time a ProblemRecord is created, and the ProblemMan-agement Process is responsible for furtherinvestigation.
Problem ManagementThe Process responsible for managing the Life-cycle of all Problems. The primary objectivesof ProblemManagement are to prevent inci-dents from happening and tominimize theimpact of Incidents that cannot be prevented.
Problem RecordA Record containing the details of a Problem.Each Problem Record documents the Life-cycle of a single Problem.
ProcedureA Document containing steps that specify howto achieve an Activity. Procedures are definedas part of Processes. See alsoWord Instruc-tion.
ProcessA structured set of Activities designed toaccomplish a specific Objective. A Processtakes one or more defined inputs and turnsthem into defined outputs. A Process mayinclude any of the Roles, responsibilities, toolsandmanagement Controls required to reliablydeliver the outputs. A Process may define Pol-icies, Standards, Guidelines, Activities andWork Instruments if they are needed.
Process ControlThe Activity of planning and regulating a Proc-ess, with the Objective of performing the
Page 402
Glossary
Process in an Effective, Efficient and con-sistent manner.
Process ManagerA Role responsible for Operational man-agement of a Process. The Process Man-ager's responsibilities include planning andcoordination of all Activities required to carryout, monitor and report on the process. Theremay be several Process Managers for oneProcess, for example regional ChangeMan-agers or IT Service Continuity Managers foreach data Centre. The Process Manager Roleis often assigned to the person who carries outthe Process Owner Role, but the two Rolesmay be separate in larger Organizations.
Process OwnerA Role responsible for ensuring that a Processis Fit for Purpose The Process Owner's respon-sibilities include sponsorship, Design, ChangeManagement and continual improvement ofthe Process and its Metrics. This Role is oftenassigned to the same person who carries outthe Process Manager Role, but the two Rolesmay be separate in larger Organizations.
Production EnvironmentSee Live Environment.
ProgramA number of Projects and Activities that areplanned andmanaged together to achieve anoverall set of related Objectives and other Out-comes
ProjectA temporary Organization, with people andother Assets required to achieve anObjectiveor other Outcome. Each Project has a Life-cycle that typically includes initiation, Plan-ning, execution, Closure, etc. Projects areusually managed using a formal methodologysuch as PRiNCE2.
Project Management Body of Knowledge(PMBOK)A project management standardmaintainedand published by the Project ManagementInstitute.
Project Management Institute (PMI)A membership association that advances theproject management profession through glob-ally recognized standards and certifications,collaborative communities, and extensiveresearch program, and professional devel-opment opportunities. PMI is a not-for-for profitmembership organization with representationin many countries around the world. PMI main-tains and publishes the Project ManagementBody of Knowledge (PMBOK)
Project Management Office (PMO)A function or group responsible for managingthe lifecycle of projects. See also charter;project portfolio
Project PortfolioA database or structure document used toman-age projects throughout their lifecycle. TheProject Portfolio is used to coordinate projectsand ensure that they meet their objectives in acost-effective and timely manner. In largerorganizations, the Project Portfolio is typicallydefined andmaintained by a Project Man-agement Office. The Project Portfolio is impor-tant to Service Portfolio Management as newservices and significant changes are are nor-mally managed as projects. See also charter.
Projects IN Controlled Environments(PRiNCE2)See PRiNCE2
QQualificationAn activity that ensures that IT infrastructureis appropriate, and correctly configured to sup-port an Application or IT service. See also Val-idation.
QualityThe ability of a product, service or process toprovide the intended value. For example, ahardware component can be considered to beof high quality if it performs as expected anddelivers the required reliability. Process qualityalso requires an ability to monitor effec-tiveness and efficiency, and to improve them if
Page 403
Glossary
necessary. See also Quality Management Sys-tem.
Quality Assurance (QA)The process responsible for ensuring that thequality of a product, service or process will pro-vide its intended value.
Quality Management System (QMS)The set of processes responsible for ensuringthat all work carried out by an organization is ofa suitable quality to reliably meet businessobjectives or service levels. See also ISO9000.
Quick WinAn improvement activity that is expected toprovide a return on investment in a short periodof time with relatively small cost and effort.
RRACIA model used to help define roles and respon-sibilities. RACI stands for Responsible,Accountable, Consulted and Informed.. Seealso Stakeholder
RecordA document containing the results or other out-put from a process or activity. Records areevidence of the fact that an activity took placeandmay be paper or electronic. For example,an audit report, an incident record or themin-utes of ameeting.
RecoveryReturning a configuration item or an IT serviceto a working state. Recovery of an IT serviceoften includes recovering data to a known, con-sistent state. After recovery, further steps maybe needed before the IT service can bemadeavailable to the users. (Restoration).
RedundancySee fault tolerance. The term redundant alsohas a generic meaning of obsolete or no longerneeded.
RelationshipA connection or interaction between twopeople or things. In business relationship
management it is the interaction between theIT service provider and the business. In con-figurationmanagement it is a link between twoconfiguration items that identifies a depend-ency or connection between them. For exam-ple applications may be linked to the serversthey run on, IT services havemany links to allthe CIs that contribute to them.
ReleaseA collection of hardware, software, doc-umentation, processes or other componentsrequired to implement one or more approvedchanges to it services. The contents of eachrelease aremanaged, tested, and deployed asa single entity.
Release & Deployment ManagementThe process responsible for both releaseman-agement and deployment.
Release ManagementThe process responsible for planning, sched-uling and controlling themovement of releasesto test and live environments. The primaryobjective of releasemanagement is to ensurethat the integrity of the live environment is pro-tected and that the correct components arereleased. Releasemanagement is part of therelease and deployment management proc-ess.
Release RecordA record in the CMDB that defines the contentof a release. A release record has relationshipswith all configuration items that are affected bythe release.
ReliabilityA measure of how long a configuration item orIT service can perform its agreed function with-out interruption. Usually measured as MTBF orMTBSI. The term reliability can also be used tostate how likely it is that a process, function,etc. will deliver its required outputs. See alsoAvailability.
RepairThe replacement or correction of a failed con-figuration item.
Page 404
Glossary
Request for Change (RFC)A formal proposal for a change to bemade. AnRFC includes details of the proposed change,andmay be recorded on paper or elec-tronically. The term RFC is oftenmisused tomean a change record, or the change itself.
Request FulfillmentThe process responsible for managing the life-cycle of all service requests.
RequirementA formal statement of what is needed. Forexample, a service level requirement, a projectrequirement or the required deliverables for aprocess.
ResilienceThe ability of a configuration item or IT serviceto resist failure or to recover quickly following afailure. For example an armored cable willresist failure when put under stress. See alsoFault Tolerance.
ResolutionAction taken to repair the root cause of an inci-dent or problem, or to implement a work-around. In ISO/IEC 20000, resolutionprocesses is the process group that includesincident and problemmanagement.
ResourceA generic term that includes IT infrastructure,people, money or anything else that might helpto deliver an IT service, resources are con-sidered to be assets of an organization. Seealso Capability, Service Asset.
Response TimeA measure of the time taken to complete anoperation of transaction. Used in capacity man-agement as ameasure of IT infrastructure per-formance, and in incident management as ameasure of the time taken to answer the phoneor to start diagnosis.
ResponsivenessA measurement of the time taken to respond tosomething. This could be response time of atransaction, or the speed with which an IT serv-ice provider responds to an incident or requestfor change, etc.
Restoration ServiceSeeRestore.
RestoreTaking action to return an IT service to theusers after repair and recovery from an inci-dent. This is the primary objective of incidentmanagement.
RetirePermanent removal of an IT service, or otherconfiguration item from the live environment.Retired is a state in the lifecycle of many con-figuration items.
Return on Investment (ROI)Continual Service Improvement) A meas-urement of the expected benefit of an invest-ment. In the simplest sense it is the net profitof an investment divided by the net worth ofthe assets invested. See also Value on Invest-ments.
ReviewAn evaluation of a change, problem, process,project, etc. Reviews are typically carried outat pre-defined points in the lifecycle, and espe-cially after closure. The purpose of a review isto ensure that all deliverables have been pro-vided and to identify opportunities for improve-ment. See also Post-Implementation Review.
RiskA possible event that could cause harm orloss, or affect the ability to achieve objectives.A risk is measured by the probability of athreat, the vulnerability of the asset to thatthreat, and the impact it would have if itoccurred.
Risk AssessmentThe initial steps of risk management. Analyz-ing the value of assets to the business, iden-tifying threats to those assets, and evaluatinghow vulnerable each asset is to those threats.Risk assessment can be quantitative (basedon numerical data) or qualitative.
Risk ManagementThe process responsible for identifying,assessing and controlling risks. See also RiskAssessment.
Page 405
Glossary
RoleA set of responsibilities, activities and author-ities granted to a person or team. A role isdefined in a process. One person or teammayhavemultiple roles, for example the roles ofconfigurationmanager and changemanagermay be carried out by a single person.
Root CauseThe underlying or original cause of an incidentor problem.
Root Cause Analysis (RCA)An activity that identifies the root cause of anincident or problem. RCA typically con-centrates on IT infrastructure failures. Seealso Service Failure Analysis.
SSarbanes-Oxley (SOX)US law that regulates financial practice andcorporate governance.
ScalabilityThe ability of an IT service, process, con-figuration item, etc. to perform its agreed func-tion when the workload or scope changes.
ScopeThe boundary, or extent, to which a process,procedure, certification, contact, etc. applies.For example the scope of ChangeMan-agement may include all live IT services andrelated configuration items, the scope of anISO/IEC 20000 Certificate may include all ITservices delivered out of a named data center.
Second Line SupportThe second level in a hierarchy of supportgroups involved in the resolution of incidentsand investigation of problems. Each level con-tains more specialist skills, or has more timeor other resources.
SecuritySee Information Security Management
Security ManagementSee Information Security Management
Security PolicySee Information Security Policy
ServerA computer that is connected to a network andprovides software functions that are used byother computers.
ServiceA means of delivering value to customers byfacilitating outcomes customers want toachieve without the ownership of specificcosts and risks.
Service Acceptance Criteria (SAC)A set of criteria used to ensure that an IT Serv-icemeets its functionality and quality require-ments and that the IT Service Provider isready to operate the new IT Service when ithas been deployed. See also Acceptance.
Service AssetAny capability or resource of a service pro-vider. See also Asset
Service Asset & Configuration Man-agement (SACM)The process responsible for both configurationmanagement and asset management.
Service Capacity Management (SCM)The activity responsible for understanding theperformance and capacity of IT services. Theresources used by each IT service and the pat-tern of usage over time are collected, recordedand analyzed for use in the capacity plan. Seealso Business Capacity Management, Com-ponent Capacity Management.
Service CatalogA database or structured document with infor-mation about all live IT services, includingthose available for deployment. The servicecatalogue is the only part of the service port-folio published to customers, and is used tosupport the sale and delivery of IT services.The service catalogue includes informationabout deliverables, prices contact points, order-ing and request processes.
Service Catalog ManagementThe process responsible for providing andmaintaining the Service Catalog and for ensur-ing that it is available to those who are author-ized to access it.
Page 406
Glossary
Service CharterA document that contains details of a new orchanged services. New service introductionsand significant service changes are doc-umented in a charter and authorized by Serv-ice Portfolio Management. Service Chartersare passed to the Service Design lifecyclestage where a new ormodified Service designPackage will be created. The term charter isalso used to describe the act of authorizing thework required by each stage of the service life-cycle with respect to the new or changed serv-ices. See also Change Proposal; ServicePortfolio; Service Catalog.
Service Continuity ManagementSee IT service Continuity Management
Service CultureA customer oriented culture. Themajor objec-tives of a service culture are customer sat-isfaction and helping customers to achievetheir business objectives.
Service DesignA stage in the lifecycle of an IT service. Serv-ice design includes a number of processes andfunctions and is the title of one of the core ITILpublications. See also Design.
Service Design Package (SDP)Documents defining all aspects of an IT Serv-ice and its requirements through each stage ofits lifecycle. A Service Design Package isproduced for each new IT Service, majorchange or IT Service retirement.
Service DeskThe single point of contact between the serv-ice provider and the users. A typical ServiceDesk manages incidents and servicerequests, and also handles communicationwith the users.
Service Failure Analysis (SFA)An activity that identifies underlying causes ofone or more IT service interruptions. SFA iden-tifies opportunities to improve the IT serviceproviders processes and tools, and not just theIT infrastructure. SFA is a time constrainedproject-like activity, rather than an ongoingprocess of analysis. See also Root CauseAnalysis.
Service HoursAn agreed time period when a particular ITservice should be available. For example,'Monday-Friday 09:00 to 17:00 except publicholidays'. Service hours should be defined in aservice level agreement.
Service Improvement Plan (SIP)A formal plan to implement improvements to aprocess or IT service.
Service Knowledge Management System(SKMS)A set of tools and databases that are used tomanage knowledge and information. TheSKMS includes the configurationmanagementsystem as well as other tools and databases.The SKMS stores, manages, updates andpresents all information that an ITservice pro-vider needs tomanage the full lifecycle of ITservices.
Service LevelMeasured and reported achievement againstone or more service level targets. The teamservice level is sometimes used informally tomean service level target.
Service Level Agreements (SLA)An agreement between an IT service providerand a customer. The SLA describes the ITservice, documents service level targets, andspecifies the responsibilities of the IT serviceprovider and the customer. A single SLA maycover multiple IT services or multiple cus-tomers. See also Operational Level Agree-ment.
Service Level Management (SLM)The process responsible for negotiating serv-ice level agreements and ensuring that thesearemet. SLM is responsible for ensuring thatall IT servicemanagement processes, oper-ation level agreements, and underpinning con-tracts, are appropriate for the agreed servicelevel targets. SLMmonitors and reports onservice levels, and holds regular customerreviews.
Service Level PackageSee Service Option.
Page 407
Glossary
Service Level Requirements (SLR)A customer requirement for an aspect of an ITservice. SLRs are based on business objec-tives and are used to negotiate agreed servicelevel targets.
Service Level TargetA commitment that is documented in a servicelevel agreement. Service level targets arebased on service level requirements, and areneeded to ensure that the IT service design isfit for purpose. Service level targets should beSMART, and usually based on KPIs.
Service Maintenance ObjectiveThe expected time that a configuration itemwill be unavailable due to plannedmain-tenance activity.
Service ManagementServicemanagement is a set of specializedorganizational capabilities for providing valueto customers in the form of services.
Service Management LifecycleAn approach to IT ServiceManagement thatemphasizes the importance of coordinationand control across the various function, proc-esses and systems necessary tomanage thefull lifecycle of IT services. The ServiceMan-agement Lifecycle approach considers thestrategy, design, transition, operation and con-tinuous improvement of IT services.
Service ManagerA manager who is responsible for managingthe end-to-end lifecycle of one or more IT serv-ices. The term ServiceManager is also usedtomean any manager within the IT service pro-vider. It is most commonly used to refer to abusiness relationship manager, a process man-ager, an account manager or a senior managerwith responsibility for IT services overall.
Service ModelA model that shows how service assets inter-act with customer assets to create value. Serv-iceModels describe the structure of a service(how the configuration items fit together) andthe dynamics of the service (activities, flow ofresources and interactions). A ServiceModel
can be used as a template or blueprint for mul-tiple services.
Service OperationA stage in the lifecycle of an IT service. Serv-ice Operation includes a number of processesand functions and is the title of one of the coreITIL publications. See also Operations.
Service OptionA choice of utility and warranty offered to cus-tomers by a core service or service package.Service Options are sometimes referred to asService Level Packages.
Service OwnerA role responsible for managing one or moreservices throughout their entire lifecycle. Serv-ice Owners are instrumental in the devel-opment of Service Strategy and areresponsible for the content of the Service Port-folio. See also Business Relationship Man-agement.
Service PackageTwo ormore services that have been combineto offer a solution to a specific type of cus-tomer need or to underpin specific businessoutcomes. A Service Package can consist ofa combination of core services, enabling serv-ices and enhancing services. A Service Pack-age provides a specific level of utility andwarranty. Customers may be offered a choiceof utility and warranty through one or more serv-ice options. See also IT Service.
Service PipelineA database or structured document listing allIT Services that are under consideration ordevelopment, but are not yet available to cus-tomers. The Service pipeline provides a busi-ness view of possible future IT Services and ispart o the Service Portfolio that is not normallypublished to customers.
Service PortfolioThe complete set of services that areman-aged by a service provider. The Service Port-folio is used tomanage the entire lifecycle ofall services and includes three categories,service pipeline (proposed or in development),service catalogue (live or available for
Page 408
Glossary
deployment) and retired services. See alsoService Portfolio Management.
Service Portfolio Management (SPM)The process responsible for managing the serv-ice portfolio. Service portfolio managementconsiders service in terms of the businessvalue that they provide.
Service ProviderAn organization supplying services to one ormore internal customers or external cus-tomers. Service Provider is often used as anabbreviation for IT Service Provider.
Service ReportingThe process responsible for producing anddelivering reports of achievement and trendsagainst service levels. Service Reportingshould agree the format, content andfrequency of reports with customers.
Service RequestA request from a user for information, oradvice, or for a standard change or for accessto an IT service. For example to reset a pass-word, or to provide standard IT services for anew user. Service Requests are usually han-dled by a Service Desk and do not require anRFC to be submitted. See also Request Ful-fillment.
Service SourcingThe strategy and approach for decidingwhether to provide a service internally, to out-source it to an external Service Provider, or tocombine the two approaches. Service Sourc-ing alsomeans the execution of this strategy.See also Insourcing; Internal Service Provider;Outsourcing.
Service StrategyThe title of one of the core ITIL publications.Service Strategy establishes an overallstrategy for IT Services and for IT ServiceMan-agement.
Service TransitionA stage in the lifecycle of an IT Service. Serv-ice Transition includes a number of processesand functions and is the title of one of the CoreITIL publications. See also Transition.
Service Validation and TestingThe process responsible for validation and test-ing of a new or changed IT Service. ServiceValidation and Testing ensures that the ITServicematches its design specification andwill meet the needs of the business.
ServiceabilityThe ability of a third-party supplier to meet theterms of its contract. This contract will includeagreed levels of reliability, maintainability andavailability for a Configuration Item.
Seven-step Improvement ProcessThe process responsible for defining andman-aging the steps needed to identify, define,gather, process, analyze, present and imple-ment improvements. The performance of theIT Service Provider is continually measured bythis process and improvements aremade toprocesses, IT Service and IT infrastructure inorder to increase efficiency, and effectivenessand cost effectiveness. Opportunities forimprovement are recorded andmanaged in theCSI Resister.
ShiftA group or team of people who carry out a spe-cific role for a fixed period of time. For examplethere could be four shifts of IT Operations Con-trol personnel to support an IT service that isused 24 hours a day.
Simulation ModelingA technique that creates a detailedmodel topredict the behavior of an IT Service or otherConfiguration Item. A SimulationModel isoften created by using the actual ConfigurationItems that are beingmodeled with artificialworkloads or transactions. They are used inCapacity Management when accurate resultsare important. A SimulationModel is some-times called a performance benchmark. Seealso Analytical Modeling; modeling
Single Point of ContactProviding a single consistent way to com-municate with an organization or businessunit. For example, a single point of contact foran IT service provider is usually called a serv-ice desk.
Page 409
Glossary
Single Point of Failure (SPOF)Any Configuration Item that can cause an inci-dent when it fails, and for which a counter-measure has not been implemented. A SPOFmay be a person or a step in a process or activ-ity, as well as a component of the IT infra-structure. See also Failure.
SLAM ChartA Service Level Agreement Monitoring chart isused to helpmonitor and report achievementsagainst Service Level Targets. A SLAM chartis typically color-coded to show whether eachagreed Service Level Target has beenmet,missed or nearly missed during each of the pre-vious 12months.
SMARTAn acronym for helping to remember that tar-gets in Service Level Agreements and projectplans should be Specific, Measurable, Achiev-able, Relevant and Time-bound
Software Asset Management (SAM)The process responsible for tracking andreporting the use and ownership of softwareassets throughout their lifecycle. SoftwareAsset Management is part of an overall Serv-ice Asset and ConfigurationManagement proc-ess. This process is not described in detailwith the core ITIL publications.
SourceSee Service Sourcing.
SpecificationA formal definition of requirements. A spec-ificationmay be used to define technical oroperational requirements, andmay be internalor external. Many public standards consist of acode of practice and a specification. The spec-ification defines the standard against which anorganization can be audited.
StakeholderAll people who have an interest in an organ-ization, project, IT service, etc. Stakeholdersmay be interested in the activities, targets,resources or deliverables. Stakeholders mayinclude customers, partners, employees,shareholders, owners, etc.
StandardA mandatory requirement. Examples includeISO/IEC 20000 (an international standard), aninternal security standard for Unix con-figuration, or a government standard for howfinancial records should bemaintained. Theterm standard is also used to refer to a code ofpractice or specification published by a stand-ards organization such as ISO or BSI. Seealso Guideline.
Standard ChangeA pre-approved change that is low risk, rel-atively common and follows a procedure orwork instruction. For example, password resetor provision of standard equipment to a newemployee. RFCs are not required to implementa Standard Change, and they are logged andtracked using a different mechanism, such asa service request. See also ChangeModel
Standard Operating Procedures (SOP)Procedures used by IT Operations Man-agement.
StandbyUsed to refer to resources that are not requiredto deliver the live IT services but are availableto support IT Service Continuity plans. Forexample a standby data center may bemain-tained to support hot standby, warm standbyor cold standby arrangements.
Statement of Requirements (SOR)A document containing all requirements for aproduct purchase or a new or changed IT serv-ice.
StatusThe name of a required field in many types ofrecord. It shows the current stage in the life-cycle of the associated Configuration Item,Incident, Problem etc.
Storage ManagementThe process responsible for managing the stor-age andmaintenance of data throughout its life-cycle.
StrategicThe highest of three levels of Planning andDelivery (Strategic, Tactical, Operational).Strategic activities include objective setting
Page 410
Glossary
and long term planning to achieve the overallvision.
Strategic AssetAny asset that provides the basis for core com-petence, distinctive performance or sus-tainable competitive advantage, or whichallows a business unit to participate in busi-ness opportunities. Part of Service Strategy isto identify how IT can be viewed as a strategicasset rather than an internal administrativefunction.
StrategyA strategic plan designed to achieve definedobjectives.
Strategy Management for IT ServicesThe process responsible for defining andmain-taining an organization’s perspective, position,plans and patterns with regard to its servicesand themanagement of those services. Oncethe strategy has been defined, Strategy Man-agement for IT Services is also responsible forensure that it achieves its intended businessoutcomes.
Super UserA user who helps other users, and assists incommunication with the Service Desk or otherparts of the IT Service Provider. Super userstypically provide support for minor Incidentsand training.
SupplierA third party responsible for supplying goods orservices that are required to deliver IT Serv-ices. Examples of suppliers include com-modity hardware and software vendors,network and telecom providers, and out-sourcing organizations. See also UnderpinningContract, Supply Chain.
Supplier and Contract Management Infor-mation System (SCMIS)A set of tools, data and information that isused to support Supplier Management. Seealso Service KnowledgeManagement Sys-tem.
Supplier ManagementThe process responsible for ensuring that allcontracted with suppliers support the needs of
the business, and that all Suppliers meet theircontractual commitments.
Supply ChainThe activities in a value chain carried out bysuppliers. A supply chain typically involvesmultiple suppliers, each adding value to theproduct or service. See also Value Network.
Support GroupA group of people with technical skills. Supportgroups provide the technical support neededby all of the IT ServiceManagement proc-esses. See also Technical Management.
Supporting ServiceAn IT Service that is not directly used by thebusiness, but is required by the IT Service Pro-vider to deliver customer-facing services. Alllive Supporting Services, including those avail-able for deployment, are recorded in the Serv-ice Catalog along with information about theirrelationships to customer-facing services andother CIs.
SWOT AnalysisA technique that reviews and analyzes theinternal strengths and weakness of an organ-ization and the external opportunities andthreats that if faces. SWOT stands forStrengths, Weaknesses, Opportunities, andThreats.
SystemA number of related things that work togetherto achieve an overall objective. For example; acomputer system, including hardware, soft-ware and applications, amanagement system,includingmultiple processes that are plannedandmanaged.
TTacticalThemiddle of three levels of Planning andDelivery (Strategic, Tactical, Operational). Tac-tical activities include themedium-term plansrequired to achieve specific objectives, typ-ically over a period of weeks tomonths.
Page 411
Glossary
Technical ManagementThe function responsible for providing tech-nical skills in support of IT Services andman-agement of the IT infrastructure. Technicalmanagement defines the roles of supportgroups, as well as the tools, processes andprocedures required.
Technical ObservationA technique used in Service Improvement,Problem investigation and Availability Man-agement. Technical support staff meet to mon-itor the behavior and performance of an ITservice andmake recommendations forimprovement.
Technical SupportSee Technical Management
Tension MetricsA set of relatedmetrics, in which improve-ments to onemetric have a negative effect onanother. Tensionmetrics are designed toensure that an appropriate balance isachieved.
Terms of Reference (TOR)A document specifying that requires, scope,deliverables, resources and schedule for aproject or activity.
TestAn activity that verifies that a ConfigurationItem, IT Service, process, etc. meets its spec-ification or agreed requirements.
Test EnvironmentA controlled environment used to test Con-figuration Items, builds, IT services, proc-esses etc.
Third PartyA person, group, or business that is not part ofthe Service Level Agreement for an IT Service,but is required to ensure successful delivery ofthat IT Service. For example, a software sup-plier, a hardwaremaintenance company, or afacilities department. Requirements for thirdparties are typically specified in UnderpinningContracts or Operational Level Agreements.
Third-Line SupportThe third level in a hierarchy of support groupsinvolved in the resolution of Incidents and
investigation of Problems. Each level containsmore specialist skills, or has more time orother resources.
ThreatAnything that might explore a vulnerability.Any potential cause of an Incident can be con-sidered to be a threat. For example, a fire is athreat that could exploit the vulnerability offlammable floor coverings. This term is com-monly used in Information Security Man-agement and IT Service ContinuityManagement, but also applies to other areassuch as Problem and Availability Man-agement.
ThresholdThe value of ametric that should cause analert to be generated or management action tobe taken. For example 'Priority 1 Incident notsolved within four hours', 'more than five softdisk errors in an hour' or more than 10 failedchanges in amonth.
ThroughputA measure of the number of transactions, orother operations, performed in a fixed time forexample. 5,000 e-mails sent per hour, or 200disk I/Os per second.
Total Cost of OwnershipA methodology use to helpmake investmentdecisions. IT assesses the full lifecycle costof owning a Configuration Item, not just the ini-tial cost or purchase price. See also Total Costof Utilization.
Total Cost of Utilization (TCU)A methodology used to helpmake investmentand service sourcing decisions. Total Coast ofUtilization assesses the full lifecycle cost tothe customer of using an IT Service. See alsoTotal Cost of Ownership.
Total Quality Management (TQM)A methodology for managing continualimprovement by using aQuality ManagementSystem. TQM establishes a culture involvingall people in the organization in a process ofcontinual monitoring and improvement.
Page 412
Glossary
TransactionA discrete function performed by an IT Serv-ice. For example transferringmoney from onebank account to another. A single transactionmay involve numerous additions, deletions anmodifications of date. Either all of these com-plete successfully or none of them carried out.
TransitionA change in state, corresponding to amove-ment of an IT Service or other ConfigurationItem from one lifecycle status to the next.
Transition Planning and SupportThe process responsible for planning all Serv-ice Transition processes and coordinating theresources that they require.
Trend AnalysisAnalysts of data to identify time-related pat-terns. Trend Analysis is used in ProblemMan-agement to identify common failures or fragileconfiguration items, and in Capacity Man-agement as amodeling tool to predict futurebehavior. It is also used as amanagement toolfor identifying deficiencies in IT ServiceMan-agement processes.
TuningThe activity responsible for planning changestomake themost efficient use of resources.Tuning is part of PerformanceManagement,which also includes performancemonitoringand implementation of the required changes.
Type I Service ProviderAn internal Service Provider that is embeddedwithin a business unit. Theremay be severalType I Service Providers within an organ-ization.
Type II Service ProviderAn internal Service Provider that providesshared IT Services tomore than one businessunit. Type II Service Providers are also knownas shared service units.
Type III Service ProviderA Service Provider that provides IT Servicesto external customers.
UUnderpinning Contract (UC)A contract between an IT Service provider anda third party. The third party provides goods orservices that support delivery of an IT Serviceto a customer. The Underpinning Contractdefines targets and responsibilities that arerequired tomeet agreed Service Level Targetsin an SLA.
Unit CostThe cost to the IT Service Provider of pro-viding a single component of an IT service. Forexample, the cost of a single desktop PC, or ofa single transaction.
UrgencyA measure of how long it will be until an Inci-dent, Problem or Change has a significantimpact on the business. For example a highimpact Incident may have low Urgency, if theimpact will not affect the business until the endof the financial year. Impact and Urgency areused to assign Priority.
UsabilityThe ease with which an application, product orIT Service can be used, Usability Require-ments are often included in a Statement ofRequirements.
Use CaseA technique used to define required func-tionality and objectives, and to design tests.Use Cases define realistic scenarios thatdescribe interactions between Users and an ITService or other system. See also ChangeCase.
UserA person who uses the IT Service on a day- to-day basis. Users are distinct from Customersas someCustomers do not use the IT Servicedirectly.
User Profile (UP)A pattern of User demand for IT Services.Each User profile includes one or more pat-terns of business activity.
Page 413
Glossary
UtilityFunctionality offered by a product or service tomeet a particular need. Utility is often sum-marized as what it does.
VValidationAn activity that ensures a new or changed ITService, process, plan or other deliverablemeets the needs of the business. Validationensures that business requirements aremeteven though thesemay have changed sincethe original design. See also Verification,Acceptance or Qualification.
Value ChainA sequence of processes that creates a prod-uct or service that is of value to a customer.Each step of the sequence builds on the pre-vious steps and contributes to the overall prod-uct or service. See also Value Network.
Value for MoneyAn informal measure of cost effectiveness.Value for money is often based on a com-parison with the cost of alternatives.. See alsoCost Benefit Analysis.
Value NetworkA complex set of relationships between two ormore groups or organizations. Value is gen-erated through exchange of knowledge, infor-mation, goods or services. See alsoPartnership; Value Chain.
Value on Investment (VOI)A measurement of the expected benefit of aninvestment. Value on Investment considersboth financial and intangible benefits. See alsoReturn on Investment.
VarianceThe difference between a planned value andthe actual measured value. Commonly used inFinancial Management, Capacity Man-agement and Service Level Management, butcould apply in any area where plans are inplace.
VerificationAn activity that ensures a new or changed ITservice, process, plan or other deliverable iscomplete, accurate, reliable andmatches itsdesign specification. See also Validation,Acceptance.
VersionA description of what the organization intendsto become in the future. A vision is created bysenior management and is used to helpinfluence culture and strategic planning.
VisionA description of what the organization intendsto become in the future. A vision is created bysenior management and is used to helpinfluence culture and strategic planning. SeealsoMission.
Vital Business Function (VBF)A function of a business process that is criticalto the success of the business. Vital businessfunctions are an important consideration ofBusiness Continuity Management, IT ServiceContinuity Management and Availability Man-agement.
VulnerabilityA weakness that could be exploited by athreat. A missing control is also considered tobe a vulnerability.
WWarrantyAssurance that a product or service will meetagreed requirements. This may be a formalagreement such as a Service Level Agreementor contract, or it may be amarketingmessageor brand image. Warranty refers to the ability ofa service to be available when needed to pro-vide the required capacity, and to provide therequired reliability in terms of continuity andsecurity. Warranty can be summarized as“how the service is delivered,” and can be usedto determine whether a service is “fit for use.”The business value of an IT Service is createdby the combination of utility and warranty. Seealso Service Validation and Testing.
Page 414
Glossary
Work in Progress (WIP)A status that means activities have started butare not yet complete. It is commonly used as astatus for Incidents, Problems, Changes, etc.
Work InstructionA document containing detailed instructionsthat specify exactly what steps to follow tocarry out an activity. A Work Instruction con-tains muchmore detail than a Procedure and isonly created if very detailed instructions areneeded.
WorkaroundReducing or eliminating the impact of an Inci-dent or Problem for which a full Resolution isnot yet available. For example by restarting afailed Configuration Item, Workarounds forProblems are documented in Known Error Rec-ords. Workarounds for Incidents that do nothave associated Problem Records are doc-umented in the Incident Record.
WorkloadThe resources required to deliver an iden-tifiable part of an IT Service. Workloads maybe categorized by users, groups of users orfunctions within the IT Service. This is used toassist in analyzing andmanaging the Capac-ity, Performance and Utilization of Con-figuration Items and IT Services. The termWorkload is sometimes used as a synonymfor Throughput.
Page 415
Page 416
Glossary