Understanding ITIL e-systems Forum 2009 October 16, 2009 Filippos Frantzolas MSc MBCS CITP BCS...

Understanding ITILe-systems Forum 2009

October 16, 2009

Filippos Frantzolas MSc MBCS CITPBCS Hellenic Section

[email protected]

mailto:[email protected]

Contents

• What is ITIL?• ITIL: Overview• ITIL: Benefits• ITIL v3 compared to ITIL v2• A new Service Management

Philosophy• ITIL v3 Core Functions & Processes• ITIL v3 Components• ISO 20000 and ITIL processes• ITIL Related Certifications

BCS Hellenic Section October 2009

What is ITIL?The Information Technology Infrastructure Library (ITIL) is a set of guidance developed by the United Kingdom’s Office Of Government Commerce (OGC).

The guidance, documented in a set of books, describes an integrated, process based, best practice framework for managing IT services.

ITIL started in the mid 1980s as a project to document best practices in IT. ITIL v2 was published in 2000 while ITIL v3 was launched in May 2007.

The version 3 project has involved extensive consultations with thousands of global ITSM Practitioners from the public and private sectors, vendors, qualification bodies, exam institutes and education providers.


ITIL: Overview

ITIL is considered the world’s most credible framework for IT Service Management (ITSM) and it is used by thousands of small and large organizations and government agencies from all over the world.

Furthermore, ITIL has generated an entire industry that includes:• Training• Certification• Consulting• Software tools• Trade Association (itSMF)


ITIL is about processes. Any ITIL implementation ultimately has roots in the principle of Process Improvement.

ITIL is also about people. ITIL defines of a series of individual IT practitioner certifications. These certifications help improve the skills required to deliver high quality, repeatable, and well-controlled IT services.

There is no “company-wide ITIL certification” - these are handled by the international standards organization ISO via ISO 20000 corporate certifications.

ITIL isn’t highly prescriptive – it is a set of “good practice” guidance for IT practitioners to follow.

Practitioners may adapt the ITIL guidance as they see fit based on the unique skill sets, goals, and functions of their IT organization.


ITIL: Overview

ITIL: Benefits

Some of the benefits derived from ITIL implementation include increased:

• Business efficiency through streamlining of IT processes and better integration between vital business functions and IT services• Competitive advantage through cost reduction and by enabling growth and agility by the flexibility and scalability inherent in standardized processes and service organization• IT value through business and IT operational and goal alignment• Improved customer and user satisfaction • Speed and completeness of compliance with regulatory authorities, through a defensible standard model on which control objectives can be built


ITIL: What it is not

ITIL is not a project management methodology: ITIL does not focus on creating things like projects do. Instead it focuses on delivering IT services to the company.

ITIL is not a tool: You can implement many aspects of ITL using tools, but tools are not required. If your organization is small, simple templates and spreadsheets may be all you need. If your organization is large, you may need to find appropriate software tools to help.

ITIL is not an all-or-nothing proposition: Since ITIL is a series of approaches in different areas, a company can implement some or the entire overall model. There is no rule that you have to implement everything.


ITIL v3 compared to ITIL v2

Key changes in version 3 mark a shift towards:

• A service-driven lifecycle approach

• More prescriptive guidance than previous versions: While version 2 outlined what should be done to improve processes, version 3 clearly explains how you should go about it.

• Demonstrating Return On Investment (ROI) to the business: one of the most frequent requests from the industry consultations carried out as part of the version 3 project.


A new Service Management Philosophy

ITIL v3 is also characterized by four high level approaches in IT Service Management thinking:

•Integration of Business and IT objectives•Value Service Network Integration•Dynamic Service Portfolios•Service Management Lifecycle

As organizations evolve from a technology focus to a service orientation focus, these core changes to ITIL provide the context and ability to support this emerging reality.


Integration of Business and IT objectives

• For many years, we have been discussing of how to align business and IT objectives. We were assuming that while business and IT share the same corporate brand, they are somehow two separate and very distinct functions.

• However, the line between the business process and its supporting technology has faded to a point where there is no longer a true ability to separate them or to revert back to manual options.

• It is due to this growing realization that the term alignment is being replaced with the concept of integration.

• Banking as a very good example of the above realization. The financial management business processes and their supporting technologies are now so inter-dependent that they are inseparable.


Value Service Network IntegrationITIL v2 described the business and IT relationship as that of a business customer being supported by a single internal IT service provider (Value Chain Management).

Today’s business and IT relationship for service provision is much more complex than the concept of a single provider meeting all business needs.

While some IT functions are often found within a business unit structure, others are provided by a shared service model to multiple business units. Furthermore, IT teams have the option of using different external outsourcing options or leveraging the Software As A Service (SaaS) model.

ITIL v3 realistic approach of today's complex service provision models is referred to as an “Integrated Value Service Network”.


Dynamic Service PortfoliosWhile ITIL has always been referred to as an IT Service Management Framework, the primary focus up until ITIL v3 has been on the Service Support and Delivery "Processes". The concept of a "Service" was almost an afterthought or something to get to later.

A Service Catalogue was therefore a Service Level Management deliverable, a brochure where IT published their services along with their default characteristics and attributes, in a linear mode.

In contrast, a Dynamic Service Portfolio is interpreted as the product of a strategic process where service strategy and design conceive of and create services that are built and transitioned into the production environment based on business value.

The services documented in this portfolio are bundled together into fit-for-purpose offerings that are then subscribed to as a collection and consumed by business units.


Service Management Lifecycle

According to ITIL v3, while processes are important, they only exist to plan for, deliver and support services.

ITIL v3 core books are structured around a Service Management Lifecycle. This new structure organizes the processes we understand with additional content.

This moves the importance and profile of the Service Catalogue from being an accessory of the Service Level Management process to being the corner stone of ITSM.


ITIL v3 Core Functions & Processes


The Essential ITIL v3 Elements

The following ITSM processes are considered essential to all IT departments:

1. Service Desk2. Event Management3. Problem Management4. Service Asset & Configuration Management5. Change Management6. Incident Management7. Request Fulfillment8. Release & Deployment Management


1. Service Desk

Anybody using computers, inevitably needs something fixed at some point. Even if a business doesn’t have a Service Desk per se, this activity is still happening — people call or e-mail someone or knock on someone’s door and say “this doesn’t work, please fix it.”


2. Event Management

An Event is a set of circumstances that may or may not affect the system, but you know it has happened or you can predict that it shortly will happen; e.g., you see that a particular server is getting near its capacity limit.

Event Management is being done all the time, any time threshold/alerts are established or IT is monitoring the infrastructure.


3. Incident Management

Incident Management is about getting the service back to agreed service levels as fast as possible. Keeping the business performing to its maximum performance level is why ITSM exists.


4. Problem Management

Problem Management is about root cause analysis relative to Incidents. Problem Management asks “Why did that incident or group of incidents occur? What can we do to stop that from happening again?”


5. Change Management

IT changes constantly. We have to perform changes all the time to fix Events, respond to Problem Management insights, roll out new equipment, and so on. Change Management is essential to all IT operations.


6. Request Fulfillment

Employees, customers and other stakeholders inevitably have requests relating to services in whatever form. Those requests have to be addressed to the best of our ability or what are we here for?


7. Release & Deployment Management

Release & Deployment Management includes everything associated with getting a business service in place; conducting the related training; moving, converting, and backing up files; and so forth.

Release & Deployment Management is a service IT is providing all the time with varying levels of efficiency and effectiveness.


8. Asset & Configuration Management

Every IT department needs to know what assets it has, where they are located and what is being done with them. This is where IT governance comes to the forefront.


The ITIL v3 hub-and-spoke model

ITIL v3 can be depicted using a hub-and-spoke model with fundamental core concepts as the hub and specific market and industry guidance in complementary components as the spokes.Because ITIL involves best practices, it can never be fully prescriptive and must always remain descriptive. However, the changes do make ITIL v3 more detailed and industry directed and, thus, more prescriptive than the ITIL v2.

The goal of ITIL v3 is to provide a simple-to-understand, business-aligned implementation that you can customize to your specific operational situation and IT environment. New topics include: understanding business catalysts and how they produce IT strategies; how you should respond to specific business drivers like compliance and regulation; and how to interoperate with other standards.

ITIL v3 also provides significant new resources to help you “do-it-yourself”. These resources include case studies, templates, and examples. For instance, you can find out of how to build a service catalog or how to perform self-assessments.


The ITIL v3 hub-and-spoke model


ITIL v3 Components

ITIL v3 has three components: Core, Complementary, and Web. The biggest changes come from its focus on achieving and sustaining Business/IT Alignment (BITA), showing value, and delivering return on investment.

• The “Core” component has five books, covering the lifecycle of IT services from business need to service optimization and subsumes virtually the entirety of the v2 Service Support and Service Delivery content.

• The “Complementary” component includes specific content targeting particular situations, industries, and environments.

• The “Web” component provides a dynamic resource for commonly needed and topical materials, such as process maps, definitions, templates, business cases, and case studies.


The Core Component

The v3 Core is a set of five books that follow a lifecycle model from design to retirement. This includes the key concepts and generic best practices that do not change frequently.• Service Strategies: hub of the core; understanding and translating business into IT strategy; recognizing and responding to business catalysts; selecting the best practices based on industry, regulatory environment, firm size, etc.• Service Design: IT service and architecture design models to consider, including outsourcing, insourcing, co-sourcing, etc.• Service Introduction: how to create a transition strategy from service design and put it into the live environment. Topics include change and release management, service models, and checklists for taking designs into production (analogous to a software development lifecycle but for IT services).• Service Operation: how to manage services in the live or production environment; day-to-day management issues; how to react to failures; how to develop and monitor metrics of quality; and how to manage the reactive elements and processes.• Service Improvement: how to improve service once deployed.


Core Component Titles: Service Strategy

• A view of ITIL that aligns business and IT so that each brings out the best in the other.

• It ensures that every element of the Service Lifecycle is focused on customer outcomes and relates to all the companion process elements that follow.

• Subsequent titles in the core set link deliverables to meeting the business goals, requirements and service management principles described in this publication.


Core Component Titles : Service Design

• In order to meet the current and future business requirements, Service Design provides guidance on the production and maintenance of IT policies, architectures, and documents for the design of appropriate and innovative IT infrastructure service solutions and processes.


Core Component Titles : Service Transition

• Service Transition provides guidance and process activities for the transition of services in the operational business environment.

• It covers the broader, long-term change management role, release and deployment practices, so that risks, benefits, delivery mechanisms and the support of ongoing operational services are considered.


Core Component Titles : Service Operation

• Service Operation introduces, explains and details delivery and control activities to achieve operational excellence on a day-to-day basis. Readers will find many of the familiar processes from the former service support and service delivery books, which have been updated where necessary.


Core Component Titles: Continual Service Improvement

• Alongside the delivery of consistent, repeatable process activities as part of service quality, ITIL has always emphasised the importance of continual improvements.

• Focusing on the process elements involved in identifying and introducing service management improvements, this publication also deals with issues surrounding service retirement.


The Complementary Component

The next new section of ITIL v3 features the Complementary component, which addresses application of the generic core guidance in particular market, technological, or regulatory contexts. Other key additions relate to implementation guidelines by firm size or industry.

The Complementary component contains particular guidance by marketing segment. You can choose guidance based on governance like the Control Objectives for Information Technology (COBIT), methodology, particular technology or business model.

The guidance in the Complementary component helps you customize ITIL to suit your specific requirements. ITIL v3 offers further integration and guidance with COBIT and other standards and best practices. This guidance on integration with other standards makes choosing and implementing ITIL easier and the results more successful.


The Web Component

The Web component is a dynamic on-line resource that can change as often as required—just like a company web site.

Content in this component provides web-based support for existing and aspiring ITIL users. It includes examples of materials, a glossary, process maps, definitions, discussion papers, role definitions, and case studies.

Finally, it also includes agendas for meetings as specified by ITIL, such as the Change Advisory Board.


ITIL Related CertificationsThere are two broad groupings of certifications underpinned by the ITIL:

1. Professional certification for individuals

2. Organizational certification via ISO-20000 certification and audit standards


Personal Certifications

The ITIL Certification Management Board (ICMB) administers a professional certification program. ICMB members are the OGC, itSMF International, the Information Systems Examination Board (ISEB), and the Examination Institute for Information Science (EXIN).

There are three levels of professional certification:1. Foundation: an entry-level qualification focused on instilling an understanding of ITIL terminology and processes2. Practitioner: a mid-level qualification focused on teaching how to operate specific ITIL processes3. Manager: a comprehensive qualification focused on ensuring competence in the management, organization, and optimization of all ITIL processes and the Service Desk function


BCS support of the ITIL Certifications

• The Information Systems Examinations Board (ISEB) is part of BCS and is an international examination body created to raise the standard of competence and performance of people working in IT.

• Delivered via a network of accredited training and examination providers, the breadth and depth of ISEB's portfolio encourages knowledge, understanding and application in various disciplines.

• ISEB has been at the forefront of the growth of ITIL, delivering over 200,000 certifications around the world since 2000. Their network of global training providers offer the highest quality training available in the market.

• ISEB offer a full portfolio of ITIL® V3, ITIL® V2 and other service management qualifications.


Organizational CertificationsITIL is a framework. It has no auditing criteria and does not specify an organizational certification. This is covered by the ISO 20000 industry standard.

ISO 20000 is really two specifications, ISO/IEC 20000-1:2005 and ISO/IEC 20000-2:2005, referred to as ISO 20000-1 and 20000-2:

• ISO 20000-1 is the specification for Service Management. It defines the processes and provides assessment criteria and recommendations for those responsible for IT Service Management. Organizational certification uses this section.• ISO 20000-2 documents a code of practice that explains how to manage IT with regard to ISO 20000-1 audits.


ISO 20000 and ITIL processesBoth ISO 20000-1 and ISO 20000-2 derive directly from the ITIL best practice. ISO 20000 organizational certification virtually requires ITIL certification for individuals.

ISO 20000 groups the ITIL processes we all know into five core bundles:

• Service Delivery Processes: Service Level Management, Availability Management, Capacity Management, Continuity Management, and Budgeting and Accounting for IT Services (Financial Management) along with Information Security Management and Service reporting• Processes: Business Relationship Management and Supplier Management• Resolution Processes: Incident Management and Problem Management• Control Processes: Configuration Management and Change Management• Release Process: Release Management


Thank You!

Filippos Frantzolas MSc MBCS CITPBCS Hellenic Section

[email protected]

Sources: BCS, ITIL, Pink Elephant Group, ILX Group plc, TechRepublic.com, CNET Networks Inc., CA

mailto:[email protected]

Understanding ITIL e-systems Forum 2009 October 16, 2009 Filippos Frantzolas MSc MBCS CITP BCS...

Documents

Transcript of Understanding ITIL e-systems Forum 2009 October 16, 2009 Filippos Frantzolas MSc MBCS CITP BCS...