The ITIL Practices
A management practices is a set of organizational resources designed for performing work or accomplishing an objective
The Incident Management Practice
The Continual improvement practice
The Service Desk Practice
The Service Request Management Practice
The Change Enablement Practice
The Service Level Management Practice
Purpose
To align the organization's practices and services with changing business needs through the ongoing identification and improvement of services, service components, practices, or any element involved in the efficient and effective management of products and services.
Methods, models and techniques
SWOT(Strengths, weaknesses,opportunities, threats ) analysis
DevOps
Continual improvement model
Maturity assessments
Incremental agile improvements
Multi-phase project/Single quick effort
Balanced scorecard
Lean methods to reduce waste
provide perspectives on the elimination of waste
focus on making improvement incrementally
look at working holistically and ensuring improvements are not only designed well, but applied effectively
Key Activities of Continual Improvement
Assessing and prioritizing improvement opportunities
Making business cases for improvement action
Identifying and logging improvement opportunities
Planning and implementing improvements
Securing time and budget for continual improvement
Measuring and evaluating improvement results
Encouraging continual improvement across the organization
Coordinating improvement activities across the organization
Everyone's Responsibility
Employees
Continual improvement should be included in job descriptions and objectives of every employee
Leaders
Dedicated team
Partners and suppliers
Leaders should exhibit commitment to continual improvement and embed it into the attitudes, behavior, and culture of the organization
Dedicated team to lead continual improvement efforts and guide/ mentor others in the organization
Contract should include how the partners and suppliers measure, report, and improve
Continual Improvement Register
- Organizations use a structured document or database called Continual Improvement Register (CIR) to track and manage improvement ideas
- The structure of the information captured in a CIR is unimportant
- The improvement ideas are captured, documented, assessed, prioritized, and appropriately acted upon to ensure that the organization and its services are always being improved.
- It's dangerous if each team has its own CIR
Change
Change refers to the addition, deletion, and modification of anything that could have effect on services
Purpose
To maximize the number of successful IT changes by:
- Authorizing/Consenting changes to proceed
- Managing/Handling the change schedule
- Ensuring/Confirming that risks have been properly measuresd
Distinguish Change Control from Organization Change Management
Organizational Change Management (變革)
- Manages the people aspects of changes
- Ensures that improvements and organizational transformation initiatives are implemented successfully
Change Control
- Focusses on changes in products and services
- Balances the need to make beneficial changes that deliver additional value with the need to protect customers and users from the adverse effect of changes
Change authority
All changes are assessed and authorized by the people who understand the risks and expected benefits before the changes are deployed
The person or group who authorizes a change is known as a change authority (Change manager, CAB)
In high velocity organizations, it is a common practice to decentralize change approval, making the peer review a top predictor of high performance
Types of Changes
Standard Changes
Normal Changes
Emergency Changes
Can be implemented without the need of additional authorization
Can be service requests or operational changes
Low-risk, pre-authorized changes that are well-understood and fully-documented
Should be scheduled and assessed following a standard process that usually includes authorization
Can be low-risk changes or major (high-risk) changes
Must be implemented as soon as possible usually to resolve an incident.
The process for assessment and authorization is expedited(加急) to ensure they can be implemented quickly
May be a separate change authority is required which includes senior managers who understand business risk
Example
Updating of a virus software
Adding or removing server memory
low-risk changes
high-risk changes
often suing automationto speed up the change
authority may take slightly longer
to ensure that the change is well planned and the risk in understood at the correct levels
often high risk, and it's critical to ensure that all role players understand the risk to the organization
Communicating Changes
Change Schedule/List
Assists in communication
Avoids conflicts
Helps to plan changes
Assigns resources
Incident
Incident refers to an unplanned interruption to a service, or reduction in the quality of a service
Purpose
To minimize the negative impact of incidents by restoring normal service operation as quickly as possible
Key Activities
Agree, document, and communicate the target resolution times
Prioritize the incidents
Log and manage the incidents
Designing
Store information about incidents in incident records
Provide good-quality updates on incidents
Design the incident management practice for appropriate management and resource allocation to different types of incidents
A suitable tool should be used to store and provide links to configuration items, changes, problems, known errors, and other knowledge to enable quick and efficient diagnosis and recovery
symptoms, business impact, configuration items affected, actions completed, and actions planned
The updates should have a timestamp and information about the people involved
Incident Diagnosis and Resolution
groups/teams involved
Support team
Service desk
Suppliers or partners
Users self-help
Temporary cross-functional team
Disaster recovery
The routing is based on the incident category, which should help to identify the correct team
Complex incidents and all major incidents often require a temporary team to work together to identify the resolution
Disaster Recover Plans
A set of clearly defined plans related to how an organization will recover from a disaster as well as return to a predisaster condition, considering the four dimensions of service management.
Swarming
A technique to help manage incidents.
This involves many different stakeholders working together initially, until it becomes clear which of them is best placed to continue and which can move on to other tasks
The Problem Management
Problem
Purpose
Refers to a cause, or potential cause, of one or more incidents
- Reduce the likelihood and impacts of incidents by identifying actual and potential causes of incidents
- Managing workarounds and known errors
Know error
A problem that has been analyzed and has not been resolved
How problem is different from incident?
Problems
Incidents
Are the causes of incidents
Require investigation and analysis to identify the causes, develop workarounds, and recommend longer teem resolution
Have an impact on users or business processes
Must be resolved so that the normal business activity can continue to work
Phases of Problem Mangement
Phase 1: Problem identification (Identify and log problems)
Phase 2: Problem Control
(Analyze problems. Document workarounds and know errors)
Phase 3: Error Control
(Manage know errors)
It's not necessary to analyze every problem, rather it is more valuable to make significant progress on the highest priority problems
involves identifying potential permanent solutions
Workaround
A solution that reduces or eliminates the impact of an incident or problem for which a full resolution is not yet available. Some workarounds reduce the likelihood of incidents
Identifying a risk that an incident could recur
Analyzing information received from suppliers and partners
Detecting duplicate and recurring issues by users, service desk, and technical support staff
Analyzing information received from internal software developers, quality teams, and project teams
Performing trend analysis of incident records
It's necessary to analyze problems from the perspective of all four dimensions of service management- people, technology, partners, processes
An effective incident workaround can be considered a permanent way of dealing with a problem when resolving the problem is not feasible or cost-effective
regularly re-assesses the status of know errors that have not been resolved
availability and cost of permanent resolutions
effectiveness of workarounds
overall impact on customers
be evaluated each time a workaround is used
may be improved based on the assessment
Relationship of Problem Management with Other Practices
Change Enablement
Knowledge Management
Risk Management
Continual improvement
Incident Management
may complement each other
Example
identifying the causes of an incident is a problem management activity that may lead to incident resolution
may also conflict
Example
investigating the cause of an incident may delay actions needed to restore service
can be organized as a specific case of risk management
problem management initiates resolution through change control and participates in the post implementation review
approving and implementing changes is out of scope for the problem management practice
In some cases, solutions can be treated as improvement opportunities, so they are included in a continual improvement techniques
Relation of Problem Management with People, Skills, and Competences
are highly reliant on the knowledge and experience of staff, rather than on detailed procedures
to understand complex systems and to think about how different failures might have occurred
Service Request
A service request is a request from a user or user's authorized representative that initiates a service action which has been agreed as a normal part of service delivery
Purpose
To provide the promised quality of a service by handling all pre-defined, agreed, user-initiated service requests in an effective and comprehensible manner
Each service request may include one or more of:
A request for provision of a resource or service, such as providing a virtual server for a development team
A request for access to a resource or service, such as providing access to a file
A request for information,such as information on how to create a document
Feedback, compliments and complaints, such as complaints on implementation of new interface
A request for a service delivery action, such as providing a report
Delivery of Service Requests
Service requests form a normal part of service delivery and not a failure degradation of service
some are complex
some are simple
The steps to fulfill the request should be well-known and proven
can usually be formalized with a clear, standard procedure for:
Approval
Fulfillment
Initiation
Management
Service Request Management Guidelines
Expectations should be clearly set
Opportunities for improvement should be identified
Policies should be established
Policies and workflows should be included
Service requests should be standardized and automated
Purpose
Act as the point of contact for the service provider along with its users
Provide a clear path for users to report issues, queries, and requests, and acknowledge, classify, own, and take action on them
Understand demand for incident resolution and service requests
Key Aspects of Service Desk
Should have practical understanding of the wider organization, its business processes, and users
Works in close collaboration with the support and development teams
A vital part of any service operation
Need not to be highly technical
Should be the empathetic and informed link between the service provider and its users
Has a major influence on user experience and how the service provider is perceived by the users
Arranges, explains, and coordinates various matters than just fixing broken technology
Supports people and business, rather than providing support for technical issues
Plays a vital role in the delivery of services
Structure of Service Disk requires various supporting technologies
Knowledge base
Call recording and quality control
Workforce management and resource planning systems
Remote access tools
Workflow systems for routing and escalation
Dashboard and monitoring tools
Intelligent telephony systems
Configuration management systems
Service Desk Staff
Emotional Intelligence
Effective communication
Empathy
Incident analysis and prioritization
Excellent customer service skills
Purpose
To set clear business-based targets for service performance, so that the delivery of a service can be properly assessed, monitored, and managed against these targets
Key Activities
Involves the definition, documentation, and active management of service levels
It provides end to end visibility of the organization's services
Ensures the organization meets the defined service levels
Performs service reviews
Establishes a shared view of the services and target service levels with customers
Captures and reports on service issues including performance against defined service levels
Service Level Agreements
A documented agreement between a service provider and a customer that identifies both services required and the expected level of service
SLAs have been used as a tool to measure the performance of services from the customer's point of view
Key requirements of SLAs
They should relate to defined outcomes. It needs to use balanced bundle of metrics, such as customer satisfaction.
They should replicate an agreement of engagement and discussion between the service provider and the consumer.
They must relate to a defined service in the service catalogue
They must be written in simple form
The Watermelon SLA Effect
Using single system-based metrics as targets can result in misalignment and a disconnect between service partners as to the success of the service delivery and the user experience.
Requirements of Service Level Management
- Focus and effort to engage and listen to the requirements, issues, concerns, and daily needs of customers
- Engagement to understand and confirm the needs and requirements from customers
- Listening to build relationship and trust to show customers that they are valued and understood
Sources for Collating and Analyzing Information
Customer feedaback
Operational metrics
Customer engagement
Business metrics
Surveys
Key business-related measures
Purpose of ITIL Practices
IT Asset Management
Monitoring and Event Management
Supplier Management
Release Management
Relationship Management
Service Configuration Management
Inforamtion Security Management
Deployment Management
Purpose
Maintain information security for authenticatin and non-repudiation (不可否認)
Protect the information used by organizations to run their business
Authentication
Non-Repudiation
ensures that someone is who they claim to be
ensures that someone can't deny that they took an action
Understand and manage risks to the confidentiality, integrity and availability of information
Maintain a balance between
Prevention
Detection
Correction
Ensures security risks do not occur
Detecting risks that cannot be prevented
Recovering from risks after they are detected
Purpose
Ensures
Establish and foster the links between the organization and its stakeholders at strategic and tactical levels
Identify, analyze, monitor, continually improve the relationships with and between stakeholders
Priorities for new or changed products/services for customers are established and maintained
Complaints and escalations from stakeholders are managed well
Constructive relationship is established relationship between the organization and stakeholders
Products and services facilitate value creation for the service consumers and organizations
Needs of stakeholders are understood, and products and services are prioritized
Organizations facilitate value creation for all stakeholders
Purpose
Create more collaborative relationships with key supplier to uncover and realize new value and reduce risk of failure
Ensure that the supplier and their performance are managed appropriately to support the seamless provision of quality products and services
Key activities
Maintaining a supplier strategy, policy, and contract management information
Negotiating and agreeing contracts and arrangements
Creating a single point of visibility and control to ensure consistency
Managing relationships and contracts with internal and external suppliers
Managing supplier performance
IT asset
refers to any valuable component that can contribute to delivery of an IT product or service
Purpose
to plan and manage the lifecycle of all IT assets
This in return helps the organization to:
Manage risks
Make decisions in terms of purchase and reuse
Control costs and budgets
Meet regulatory/governing and contractual/promised requirements
Maximize value for customers
Event
An event can be defined as any change of state that has significance for the management of a Configuration Item (CI) or IT service. Events are typically recognized through notifications created by an IT service, CI, or monitoring tool
Purpose
Analyze service components
Record and report changes of state identified as events
Identify and prioritize infrastructure, services, business processes, and information security events
Establish the appropriate response to those events, including responding to conditions that could lead to potential faults or incidents
Manage events throughout their lifecycle
Purpose
To make new and changed services and features available for use
Availability Management
Service Continuity Management
Release
A version of a service or other configuration item, or a collection of configuration items, that is made available for use
Purpose
To ensure that accurate and reliable information about the configuration of services, and the CIs that support them, is available when and where it is needed. This includes information on how CIs are configured and the relationships between them
Configuration Item
Any component that needs to be managed in order to deliver an IT service
Purpose
Within ITIL, it refers to both the provisioning of infrastructure and the deployment of software
To move new or changed hardware, software, documentation, processes, or any other component to live environments
Availability refers to the ability of an IT service or other configuration item to perform its agreed function when required
MTBF
MTRS
Mean Time Between Failures
Mean Time to Restore Service
DRP: Disaster Recovery Plan
Capacity and Performance Management
Performance
is a measure of what is achieved or delivered by a system, person, team, practice, or service