Upload
phunglien
View
258
Download
3
Embed Size (px)
Citation preview
ITIL V3: Process Summary Sheets for PinkSCAN
ITIL V3:
Process Summary Sheets
For PinkSCAN™
The contents of this Quick Reference Guide are based on OGC ITIL
® material and are
reproduced under license from OGC. (Service Strategy, Service Design, Service Transition,
Service Operation, Continual Service Improvement)
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 2 of 38
PinkSCAN Processes
DEMAND MANAGEMENT ......................................................................................................... 4
FINANCIAL MANAGEMENT ..................................................................................................... 5
SERVICE PORTFOLIO MANAGEMENT................................................................................... 6
SERVICE CATALOG MANAGEMENT...................................................................................... 8
SERVICE LEVEL MANAGEMENT ............................................................................................ 9
CAPACITY MANAGEMENT..................................................................................................... 11
AVAILABILITY MANAGEMENT ............................................................................................ 13
IT SERVICE CONTINUITY MANAGEMENT (ITSCM).......................................................... 15
INFORMATION SECURITY MANAGEMENT ........................................................................ 17
SUPPLIER MANAGEMENT ...................................................................................................... 19
CHANGE MANAGEMENT........................................................................................................ 21
SERVICE ASSET & CONFIGURATION MANAGEMENT..................................................... 23
RELEASE & DEPLOYMENT MANAGEMENT....................................................................... 25
SERVICE VALIDATION & TESTING ...................................................................................... 27
KNOWLEDGE MANAGEMENT ............................................................................................... 29
EVENT MANAGEMENT............................................................................................................ 31
INCIDENT MANAGEMENT...................................................................................................... 32
REQUEST FULFILLMENT ........................................................................................................ 33
PROBLEM MANAGEMENT...................................................................................................... 34
ACCESS MANAGEMENT.......................................................................................................... 36
SEVEN (7) STEP IMPROVEMENT PROCESS......................................................................... 38
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 3 of 38
PinkSCAN Processes In:
SERVICE
STRATEGY
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 4 of 38
DEMAND MANAGEMENT
OBJECTIVES
Optimize use of Capacity by moving workload to less utilized times, servers or places. Can
use “differential charging” as a technique
• Activity based Demand Management – activity patterns based on business process.
Business processes are the primary source of demand for services
• Patterns of Business Activity (PBA) and User Profiles. Business activity drives demand
for services; each user will have own PBA. Customer assets such as People, Processes,
and Applications generate patterns of business activity (PBA). Patterns of business
activity (PBA) influence the demand patterns seen by the service providers
• Service Package & Service Level Package (SLP):
o A Service Package is a detailed description of an IT service that is available to be
delivered to customers. A Service Package includes an SLP and one or more core
services and supporting services. Each SLP provides a definite level of utility or
warranty from the perspective of outcomes, assets and the PBA of customers. Each
SLP is capable of fulfilling one or more patterns of demand
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 5 of 38
FINANCIAL MANAGEMENT
Objectives
• The Process responsible for managing an IT service provider's budgeting, accounting
and charging requirements
• Quantification in financial terms of IT services and their value. Includes budgeting,
accounting and charging activities. Concepts include:
o Service Valuation – know cost of service; quantify what to charge it at – based on
value
o Demand modeling – model anticipated usage will be an input to your budget
o Planning Confidence – degree of accuracy of forecasts around future demand
o Service Investment Analysis – analytical models to assess value/return
o Accounting – can track service oriented expenses, etc.
o Compliance – regulation, etc.
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 6 of 38
SERVICE PORTFOLIO MANAGEMENT
OBJECTIVES
Service Portfolio Management a dynamic method for governing investments in Service
Management across the enterprise and managing them for value.
ACTIVITIES
Based on Service Strategy, we…
• Define: Inventory services, ensure business cases and validate portfolio data
• Analyze: Maximize portfolio value, align and prioritize and balance supply and demand
• Approve: Finalize proposed portfolio, authorize services and resources
• Charter: Communicate decisions, allocate resources and charter services.
…the investments for the Service Portfolio
KEY CONCEPTS
Service Portfolio
• A Service Portfolio describes a provider’s services in terms of business value. It
articulates business needs and the provider’s response to those needs
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 7 of 38
PinkSCAN Processes In:
SERVICE
DESIGN
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 8 of 38
SERVICE CATALOG MANAGEMENT
Objectives
• Manage the information contained within the Service Catalog, and ensure that it is
accurate and reflects the current details, status, interfaces and dependencies of all
services that are being run, or being prepared to run, in the live environment
Scope
• The scope of the Service Catalog Management process is to provide and maintain
accurate information on all services that are being transitioned or have been
transitioned to the live environment
Activities
• Agreeing and documenting a service definition with all relevant parties
• Interfacing with Service Portfolio Management
• Producing and maintaining a Service Catalog and its contents, in conjunction with the
Service Portfolio
• Interfacing with the business and IT Service Continuity Management
• Interfacing with support teams, suppliers and Configuration Management
• Interfacing with Business Relationship Management and Service Level Management
Key Concepts
• Service Catalog
o A database or structured document with information about all live IT services,
including those available for deployment
o The Service Catalog is the only part of the Service Portfolio published to
customers, and is used to support the sale and delivery of IT services
o The Service Catalog includes information about deliverables, prices, contact
points, ordering and request Processes
• Business Service Catalog
o Containing details of all the IT services delivered to the customer, together
with relationships to the business units and the business process that rely on
the IT services. This is the customer view of the Service Catalog
• Technical Service Catalog
o Containing details of all the IT services delivered to the customer, together
with relationships to the supporting services, shared services, components and
CIs necessary to support the provision of the service to the business
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 9 of 38
SERVICE LEVEL MANAGEMENT
Objectives
• Define, document, agree, monitor, measure, report and review the level of IT services
provided
• Provide and improve the relationship and communication with the business and
customers
• Ensure that specific and measurable targets are developed for all IT services
• Monitor and improve customer satisfaction with the quality of service delivered
• Ensure that IT and the customers have a clear and unambiguous expectation of the
level of service to be delivered
• Ensure that proactive measures to improve the levels of service delivered are
implemented wherever it is cost-justifiable to do so
Scope
• SLM should provide a point of regular contact and communication to the customers
and business managers of an organization. It should represent the IT service provider
to the business, and the business to the IT service provider
Activities
• Determine, negotiate, document and agree requirements for new or changed services
in Service Level Requirements (SLR), and manage and review them through the
Service Lifecycle into SLAs for operational services
• Monitor and measure service performance achievements of all operational services
against targets within SLAs
• Collate, measure and improve customer satisfaction
• Produce service reports
• Conduct service review and instigate improvements within an overall Service
Improvement Plan (SIP)
• Review and revise SLAs, service scope OLAs, contracts and any other underpinning
agreements
• Develop and document contacts and relationships with the business, customers and
stakeholders
• Develop, maintain and operate procedures for logging, actioning and resolving all
complaints and for logging and distributing compliments
• Log and manage all complaints and compliments
• Provide the appropriate management information to aid performance management
and demonstrate service achievement
• Make available and maintain up-to-date SLM document templates and standards
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 10 of 38
Key Concepts
• Service Level Requirement (SLR)
o A customer requirement for an aspect of an IT service. SLRs are based on
Business Objectives and are used to negotiate agreed Service Level Targets
• Service Level Targets
o A commitment that is documented in a Service Level Agreement. Service
Level Targets are based on Service Level Requirements and are needed to
ensure that the IT service design is Fit for Purpose. Service Level Targets
should be SMART, and are usually based on KPIs
• Service Level Agreement (SLA)
o Agreement between IT service provider and customer
o The SLA describes the IT service, documents Service Level Targets, and
specifies the responsibilities of the IT Service Provider and the customer
o A single SLA may cover multiple IT services or multiple customers
• Operational Level Agreement (OLA)
o Agreement within same organization
o An OLA supports the IT Service Provider's delivery of IT services to
customers
o The OLA defines the goods or services to be provided and the responsibilities
of both parties
o Can include non-IT parts of the organization
• Underpinning Contract
o Binding legal agreement between two or more parties
o The third party provides goods or services that support delivery of an IT
service to a customer
o The Underpinning Contract defines targets and responsibilities that are
required to meet agreed Service Level Targets in an SLA
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 11 of 38
CAPACITY MANAGEMENT
Objectives
• Produce and maintain an appropriate and up-to-date Capacity Plan that reflects the
current and future needs of the business
• Provide advice and guidance to all other areas of the business and IT on all capacity-
and performance-related issues
• Ensure that service performance achievements meet or exceed all of their agreed
performance targets, by managing the performance and capacity of both services and
resources
• Assist with the diagnosis and resolution of performance- and capacity-related
Incidents and Problems
• Assess the impact of all changes on the Capacity Plan, and the performance and
capacity of all services and resources
• Ensure that proactive measures to improve the performance of services are
implemented wherever it is cost-justifiable to do so
Scope
• The Capacity Management process should be the focal point for all IT performance
and capacity issues. The process should encompass all areas of technology, both
hardware and software, for all IT technology components and environments. Capacity
Management should also consider space planning and environmental systems
capacity as well as certain aspects of human resources
Activities
• Some activities in the Capacity Management process are reactive, while others are
proactive. The proactive activities of Capacity Management should include:
o Pre-empting performance issues by taking the necessary actions before they occur
o Producing trends of the current component utilization and estimating the future
requirements
o Modeling and trending the predicted changes in IT services
o Ensuring that upgrades are budgeted, planned and implemented before SLAs and
service targets are breached or performance issues occur
o Actively seeking to improve service performance wherever it is cost-justifiable
o Tuning and optimizing the performance of services and components
• The reactive activities of Capacity Management should include:
o Monitoring, measuring, reporting and reviewing the current performance of both
services and components
o Responding to all capacity-related ‘threshold’ events and instigating corrective
action
o Reacting to and assisting with specific performance issues
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 12 of 38
Key Concepts
Capacity plan covers
• Business Capacity Management
• Service Capacity Management
• Component Capacity Management
CMIS
• Capacity Management Info System
Business Capacity Management
• In the context of ITSM, Business Capacity Management is the activity responsible for
understanding future business requirements for use in the capacity plan
Service Capacity Management
• The activity responsible for understanding the performance and capacity of IT
services
• The resources used by each IT service and the pattern of usage over time are
collected, recorded, and analyzed for use in the capacity plan
Resource Capacity Management
• The Process responsible for understanding the capacity, utilization, and performance
of Configuration Items
• Data is collected, recorded and analyzed for use in the capacity plan
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 13 of 38
AVAILABILITY MANAGEMENT
Objectives
• Produce and maintain an appropriate and up-to-date Availability Plan that reflects the
current and future needs of the business
• Provide advice and guidance to all other areas of the business and IT on all
availability-related issues
• Ensure that service availability achievements meet or exceed all their agreed targets,
by managing services and resources-related availability performance
• Assist with the diagnosis and resolution of availability-related Incidents and Problems
• Assess the impact of all changes on the Availability Plan and the performance and
capacity of all services and resources
• Ensure that proactive measures to improve the availability of services are
implemented wherever it is cost-justifiable to do so
Scope
• The scope of the Availability Management process covers the design,
implementation, measurement, management and improvement of IT service and
component availability
Activities
• Determining the availability requirements
• Determining the VBFs, in conjunction with the business and ITSCM
• Determining the impact arising from IT service and component failure in conjunction
with ITSCM
• Defining the targets for availability, reliability and maintainability
• Establishing measures and reporting of availability, reliability and maintainability
• Monitoring and trend analysis of the availability, reliability and maintainability of IT
components
• Reviewing IT service and component availability and identifying unacceptable levels
• Investigating the underlying reasons for unacceptable availability
• Producing and maintaining an availability plan that prioritizes and plans IT
availability improvements
Key Concepts
The Availability Management process has two key elements:
• Reactive activities: The reactive aspect of Availability Management involves the
monitoring, measuring, analysis and management of all Events, Incidents and
Problems involving unavailability. These activities are principally involved within
operational roles
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 14 of 38
• Proactive activities: The proactive activities of Availability Management involve the
proactive planning, design and improvement of availability. These activities are
principally involved within design and planning roles
Availability Management is completed at two interconnected levels:
1. Service availability
o Involves all aspects of service availability and unavailability and the
impact of component availability, or the potential impact of
component unavailability on service availability
2. Component availability
o Involves all aspects of component availability and unavailability
• Reliability
o A measure of how long a service, component or CI can perform its agreed
function without interruption
• Maintainability
o A measure of how quickly and effectively a service, component or CI can be
restored to normal working after a failure
• Serviceability
o The ability of a third party supplier to meet the terms of their contract. Often
this contract will include agreed levels of availability, reliability and/or
maintainability for a supporting service or component
• Availability
o Ability of a service, component or CI to perform its agreed function when
required
• High Availability
o A characteristic of the IT service that minimizes or masks the effects of IT
component failure to the users of a service
• Fault Tolerance
o The ability of an IT service, component or CI to continue to operate correctly
after failure of a component part
• Continuous Operation
o An approach or design to eliminate planned downtime of an IT service. Note
that individual components or CIs may be down even though the IT service
remains available
• Continuous Availability
o An approach or design to achieve 100% availability. A continuously
Available IT service has no planned or unplanned downtime
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 15 of 38
IT SERVICE CONTINUITY MANAGEMENT (ITSCM)
Objectives
• Maintain a set of IT Service Continuity Plans and IT recovery plans that support the
overall Business Continuity Plans (BCPs) of the organization
• Complete regular Business Impact Analysis (BIA) exercises to ensure that all
continuity plans are maintained in line with changing business impacts and
requirements
• Conduct regular risk analysis and management exercises, particularly in conjunction
with the business and the Availability Management and Security Management
processes, that manage IT services within an agreed level of business risk
• Provide advice and guidance to all other areas of the business and IT on all
continuity- and recovery-related issues
• Ensure that appropriate continuity and recovery mechanisms are put in place to meet
or exceed the agreed business continuity targets
• Assess the impact of all changes on the IT Service Continuity Plans and IT recovery
plans
• Ensure that proactive measures to improve the availability of services are
implemented wherever it is cost-justifiable to do so
• Negotiate and agree the necessary contracts with suppliers for the provision of the
necessary recovery capability to support all continuity plans in conjunction with the
Supplier Management process
Scope
• ITSCM focuses on those events that the business considers significant enough to be
considered a disaster. Less significant events will be dealt with as part of the Incident
Management process. What constitutes a disaster will vary from organization to
organization
Activities
Stage 1 – Initiation
• The initiation process covers the whole of the organization and consists of the
following activities:
o Policy setting
o Specify terms of reference and scope
o Allocate resources
o Define the project organization and control structure
o Agree project and quality plans
Stage 2 – Requirements and Strategy
• Requirements – Business Impact Analysis
• Requirements – Risk Analysis
• IT Service Continuity Strategy
• Risk response measures
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 16 of 38
• Off-site storage
• ITSCM recovery options
o Manual Work-arounds
o Reciprocal arrangements
o Gradual recovery
o Intermediate recovery
o Fast recovery
o Immediate recovery
Stage 3 – Implementation
• Once the strategy has been approved, the IT Service Continuity Plans need to be
produced in line with the Business Continuity Plans
• Testing
o Walk-through tests
o Full tests
o Partial tests
o Scenario tests
Stage 4 – Ongoing Operation
• This stage consists of the following:
o Education, awareness and training
o Review
o Testing
o Change Management
Invocation
• Invocation is the ultimate test of the Business Continuity and ITSCM Plans
• Invocation is a key component of the plans, which must include the invocation
process and guidance
Key Concepts
• See activities 2 and 3 above
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 17 of 38
INFORMATION SECURITY MANAGEMENT
Objectives
To align IT security with business security and ensure that information security is
effectively managed in all service and Service Management activities.
Scope
• The ISM process should be the focal point for all IT security issues, and must ensure
that an Information Security Policy is produced, maintained and enforced that covers
the use and misuse of all IT systems and services
Activities
• Production, review and revision of an overall Information Security Policy and a set of
supporting specific policies
• Communication, implementation and enforcement of the security policies
• Assessment and classification of all information assets and documentation
• Implementation, review, revision and improvement of a set of security controls and
risk assessment and responses
• Monitoring and management of all security breaches and major security Incidents
• Analysis, reporting and reduction of the volumes and impact of security breaches and
Incidents
• Schedule and completion of security reviews, audits and penetration tests
Key Concepts
ISMS (Info Security Management System) or the Security Framework
• Need a cost effective security program – ISO27001, etc.
• ISO 27001 is the formal standard against which organizations may seek independent
certification of their ISMS (meaning their frameworks to design, implement, manage,
maintain and enforce information security processes and controls systematically and
consistently throughout the organizations). There are five elements to this framework:
o Control
o Plan
o Implement
o Evaluate
o Maintain
CIA
• Confidentiality, Integrity, Availability
Information Security Policy
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 18 of 38
• The policy should cover all areas of security, be appropriate, meet the needs of the
business
• Access control, password, etc.
Information Security Governance
• Information security governance, when properly implemented, should provide six
basic outcomes:
o Strategic alignment
o Value delivery
o Risk Management
o Performance Management
o Resource Management
o Business process assurance
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 19 of 38
SUPPLIER MANAGEMENT
Objectives
• Obtain value for money from suppliers and contracts
• Ensure that supplier contracts and agreements with suppliers are aligned to business
needs and support agreed targets in Service Level Requirements (SLR) and in Service
Level Agreements (with SLM)
• Manage relationships with suppliers
• Manage supplier performance
• Negotiate and agree contracts with suppliers and manage them through their lifecycle
• Maintain a supplier policy and a supporting Supplier and Contract Database (SCD)
Scope
• The Supplier Management process should include the management of all suppliers
and contracts needed to support the provision of IT services to the business. Each
service provider should have formal processes for the management of all suppliers
and contracts
Activities
• Identification of business need and preparation of the business case
• Evaluation and procurement of new contracts and suppliers
• Establish new suppliers and contracts
• Supplier and contract categorization
• Manage the supplier and contract performance
• End of term
Key Concepts
Supplier & Contracts Database (SCD)
• Ideally the SCD should form an integrated element of a comprehensive CMS or
SKMS, recording all supplier and contract details, together with details of the type of
service(s) or product(s) provided by each supplier, and all other information and
relationships with other associated CIs
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 20 of 38
PinkSCAN Processes In:
SERVICE
TRANSITION
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 21 of 38
CHANGE MANAGEMENT
Objectives
• Standardized methods and procedures are used for efficient and prompt handling of
all Changes
• All Changes to service assets and Configuration Items are recorded in the
Configuration Management System
• Overall business risk is optimized. The goals of Change Management are to:
• Respond to the customer’s changing business requirements while maximizing
value and reducing Incidents, disruption and re-work
• Respond to the business and IT Requests for Change that will align the services
with the business needs. The objective of the Change Management process is to
ensure that changes are recorded and then evaluated, authorized, prioritized,
planned, tested, implemented, documented and reviewed in a controlled manner
Scope
• The scope of Change Management covers changes to baselined service assets and
Configuration Items across the whole Service Lifecycle
• Each organization should define the Changes that lie outside the scope of their service
change process
Levels Of Activities
• Manage the process
• Manage the individual Changes
Overall Change Management activities include:
• Planning and controlling Changes
• Change and Release scheduling
• Communications
• Change decision making and Change authorization
• Ensuring there are remediation plans
• Measurement and control
• Management reporting
• Understanding the impact of Change
• Continual improvement
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 22 of 38
Typical activities in managing individual Changes are:
• Create and record the RFC
• Review RFC and change proposal
• Assess and evaluate the change
• Authorize the change
• Obtain authorization/rejection
• Plan updates
• Coordinate Change implementation
• Review and close Change
Key Concepts
Three (3) Models
• Normal Change – any Change that follows a normal Change model/flow
• Standard Change – pre-authorized
• Emergency Change – not an expedited Change due to lack of planning. Changes to
repair an error in IT service – high degree negative impact to business
Many Types/Categories Of Changes
• Service Change – any Change to a service/service component
• Strategic Change – Change to service strategies, or a Change to meet a strategic
objective
• Corrective Change – a Change to fix errors which are affecting business
Schedule Of Changes (SC)
• Schedule of authorized Changes and their proposed implementation dates
7 Rs To Assess Changes:
• Who raised it?
• What is reason?
• What is the return?
• What are the risks?
• Who are the resources required?
• Who has responsibility for build/test/implement?
• What are relationship between this change and others?
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 23 of 38
SERVICE ASSET & CONFIGURATION MANAGEMENT
Objectives
• Identify, control, record, report, audit and verify service assets and Configuration
Items, including versions, baselines, constituent components, their attributes and
relationships
• Account for, manage and protect the integrity of service assets and Configuration
Items (and, where appropriate, those of its customers) through the Service Lifecycle
by ensuring that only authorized components are used and only authorized Changes
are made
• Protect the integrity of service assets and Configuration Items (and, where
appropriate, those of its customers) through the Service Lifecycle
• Ensure the integrity of the assets and configurations required to control the services
and IT infrastructure by establishing and maintaining an accurate and complete
Configuration Management System. The goals of Configuration Management are to:
• Support the business and customer’s control objectives and requirements
• Support efficient and effective Service Management processes by providing
accurate configuration information to enable people to make decisions at the right
time, for example, to authorize Change and Releases, resolve Incidents and
Problems faster
• Minimize the number of quality and compliance issues caused by improper
configuration of services and assets
• Optimize the service assets, IT configurations, capabilities and resources. The
objective is to define and control the components of services and infrastructure
and maintain accurate configuration information on the historical, planned and
current state of the services and infrastructure
Scope
Asset Management
• Covers service assets across the whole Service Lifecycle. It provides a complete
inventory of assets and who is responsible for their control
Configuration Management
• Ensures that selected components of a complete service or product (the configuration)
are identified, baselined and maintained and that changes to them are controlled
Activities
• Management and planning
• Configuration identification
• Configuration control
• Status accounting and reporting
• Verification and audit
Key Concepts
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 24 of 38
CMS – Configuration Management System
• Architecture which includes federated CMDBs, automated discovery tools,
presentation layer, etc.
CMDB – Configuration Management Database
• A database used to store Configuration Records throughout their Lifecycle
• The Configuration Management System maintains one or more CMDBs, and each
CMDB stores attributes of CIs, and Relationships with other CIs
CI – Configuration Item
• Any component that needs to be managed in order to deliver an IT Service.
Information about each CI is recorded in a Configuration Record within the
Configuration Management System and is maintained throughout its Lifecycle by
Configuration Management. CIs are under the control of Change Management
• CIs typically include IT services, hardware, software, buildings, people, and formal
documentation such as Process documentation and SLAs
CI Types:
• Service Lifecycle – business case
• SDP etc, Service – apps., service model
• Organization – regulatory
• Internal – any internal CI
• External – sub-contract services, etc.
Logical Model
• A model, simple representation of services, assets and infrastructure, includes CI
relationships. Represents physical/operational environment
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 25 of 38
RELEASE & DEPLOYMENT MANAGEMENT
Objectives
• There are clear and comprehensive Release and Deployment plans that enable the
customer and business change projects to align their activities with these plans
• A release package can be built, installed, tested and deployed efficiently to a
deployment group or target environment successfully and on schedule
• A new or changed service and its enabling systems, technology and organization are
capable of delivering the agreed service requirements, i.e.: Utilities, warranties and
service levels
• There is minimal unpredicted impact on the production services, operations and
support organization
• Customers, users and Service Management staff are satisfied with the Service
Transition practices and outputs, e.g.: User documentation and training
Scope
• The scope of Release and Deployment Management includes the Processes, Systems
and Functions to package, build, test and deploy a Release into production and
establish the service specified in the Service Design package before final handover to
service operations
Activities
• Planning
• Preparation for build, test and deployment
• Build and test
• Service testing and pilots
• Plan and prepare for deployment
• Perform transfer, deployment and retirement
• Verify deployment
• Early life support
• Review and close a deployment
• Review and close Service Transition
Key Concepts
Release Unit
• Portion of service/infrastructure released together – aligned to Release Policy
Release Design Options:
• Phased vs. Big Bang
• Push vs. Pull
• Automation vs. Manual
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 26 of 38
Release & Deployment Models
• Approach, mechanism, processes, procedures, resources, etc., required to build and
deploy release on time and within budget. Includes release structure, release build
templates, etc.
Service V Model
• Represent configuration levels and testing
• Requirements to support design through to validation and testing
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 27 of 38
SERVICE VALIDATION & TESTING
Objective
• Provide confidence that a Release will create a new or changed service or service
offerings that deliver the expected outcomes and value for the customers within the
projected costs, capacity and constraints
• Validate that a service is ‘fit for purpose’ – it will deliver the required performance
with desired constraints removed
• Assure a service is ‘fit for use’ – it meets certain specifications under the specified
terms and conditions of use
• Confirm that the customer and stakeholder requirements for the new or changed
service are correctly defined and remedy any errors or variances early in the service
lifecycle as this is considerably cheaper than fixing errors in production
Scope
• Service Validation and Testing can be applied throughout the Service Lifecycle to
quality assure any aspect of a service and the service providers’ capability, resources
and capacity to deliver a service and/or service release successfully
• In order to validate and test an end-to-end service the interfaces to suppliers,
customers and partners are important. Service provider interface definitions define the
boundaries of the service to be tested, e.g.: Process interfaces and organizational
interfaces
Activities
• Test Management
• Plan and Design Tests
• Verify Test Plans and Test Designs
• Prepare Test Environment
• Perform Tests
• Evaluate Exit Criteria and Report
• Test Clean Up and Closure
Key Concepts
Test Strategy
• A test strategy defines the overall approach to organizing testing and allocating
testing resources. It can apply to the whole organization, a set of services or an
individual service
Test Models
• A test model includes a test plan, what is to be tested and the test scripts that define
how each element will be tested
• A test model ensures that testing is executed consistently in a repeatable way that is
effective and efficient
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 28 of 38
• The test scripts define the release test conditions, associated expected results and test
cycles
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 29 of 38
KNOWLEDGE MANAGEMENT
Objectives
• Enabling the service provider to be more efficient and improve quality of service,
increase satisfaction and reduce the cost of service
• Ensuring staff have a clear and common understanding of the value that their services
provide to customers and the ways in which benefits are realized from the use of
those services
• Ensuring that, at a given time and location, service provider staff have adequate
information
Scope
• Knowledge Management is a whole lifecycle-wide process in that it is relevant to all
lifecycle sectors and hence is referenced throughout ITIL from the perspective of
each publication
Activities
• Knowledge Management Strategy
• Knowledge Transfer
• Data and Information Management
Key Concepts
The DIKW Structure
DIKW stands for Data, Information, Knowledge and Wisdom
• Data is a set of discrete facts about events
• Information comes from providing context to data
• Knowledge is composed of the tacit experiences, ideas, insights, values and
judgments of individuals
• Wisdom gives the ultimate discernment of the material and having the application
and contextual awareness to provide a strong common sense judgment
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 30 of 38
PinkSCAN Processes In:
SERVICE
OPERATION
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 31 of 38
EVENT MANAGEMENT
Objectives
To detect events, make sense of them and determine that the appropriate control action is
provided by Event Management, thus providing the basis for operational monitoring and
control
Events Can Signify
• Regular operation, e.g.: Batch has run
• An exception, e.g.: Batch running slow, disk drive almost full
• Unusual, but not exceptional, operation, e.g.: Unauthorized access?
Scope
• Event Management can be applied to any aspect of Service Management that needs to
be controlled and which can be automated. These include:
o Configuration Items
o Environmental conditions
o Software license monitoring
o Security
o Normal activity
Activities
• Event occurs
• Event notification
• Event detection
• Event filtering
• Significance of events
• Event correlation
• Trigger
• Response selection
• Review actions
• Close event
Key Concepts
Event
• Change of state significant for management of CI or service. Notification could
be to a potential disruption
Alert
• Subset of event based on thresholds, warning – action needed
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 32 of 38
INCIDENT MANAGEMENT
Objectives
• Restore normal service operation as quickly as possible and minimize adverse impact
on business operations
• Ensure best levels of service quality and availability are maintained
Service Desk owns end-to-Incident record
Scope
• Incident Management includes any event which disrupts, or which could disrupt, a
service. This includes events which are communicated directly by users, either
through the Service Desk or through an interface from Event Management to Incident
Management tools. Incidents can also be reported and/or logged by technical staff
Activities
• Incident Identification
• Incident Logging
• Incident Categorization
• Filter out Service Requests
• Incident Prioritization
• Major Incident – separate procedure if shorter timescale and greater urgency is
needed
• Initial Diagnosis – often by Service Desk
• Hierarchical Escalation
• Functional Escalation
• Investigation and Diagnosis
• Resolution and Recovery
• Incident Closure – by Service Desk, based on user satisfaction
• Ownership, Monitoring, Tracking and Communication
Key Concepts
Incident
• It is a failure. Unplanned interruption to an IT service or service quality reduction
Timescales
• Time-stamps in process; examples include response, resolution times
Incident Model
• Pre-defining the steps that should be taken to handle a process in an agreed way
Major Incident
• Determined by policy, shorter time scales and greater urgency
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 33 of 38
REQUEST FULFILLMENT
Objectives
• To provide a channel for users to request and receive standard services for which a
pre-defined approval and qualification process exists
• To provide information to users and customers about the availability of services and
the procedure for obtaining them
• To source and deliver the components of requested standard services (e.g.: Licenses
and software media)
• To assist with general information, complaints or comments
Scope
• The process needed to fulfill a request will vary depending upon exactly what is being
requested. Some organizations will be comfortable to let the Service Requests be
handled through their Incident Management processes
• It will ultimately be up to each organization to decide and document which request it
will handle through the Request Fulfillment process and which others will have to go
through more formal Change Management
Activities
• Menu selection and request submission
• Financial approval
o Other approval
• Request logging, categorization and prioritization
• Fulfillment
• Closure
Key Concepts
Service Request
• Includes how to inquiries, request a standard service, password reset etc – often
handled by Service Desk
Request Model
• Predefined steps to handle specific service requests
• Enabled via support tools
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 34 of 38
PROBLEM MANAGEMENT
Objectives
The process responsible for managing the lifecycle of all Problems through:
• Preventing Problems and resulting Incidents from happening
• Eliminating recurring Incidents
• Minimizing the impact of Incidents that cannot be prevented
Scope
• Problem Management includes the activities required to diagnose the root cause of
Incidents and to determine the resolution to those Problems. It is also responsible for
ensuring that the resolution is implemented through the appropriate control
procedures, especially Change Management and Release Management
Problem Management consists of two major processes:
• Reactive Problem Management, which is generally executed as part of Service
Operation
• Proactive Problem Management which is initiated in Service Operation, but
generally driven as part of Continual Service Improvement
Activities
• Problem Detection
• Problem Logging
• Problem Categorization
• Prioritization
• Investigation and Diagnosis
• Raising A Known Error Record
• Problem Resolution
• Closure
• Major Problem Review
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 35 of 38
Key Concepts
Problem
• Unknown cause of one or more Incidents. Cause often known when Problem
Record created
Problem Model
• Predefined steps to deal with a particular type of Problem
Work-around
• Reduce/eliminate impact of an Incident/Problem for which a full resolution is not
yet available
Known Error
• Problem + Root Cause + Work-around = Known Error
• But, you can for informational purposes raise a Known Error when the root
cause/Work-around is unavailable
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 36 of 38
ACCESS MANAGEMENT
OBJECTIVES
Access Management provides the right for users to be able to use a service or group of
services. It is, therefore, the execution of policies and actions defined in Security and
Availability Management
• Grants authority to use a service and prevent access to non-authorized users
• Provides rights to access a service/group of services
• Execution of policies and actions defined in Security and Availability Management
SCOPE
• Access Management is effectively the execution of both Availability and Information
Security Management, in that it enables the organization to manage the confidentiality,
availability and integrity of the organization’s data and intellectual property
• Process that is executed by all Technical and Application Management functions and is it
usually not a separate function
• Can be initiated by a Service Request through the Service Desk
ACTIVITIES
• Requesting Access
• Verification
• Providing Rights
• Monitoring Identity Status
• Logging and Tracking Access
• Removing Or Restricting Rights
KEY CONCEPTS
ACCESS
• Level/extent of service functionality or data that user is entitled to use
IDENTITY
• How distinguish user as an individual
• Identity unique to user; Physical access: retina scans etc
RIGHTS/PRIVILEGES
• Actual settings – read, write, execute, admin rights etc
SERVICES/SERVICE GROUPS
• Grant access to a whole set of services – as opposed to granting it service by service
DIRECTORY SERVICES
• Tool used to manage access and rights
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 37 of 38
PinkSCAN Processes In:
CONTINUAL
SERVICE
IMPROVEMENT
ITIL Process Summary Sheets for use with PinkSCAN, November 2009 Page 38 of 38
SEVEN (7) STEP IMPROVEMENT PROCESS
OBJECTIVE
Continually define what should and can be measured. To transform raw data into a
meaningful set of corrective actions (use tools and methods throughout service lifecycle)
ACTIVITIES
• What should you measure
• What can you measure
• Gather the data
• Process the data
• Analyze the data
• Present and use the information
• Implement corrective action
Iterative: Start cycle again