Your SlideShare is downloading. ×
ITIL: The Trend for Principled IT Service Delivery
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

ITIL: The Trend for Principled IT Service Delivery


Published on

Published in: Business
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. //best.practices ITIL: The Trend direction of rotation for Principled 3. Check 2. Do IT Service 4. Act 1. Plan Delivery By Thibault Dambrine Quality Assurance The Deming Wheel T he ability to spot new trends early is a key quality to business survival. Information Technology (IT) in itself is a fast-changing business sector. Staying on the leading 1. PLAN Design or revise business process components to improve results. edge of major IT trends can be a challenge, but it can also make a big difference for employability over the course 2. DO Implement the plan and measure its performance. of one’s career. Today, one of the trends to watch for in IT is 3. CHECK Assess the measurements and report the results to decision makers. simply known as ITIL. A tsunami of sorts, ITIL is not making 4. ACT Decide on changes needed to improve the process. much noise right now. When it hits the shores of your IT department however, you may want to be ready and know Figure 1. what ITIL is all about. What is ITIL? In a nutshell, the general aim of ITIL is to create a “best practice in IT Service Management” (ITSM). In 3) While remaining a copyright of the British government, the ’80s, the quality of the IT services provided to the British ITIL belongs to public domain. This is important, because the government was such that something had to be done. In method is basically free. All companies who want to use ITIL reaction to this situation, the Office of Government Commerce can do so. (OGC) developed a framework of best practices with the aim of providing a cost-efficient way to manage IT resources. Thus was ITIL 101 born the “IT Infrastructure Library,” or ITIL. Since then, this ITIL can be described as an adaptation of a concept known framework has evolved into its second iteration, and the third as the “Deming Wheel,” applied to IT service delivery. The is planned for late 2006 or early 2007. author of this concept, W. Edward Deming, is associated with Since being published, ITIL has proved useful for many the rise of Japan as a manufacturing nation. He is also the organizations beyond government. At the heart of ITIL are a father of “Continuous Improvement” – the foundation for Total number of processes supported by a new category of software Quality Management (TQM). The Deming System prescribes a packages specifically designed with ITIL in mind. cycle of improvement. (See Figure 1.) Three easily identifiable factors explain the recent ITIL In its quest for quality IT service, ITIL gives a detailed adoption spurt in North America: description of a number of specific activities, which together 1) ITIL is considered a mature and well accepted IT constitute a best practice method to deliver IT. These processes Service Management set of best practices. With 20 years under and functions are published in a series of books, each covering its belt and the UK government stamp of approval, it’s a safe bet a sub-area of IT management. for any company to at least consider ITIL. If you open an ITIL book, you’ll notice that IT support 2) ITIL, in its methods of documenting and controlling processes are divided into two streams: service support and change, makes every system change auditable. In the U.S., the service delivery. Service support generally concentrates on day- Sarbanes-Oxley law now requires stringent auditing that covers to-day operations, while service delivery looks at the longer- IT. In Canada, the Ontario legislature enacted Bill 198, which term planning activities of IT service provision. (See Figure 2.) empowers the Ontario Securities Commission to enforce similar With this clear division, it’s easy to see the “end in mind” for rules as Sarbanes-Oxley. With this backdrop, the timing is good each process. for ITIL. This is a mature, credible process for managing IT. On The service desk function is the point of application where top of strong IT governance, ITIL provides the necessary base service support (tactical and operational processes) meets the of data to satisfy most Sarbanes-Oxley/Bill 198 requirements. service delivery (strategic, longer term view processes). Some IT professionals argue that the massive auditing market From informal observation, one can see that in most suddenly born as a result of these new laws may not be motivated cases, the methods used in the average IT department are not only by the urge to guard the truth and protect investors, but very different from what ITIL recommends. Non-ITIL shops after Enron and WorldCom, there is no turning back. simply tend not to be as formal, organized, and documented. 18 COMMON.CONNECT – October 2006
  • 2. What ITIL does is not only identify all aware of what is expected from it and Availability Management aims skills and task requirements, but also what it provides, it is better able to plan, to optimize the capability of the IT prescribe responsibilities for each role budget and manage its services. infrastructure to support and deliver and function. Below is a summary for Financial Management for IT a cost-effective and sustained level of the service desk function (the only Services aims to assist the internal IT availability, as agreed upon in the SLA. “function” described as such in ITIL) organization with the cost-effective Security Management has two followed by service support and service management of the IT resources required objectives: To meet the security delivery processes: for the provision of services. For this requirements of the Service Level reason, the process breaks down IT service Agreements and external requirements Service Desk Function costs and associates them with the various defined by contracts, legislation, and The objective of the service desk services provided. In this way, it supports externally imposed policies; and is to act as the central point of contact management decisions with respect to to provide a basic level of security, between the user and IT service IT investment, and encourages the cost- independent of external requirements. management. It’s the convergence aware use of IT facilities and services. point for service delivery and service Capacity Management should ITIL Service Support Processes support. Responsibilities include: consistently provide the required IT (Tactical, Operational) • To receive and record all resources at the right time (when they Configuration Management aims to calls from users directed to IT; are needed) and at the right cost, aligned assist with managing the economic value • To provide initial with current and future requirements of of the IT services including customer assessment of all the business. Thus, capacity management requirements, quality and costs. This incoming incidents; must understand the expected business is done by maintaining a logical model • To monitor and escalate developments affecting customers, as of the IT infrastructure and IT services incidents, according to well as anticipate technical developments. and providing information on the IT agreed service levels; and This process plays an important role in infrastructure and internal relationships • To keep users informed on determining IT return on investment between configuration items (CI) to status and progress of tasks. and cost justification. other business and ITIL processes. IT Service Continuity Manage- The narrow definition of configura- ITIL Service Delivery Processes ment (ITSCM) aspires to support the tion management is restricted to: (Strategic, Longer Term) overall business continuity manage- • Keeping reliable and detailed Service Level Management aims to ment. Its goal is to ensure that required records of IT components, ensure that the IT services required by the IT infrastructure and services, including configuration items (CIs), and customer are continuously maintained support and the service desk, can be re- services provided by IT and improved. This is achieved by stored within specified time limits after a • Providing accurate information agreeing, monitoring, and reporting on disaster or a disruption. Its scope must be and documentation to support other the performance of the IT organization. defined on the basis of the business ob- service management processes In addition, it contributes in creating an jectives. When assessing risks to business effective business relationship between continuity, decisions need to be made as Configuration items (CIs) typically the IT organization and its customers. to whether they are within or outside the fall under the following: Because the IT organization is more scope of the ITSCM process. • Hardware • Software  Service Support Processes Service Delivery Processes Configuration Management Service Level Management Incident Management Service Desk FUNCTION Financial Management for IT Services Problem Management (Note: this is a function, not a process) Capacity Management Change Management IT Service Continuity Management Release Management Availability Management Figure 2. Security Management Notes on the processes: • Configuration management appears after problem management in the original order of the service support processes. • Security management is placed under the service delivery process header. This process is not consistently in this area, and this may change with the next version of ITIL. • Quality Assurance is not (yet) recognized as a formal process in ITIL. The topic of software quality is briefly mentioned in several processes, but ITIL gives formal Quality Assurance only cursory recognition. 19 October 2006 – COMMON.CONNECT
  • 3. • Procedures existing or potential incidents in one or more CIs. • Documentation To find the root cause of a problem, ITIL prescribes problem • People (or functions – actually fulfilled by people) resolution techniques such as: 1. Restatement of the problem; Most configuration management database (CMDB) prod- 2. Ishikawa Diagrams (fishbone diagrams); and ucts on the market today have the ability to store much more 3. Kepner and Tregoe root cause analysis (detailed below) than computing asset information. There is an emerging class of a. Prepare a decision statement having both an action software commonly recognized as IT service management soft- and a result component ware or ITSM, which aims to fill the growing demand to satisfy b. Establish strategic requirements (musts), operational ITIL CMDB requirements. ITSM soft- objectives (wants), and restraints ware packages typically treat the CMDB (limits) as a subset of a larger ITIL offering, and c. Rank objectives and assign relative will contain the following modules: weights • Incident management d. Generate alternatives • Problem management e. Assign a relative score for each • CMDB (CIs) alternative on an objective-by-objective • Service level management and basis underpinning contract management f. Calculate a weighted score for each alternative and identify the top two or Occasionally, ITIL software vendor three Webinars and literature issue “buyer g. List adverse consequences for each beware” statements aimed at competitors. top alternative and evaluate probability Essentially, they claim that to get to the (high, medium, low) and severity (high, hot new CMDB/ITMS market, other medium, low) vendors slap existing software with h. Make a final, single choice between CMDB or ITSM labels just to get a foot top alternatives in the door. Like any other major IT Figure 3. investment, this type of purchase has to Once the underlying cause be well researched. and workaround or correction is identified, the problem The critical factor for success in configuration management becomes a known error. At this point, a Request for is that the information contained within should be accurate and Change (RFC) can be issued to resolve the problem. up to date. Auditing is a necessary component to achieve this Problem Management: The objective of problem goal. This means you must strictly enforce change management management is to resolve the root cause of incidents and and release management, and that you should always have a consequently prevent incidents from recurring. It includes pro- stakeholder in the information recorded on individual configu- active and reactive activities: ration items. Another important factor for successful CMDB • Pro-active problem management aims to prevent implementation is to carefully consider the depth and scope of incidents from recurring by identifying weaknesses in the the CIs tracked within. The most common pitfall is to try to infrastructure and making proposals to eliminate them. track too much, too deep, too early in the CMDB implementa- • Reactive problem management aims to identify the tion. These problems typically lead to inaccurate data in the root cause of past incidents and present proposals for CMDB, with consequences ranging from ill-informed decision- improvements or rectification. making to the complete breakdown of an ITIL initiative. Corrective Build/Buy Looking at the diagram in Figure 3 (courtesy of ITIL), one Measures can clearly see that all events eventually end up as a recorded Change Innovation Management item in the CMDB. Improvement (Plan) Incident Management Objective aims to restore normal Change service level as defined in the SLA. In case of any disruption, service should be restored as soon as possible, with the small- est possible impact on the business activity, the organization, Problem Configuration Release Management Management Management and the users. Incident management needs to keep track of (Act) (Register) (Do) incidents so that it can measure and improve the process, provide appropriate information to other service manage- ment processes, and properly report on resolution progress. Incident This is done with the help of the CMDB. Management Analyze (Check) Where the cause of an incident is not identifiable and Evaluate Install investigation is warranted, a problem record is raised. In ITIL, a problem is defined as the unknown root cause of one or more Figure 4. 20 COMMON.CONNECT – October 2006
  • 4. Change Management: The objec- Release Management manages control of change management tive of change management is to ensure and distributes software and hardware and supported by configuration that standard methods and procedures versions used for production. The management. A release may include are used, so that changes can be dealt with objectives for release management a number of related CIs including quickly, with the lowest possible impact include: documentation such as reports, plans, on service quality. All changes should be • Planning, coordinating and user and support manuals; traceable. In effect, change management and implementing software and • Ensuring that the original operates like a thermostatic control be- hardware; copies of software are securely tween flexibility (allowing changes which • Designing and implementing stored in the definitive software may lead to errors) and stability (allow- efficient procedures for the library (DSL) and that the CMDB ing changes to remedy errors). Corrective distribution and installation of is updated. The same rules apply measures reduce the number of incidents, changes to IT systems; with respect to another ITIL as a result of which the pressure of emer- • Ensuring that the hardware concept, the definitive hardware gency work will also fall. and software related to changes store (DHS), a secure area holding This is where the Deming Wheel are traceable, secure, and that only spare definitive hardware CIs that principle applies in ITIL. Figure 4 correct, authorized, and tested make up part of a release. represents how the Deming Plan-Do- versions are installed; Check-Act cycle is used in the context • Communicating with users ITIL: The Big Picture of the ITIL change management and considering their expectations Imagine for a minute that your email process. ITIL motto for change ’s during the planning and rollout of server went down on a Monday morning. management is “Not every change is an new releases; You have no idea how long this outage will improvement, but every improvement • Determining the composition last or how deep the problem is. You ask is a change.” With this in mind, a lot and planning of a rollout, together yourself, “How long could the company of effort is taken in the ITIL model with change management; survive without email services?” “How to introduce change with care, to • Implementing new software much business is lost every hour that it maintain and promote the quality of releases and hardware in the cannot communicate with the rest of the service provided by IT. operational infrastructure, under connected world?” These simple questions  21 October 2006 – COMMON.CONNECT
  • 5. TEC ‘007 Education: Shaken not stirred exemplify why IT service management has become so critical to running any type of business today. without sponsorship at the very top of the organization and at every level of IT leadership. Failed ITIL In the ITIL model, the service desk implementations are less publicized represents the face of IT for the user than the successful ones, but they community. All incidents, requests for do exist. For all these reasons, change, or even complaints for IT are implementing ITIL could be likened funneled through the service desk. All to a marathon more than a sprint. It is escalations start from this point, at a definitely not a quick fix solution. rate driven by the SLA. From there, if You may have noticed by now the underlying reason for the incident that the ITIL methodology is one is unknown, problem management that has strict definitions and a lot takes over. If a problem is identified of acronyms. One could imagine an and a work-around is determined, the ITIL consultant having an ITIL-talk problem becomes a known error until conversation: “Does Your CMDB have it is resolved. At this point, a Request a consistent CFIA format for every CI?” for Change (RFC) will be issued to This sentence translates to “Does your implement a permanent fix. This RFC Configuration Management Database will go through change management to have a consistent Component failure ensure it conforms to the agreed-upon impact analysis for every Configuration service requirements. Note that the Item?” You need to know what each of incident, the problem and its resolution, these terms refers to if you want to make the RFC, and related information are all sense out of the sentence. recorded individually in the CMDB. My point here is that ITIL has Conversely, the CI and CI relation- a language of its own. It’s nothing to Are you ship information stored in the CMDB be overwhelmed by, but it must be licensed can be useful to resolve problems. The CMDB incident tracking information learned. One useful aspect of a standard vocabulary is clear communication. to skill? can also be used for trending analy- Also, if you implement ITIL and hire an sis and understanding not only where ITIL person, this person is likely to speak Plan to attend TEC ‘007, TUG’s the problems are but also to help iden- in the same terms as your organization, annual three-day secret Technical tify what pre-emptive corrective actions with obvious benefits. In the same way, Education Conference & Showcase could save work or avoid future prob- member companies of ITIL user groups at the Sheraton Parkway Hotel, lems. Having detailed documentation on can compare apples with apples, oranges Richmond Hill, Ontario all incidents well classified in a database with oranges. A well-documented April 17 – 19, 2007. can enable IT management to discover glossary of ITIL terms can be found at: The conference includes: two full without guessing where problems origi- days of tutorials, plus hands-on nate from and where improvements may aspx?product=glossariesacronyms labs on Day 3 · complimentary have the most impact. Another thing to be aware of is lunch at the Vendor Showcase · With ITIL growing in the IT hype that on the road to ITIL Nirvana, your sit-down luncheon at the Keynote and awareness index, one should company may encounter boundless Address · optional Executive remember that it is not a silver bullet. offers for help from high-priced Breakfast · certification exams · Learning and implementing ITIL takes consulting firms, some of them good, top-drawer speakers · technical & time and effort. Because of the level some of them questionable. ITIL being professional development topics · of effort required, implementing ITIL a complex methodology to implement, and special agent handouts from is nearly impossible to accomplish this is not surprising. The only advice I Q-branch. Credits: Sign-up any time before Oct. 31, • ITIL squared colored pins are ITIL trademarks. • ITIL material reproduced from the IT Service Management Forum book and from the and receive the “double-oh-agent Foundations of IT Service Management based on ITIL book. double-early-bird” discount! • ITIL relationship to ISO-20000 taken from (Regular Price: US$825) • ITIL graphic diagram reproduced with permission of Blue Turtle Technologies. Discount Price: US$675 • asp?subA=true&SubBA=C. • Francois Lafortune (ITIL Manager) proofread this article for ITIL accuracy. Contact Miss • The Office of Government Commerce (OGC) was originally known as the Central Wendepenny Computer and Telecommunications Agency (CCTA). You may find references to both at the TUG office: names when you research ITIL. 905-607-2546, TORONTO USERS GROUP for System i COMMON.CONNECT – October 2006
  • 6. can give here is to shop around. From measurable standards at the corporate ITIL Information Sources experience, ITIL expert consulting is level before granting a certification. The article “Guidelines for Creating a Service typically expensive, but not all ITIL Like any other ISO certification, one Desk Based on ITIL Initiatives” by Elizabeth experts provide equal value. can expect that the process to reach ISO- Ferrarini, posted on www.enterpriseleadership. 20000 as a corporation will require audits org, gives some insight with the story of several Relationships: high-profile successful ITIL implementations: ISO-20000, ITIL and Procedures and expenses that may go beyond the cost • Procter and Gamble claims ITIL- of simply going ITIL. This may be justified driven savings of USD $500 m since for software firms but perhaps not for the implementation Achieve This ISO-20000-1 majority of companies who simply use IT • Caterpillar claims the ITIL team Specification found that internal service providers ISO-20000-2 Management Overview as one of many services. couldn’t meet the target response time Code of Practice Beyond this, one should be aware of 30 minutes between 60 percent and ITIL Infrastructure Library Process Definition that ITIL is not the only IT best practice 70 percent of the time. Now service method. Three of the more well known providers surpass the 90 percent mark Deployed Solution For more information on ITIL, In-House Procedures methods are Control Objectives for visit the following sites: Figure 5. Information and related Technologies (COBIT), Dynamic Systems Certifications — Development Method (DSDM) and Where Does ITIL Fit in? the more recent IT Control Objectives Technology_Infrastructure_Library In the discipline of project for Sarbanes-Oxley (ITCO). There are management, the Project Management many others. Professional (PMP) certification has Following are some details on the It consists of two hand-written case study changed the way companies hire project three levels of ITIL certification that based essays. ITIL Managers typically managers. PMP-certified professionals all can be taken. (Each certificate has an command premium hourly rates, in part use the same terminology, understand the associated symbol.) because there are simply not that many same definitions, and work with the same The Foundations Certificate people who hold this title. No doubt, the methods. Project managers who are PMP- in IT Service Management (ITIL high dollar and effort level necessary to certified tend to get PM jobs ahead of ones Foundations – green symbol) aims challenge this certification contributes to who are not. See for yourself. Take a look to ensure understanding of the basic the rarity. at any A-list North American Internet- terms, concepts, and relationships Using ITIL to manage IT service delivery based job site. See how many results you between ITIL processes. This is proving itself and gaining momentum. can get by simply typing “PMP Now try .” certification is intended for Adoption of ITIL is reaching critical mass entering “ITIL and see how many jobs ” people working in the field of in North America. Over and above being come up. You may be surprised by the IT service management and is a good fit for Sarbanes-Oxley/Bill 198 number of results and the diversity in a prerequisite for the Practitioner and requirements, the over-arching reason for types of jobs. At the rate of adoption ITIL Manager Certificates. this success is simply better service delivery is showing, it’s a matter of time before The Practitioner Certificate in IT for less money. It all adds up to two words: all IT professionals will be required to Service Management (ITIL Practitioner competitive advantage. have some form of ITIL or ITIL-like best – blue symbol) ensures practical Copyright ©2006 Tylogix Inc. All rights reserved. practice knowledge, experience or even knowledge is well understood in the certification as a base requirement. specialized aspects of one of the ITIL offers three levels of personal ITIL processes. This certification About the Author ITIL certification: Foundation, is intended for people who Thibault Dambrine works for Shell Practitioner and Manager. Note that have the responsibility in one Canada Limited as a senior systems ITIL doesn’t evaluate how the methods or more of the processes in IT Service analyst. He holds the ITIL Foundations taught in these certifications are Management. as well as the Release and Control actually implemented. To get an ITSM The Manager Certificate in IT Practitioner’s Certificates. His past implementation certification, the ISO- Service Management (ITIL Service articles can be found on 20000 corporate certification is the Management – red symbol) is a credential closest fit. that certifies knowledge of To give some perspective on the ITIL implementation and difference between ITIL individual management techniques. This certifications and ISO-20000 corporate certification is for managers and certification, Figure 5 (taken from consultants in IT Service Management, especially those who are involved in illustrates ITIL relative position. While ’s implementing ITIL or advising on ITIL is all about processes and best ITIL. The ITIL Manager’s exam has a practices, ISO certifications enforce reputation for being difficult to challenge. 23 October 2006 – COMMON.CONNECT