Service Design

  • 739 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
739
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
0
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 1
  • 2. The Service Design book provides guidance for the design and development ofservices and processes, covering design principles and methods for convertingstrategic objectives into portfolios of services and service assets. 4 Service Catalog Management (SCM) 5 Service Level Management (SLM) 6 Supplier Management 7 Capacity Management 8 Availability Management 9 IT Service Continuity Management (ITSCM) 10 Information Security Management C Design Coordination 2 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 3. Every time a new service solution is produced, it needs to be checked against the rest of theService Portfolio to ensure that it will integrate and interface with all other services in production. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 3
  • 4. Service Design PackageBusiness Requirements Organizational Readiness AssessmentService Applicability User Acceptance CriteriaService Contracts Service ProgramService Functional Requirements Service Transition PlanService Level Requirements Service Operation PlanService Design & Topology Service Acceptance Criteria Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 4
  • 5. 5Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 6. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 6
  • 7. Service Level Agreement (SLA): (ITIL Continual Service Improvement, CSI)An agreement between an IT service provider and a customer. A SLA describes the ITservice, documents service level targets, and specifies the responsibilities of the ITservice provider and the customer. A single agreement may cover multiple IT servicesor multiple customers. (OLA) 7 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 8. Operational Level Agreement (OLA): (ITIL Service Design, SD & ITIL Continual Service Improvement, CSI)An agreement between an IT service provider and another part of the sameorganization. It supports the IT service provider’s delivery of IT services to customersand defines the goods and services to be provided and the responsibilities of bothparties. For example their could be an OLA:• Between the IT service provider and a procurement department to obtain hardware in agreed time frame• Between the service desk and a support group to provide incident resolution in agreed times 8 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 9. Underpinning Contract (UC): (ITIL Service Design, SD)A contract between service provider and a third party. The third party provides goodsand services that support delivery of an IT service to the customer. The UC definestargets and responsibilities that are required to meet agreed service level targets inone or more SLA’s. 9 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 10. Service Catalogue: (ITIL Service Design, SD)A written statement of available IT services, default levels, options, prices andidentification of which business processes or customers use them. 10 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 11. Service Level Requirements (SLR): (ITIL Service Design, SD)Detailed recording of customer’s needs, forming the design criteria for a new ormodified service. 11 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 12. Service Level Targets (SLT): (ITIL Service Design, SD, Continual Service Improvement, CSI)A commitment that is documented in a service level agreement (SLA). Service leveltargets (SLT) are based on service level requirements (SLR) , and are needed to ensurethat the IT service is able to meet business objectives. They should be SMART, and areusually based on key performance indicators (KPI). 12 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 13. SMART: (ITIL Service Design, SD, Continual Service Improvement, CSI)An acronym for helping to remember that targets in service level agreements andproject plan should be: 13 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 14. Capability: (ITIL Service Design, SD)The ability of an organization, person, process, application, IT service or other CI to carryout an activity. Capabilities are assets of an organization. Capabilities represent anorganizations ability to coordinate, control and deploy resources to produce value. 14 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 15. Configuration Item (CI): (ITIL Service Transition, ST)Any component or other service asset that needs to be managed in order to deliver an ITservice. Information about each CI is recorded in a configuration record within theConfiguration Management System (CMS) and is maintained throughout it’s lifecycleby Service Asset and Configuration Management (SACM). 15 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 16. Key Performance Indicator (KPI): (ITIL Service Design, SD & ITIL Continual Service Improvement (CSI))A metric that is used to help manage an IT service, process, plan, project or otheractivity. Key performance indicators are used to measure the achievement of criticalsuccess factors (CSF) Many metrics may be measured, but only the most important ofthese are defined as key performance indicators and used to actively manage and reporton the process, IT service or activity. They should be selected to ensure that efficiency,effectiveness and cost effectiveness are all managed. 16 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 17. Critical Success Factor (CSF):Something that must happen if an IT service, process, plan, project or other activity is tosucceed. Key performance indicators (KPI) are used to measure the achievement ofeach critical success factor.For example, a critical success of “protect IT services when making changes” could bemeasured by key performance indicators (KPI) such as “percentage reduction ofunsuccessful changes”, “percentage reduction in changes causing incidents” etc. 17 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 18. Availability: (ITIL Service Design, SD)Ability of an IT service to other configuration item to perform its agreed function whenrequired. Availability is determined by reliability, maintainability, serviceability,performance and security. Agreed Service Time (AST) - Downtime Availability (%) = Agreed Service Time (AST) Downtime is defined as the service being unavailable only during Agreed Service Time (AST) 18 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 19. Maintainability: (ITIL Service Design, SD)A measure of how quickly and effectively an IT service or other configuration item canbe restored to normal working order after a failure. Maintainability is often reported asMean Time to Restore Service (MTRS). 19 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 20. Information Security Management System (ISMS): (ITIL Service Design, SD)The framework of policy, processes, functions, standards, guidelines and tools thatensures an organization can achieve its information security management objectives. 20 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 21. Mean Time Between Failures (MTBF): (ITIL Service Design, SD)A metric for measuring and reporting reliability. MTBF is the average time that an ITservice or other configuration item can perform it’s agreed function withoutinterruption. 21 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 22. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 22
  • 23. Goal: The primary goal of Service Level Management is toensure that an agreed level of IT service is provided for allcurrent IT services, and that future services are delivered toagreed achievable targets.During the design phase SLM performs the following:• Designs and plans the SLM processes and Service Level Agreement (SLA) structure.• Determines the Service Level Requirements (SLR)• Negotiates and Agrees upon relevant Service Level Targets (SLT) with customers to produce SLA’s• Negotiates and agrees upon the support elements required by internal IT groups and External Suppliers to produce Operational Level Agreements (OLA = Internal) and Underpinning Contracts (UC = External) 23 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 24. SLA’s, OLA’s and UC’s Customers Service Level Management (SLM) Supplier ManagementOLA UC SLAInternal ExternalSupplier Supplier 24 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 25. SLA QuestionsWill the SLA structure allow flexibility in the levels of service tobe delivered to various customers?Will the SLA structure require much duplication of effort?Who will sign the SLA? 25 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 26. Service Level Agreement Structures Customer 1 Service ACustomer Based SLA 26 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 27. Service Level Agreement Structures Customer 1 Customer 2 Customer 3 Service A Service Based SLA 27 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 28. Service Level Agreement Structures Corporate Level Customer 1 Customer 2 Service A Service B1. Corporate Level – All generic issues are covered, which are the same for the entire organization. (Corporate Security Baseline: passwords, ID Cards etc.)2. Customer Level – Those issues specific to a customer can be dealt with. (Security Requirements of one or more departments within the organization are higher. Financial Department may have higher security needs.)3. Service Level – All issues relevant to a specific service (in relation to customers) can be covered. (The e-mail services for a particular department needs encryption and secure back-ups Multi-Level Based SLA 28 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 29. SLA is a written agreement between an IT service provider and the IT customers,defining the key service targets and responsibilities of both parties. SLA’s should not be used as a way to hold one side or another for ransom. A mutually beneficial agreement should be reached – otherwise the SLA could quickly fall into dispute and a “Blame Culture” could develop. SLA’s should be used as a tool for teamwork and cooperation between the IT customers and the service provider. 29 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 30. OLA is an agreement between the IT service provider and anther part of the sameorganization.OLA should contain targets that underpin those within an SLA to ensure thattargets will not be breached by an failure of supporting activities. 30 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 31. When talking about OLA, it is an agreement between the internal supportgroups of an institution that supports SLA.According to the Operational Level Agreement, each internal support group hascertain responsibilities to the other group. The OLA clearly depicts theperformance and relationship of the internal service groups.The main objective of OLA is to ensure that all the support groups provide theintended Service Level Agreement.1. Service Level Agreement focuses on the service part of the agreement, likeuptime of services and performance. On the other hand, Operational LevelAgreement is an agreement in respect to maintenance and other services.2. The Service Level Agreement is basically a contract between a serviceprovider and a customer. OLA is an agreement between the internal supportgroups of an institution that supports SLA. 31 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 32. The agreement between service provider and supplier is critical.For service provider and supplier the UC should expose risks that need to beaddressed and must be comprehensive and practical, covering a wide varietyof risks, including financial, business reputation, operational, regulatory andlegal.A comprehensive agreement minimizes the risk of disputes arising from adifference in expectations.A good UC should be adaptable and maintainable with a minimum amount ofrenegotiation. 32 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 33. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 33
  • 34. Goal – Mange suppliers and the services they supply, to provide seamless quality of IT services. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 34
  • 35. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 35
  • 36. Supplier Service Improvement Plan (SSIP): (ITIL Service Design, SD)Used to record all improvement actions and plans agreed between suppliers and serviceproviders. 36 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 37. Supplier Survey Reports: (ITIL Service Design, SD)Feedback gathered from all individuals that deal directly with suppliers throughout theirday to day roles. Results are collated and reviewed by Supplier Management to ensureconsistency in quality of service provided by suppliers in all areas. 37 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 38. Supplier & Contract Performance Reports: (ITIL Service Design, SD)Used as input for the Supplier Contract review meetings to manage the quality of theservice provided by suppliers and partners. This should include information on shared riskwhen appropriate. 38 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 39. (Supplier & Contract Database - SCD) Supplier and Contract Management Information System (SCMIS): (ITIL Service Design, SD)A set of tools, data and information that is used to support supplier management. Seealso Service Knowledge Management System (SKMS). 39 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 40. Co-Sourcing An informal combination of insourcing and outsourcing, using a number of outsourcing organizations working together to co-source key elements within the lifecycle.Partnership or Formal arrangements between two or more organizations to workMulti-Sourcing together to design, develop, transition, maintain, operate and or support IT services. The focus here tends to be on strategic partnerships that leverage critical expertise or market opportunities. Business Formal arrangements where an external organization provides and Process manages the other organizations entire business processes or functions Outsourcing in a low cost location. Common examples include: payroll and call centers. 40 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 41. Knowledge This is a new enhancement of Business Process Outsourcing, where Process external organizations provide domain based processes and expertiseOutsourcing rather then just process expertise and as such this requires advanced analytical and specialized skills from the outsourcing organization.Application Where external organizations provide shared computer based services to Service customer organizations over a network. The complexities and costs of Provision such shared software can be reduced and provided to organizations that could otherwise not justify he investment. (Example: AS400) 41 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 42. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 42
  • 43. Goal – Ensure that a service catalogue is produced,maintained and always accurate information on operational services and those ready for deployment. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 43
  • 44. Business Service CatalogueContains details of all IT services defined in the context of customers, together withrelationships to the business units and the business processes they support. Thisinformation is used to form the customer view of the service catalogue. In caseswhere the customer is a IT organization the technical view may be expanded.Technical Service CatalogueContains details of all IT services delivered to the customer. However bycompression the technical service catalogue includes records of relationships thatexist with other supporting services, shared services, components and configurationitems (CI) necessary for deliver of the service to the business. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 44
  • 45. Service Catalogue Business/Customer Service Catalogue View Business Business Business Process 1 Process 2 Process 3 Service A Service B Service C Service D Service E Support Hardware Software Network Mainframe Data ServicesTechnical Supporting Service Catalogue View Links to related Information Service Asset/Configuration Records Key = Customer facing services = Supporting services 45 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 46. Business/Customer service catalogue viewThis view contains details of all the IT services delivered to the customer.(customer facing services), together with relationships to the business units andbusiness processes. Technical/Supporting service catalogue viewThis contains details of all the supporting IT services, together withrelationships to the customer-facing services they underpin and thecomponents, CI and other supporting services necessary to provision the serviceto customers. 46 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 47. Service CatalogueWholesale Service Catalogue View Retail Service Catalogue View Wholesale Wholesale Retail Retail Customer 1 Customer 2 Customer 1 Customer 2 Service A Service B Service C Service D Service E Support Hardware Software Network Mainframe Data ServicesSupporting Service Catalogue View Links to related Information Service Asset/Configuration Records Key = Customer facing services = Supporting services 47 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 48. Wholesale customer viewThis view contains details of all the IT services delivered to the wholesalecustomer. Retail customer viewThis view contains details of all the IT services delivered to the retail customer. Technical/Supporting service catalogue viewThis contains details of all the supporting IT services, together withrelationships to the customer-facing services they underpin… Notice Service C is shared. 48 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 49. There is no single correct way to structure and deploy a service catalogue. 49 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 50. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 50
  • 51. Consequences of Reactive Behavior $$ Capacity Incident To many resources & capabilities = Increased Cost $ IncidentTo few resources & capabilities = Decreased Performance Time Needs Management Ideal Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 51
  • 52. Business Capacity Management• Manages capacity to meet future business requirements for IT services• Identifies changes occurring in the business to asses how they might impact capacity and performance of IT services.• Plans and implements sufficient capacity in an appropriate timescale• Should be included in Change Management and Project Management activates. Service Capacity Management• Focuses on managing ongoing service performance as detailed in the Service Level Agreements (SLA)• Establishes baselines and profiles for use of Services, including all components and sub-services that affect the user experience. Component Capacity Management• Identifies and manages each of the individual components of the IT infrastructure (CPU, Memory, Disks, Network Bandwidth, Server Load etc.)• Evaluates NEW technology and how it might be leveraged• Balances loads across resources for optimal performance of services. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 52
  • 53. Activities of Capacity Management Business capacity Strategic management Storage of capacity management data Management Application Modeling Activities Demand Iterative Sizing Service capacity Tactical management Component capacity Operational management Capacity Production of capacity planmanagementsub-processes Reports on all aspects of capacity management CMS 53 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 54. 1. Performance Monitoring - Measuring, monitoring and tuning performance of IT infrastructure components2. Demand Management – Short term reactive implementation of strategies considered in Service Strategy to manage current demand.3. Application Sizing – Determining the hardware or network capacity to support new or modified applications and the predicted workload.4. Modeling – Used to forecast the behavior of the infrastructure under certain conditions (e.g. if the number of users is doubled, if a network link fails)5. Tuning – Modifications made for better utilization of the current infrastructure6. Storage of Capacity Management Data7. Capacity Planning8. Reporting Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 54
  • 55. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 55
  • 56. Goal – Ensure the level of service availability delivered in allservices is matched or exceeds the current and future agreed needs of the business in a cost effective manner. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 56
  • 57. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 57
  • 58. Security (ITIL Service Design, SD)Services, systems and information should be made available to authorized users at theauthorized times (see Information Security Management and Access Management) © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 59. Reliability (ITIL Service Design, SD)Freedom from operational failures. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 60. Resilience (ITIL Service Design, SD)The ability to withstand a failure. (example: redundant components) © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 61. Maintainability (ITIL Service Design, SD)Internal; The ability of an IT component to be retained in or restored to, an operationalstate. This will be affected by the skills, knowledge and availability of IT staff, as well asvarious other ITSM tools for detecting and managing disruptions. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 62. Serviceability (ITIL Service Design, SD)External; The contractual arrangements made with external suppliers that documenttheir obligations for supporting the availability of services. Measured by Availability,Reliability and Maintainability of IT services and components under the control of theexternal suppliers. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 63. Vital Business Function (ITIL Service Design, SD)The business critical elements of the business process supported by an IT service.Typically this will be where more effort and investments will be spent to protect thesevital business functions. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 64. 30 Minute Outage 60 Minute OutageCreated by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 64
  • 65. 1. 30 Minute outage during peak hours, overtime being paid to staff, urgent report being required.2. 60 Minute outage on a weekend, holiday, off-peak hours, when the service was not required3. 30 Minute outage of critical IT services4. 60 Minute outage of non-critical IT services5. 30 Minute unplanned outage6. 60 Minute planned outage (maintannce) Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 65
  • 66. Mean Time between Failures (MTBF) or UptimeAverage time between the recovery from one incident and the occurrence of thenext incident, this relates to the reliability of the service.Mean Time to Restore Service (MTRS) or DowntimeAverage time taken to restore a CI or IT service after a failureThis is measured from the time when the CI or IT service fails until it is FULLYrestored and is able to deliver normal functionality.Mean Time Between Service Incidents (MTBSI)Average time between the occurrence of two consecutive incidentsSum of MTRS + MTBFHigh Ratio of MTBF / MTBSI indicates there are many minor faults.Low Ratio of MTBF / MTBSI indicates there are many major faults. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 66
  • 67. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 67
  • 68. Goal – Disaster recovery planning Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 68
  • 69. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 69
  • 70. Disaster (ITIL Service Design, SD)NOT part of the daily activities and requires a separate system. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 71. Business Continuity Management (BCM) (ITIL Service Design, SD)Strategies and actions to take place to continue Business Processes in the case of adisaster. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 72. Business Impact Analysis(BIA) (ITIL Service Design, SD)Quantifies the impact of loss of IT services would have on the business. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 73. Risk Assessment (ITIL Service Design, SD)Evaluates Assets, threats and vulnerabilities that exist to business processes, ITservices, IT and infrastructure and other assets. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 74. Counter Measure (ITIL Service Design, SD)Measures to prevent or recover from a disaster. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 75. Manual Workaround (ITIL Service Design, SD)Using Non-IT based solutions to overcome a IT service disruption. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 76. Gradual Recovery (ITIL Service Design, SD)Aka Cold Standby or Cold Site (> 72 Hours to recover from a disaster) © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 77. Intermediate Recovery (ITIL Service Design, SD)Aka Warm Standby or Warm Site (24 - 72 Hours to recover from a disaster) © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 78. Immediate Recovery (ITIL Service Design, SD)Aka Hot Standby or Hot Site (>24 Hours to recover from a disaster, usually implies 1-2hours to recover from disaster.) © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 79. The recovery site should be a minimum of 35 Miles from the organizations main site. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 80. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 80
  • 81. Stage 1 Define Scope of BCMInitiation Business Impact AnalysisStage 2Requirements Risk Assessment& Strategy Business Continuity Strategy Organization Imp. & PlanningStage 3 Stand-by arrangements and Risk Reduction MeasuresImplementation Recovery plans and procedures Initial TestingStage 3OperationalManagement Assurance © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 82. Goal – Security is present and aligned with the business needs. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 82
  • 83. Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved 83
  • 84. Availability (ITIL Service Design, SD)Ability of an IT service to other configuration item to perform its agreed function whenrequired. Availability is determined by reliability, maintainability, serviceability,performance and security. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 85. Confidentiality (ITIL Service Design, SD)A security principle that requires that data should only be accessed by authorized people. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 86. Integrity (ITIL Service Design, SD)A security principle that ensures data and CI’s are modified only by authorized personneland activities. Integrity considers all possible causes of modification, including softwareand hardware failures, environmental events and human intervention. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 87. Security Baseline (ITIL Service Design, SD)The security level adopted by the IT organization for its own security and from the pointof view of “Good Diligence”Possible to have multiple baselines © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 88. Security Incident (ITIL Service Design, SD)Any incident that may interfere with achieving the SLA security requirements;materialization of a threat © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 89. Information Security Management (ISM) (ITIL Service Design, SD)The process responsible for ensuring that the confidentiality, integrity and availability(CIA Triangle) of an organization’s assets, information, data and IT service match theagreed needs of the business. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 90. Security Policy External Influence Business Drivers Risk Analysis Planning Operational MeasuresEvaluation and Audit © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 91. © Crown copyright 2011. Reproduced under license from OGC. - Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 92. Information Security Control Process 92 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 93. 4 P’s People Products /Processes Technology Partners / Suppliers 93 Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved
  • 94. 94Created by PelegIT, Ltd. – www.pelegit.com, - All Rights Reserved