ITIL Essentials (Foundation) Course Aroonrat Chinwonno Sakul Tunboonek - PowerPoint PPT Presentation

1 / 116
About This Presentation
Title:

ITIL Essentials (Foundation) Course Aroonrat Chinwonno Sakul Tunboonek

Description:

Microsoft 'ADOPT and ADAPT' ITIL into its Microsoft's Operations ... Security Mgnt. ITIL Essentials (Foundations) Oct 14, 2006. 03-23-05. Oct 14, 2006. page 10 ... – PowerPoint PPT presentation

Number of Views:772
Avg rating:3.0/5.0
Slides: 117
Provided by: milesne
Category:

less

Transcript and Presenter's Notes

Title: ITIL Essentials (Foundation) Course Aroonrat Chinwonno Sakul Tunboonek


1
ITIL Essentials (Foundation) CourseAroonrat
ChinwonnoSakul Tunboonek
2
What is ITIL ?
  • ITIL (Information Technology Infrastructure
    Library) is
  • Documentation for IT Server Management Best
    Practice
  • Framework for any IT organization to develop its
    support model
  • ITIL is NOT a technology specific
  • ITIL has been well established in UK and Europe,
    and was used as a groundwork in developing
    BS15000/ISO20000
  • BS15000/ISO20000 is (the first) worldwide
    standard for IT service management
  • ITIL recommends ADOPT AND ADAPT approach

3
What companies ADOPT and ADAPT ITIL ?
  • Microsoft ADOPT and ADAPT ITIL into its
    Microsofts Operations Framework (MOF)
  • HP ADOPT and ADAPT ITIL into its HPs IT
    Service Management Reference Model
  • In US, implementing of ITIL provides an
    acceptable structure to meet many of
    Sarbanes-Oxley Act audit requirements
  • Many companies are now regularly requesting ITIL
    compliance in bids and requests for service
    improvement
  • Forrester Research reports that 13 of
    corporations with revenue exceeding 1 billion
    had adopted ITIL by the end of 2005. By late
    2006, that will have expanded to 40, then to as
    high as 80 by 2008.

4
What ITIL can mean to us ?
  • Understand what ITIL is
  • What are the (ITM Objectives) we want to
    implement ITIL

To reduce unexpected system downtime - Implement Change Mgnt to ensure that system changes are properly plan - Implement Incident Mgnt to ensure minimum business impact - Implement Problem Mgnt to develop known error database
To increase user satisfaction level - Implement Service Desk SPOC with SLA , and metric
To find more time to do IT planning (80/20), Difficult to get control Implement ITIL as a whole Each module is able to be measured You cannot control what you cannot measure.
  • However the ultimate is to serve the Corporate
    Business goals (CEO) to
  • Increase efficiency and create value to Business
  • Reduce cost

5
ITIL Elements
  • Service Support concentrates on day to day
    operation and support
  • Service Delivery looks at planning and
    improvement of IT service

Service Support Service Delivery
Service Desk SLM
Incident Mgnt Financial Mgnt
Problem Mgnt Capacity Mgnt
Configuration Mgnt IT Service Cont Mgnt
Change Mgnt Availability Mgnt
Release Mgnt Security Mgnt
6
Standard Definitions
  • Customer recipient of a service usually
    Customer management has responsibility for the
    funding of the service
  • Provider the unit responsibility for the
    provision of IT services
  • Supplier a 3rd party responsible for supplying
    or supporting of underpinning elements of the IT
    services
  • User the person using the service on a daily
    basis

7
  • What questions do you have?

8
ITIL Essentials (Foundations) Course
  • First Part Service Support

9
Service Delivery Agenda
Service Support Service Delivery
Service Desk SLM
Incident Mgnt Financial Mgnt
Problem Mgnt Capacity Mgnt
Configuration Mgnt IT Service Cont Mgnt
Change Mgnt Availability Mgnt
Release Mgnt Security Mgnt
10
Service Desk
11
Service Desk - Roles
  • ITIL views Service Desk as a Vital function
    rather than as a process
  • Service Desk is the Central Point of Contact
    between users and the IT service model
  • A first positive or negative impression is
    perceived upon Service Desk performance and
    attitude
  • Service Desk in ITIL is more than just a
    Helpdesk. Service Desk has broader role of the
    front line support with more organizations
    looking to radically increase the percentage of
    calls closed at first point of contact FIXED ON
    FIRST -

12
Service Desk - Responsibilities
  • Receive and Record all calls from Users (a ticket
    created) deal directly with simple requests and
    complaints - Incident calls - Service
    requests - IT service information, FAQ such as
    how to order equipment, how to request a
    software installation
  • Provide initial assessment of all incidents make
    first attempt at Incident resolution and/or
    escalate to 2nd level support, based on agreed
    SLA
  • Once escalated, monitor the tickets according to
    SLAand Keep users informed on the status and
    progress

13
Service Desk - Responsibilities
  • Produce Service Desk Management reports
  • Highlighting user requirements such as training
    to assist with service improvement
  • Perform basic operational functions such as
    password resets, backup and restore
  • Perform Infrastructure monitoring such as Data
    Center environmental check, System backup status,
    Server-LAN-WAN status (receiving alerts from
    automated tools)

14
Service Desk - Tools
  • Remedy (BMC), Tivoli (IBM), Openview (HP)
  • Knowledge base
  • ACD (Automated Call Distribution)
  • IVR (Interactive Voice Response)

15
Service Desk - Types
  • Local Service Desk- Distributed Service Desk on
    each site
  • Central Service Desk- Centralized, or Regional
    Helpdesk
  • Virtual Service Desk- Global, Follow the Sun
    concept

16
  • What questions do you have?

17
Incident Management
18
Incident Management
  • Purpose
  • To restore normal service operation as quickly as
    possible with minimal disruption to the business
  • Definition
  • Incident is an event which is not part of
    standard operation service and cause interruption
    or reduction in quality of service
  • Incident Management process is usually owned by
    Service Desk ,and later can transferred to
    Incident Manager (IM)

19
Incident Management
  • Incident Priorities ITIL defines
  • Priority Urgency Impact
  • Urgency How soon the problem needs resolution
  • Impact How many or how large business service
    is effected
  • Priority in many practical term is called
    Severity

20
Incident Management Severity Level
  • ltltCompany NamegtgtIncident Severity Definition

Incident Manager (IM) should be identified and
on board to take over the Sev1 and/or Sev2
incidents
21
Incident Management Incident Manager
  • IMs roles
  • Arrange a formal meeting of Support Group which
    are usually Problem Management, and Service Desk
    teams
  • Make common understanding of this incident
    management objectives
  • To restore the service ASAP (also communicate
    SLA)
  • To minimize the business disruption (consider
    workaround)
  • Arrange any additional resources if required
  • Be a communicator between Support Group and the
    Customer, so that the Support Group do not
    receive mixed directions

22
Incident Management - Escalation
  • There are 2 types of escalation
  • Functional escalation involving more specialist
    to help
  • Hierarchical escalation means a vertical move
    is made through the organization because the
    authority are required

23
  • What questions do you have?

24
Problem Management
25
Problem Management
  • Purpose
  • To minimize the adverse effect on the business of
    Incidents and problems cause by error in the
    infrastructure
  • To proactively prevent the occurrence of
    incidents and problems
  • Role
  • - To diagnose the root cause of the incidents and
    to identify a permanent solution
  • Definition
  • Incident is an abnormal event which cause
    interrupt or impact
  • Problem is an Unknown underlying cause of the
    incident
  • Known Error is an problem which root cause has
    been determined

26
Problem Management - Definition
Error in Infrastructure Incident is an abnormal
event which cause interrupt or impact Problem A
problem describes an undesirable situation,
indicating the unknown root cause of the
Incident Known Error A known error is a problem
whose root cause has been determined Request
for Change (RFC) An RFC proposes a change. Eg. To
eliminate the known error
27
Problem Management Responsibilities
  • Identify problems
  • Investigate problems to resolution or error
    identification
  • Raise RFC to clear error
  • Advise IM of workaround for incidents for known
    errors
  • Assist in Major incident to identify root cause
  • Prevent the replication of problems across
    multiple system

28
Problem Management
  • Problem Control Focus on transforming Problems
    into Known Error
  • Error Control Focus on resolving Known errors
    via the Change Management process

IncidentManagement
ConfigurationManagement
Service LevelManagement
AvailabilityManagement
Information
Problem Management Problem Control -gt Error
Control
Workaround
RFC
Change Management
29
  • What questions do you have?

30
Configuration Management
31
Configuration Management
  • Asset Management
  • Assurance the recorded CIs (Configuration Item)
    from receipt to disposal
  • Not only Asset Management but also provide
    relationship among CIs
  • CMDB (Configuration Management Database) is a
    single repository of information will be accessed
    across the Service Management process, and is a
    major driver of consistency between processes

32
Configuration Management
  • Remedy ITSM 6.0
  • Remedy Helpdesk 5.6
  • Remedy Asset Management 5.6
  • Remedy Change Management 5.6
  • Remedy SLA 5.6
  • BMC Atrium 6.3 CDMB

33
Configuration Management
  • Configuration Baseline
  • is a configuration of a system established at a
    specific point in time, and capturing both
    structure and details
  • Created first time as a baseline
  • Updated of CIs affected as changed by RFC
  • Use as a point to fall back to if things go wrong

34
Configuration Management Relationship with
others
ERROR
INCIDENT
PROBLEM
KNOWN ERROR
CDMB
RFC
CHANGE AUTHORIZED
CHANGE IMPLEMENTED
35
  • What questions do you have?

36
Change Management
37
Change Management
  • Purpose
  • To ensure that standardize method and procedure
    are used to handle all changes in order to
    minimize the impact of change-related incidents,
    and the improve the day-to-day operation of the
    organizations
  • Input of RFC
  • Required resolution of an incident or problem
  • A proposed to add/change/remove a CI
  • A proposed to upgrade the infrastructure
  • Changes in business requirement or Policy
  • Product or service changes from vendors/suppliers

38
Change Management - Roles
  • Change Manager Roles
  • Receive, Log, Assign priority to RFCs
  • Reject RFCs which are impractical
  • Consolidate, issue agenda of RFCs to CAB
  • Chair CAB meeting
  • Update authorized change status (post
    implementation)
  • Produce Change Management report
  • CAB (Change Advisory Board) Roles
  • Review RFCs, ensure to evaluate of RFCs impact,
    implementation plan, resource plan, UAT, and
    Rollback plan
  • Provide approval or not approval for the RFCs

39
Change Management - Types
  • Standard pre-approved Changes
  • An accepted solution to an identifiable and
    relatively common set of requirements, where
    authority is effectively in advance of
    implementation. E.g. setting up access profiles
    for a new employee
  • Urgent Changes
  • A change that requires immediate action in the
    managed IT environment and cannot be executed
    through the normal change/authorization process
  • Most of urgent changes are reactive changes E.g.
    Urgent RFCs from Problem Management to fix error
    (during the incidents)IT organization should
    also identify process to handle such urgent
    change such as who can be CAB to approve the
    urgent changes, a minimum steps qualifying to
    approve such urgent changes

40
Change Management Abuse of Urgent change
  • Do NOT request Urgent Change for
  • Would be nice to have completed early
  • Was accidentally submitted too late for the CAB
  • Attempting to avoid all of the planning processes
  • To compensate for poor planning
  • Note An Urgent Change should be avoided if
    possible and used only when required. Urgent
    Changes skip the normal planning and
    communication process, many urgent changes
    request for approval over the telephone. Approval
    of the RFCs in such situation can cause
    instability in the production environment.

41
  • What questions do you have?

42
Release Management
43
Release Management - Purpose
  • To take a holistic view of a change to an IT
    service and ensure that all aspects of a release,
    both technical and non-technical, are considered
    together.
  • PROTECTS THE PRODUCTION ENVIRONMENT

44
Release Management
  • Usually Release Management will be used for
  • Large or critical hardware / software roll out
  • Bundle relates set of changes
  • Release Management
  • is concerned with implementation, unlike Change
    Management, which is concerned with verification
  • particularly useful in distributed multi-tier
    environments, where an implementation may consist
    of a number of different components supported by
    different technology domains, which need to be
    coordinated

45
Release Management
  • Responsibilities
  • Plan the rollout of software and related
    hardware.
  • Create procedures for the distribution and
    installation of changes to IT systems
  • Communicate and manage customer expectations
    during the planning and rollout of releases
  • Implementing new releases into the operational
    environment using the controlling processes of
    Configuration and Change Management.
  • Ensuring that master copies of all software are
    secured in the Definitive Software Library (DSL)
    and that the Configuration Management Database
    (CMDB) is updated

46
Release Management Functions and Roles
  • Release Management staff
  • In most of companies the Release Management
    function may well be combined with several other
    Service Management disciplines, in particular
    Change Management and Configuration Management.
  • In a larger organization there may be dedicated
    Release Management staff for particular systems.

47
Release Management - Activities
A Release is a collection of authorized changes
into an IT environment
48
Release Management Process Relationships
Problem Management
Incident Management
RFC
Change Management
Approved RFC New projects HW and SW
Incidents
Release schedules
Release Management
Service Desk
Release schedules
Configuration Management
  • Configuration
  • assets
  • relationships

Release schedules
Service Level Management
  • Monitoring
  • software
  • availability

Service Delivery
CpM AvM SCM
49
Release, Change and Configuration Management
Change mgnt ensuresthat new/modified CIs are
implemented to Production environment properly
Change Management
Change Mgnt ensuresthat Configuration Itemsare
accurate due to changes
Release Management
Configuration Mgnt ensuresthat Release Mgnt use
thecorrect CIs version
Configuration Management
50
  • What questions do you have?

51
ITIL Essentials (Foundations) Course
  • Second Part Service Delivery

52
Service Delivery Agenda
Service Support Service Delivery
Service Desk SLM
Incident Mgnt Financial Mgnt
Problem Mgnt Capacity Mgnt
Configuration Mgnt IT Service Cont Mgnt
Change Mgnt Availability Mgnt
Release Mgnt Security Mgnt
53
Service Delivery - Overview
BUSINESS / USERS
SERVICEDELIVERY
Service Level Management
IT Service Continuity Management
Financial Management
COSTS
RISK
Security Management
Availability Management
Capacity Management
TECHNOLOGY
54
Service Delivery
  • Service Delivery looks at the long term planning
    and improvement of IT service provision, which
    will also improve efficiency and the achievement
    of business goals.
  • There are five processes within the Service
    Delivery umbrella and they are
  • Service Level Management
  • Financial Management for IT Services
  • Capacity Management
  • IT Service Continuity Management
  • Availability Management.
  • Security Management sits under the Information
    Security umbrella but will be addressed today due
    to the criticality of information security in
    todays IT environment.

55
Service Level Management - Purpose
  • To maintain and improve IT service quality
    through a constant cycle of agreeing, monitoring
    and reporting upon IT Service achievements and
    the instigation of actions to eradicate poor
    service, in line with business or cost
    justification.
  • SERVICE DEFINITION AND STANDARDS

56
Service Level Management - Role
  • Service Level Management
  • is essential in any organization so that the
    level of IT service needed to support the
    business can be determined, and monitoring can be
    initiated to identify whether the required
    service levels are being met.
  • is a client facing role, where regular lines of
    communication are maintained between the IT
    service provider and the IT customer
  • process is responsible for ensuring Service Level
    Agreements (SLAs) and Operational Level
    Agreements (OLAs) or underpinning contracts (UCs)
    are met

57
Types of Agreements and Contracts
Internal/External Customers
IT Service Level Management
Internal Suppliers and Maintenance Personnel
External Suppliers and Maintenance Personnel
58
Service Level Management - Activities
59
Service Catalogue
  • A list of all services
  • The characteristics of each service
  • Information on the use of the service

60
Contents of a Service Level Agreement
  • Scope of the agreement
  • Service description
  • Signatories
  • Date of next review
  • Service hours
  • Service availability
  • Support levels
  • Performance
  • Security
  • Functionality
  • Charges
  • Change procedure
  • Contingency
  • Anticipated growth
  • Restrictions
  • Training
  • Change procedure for the Service Level Agreement

61
Service Level Management - Benefits
  • IT services are designed to meet expectations
    outlined in SLRs
  • Service performance can be measuredReporting is
    Critical to the success of Service Level
    Agreements
  • If charged, customers can draw a balance between
    service costs and required quality
  • The IT organization can control resource
    management and reduce costs in the long term as
    the organization can specify the required
    services and components
  • Improved customer relationships and satisfaction

62
Service Level Management Process Relationships
Service Desk
Service Support
Incident Management
Problem Release
Incidents RFC
Change Management
Configuration Management
Service definitions
SLAs OLAs
Third Party Suppliers
Service Level Management
SLAs
Customer
SLRs
UCs
SLAs OLAs
Service Delivery
Capacity Availability Continuity
Finance
Planning
63
Service Level Management
SLR - Service Level Requirement
COMPANY
FIN
SCM
METRICS
SLA - Service Level Agreement
CEO
SERVICE MGMT
AVM
SLR
CAP
UC
SLA
Suppliers
SLM
Suppliers
Suppliers
Suppliers
SLR
OLA
End User
IM
PM
SERVICE DESK
CHG
OLA - Operational Level Agreement
CFG
REL
UC - Underpinning Contract
IT ORGANISATION
64
  • What questions do you have?

65
Financial Management for IT Services
66
Financial Management for IT Services - Purpose
  • To provide cost effective stewardship of the IT
    assets and the financial resources used in the IT
    services provided.
  • CONTROL AND RECOVER IT COSTS

67
Financial Management for IT Services Role
  • Financial Management is responsible for
  • Accounting for the costs (costing) and return on
    IT service investments (IT portfolio management),
    and
  • Budgeting defining and implementing IT
    budgetary process
  • Charging - for any aspects of recovering costs
    from the customers (charging).

68
Financial Management for IT Services Functions
and Roles
  • Finance Manager
  • Responsibility for
  • Managing the IT budget
  • Gathering suitable cost data to develop a cost
    model
  • Preparing regular bills for the customer
  • Note
  • The Finance Manager for IT Services may not
    necessarily be a dedicated resource.
  • The process may have an owner within the IT
    department who liaises with the Finance
    department of the organization and senior IT
    managers, particularly those responsible for
    service level management.

69
The Costing, Charging and Budgeting Cycle
Business ITrequirements
IT operational plan(inc. Budgets)
Cost analysis(Accounting)
Charges
Financial targets
Costing models
Feedback of proposedcharges to business
Charging policies
70
Cost Model
  • A framework in which all known costs can be
    recorded and allocated to specific Customers,
    activities or other categories
  • Several types
  • Cost-by-service, activity (Activity Based
    Costing), Customer or location
  • Define the Cost Unit for services or activities
    (transaction, minute, CPU-seconds, storage,
    incident, change, etc.)

71
Pricing Policy
  • Market price the price charged by external
    suppliers
  • Going rate comparable to other internal
    organizations
  • Cost plus input cost plus uplift
  • Cost total cost of ownership
  • Fixed price negotiated price for a fixed period

72
Financial Management Process Relationships
  • Purpose
  • Activities
  • Benefits
  • Relationships Between Processes
  • Potential Challenges/Problems
  • KPIs

Customer
Services
Service Level Management
Service Support
Performance Usage
Cost model Charging
Budget Spend
Configuration Management
Business Relationship Management
Financial Management
Changes with cost affects
Cost model Charges
Service Delivery
Capacity Management
Performance Usage
73
  • What questions do you have?

74
Capacity Management
75
Capacity Management - Purpose
  • To ensure that cost justifiable IT capacity
    always exists and that it is matched to the
    current and future identified needs of the
    business.

76
Capacity Management Functions and Roles
  • Capacity Manager
  • Reporting on current usage of resources, trending
    and forecasts for future usage
  • Identifying needs for increases or reductions in
    hardware based on SLR and cost
  • Performance testing of new systems
  • Sizing all proposed new systems to determine
    resources required.
  • Assessing new technology or products which may
    improve efficiency of the capacity process.

77
Input and Output Data Requirements
78
Sub-Processes
  • Resource Capacity Management
  • Monitor, analyze, run and report on the
    utilization of components, establish baselines
    and profiles of use of components
  • Service Capacity Management
  • Monitor, analyze, tune, and report on service
    performance, establish baselines and profiles of
    use for services, manage demand for services
  • Business Capacity Management
  • Trend, forecast, model, prototype, size and
    document future business requirements

79
Capacity Management Process Relationships
Service Level Management
Monitoring Reporting
Incident Management
Requirements
Service Support
Problem Management
SLR
Plans
Requirements
Capacity Management
Customer
Change Management
Plans
Plans
Availability Continuity
Service Delivery
Planning
80
  • What questions do you have?

81
IT Service Continuity Management
82
IT Service Continuity Management Purpose
  • To support the overall Business Continuity
    Management process by ensuring that the required
    IT technical and services facilities can be
    recovered within required and agreed business
    timescales.
  • KEEP THE BUSINESS IN BUSINESS

83
IT Service Continuity Management Functions and
Roles
  • The primary goal of ITSCM Manager is to implement
    and maintain the ITSCM process in accordance with
    the overall requirements of the organization's
    Business Continuity Management (BCM), and to
    represent the IT services within the BCM
    function.

84
Thoughts that should avoid
  • Too expensive
  • Disaster unlikely to happen
  • More important things to do
  • We will muddle through
  • Unaware of the business risks
  • Thought that should have.
  • MURPHY LAWAnything can go wrong , will go wrong
  • You cannot control what you cannot measure,
  • You cannot recover what you have not planned.

85
IT Service Continuity Management Functions and
Roles
Role Roles in Normal Operation Roles in Crisis Situation
Board Level Initiate IT Service Continuity, set policy, allocate responsibilities, direct and authorize Crisis Management, corporate decisions, external affairs
Senior Management Manage IT Service Continuity, accept deliverables, communicate and maintain awareness, integrate across organization Co- ordination, direction and arbitration, resource authorization
Junior Management Undertake IT Service Continuity analysis, define deliverables, contract for services, manage testing and assurance Invocation, team leadership, site management, liaison and reporting
Supervisors and Staff Develop deliverables, negotiate services, perform testing, develop and operate processes and procedures Task execution, team membership liaison
86
IT Service Continuity Management Activities
Stage 1 - Initiation
87
IT Service Continuity Management Risk
Reduction and Recovery Options
  • It is rare that an organization will choose only
    risk reduction (prevention measures) or recovery
    options. Generally a combination of reducing
    risks to assets with greatest vulnerability or
    with higher business impact with a recovery plan
    will be implemented.
  • Recovery Options
  • Do nothing
  • Return to manual systems
  • Gradual recovery (cold stand-by) (72 hrs)
  • Intermediate recovery (warm stand-by) (24-72 hrs)
  • Immediate recovery (hot start, hot stand-by) (lt24
    hrs)
  • Combinations

88
Gradual Recovery Facilities (cold standby 72
hours)
  • Accommodations
  • Power
  • Environmental controls
  • Network cabling infrastructure
  • Telecommunications

Does not include ANY computing equipment
89
Intermediate Recovery Facilities(warm standby
24-72 hours)
  • Accommodations
  • Power
  • Environmental controls
  • Network cabling infrastructure
  • Telecommunications
  • Operations, system management and technical
    support
  • Processors, peripherals, communications equipment
    and / or operating systems

90
Immediate Recovery Facilities (hot standby lt24
hours)
  • Accommodations
  • Power
  • Environmental controls
  • Network cabling infrastructure
  • Telecommunications
  • Operations, system management and technical
    support
  • Processors, peripherals and communications
    equipment
  • Operating systems, applications and data mirrored
    from the operational servers

91
IT Service Continuity Management Process
Relationships
Exercise / Service Recovery
Service Level Management
Incident Management
Problem Management
Service Support
SLR
Requirements
Plans
Change Management
Requirements
Service Continuity Management
Customer
Plans
Configuration Management
Planning
Incidents
Service Desk
Capacity Availability
Event Monitoring
Service Delivery
Planning
92
  • What questions do you have?

93
Availability Management
94
Availability Management - Purpose
  • To optimize the capability of the IT
    infrastructure and supporting organization to
    deliver a cost effective and sustained level of
    availability that enables the business to satisfy
    its business objectives.
  • ENSURE RESOURCES ARE AVAILABLE AND EFFECTIVE

95
The Availability Management Process
INPUTS
OUTPUTS
Business availabilityrequirements
Availability recovery designcriteria
Business impact assessment
IT infrastructure resilience assessment
Availability, reliability maintainability
requirements
Agreed targets for availabilityand
maintainability
Incident and problem data
Reports of availability, reliability
maintainability achieved
Configuration monitoring data
Availability monitoring
Service level achievements
Availability Plan
96
Availability Management Terminology
  • Availability - is the ability for an IT Service
    or component to perform its required function at
    a stated instant or over a stated period
  • Reliability the tendency of an IT Service or
    component not to fail (i.e. how long can it
    perform)
  • Resilience the ability of the component to
    continue providing the service even though some
    piece is no longer functioning (i.e. fault
    tolerance)
  • Maintainability - is the ability to retain or
    restore an IT Service or component to an
    operational state (internal)
  • Serviceability - as Maintainability but for
    external suppliers
  • Security - Confidentiality, Integrity and
    Availability of the services and associated data
    an aspect of overall availability
  • Confidentiality, Integrity and Availability (CIA)
    the basis of security

97
Availability Management Terminology Basic
Availability Calculation
(2 of 2)
  • (Agreed service time downtime)
  • Availability ____________________________ x
    100
  • Agreed service time

Remember the definition of a "Service
98
Availability Management Activities
  • Designing for availability (Proactive
    perspective)
  • The technical design of the IT infrastructure and
    the alignment of the internal and external
    suppliers required to meet the availability
    requirements of the service
  • Designing for recovery (Reactive perspective)
  • The design points required to ensure that in the
    event of an IT service failure, the service can
    be reinstated to resume normal business
    operations as quickly as possible

99
The Monetary Impact of Unavailability
100
Calculating Availability
101
Availability Management Process Relationships
Downtime Monitoring
Service Level Management
SLA Monitoring
Incident Management
Cause
Problem Management
Service Support
SLR
Plans
Change Management
Requirements
Availability Management
Customer
Change
Plans
Configuration Management
Planning
Incidents
Service Desk
Event Monitoring of Downtime
Service Delivery
Capacity Continuity
Planning
102
  • What questions do you have?

103
Security Management
104
Security Management - Purpose
  • Security Management is the process of managing a
    defined level of security on information and IT
    services. It has links with all processes
  • It also includes managing the reaction to
    security incidents.
  • Security Management has two objectives
  • To meet the security requirements of SLAs and
    other external requirements further to contracts,
    legislation and externally imposed policies.
  • To provide a basic level of security,
    independence and external requirements.
  • PROTECT DATA

105
The Cost of Security Incidents
Incident Type 1999 2004
Proprietary Information 1,847,652 11,460,000
Fraud 1,470,592 7,670,500
Denial of Service 116,250 26,064,050
Virus 45,465 55,053,900
Insider Access 142,680 4,278,205
Laptop Theft 86,920 6,734,500
Total losses reported in the 2004 report was
141,496,560
Source CSI/FBI Computer Crime and Security Survey
106
Security Management - Role
  • Confidentiality
  • protecting the business information from failure
    and attack
  • is more than locking server rooms or insisting on
    password discipline.
  • Integrity
  • timeliness or correctness require careful
    consideration of information flows and
  • safeguards against incorrect values
  • Availability
  • maintaining the uninterrupted operation of the IT
    organization
  • also helps to simplify Information Security
    Service Level Management, as it is much more
    difficult to manage a large number of different
    SLAs than a limited one.

107
Security Management Activities
  • Plan
  • Establish the structure of the Security section
    of the Service Level Agreements, Operational
    Level Agreements and Underpinning Contracts
  • Establish the security baseline (or minimum
    security standards)
  • Implement
  • Establish and maintain security awareness
  • Establish the procedures to identify and classify
    security incidents
  • Establish the procedures to handle security
    incidents
  • Evaluate
  • Conducting security audits
  • Using Internal resources
  • Using External resources
  • Self assessment (using Security Management
    resources)
  • Ongoing review and analysis of security incidents
  • Control
  • Establish the structure and controls for security
    functions
  • Defines the roles responsibilities (including
    the line of command)
  • Maintain
  • Ensure the continuity of security measures
  • Update to the security handbooks

108
Security Management Process Relationships
Incidents
Service Level Management
SLA Monitoring
Incident Management
Virus
Problem Management
Service Support
SLR
Plans
Change Management
Requirements
Security Management
Customer
Change
Plans
Configuration Management
Planning
Incidents
Release Management
Service Desk
Attacks
Capacity Continuity Availability
Service Delivery
Planning
109
Quick Review
110
ITIL Process Linkages
111
Attitude Change
112
Roles that could be combined
  • Configuration Management and Release Management
  • Configuration Management and Change Management
  • Service Level Management and Financial Management
    for IT Services

?
113
Roles that should not be combined
  • Problem Management and Incident Management
  • Problem Management and Change Management
  • Capacity Management and Availability Management

114
Some Useful Websites
http//www.ogc.gov.uk The OGC the organization that publishes the ITIL books
http//www.itil.co.uk ITIL UK Official Web Site
http//www.itilexams.com/ Loyalist College Belleville, Ontario ITIL Certification Agent
http//www.itsmf.com The global IT Service Management Forum site
http//www.itsmfusa.org/mc/page.do The ITSMF US site
http//www.itsmf.ca/ ItSMF Canada Site IT Service Management Forum - check out Event/Presentation for local context and players.
http//www.pultorak.com/pcbit/itsm.htm General ITSM information and white-papers
http//www.staytech.com/ Ottawa based ITIL Services/Training provider Links contains a good selection of ITIL Information/Solution providers
http//www.nextslm.org/ Tools, newsletters, and white-papers on ITSM
115
  • What questions do you have?

116
  • Go home!
Write a Comment
User Comments (0)
About PowerShow.com