hw2_itil_LegenDTeaM_20160408
What is the ITIL® service lifecycle?
To sustain high levels of business performance, organisations need to offer competitive products and services that customers will value, buy and use. Adapting quickly to changes in the economic climate and in the market place is of real importance. All services offered should enable business transformation and growth.
ITIL Service Management supports this transformation through the use of the Service Lifecycle, which is split into 5 distinct lifecycle stages:
ITIL Service Management supports this transformation through the use of the Service Lifecycle, which is split into 5 distinct lifecycle stages:
- Service Strategy
- Service Design
- Service Transition
- Service Operation
- Continual Service Improvement
Each stage relies on service principles, processes, roles and performance measures, and each stage is dependent on the other lifecycle stages for inputs and feedback. A constant set of checks and balances throughout the Service Lifecycle ensures that as business demand changes with business need, the services can adapt and respond effectively to them.
ITIL Service Design
Service Design identifies service requirements and devises new service offerings as well as changes and improvements to existing ones.
As per ITIL 2011, the following main processes are part of the ITIL stage Service Design:
Process Objective: To coordinate all service design activities, processes and resources. Design coordination ensures the consistent and effective design of new or changed IT services, service management information systems, architectures, technology, processes, information and metrics.
Process Objective: To ensure that a Service Catalogue is produced and maintained, containing accurate information on all operational services and those being prepared to be run operationally. Service Catalogue Management provides vital information for all other Service Management processes: Service details, current status and the services’ interdependencies.
Process Objective: To negotiate Service Level Agreements with the customers and to design services in accordance with the agreed service level targets. Service Level Management is also responsible for ensuring that all Operational Level Agreements and Underpinning Contracts are appropriate, and to monitor and report on service levels.
Process Objective: To identify, assess and control risks. This includes analyzing the value of assets to the business, identifying threats to those assets, and evaluating how vulnerable each asset is to those threats.
Process Objective: To ensure that the capacity of IT services and the IT infrastructure is able to deliver the agreed service level targets in a cost effective and timely manner. Capacity Management considers all resources required to deliver the IT service, and plans for short, medium and long term business requirements.
Process Objective: To define, analyze, plan, measure and improve all aspects of the availability of IT services. Availability Management is responsible for ensuring that all IT infrastructure, processes, tools, roles etc. are appropriate for the agreed availability targets.
Process Objective: To manage risks that could seriously impact IT services. ITSCM ensures that the IT service provider can always provide minimum agreed Service Levels, by reducing the risk from disaster events to an acceptable level and planning for the recovery of IT services. ITSCM should be designed to support Business Continuity Management.
Process Objective: To ensure the confidentiality, integrity and availability of an organization’s information, data and IT services. Information Security Management usually forms part of an organizational approach to security management which has a wider scope than the IT Service Provider.
Process Objective: To ensure IT services, processes and systems comply with enterprise policies and legal requirements.
Process Objective: To define a blueprint for the future development of the technological landscape, taking into account the service strategy and newly available technologies.
Process Objective: To ensure that all contracts with suppliers support the needs of the business, and that all suppliers meet their contractual commitments.
Service Operation
Service Operation is at the very heart of day-to-day, business as usual, Service Delivery.
Think of it as a “factory of IT Service Delivery” underpinned by Infrastructure and Application Delivery.
Service Operation focusses on the precise execution and delivery of all processes and services to delivery business value for customers and users in a consistent, reliable and repeatable manner.
An often overlooked benefit of Service Operation is that it also provides Operational Validation of the Service being delivered.
An often overlooked benefit of Service Operation is that it also provides Operational Validation of the Service being delivered.
Service Operation is subject to Continual Service Improvement and ultimately the delivery of service excellence.
The goal of Service Excellence can also be supported by the attainment of the world’s first global standard for IT Service Management, ISO/IEC 20000
The primary goals of Service Operation are to: –
• Enable responsive, stable and repeatable IT Service Delivery
• Provide robust end-to-end working practices
• Deliver improved Processes such as Incident and Problem Management
• Deliver new Processes such as: Event Management and Service Request Fulfilment
• Promote more adaptive, responsive and agile Service Operation functions
• Help shape and define Service Strategy, Service Design, Service Transition and Continual
Service Improvement (the core of the new ITIL V3 Service Lifecycle Model)
• Provide robust end-to-end working practices
• Deliver improved Processes such as Incident and Problem Management
• Deliver new Processes such as: Event Management and Service Request Fulfilment
• Promote more adaptive, responsive and agile Service Operation functions
• Help shape and define Service Strategy, Service Design, Service Transition and Continual
Service Improvement (the core of the new ITIL V3 Service Lifecycle Model)
Service Operation purpose
In summary, the purpose is: –
In summary, the purpose is: –
• To coordinate and deliver key activities and processes required to provide and manage
services at agreed levels to the business, users and customers
services at agreed levels to the business, users and customers
• To manage the technology and toolsets that are used to deliver and support services
• To manage, measure, control and feedback improvements in the day to day operations
• To monitor performance, assess metrics and gather data to input into the Continual Service Improvement Process Area
What is the value of Service Operation to a business?
The required value of what any given service should provide to the business is actually modelled in Service Strategy and that model manifests itself in a more structured way within Service Design.
The structure and cost of the Service is then designed and validated in Service Design and Service Transition. The actual measures for required levels of optimization are identified in Continual Service Improvement.
A critical point that is covered within the book is: –
“The only value that matters is that perceived by the customer. Service Operations is where the value is delivered and judged.”
What are the principles of Service Operation?
The first principle of Service Operation is concerned with finding the right balance between : –
– the Internal IT view versus the external business view
– Ongoing stability versus responsiveness
– Quality Improvements versus Cost to deliver the Service
– Reactive working versus proactive working
– Ongoing stability versus responsiveness
– Quality Improvements versus Cost to deliver the Service
– Reactive working versus proactive working
The themes of ‘Reactivity’, ‘proactivity’ and ‘control’ are all important.
What is the Scope of Service Operation?
What is the Scope of Service Operation?
Service Operation scope: –
– Processes and working practices
– The physical organisation of Service Operation
– Execution of all ongoing activities required to deliver and support service
– Service Management processes
– Technology and supporting toolsets
– Management of the infrastructure used to deliver services
– The people who manage the technology, processes and services
– The physical organisation of Service Operation
– Execution of all ongoing activities required to deliver and support service
– Service Management processes
– Technology and supporting toolsets
– Management of the infrastructure used to deliver services
– The people who manage the technology, processes and services
References
- http://www.connectsphere.com/resource/articles/what-is-the-itil-service-lifecycle
- http://www.itsmwatch.com/itil/article.php/3913896/Integrating-ITIL-with-IT-Project-Management-Improves-Both.htm
- http://wiki.en.it-processmaps.com/index.php/ITIL_Service_Design
- http://itilserviceoperation.blogspot.com.tr/
- http://www.accelerated-ideas.com/free-itil-training/
hw1_itil_mustafaakgure_20160304
ITIL
ITIL focuses on aligning IT services with the needs of the business. ITIL is the de-facto and leading framework for IT Service Management in the world with by far the highest number of certifications.
ITIL was created in the late 1980s by the UK government’s CCTA (Central Computer and Telecommunications Agency) with the objective of enabling effective and efficient IT service provision. ITIL is now owned by the Cabinet Office, part of HM Government; the current version is the ITIL 2011 Edition (published July 2011). It succeeds the ITIL 2007 Edition which is more commonly known as ITIL V3.
ITIL advocates that IT services must be aligned to the needs of the business and underpin the core business processes. It provides guidance to organizations on how to use IT as a tool to facilitate business change, transformation and growth. The ITIL best practices are described in five core guides that map the entire ITIL Service Lifecycle (see Figure below).
Cobit
COBIT stands for Control Objectives for Information and Related Technology. It is a framework created by the ISACA (Information Systems Audit and Control Association) for IT governance and management. It is meant to be a supportive tool for managers and allows bridging the crucial gap between technical issues, business risks and control requirements. Business managers are equipped with a model to deliver value to the organization and practice better risk management practices associated with the IT processes. It is a control model that guarantees the integrity of the information system. Today, COBIT is used globally by all managers who are responsible for the IT business processes. It is a thoroughly recognized guideline that can be applied to any organization across industries. Overall, COBIT ensures quality, control and reliability of information systems in organization, which is also the most important aspect of every modern business.
ISO 27001
ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.
According to its documentation, ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.”
ISO 27001 uses a topdown, risk-based approach and is technology-neutral. The specification defines a six-part planning process:
- Define a security policy.
- Define the scope of the ISMS.
- Conduct a risk assessment.
- Manage identified risks.
- Select control objectives and controls to be implemented.
- Prepare a statement of applicability.
The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action. The standard requires cooperation among all sections of an organisation
Comparision of Cobit,Itil and Iso 27001
What should be implemented first?
There’s no exact answer about this question, but i think its really depend on your company and your requirement. Most of company start to implemented Cobit first because its cover general information system. And after that they usually choose between ITIL or ISO27001.
Another consideration is about budget and authoritive. Cobit implementation usually run from internal audit budget and ITIL or ISO27001 usually performed using IT departement budget. This consideration usually makes what kind of standard to implemented first become depend on management policy.
What is the easiest standard?
From the implementatation view, ITIL is the easiest standard to be implemented. Because, ITIL could be implemented partially and still not have impact on performance. Example, if IT departement lack of budget and he could choose to implement IT Service Delivery layer only, and the next year he will try to implement IT Release Management or IT Problem Management.<
However COBIT and ISO27001 is quite difficult to be implemented partially, since it should see a process in bigger view first before they could implemented partially.
How to choose the right vendor?
Many vendor said that he could help your company to implement these standard effectively, in fact there is no one solution for all. Usually the COBIT vendor come from Publci Accounting Firm who has an IT Audit arm, eg PWC, DTT, KPMG, EY. This type of vendor is best choice for COBIT since they also work for COBIT implementation derivative such as COBIT for Sarbanes Oxley.
The other standard ITIL and ISO27001 usually come from General IT Consulting Company, eg. IBM, Accenture. And for ISO27001 most of IT networking company also could offer this standard consultation.
References
