ITIL Books

Fixed Components

Information Technology
Infrastructure Library (ITIL)

Generic framework to manage IT

infrastructure and services.

provides advice and guidance to help IT personnel to

understand how they can contribute to the business
objectives and how their roles and services can be better
aligned and exploited to maximise that contribution.

Consultants
Trainers
Suppliers

Security Management:
covers the processes required for the planning and delivery of
quality IT services and looks at the longer term processes
associate with improving the quality of IT services delivered.

Service Delivery:

Service Support:
The Business Perspective:

describes how to manage applications from the initial business need, through all
stages in the application lifecycle, up to and including retirement. It places
emphasis on ensuring that IT projects and strategies are tightly aligned with
those of the business throughout the application lifecycle, to ensure that the
business obtains best value from its investment.

Organisations
Certification Exams

Variable Components
details the process of planning and managing a defined level of security for information
and IT services, including all aspects associated with reaction to security Incidents. It
also includes the assessment and management of risks and vulnerabilities, and the
implementation of cost justifiable countermeasures.

Models

Core of ITIL
06/03/2005 - v4

Application Management:

ICT Infrastructure
Management (ICT IM):

Planning to Implement
Service Management:

describes the processes associated with the day-to day support and
maintenance activities associated with the provision of IT services
covers all aspects of ICT Infrastructure Management from
identification of business requirements through the tendering
process, to the testing, installation, deployment, and ongoing
operation and optimisation of the ICT components and IT services.

examines the issues and tasks involved in planning, implementing

and improving Service Management processes within an
organisation. It also addresses the issues associated with
addressing Cultural and Organisational Change, the development of
a vision and strategy and the most appropriate method of approach.

Good IT infrastructure in terms of

tools and technology
Well defined organisation mission,
objectives and policies

Success(13)

What (2)

Competent and trained people to

improve the service culture
Effective and efficient ITSM process
Mission Statement
Strategies & Policies

Service management is a methodical approach to delivering services

by structuring the firms relationships with its internal customers and
multiple service providers to ensure business objectives are met.
A service level and a cost target
combine to define an SLA

The main objective of ITSM is to

ensure that the IT services are
aligned to the business needs (5)

Using the IT services effectively to meet the

current and changing business requirements

Productivity enhancement of the IT

staff by increasing their skill levels
Shift from a product culture towards a service culture

Organisational Culture (16)

(Shared values)
Business Benefits

Improvement of the relationships

between users and IT specialists
A logically related set of activities needs to be defined.
Activities to be measured at every
stage to ensure the objectives are met

implemented changes

Process improvements

Financial Benefits

Organisational
Approach to
ITSM (12)

What is the objective of the process

What are the criteria to determine whether the

process has delivered the desired results

ITSM has the following benefits (6)

Metrics

IT Service
Management

What is the impact of the output of the

process on other processes

Each activity has a defined input and output

Increased flexibility and adaptability of IT services

to coexist with each other
Improved ability to recognised and adapt
to changing business trends
Increased productivity of IT staff

Process

Each process has a clear objective and is defined through a series of activities
Activities are executed using a set of procedures and working instructions

estimated capacity requirements

planned IT services continuity expenditure

Innovation Benefits

Process
Questions (18)

Cost justification for

Clear understanding of required IT services for

better Delivery

What is the expected results of the process

Assessments

Enhanced Quality of business

operations by ensuring IT services
support business processes
Improved Working Relationships between
customers and IT service organisation
Increased Productivity of
business and customer staff

Organisation should have a

process orientated approach to
facilitate changes (17)

If targets are not achieved, org should

modify its plans and policies
Vision and business objective

Maintaining effective IT
customer-supplier relationships
Continuously improving the quality of IT services

Organisational
Considerations (15)

Objectives

Better communication between IT departments

Providing high quality, reliable

and cost effective services

Employee Benefits

Processes(19)

Increased transparency between

management and employees of the firm
leading to highly motivated staff
Better motivated staff through
improved job satisfaction

Responsibility of executing these procedures is assigned to appropriate role(s)

Responsible for results/output of the process. Defines
the activities in the process and determines that the
actual performance matches the expected results
Responsible for structuring the process - controls
the day to day activities and operations. Also
generates the reports to help the process owner in
comparing actual and expected results.
Responsible for executing the defined activities.
Report to the process manager

Quality is defined by 'all the characteristics of a product or service that has

the ability to satisfy the stated and implied needs of the customer'(26)

Process Owner

Overall quality of the service is determined by the effectiveness of its

component processes
Process Manager

Process Roles (20)

Principles of Quality(29)

These component processes form a chain of activities that need to

be well coordinated to deliver consistent quality.
Control and coordinate these activates the following principles should be
applied: Quality Management, Quality Assurance and Quality Systems

Process Operatives

Principle involves the cost effective and systematic management of all the
organisational activities such as design, development and implementation
Quality Management(30)

Aim is to direct these activities to efficiently meet

the organisational and user requirements
Specifies continuous identification, modification and
implementation of the quality improvement activities

In hierarchically structured firms the departments,

processes and tasks are usually based on specific
customers, products, disciplines or regions.
In process orientated firms several departments together
perform different activities of one process. Roles and
responsibilities are assigned according to the activities
defined to deliver a particular service.

Department Orientated

Two Approaches to Delivering

Service(22)

Quality Assurance(31)

Procedures help the organisations to ensure that

the IT services continuously and consistently
fulfil the expectations of the customer
Measures help in identifying the improvement
steps needed to enhance service quality.

Principles specify the complete set of measures

and procedures for ensuring quality.

Quality within ITSM

Process Orientated

Quality Requirements
Principles specify the
organisation wide processes
Principles

Quality Systems(32)

Steps for meeting these requirements

Procedures for improving the quality standards
Methods for assuring the service quality levels

Principle defines the responsibilities, procedures and

resources required to implement quality management

Plan
Deming Circle(34)
Quality Improvement Tools(33)

Do
Check
Act

European Foundation for Quality

Management (EFQM) Model(35)

Model is used to determine the

maturity of the organisation
Organisational maturity is defined by
the levels of:

1. Objectives
2. Benefits to the IT Organisation
3. Concepts
Input
4. Process

Output
Activities

5. Roles
Demonstrates the relationships
and interrelationships between all
of the ITIL processes

SEMI Model

Model

6. Relationships with other ITIL Processes

7. Bottlenecks
8. KPI'S

Service
Management

9. Critical Success Factors

Covers the processes required for the planning and delivery of quality IT services and looks at
longer term processes for improving the quality of IT services delivered
Aims to consistently provide the required IT
resources at an acceptable cost and in line with the
current and future requirements of the customer
Helps manage the IT resources and services and deliver
the quality of service expected by the customer
ITSCM enables firms to continue to provide the
pre-determined and agreed level of IT services even
after a calamity or disaster
Helps the firm plan and implement their
business objectives by keeping in mind the
costs associated with providing each service
Bridges gap between customer requirements and
quality of service provided by firm by drafting an
agreement on the services to be provided
Bridges gap between customer requirements and
quality of service provided by firm by drafting an
agreement on the services to be provided

Describes the processes associated with the day-to-day support

and maintenance activities for the provision of IT services

Capacity
Management

Service
Desk (SD)

Availability
Management_1

Incident
Management

Service Continuity
Management

Service Delivery

Service Support

Financial
Management

Service
Level Management

Security
Management

Configuration
Management

Problem
Management
Two key components

Change
Management

Release
Management

This function facilitates quick resolution

of user queries by serving as a Single
Point Of Contact for the user
Helps to resolve errors that interrupt or
reduce the quality of the business processes
with minimal impact on the business
Database contains the relationships
of the IT components to provide
accurate information to the business
Database contains the r-relationships of the IT
components to provide accurate info to the business
Standard method for implementing
change with minimum errors in the
infrastructure and IT services
Ensures a stable production environment by using
formal procedures and checks for implementing
new versions of software and hardware

Users should be able to access the Service Desk

Users should be encouraged
to approach Service Desk
Users should be discouraged from
bypassing the Service Desk

9. Critical Success
Factors
Provide a Single Point of Contact (SPOC)

Users should clearly understand Service Desk

Function e.g. Provision of SLA, Service
Catalogues, Product Catalogues etc.

Ensure Restoration of Service

1. Objectives

Average duration and answer time per call.

Reduce workload on other IT departments by

routing only specific and relevant queries to each
department

Average time to resolve

% of incidents resolved - first call fix

Guarantee access for all users to IT Organisation

8. KPI'S

Number of calls processed per workstation

Total number of calls to the Service Desk

2. Benefits to the IT
Organisation

Limited understanding of Business needs

Provides an Information source to other IT departments

Provides Long Term Customer Retention through
efficiency of Service Provision

Inadequate investment in training

Unrealistic Service Levels

SPOC reduces the time and effort spent by Users resolving issues

7. Bottlenecks

Insufficient Significance attributed to the

Service Desk

Cost & resource constraint

Organisation hierarchy

Considerations
Incident Management

Expertise of service desk staff

6. Relationships with
other ITIL Processes

Change/ Release Management

Configuration Management

Functional Skill of Users

Integrated Service Desk: Business Operations are
part of the Overall Service Desk

Service Level Management

Centralised Service Desk

Record the call - don't provide a solution - route call to

Departments e.g. automated. (Potentially no human
interaction - therefore no skill required)

Service
Desk (SD)

Call centres

Split Function Centralised Service Desk: Business

Service Desk/Centralised Service Desk where users
can go to either Service Desk for support
Central Point of Contact

Structure

Record the call details in general terms - route

to departments - often seen as the most
efficient/cost effective SD Type - Requires
Standard Procedure Scripts. (Basic human
interaction with script - minimal skill required)

Unskilled SD

Deals with Queries of Local Users

Distributed Service Desk: Multiple Service
Desks across various locations

Local Point of Contact

SPOC but voice activated

Call Centre

Skilled SD

3. Concepts

Expert SD

Virtual Service Desk

Around the Clock Support

End User is unaware of multiple Desks
No on-site support to Users

Enhances the interaction between

the Service Desks and the Users.

Monitoring Progress
Providing Metrics

Objective

Tracks the users data for input

into the ITIL processes

Resolving Complaints

CTI (Computer Telephony Integration)

Responding to User Calls

4. Process

Providing Info to Users

Communicating with Suppliers
Performing Ops Management Tasks
Monitoring Infrastructure

Routes calls to specific teams for resolution

Provides local language benefits

Widespread Network of Service Desks

Have specialist knowledge of IT
Infrastructure - Resolve the call
single-handedly. (Human interaction
and highly skilled individuals required)

Acts as a single cost centre

Interacts with Central Point of Contact for
recording incidents

5. Roles

Use previous experience - usually resolve

- otherwise route call to departments
(human interaction, skill & experience
required)

All Users phone the SPOC. SPOC then routes the

call to the appropriate Service desk.

VOIP (Voice Over Internet Protocol)

Technology

IVR (Interactive Voice Response)

Activities
Includes

Internet Gateways
Automated System Management Tools
Networking Tools
Call Forwarding Facilities Emails, Faxes,
Telephones etc

An up-to-date CMDB that is a must to estimate

the impact and urgency of Incidents
Timely Solutions to incidents

9. Critical Success
Factors

A Knowledge Base, which is necessary to record

Incidents, their solutions or workarounds

Correct identification of incidents

1. Objectives

An automated system that is necessary for

recording, tracking and monitoring Incidents

Increased Productivity

Close ties with Service Level

Business Management Info

Number of recorded Incidents

Improved monitoring, allowing performance against

SLAs to be accurately measured

Average time to resolve the prioritized

and not prioritized Incidents
Number of resolved Incidents per work station or per Service
Desk, within the time duration specified in the SLAs

Accurate recording of Incidents and service requests

Elimination of lost or incorrect Incidents and service
requests

8. KPI'S
2. Benefits to the IT
Organisation

Percentage of Incidents resolved by the First-line support

Average support cost per Incident

Organized and efficient use of personnel for resolving

Incidents

Total Incidents solved without the Support Groups

needing to visit the User's location

Availability of information on IT errors for effective

management
More accurate CMDB information for ongoing
audit while registering Incidents

Users bypass Incident Management procedures

Overload of Incidents
Increase in escalation of Incidents

Monitoring of Incidents

Improved User and Customer satisfaction

Incident
Management

7. Bottlenecks

Service Level Agreements not clearly defined

Applications
Categories of Incidents

Change in culture in the organization

Hardware
Service Requests
Impact - High, Medium, Low

Configuration Management
Criteria for solving Incidents

Problem Management
Change Management
Service Level Management

1st Line - SD, Report, Monitor, Close

Availability Management

Support Groups

Capacity Management
Service Desk

Priority

3. Concepts

6. Relationships with
other ITIL Processes

Urgency - High, Medium, Low

2nd, 3rd, 4th Line - Management Department,

software, architects, suppliers

Creating Process Reports

Organising Management Information

Developing and maintaining incident mgmt system

Escalation
Incident Manager

Monitoring responsibility of IM support

groups

Inputs:

Recording reported incidents

Outputs:

Classifying and matching incidents

Routing incidents to other support groups

Support Groups

Handling incidents not solved by 1st line

Investigating incident details
Diagnosing the cause of incidents
Recovering solved incidents

4. Process

Infomation about the incidents and their solutions

Matching new Incidents with the previously

recorded Incidents
Activities

Other Support Groups

Incidents from different parts of the

infrastructure

Classifying Incidents and providing First-line

Support

Resolving incidents
Closing solved incidents

Functional - 1st line to 2nd line

Accepting and Recording Incidents

5. Roles

First line & Service Desk

Hierarchical - lack of resources or authority

Investigating and Diagnosing Incidents

Resolving and Recovering Incidents
Monitoring and tracking the progress of the
Incidents
Closing the Incidents

Configuration Management Database (CMDB: Details:

Numbers, Versions, Values, Locations of IT components etc

Identifying clear process objectives

Ensuring implementation of all stages in the
process

1. Objectives

Deleting the existing records before

introducing the process to avoid duplicate data

CM provides information about

components of IT Infrastructure and
helps Organisations by providing:

9. Critical Success
Factors

Providing reliable and up-to-date details about

the IT infrastructure and services
Managing the economic value of the IT
services (customer requirements, quality, and
costs)
Effective Management of IT Components

Providing accurate information and

documentation to support the other ITIL
processes

Ensuring that the Configuration Management

team has the required skills and attitude
Close coordination with the Change
Management process to ensure accuracy of the
information in the CMDB

Provision of High-quality Commercial Services

Effective Problem-solving

2. Benefits to the IT
Organisation

Number of unauthorised Configuration Items

Improved Security
Effective Expenditure Planning

CI's and CMDB

Identification of Hidden Costs

Number of changes to CMDB per month

Support for Other ITIL Processes

Number of unauthorised IT components detected in use

Hardware and software

8. KPI'S

Ratio of calls resolved immediately

Documentation, such as agreements,

procedures, and manuals

Service Desk

Average Time and cost of diagnosis and resolution of

Service Desk Calls

Wasted Licences

Better Control of Software and Hardware

Compliance with Legal Requirements

Number of refused RFC's as a result of incomplete

CMDB data

Cycle Time for Change Approvals

Rapid Implementation of Changes

Scope

Technical specifications

CI - Configuration Items

Organization charts and project plans

ITIL processes

CI's must be: Uniquely Identifiable, Changeable,

Manageable

Environment

Configuration
Management

Level of detail in CMDB

3. Concepts

Hardware, Software, Network Components,

Servers, Processors, Documents, Procedures,
Services and other IT Components Environments

CI Baseline

The CI Baseline consists of

frozen CI's (CI attributes are not
changed) ; Baseline is used for:

Manual Systems

Configuration Audit, Release, Change, Product Catalogue,

Collection of Standard CI's for costing, Testing new Configurations,
Backout Problems, Standard Supply to Users

Urgent Changes
Over ambitious schedules
Unrealistic Expectations

7. Bottlenecks

Inputs

Lack of Commitment
Bureaucratic Process

Outputs

Isolated Implementation

Information about changes in the organization

Information about the new IT components

Reports to other processes and to the IT management

New and updated records in the CMDB

Inflexible Tools

Defining the strategy, policy, and objectives of the process

Incident Management

Analyzing the information that is available for the process

1. Planning

Problem Management
Release Management
Service Level Management
Financial Management

CMDB - Configuration Item Information is

logged in the CMDB as follows

Identifying the tools and resources required for the process

Creating interfaces with other ITIL processes,
projects, and third parties like the suppliers

6. Relationships with
other ITIL Processes

Define the scope of the Configuration

Management process

Availability Management

Specify the level of detail for recording the information

Service Continuity Management

Capacity Management

Identify the relationships of the Configuration Items (CIs)

2. Identification

Determine the depth of information that needs to be recorded

4. Process

Create Naming Conventions

Attributes

Making proposals on the scope of Configuration Management

Activities

Planning and populating the Configuration

Management Database (CMDB)

3. Status Monitoring

Evaluating existing and implementing new

Configuration Management systems
Developing identification system and naming
conventions for the Configuration Items (CIs)

A status code is assigned to each of the

statuses for easy identification

Record the details of the hardware and

software in the CMDB
Configuration Manager

5. Roles

4. Control

Changes made to the IT infrastructure and IT

components

Developing interfaces to other processes

Creating reports and audits
Communicating the process and conducting
training

5. Verification

Automatically analyze workstations using audit tools report

on the Current situation and status of the IT infrastructure
Check and update the CMDB
Assess the efficiency and effectiveness of the
process

6. Reporting

Review of the expected growth of the demand of the

process activities are scheduled on a regular basis

Component and version, CI affected by a

Schedule, CI purchased by Supplier, CI history,
Location of CI info, Schedules for upgrading, CI
affected by a problem

Detect causes of errors or Incidents in the IT

infrastructure

1. Objectives

Eliminate Problems in the IT infrastructure

Provide permanent solutions to Problems
Prevent the recurrence of Problems

Manual Systems are Error Prone

Automated Systems save time and improve the
quality of Service Delivery

Effective Automated Incident

Registration System

2. Benefits to the IT
Organisation
9. Critical Success Factors

Feasible objectives

Dedicated team required (not part-time)

In terms of IT Service Quality Documents and eliminates errors

Reduces the number of Incidents
Provides permanent solutions to
problems in the IT Infrastructure.
Higher First Line Resolution Rate

Effective Coordination of Incident Resolution and

Problem Prevention

Identify the root cause of the Problem

Problem Control Activities

Number of Incidents by resolving problems

Time needed to resolve problems

8. KPI'S
Spot, monitor, and eliminate

Scope

Costs (people, material resources) incurred during resolving a Problem

Error Control Activities

7. Bottlenecks

Known Errors - Known Root Causes

Workarounds - Temporary Fixes,
no disruption to the Client

Lack of commitment on the management's part

Change Management
Service level Management

3. Concepts

Problem
Management

Configuration Management
Incident Management

Implement solutions as suggested Changes by

following the Change Management process errors
Evaluate Changes to ensure effective
resolution and prevention of problems

Poor link between the Incident Management

process and the Problem Management process
Inefficient communication of Known Errors from the
development environment to the Live environment

Provide the Service Desk with information

and advice on workarounds

Reactive PM Activities - Finding Root

Cause to aid in Permanent Solutions
Proactive PM Activities - Prevention
before the errors/incidents occur

6. Relationships with
other ITIL Processes

Incident details from the Incident Management process

Capacity Management

Workarounds defined by the Incident

Management process

Availability Management
Developing and maintaining the Problem
Control and Error Control processes

Inputs

Details of products (hardware and software)

used in the IT infrastructure from the suppliers

Assessing the effectiveness of the Problem

Control and Error Control activities
Providing Problems-related information to the management

Configuration details from the Configuration

Management Database (CMDB)

Details about the IT infrastructure and its behaviour, for

example, registration of capacity and performance monitoring

Problem Manager

Managing the Problem support staff

Allocating resources for the support activities

Known Errors

Evaluating the effectiveness of the Proactive

Problem Management process

Requests for Changes (RFCs)

Up-to-date Problem records
Outputs

Identifying and recording Problems by

analyzing Incident details

5. Roles

Management information to help monitor the

effectiveness of the Problem Management
process

Investigating Problems based on their priority

Submitting RFCs to remove errors

Closed Problem records for resolved Problems

Reactive

4. Process

Monitoring the resolution of Known Errors

Identification and reporting

Support Group Personnel

Advising the Incident Management team about

workarounds and quick fixes

Classifying - Category (Hardware or Software),

Impact, Urgency, Priority
Problem Control - Trend Analysis

Identifying trends and potential sources of Problems

Submitting RFCs to prevent the recurrence of Problems

Proactive

Preventing the replication of Problems across multiple systems

Investigation & Diagnosing - Diagnosis by

recreating error in a test environment, Diagnosis
examples: Hardware, Software, Document Error,
Human Error, Procedural Error
Error Identification and recording

Activities

Error Assessment
Error Control - Monitoring Known Errors and RFC's

Error Resolution recording & raising

RCFs
Error Closure
Problem/error resolution monitoring

Incident Management team

Providing Information - Solution to Problems

Service Desk
End User

Following process
Co-ordination with Staff
Post Implementation Review (PIR)

9. Critical Success Factors

Coordination with Configuration Management

1. Objectives

Change Management ensure that all changes in

the IT Infrastructure are approved and closely
managed for associated risk to the IT environment

Quick and efficient handling of Changes

Minimum impact of risk due to the
implementation of Changes
Improvement in the day-to-day operations of the
organization

Number of implemented changes per CI

Number of successful changes per CI
Number of unsuccessful changes per CI
Number of backed out changes
Number of incidents per CI. Workload
reduction after change, Average time ,
Average time reduction in related incidents

8. KPI'S

2. Benefits to the IT
Organisation

Incidents

Number, Number rejected, Number of

incidents occurring as a result of an RFC

Minimise impact of business change

Save time & money

RFCs

Change
Management

Bureaucracy - Lengthy activities and paperwork

Standard/ Urgent Changes

3. Concepts

Urgent Changes - steps missed, errors

Lack of Coordination with Configuration
Management - inaccurate analysis of impact

Optimise risks

Request for Change (RFC)

Change Approval Board (CAB

7. Bottlenecks

Unclear Role definition

Wide Scope of Change
Change Requests - Require CAB approval
Process

Configuration Management
Release Management
Problem Management
Incident Management
Service Level Management

6. Relationships with
other ITIL Processes

Classifying

Service Requests - No need to review with Change

Management
Classification of RFC's according to Impact & Urgency
Category depends on resources required
Request process:

Availability Management

Required personnel

Capacity Management
IT Service Continuity

4. Process

Filtering & accepting RFC's

Activities

Planning: The following are criteria that

need to be addressed as part of the Change
Management Request process

Capacity and performance of affected services

Change Manager - Chairperson (CAB)

IT Service Continuity

Convening Urgent CABs

Issuing Forward Schedule of Changes

5. Roles

Change Management Reports

Customers - Attend

Change Policy

Evaluate Success

LOS reps - Participate in Scheduling

SW and Systems Users

New Resources to be purchased

Impact of Change on Services

Planning & Implementation Coordination

Apps Teams - Provide Estimation,

Impact and Cost

Affected Services
Cycle Time of Change

Obtaining Authorisation
Reviewing

Cost

CAB: Change Approval Board consists of

Defined Change Release - several combined batch changes

Different Groups test and Schedule/implementation
Post Implementation Review (PIR

Status of RFC is 'closed'

Backout plan is followed

Piloting new changes

Automatic toolsets

1. Objectives

Number of Incidents by Back Out

Release Management concentrates on the

protection of the live environment by testing
changes in a test environment before they are
released. In addition, helps monitor:

Risk optimisation

Build Machines
Number of software in the DSL that have not been subjected to a quality check

Test Environments

Number of accurate and timely distributed-Releases at remote sites

Number of unused software that have unnecessary costs, such as license fee

Storing
Transporting

9. Critical Success Factors

Automatic Release Building

Purchasing

2. Benefits to the IT
Organisation

User testing

8. KPI'S

Release Implementation in manageable time

with minimal disruption
Fewer individual implementations
Less illegal copies of software

Number of times that unauthorized software is used

Increased User involvement for testing

Number of times when the status of the Release-associated

CIs in the CMDB was accurately updated

Standardisation of Hardware/software
Resistance to change

Release - Emergency Fix, Minor SW/HW,

Upgrade, Major

Release
Management

Unfamiliar, cumbersome, and process often bypassed

Problems in distributed implementation

Release Units - Infrastructure Portions

Testing environment
Insufficient time
Reluctance to perform back outs

3. Concepts

7. Bottlenecks

Insufficient resources

Release ID - Status of release e.g. in

development, test, live, archive etc
Release Types - Delta (small), Full release, Small
or Emergency Software

Testing Problems

DSL - Definitive Software Library

Delays in installation

DHS - DefinativeHardware Store

Multiple tools or audits

Technical Operations
Incident Management
Change Management
Problem Management

Testing: The following aspects of a Change are

tested as part of the Release Management Process

6. Relationships with
other ITIL Processes

Operational Aspects
Performance Aspects

Service Level Management

Configuration Management

Functional Aspects

Integration Aspects
Prepares Release Plan

Installation Instructions

Authorises Release
Communicates Release

Operating Instructions
Tools: Automated Tools reduce time and resources and
increase quality. Other tools for Release Management include

Release Manager

Test Laboratory

Implements Release

Configuring and recording Hardware/ Software

components

Member of the CAB

Testing in Live and Test environment
Preparing roll-out Plan

Standardising Hardware/Software Requirements

4. Activities
Test Manager

Plan

5. Roles

Test Environment Activities

Good technical background

Good knowledge of principles

Good business strategy

Build
Configure

Good IT Understanding
Good knowledge of support tools

Design

Skills sets required

Environment Activities

Acceptance
Preparation
Roll out plan
Live Environment Activities

Communication
Distribution

Justifiable costs

1. Objectives

Capacity Management looks at

balancing the cost of resources and
benefits through the use of:

Accurate Forecasts

Current and future needs for customers

Cost Versus Capacity

Accurate Plan
Close Interaction of Processes

Demand for Resources and costs associated with

this provision

Supply Versus Demand

9. Critical Success Factors

Current and Future Technologies

Reduced Risks:

Better Implementation

2. Benefits to the
IT Organisation

Accurate Forecasts of future demands:

Future Customer demands,

Efficient Balancing of supply and demand

Performance trends after estimates

Reduced Capacity Related Expenditure:

Reduction in rushed purchases

Reduction in expensive overcapacity

Monitoring performance, effectively

managed

8. KPI'S

Reduction in number of incidents due to

performance plans

Timely Investments

Performance Management - Measuring,

Monitoring, tuning
Modelling - Mathematical Models

High Expectations -Limited understanding,

overestimation
Lack of Information - No information on workload,
no plans, no simulation model
Insufficient Supplier Inputs - Different Benchmarks,
Different Testing methods

Application Sizing - Estimation of HW and SW

required and expected costs

Capacity
Management

Capacity Planning - Current and Future resources

and costs

7. Bottlenecks

Complex Environments - Too many dependencies

Business Capacity Management

Problems in Determining appropriate levels of

monitoring - Conflict in process and procedure

3. Concepts

Capacity Plan - created annually,

reviewed every quarter
Modelling - simple, complex
Applications Sizing
Monitoring performance of HW CPU, Disk & Network Utilisation

There are 3 main types of Capacity Management

Incident Management
Problem Management

Service Capacity Management

Change Management
Release Management
Configuration Management

6. Relationships with
other ITIL Processes

Creating and maintaining Capacity Database -CMBD

Business requirements
Inputs

Financial Management

Project plans
Incidents and problems

IT Service Continuity

Financial plans and budgets

Available Management

Capacity Plan
Monitors Process
Capacity Plan Creation

Updated Capacity Database

Capacity Manager

4. Process

Outputs

Update the Capacity Management Database

Optimising performance
Expertise Business Demand

Service Level records

Costing and Charging records

5. Roles

Revised Operational Schedules

System, Network,
Application Manager

Monitoring the performance of a hardware resource

Determining required Capacity

Analyzing the data collected from monitoring

Activities

Tuning the resource based on the analyzed data

Implementing and adding new hardware
Creating and maintaining the Capacity Database

Tuning Resource - Load Balancing

Implementing new Hardware - Change supervised
by Change Management and Monitored

Technology

Service Level Management

Analysing data - trends, normal and baseline

trends (Service Thresholds, Future, Difference)

Resource Capacity Management

1. Objectives

Availability Management ensures that

an accessible service is provided in a
cost effective manner through

Measure service availability levels and improve

them (if possible)
Provide a quick and effective professional
response in contingency situations, such as
network failure

Both the customer and IT service organization

should have quantifiable availability objectives.
All desired availability requirements should be specified in
terms of time, cost, duration, and performance parameters.
The Service Level Management process should provide
realistic formalized SLAs for service delivery.

A single point of contact is provided for

customers to resolve availability issues.

9. Critical Success Factors

2. Benefits to the IT
Organisation

Both parties should use common definitions for

availability and downtime

Complexity
Availability

The occurrence and duration of unavailability

are reduced using effective remedial actions.

Downtime duration

8. KPI'S

Quality of maintenance
Required Period
Reliability

3. Concepts

Rate of Availability

Reliability of components
Quick response to faults

Availability standards are monitored and

improved continuously within the associated cost
restrictions.

Uptime per service or group of Users

Downtime frequency

Little Downtime

New products and services comply with existing

availability standards.

Dependability
Resilience
Quality of Maintenance

Number of failures with 'X' time

Availability
Management_1

Serviceability

Impact Assessment reports for processes

Contractual 3rd Parties

Contractors

Configured data (monitored data)

Inputs

Lack of effective measurement tools for measuring sub-activity

Failure to meet Business Objectives
Lack of roles and responsibilities

Detecting failures

Reliability requirements for all IT Infrastructure components

Maintainability/Recoverability

Data about faults from previous Incidents

7. Bottlenecks

Service Levels, desired and achieved (SLA)

Insufficient empowerment and coordination between processes

Technical Requirements for Infrastructure Resilience

Reports on achieved availability and reliability

Configuration Management
IT service Continuity Management
Financial Management
Capacity Management

Outputs

6. Relationships with
other ITIL Processes

Availability Plan
MTTR - mean time to repair
Availability Reports - based on Metrics:

MTBF - mean time between failures

MTBSI - mean time between system incidents
Uptime/Downtime

Change Management

Key business function

Incident Management
Problem Management

Determining the availability requirements

Determines service uptime/downtime

Business impact of downtime
Business hours for customer

Managing the Availability process in terms of time, cost, and delivery

Component failure impact analysis CFIA

Ensuring that the delivered IT services match the agreed service levels
Optimizing the IT infrastructure to lower service costs to customers

4. Activities

Component risk assessment management method CRAMM

Availability Manager

Design plan - Effective maintenance contracts with suppliers

Designing for availability of service

Monitoring IT service response time for reporting to customers

Creating a proactive Availability Plan to balance future Availability Management needs

Adopt alternative strategies if requirements are not suitable

5. Roles

Service vulnerabilities and expenditure

Understanding of Availability Management

Experience
Communication skills
Statistical Analysis

Alternative designs
Planning

Skills

Designing for recoverability of service

Activities

Ensure business and technical processes in place

List of authorised personnel

Evaluating key security issues

Types of authorisation
Map authorisation of customer IT policies
S/ware and h/ware upgrades to avoid availability issues

Planning maintenance management

Planning downtimes
LT strategy

Developing the Availability Plan

Assessment of current situation

Set of guidelines for improving existing service
Plans for implementing new service

Monitoring

Restoring Failures
Resolving Failures

Availability design Criteria

Service Level Management

Diagnosing Failures

Measuring the service response time

Preparing availability reports

IT Service Continuity Management

concentrates on Business Continuity after
a Disaster by focusing on the following

1. Objectives

Structure
Culture
Strategic Direction

Cooperation and commitment within the organization to

create and execute the Recovery Plan
Effective installation and backup tools, such as tapes, CDs, and zip drives to
transfer business-critical information from disaster site to the Recovery site

2. Benefits to the IT
Organisation

Business Continuity
Organisation Credibility
Infrastructure Recovery - Faster Recovery

9. Critical Success Factors

Effective implementation of the Configuration Management process

Training on procedures for executing the Recovery Plan
Unexpected testing of the Recovery Plan
Number of shortcomings identified in the Recovery
Plan
Cost to the company because of the loss in the
business, if the Recovery Plan had not been
executed
Cost incurred in terms of time, resources and
money to restore IT Services after a disaster

Risk Assessment

8. KPI'S

Initiation: Determines Scope, Policy,

Resources, Recovery projects etc

Threats and Probability

Vulnerabilities
Do nothing

Lack of commitment, ownership, awareness

Insufficient resources, budget constraints

IT Components

Service Continuity
Management

7. Bottlenecks

Immeasurable estimation of damages, unrealistic

assumptions and irregular testing

Return to Manual / paper-based

Requirements and Strategy: If no
preventative measures, options are:

Service Level Management

Availability Management
Capacity Management

Inter-immediate Recovery (Identical Production

Environment created with replication of data)

Change Management

Organisation and Implementation planning

3. Concepts

Security Management
Define organisational policies and strategies
Managing crises thus controlling any further impacts of the disaster.

4 phases

COO, Directors Board

Taking timely decisions that are critical for business continuity. For
example, identifying the right time for executing the Recovery plan.

Implementation

Emergency Response Teams, Damage

Assessment, Crisis Management and Human
Resources
Preventative measures and recovery options
Standby Agreements, Off site recovery with Third
Parties

Organisation and Implementation planning

Crisis Manager

Emergency Response Teams, Damage Assessment,

Crisis Management and Human Resources

Developing plans and procedures

Coordinating the execution of the Recovery plan

Senior Management

Operational Management

5. Roles

Defining the organizational policy

Initiating the activities to be performed while executing the plan

Leading the teams, allocating their responsibilities, and
specifying clear guidelines for carrying out the plans

4. Scope
Management

Reporting on the progress of the execution of the

plan to the Senior Management
Executing the activities mentioned in the Recovery plan
Providing implementation-level details for formulating future plans

Restoring Applications, Databases and Data

Team Leaders and Members

Review and Audit: Review Recovery Plans., Audits

for Changes
Testing: Loopholes introduced

Providing funds, personnel, and resources required

to execute the Recovery plan

Reporting the issues faced during the execution of the Recovery Plan

Includes Installing HW and Network Components

Training and Awareness Strategy Communication,

Recovery Training

Managing the personnel and managers involved in

the execution of the plan
Resolving any conflicts that might arise during the
execution of the plan

Gradual Recovery (3rg Parties)

Immediate Recovery (Operational Environment
Created)

6. Relationships with
other ITIL Processes

Configuration Management

Reciprocal Agreements (sharing department

resources)

Activities

Change Management: Impact of Change on

Recovery Plan

Identifying the relevant areas to apply ITSCM

Allocating Resources
Setting up the recovery projects in the organization

Create awareness among users about cost of

implementing IT services

Track service costs

1. Objectives

Implement a cost monitoring systems that justifies all

expenditure
Provide effective services at reasonable costs

enables IT service organizations to:

Meet customer demands

9. Critical Success Factors

Create complete awareness about impact and cost of

implementing financial mgmt process

Determine the costs of IT services

Provide access to relevant information from the

configuration management process

2. Benefits to the IT
Organisation

Identify the cost structure

Recover costs from customers

Cost benefit analysis

Operate the IT department as a business unit

Feedback from customers

Verify that charges for IT services are realistic

8. KPI'S

Financial targets met by IT organisation

Budgeting

Changes in use of service

Reports sent to the service level management process

3. Concepts

Accounting
Charging for IT Services
Cost Categories

Non-availability of adequate written material

Financial
Management

Difficulty in obtaining planning details

Improper documentation of corporate strategy
and objectives

Implement cost-effective services

7. Bottlenecks

Budgeting looks at the long term objectives

Difficulty in locating skilled personnel

Insufficient cooperation
Lack of managerial commitment

Service Level Management

Capacity Management

6. Relationships with
other ITIL Processes

Zero Based Budgeting - Business Managers

justifying the cost of services

Sales and Marketing budget - Sales Volumes

Budgeting

Configuration Management

Secondary Budget

Production Budget - Information about Services,

People etc
Administrative Budget - Costs per Department
Cost and Investment Budget - Planned budgets
and purchase or replacement costs

Develops and implements the process

Managing the IT organization's budget

Phase 1 - Identify IT needs

Reporting to IT managers and Customers

about conformance to budget
Gathering cost data for all implemented services

Incremental Budgeting - Looking at the previous

years budget

4 Phases to Financial
Management Accounting:

Accounting

IT Finance Manager

4.Scope

Implementing suitable accounting policies

Phase 2 - Identify Cost Control Methods

Phase 3 - Charge appropriately to customers
Phase 4 - Request and receive feedback from
customers about planned changes

Activities

Providing justifications for IT service charges

5. Roles

Preparing regular bills for IT services

Charging Policy

Good numerical and financial skills

Charging

Ability to successfully work with all levels of

IT Organization management
Thorough documentation skills

Encourages Companies to work as a Business Unit

Communicates Information
Pricing Flexibility - charging additional Costs to the Customer

Skills

Notational Charging

Excellent communication and negotiation skills

Direct or indirect

Good presentation skills

Fixed Costs - Constant Costs e.g. not related to

volumes or production
Cost Categories

Variable Costs - e.g. Printers, Phones etc

Capital Costs - purchase of assets that depreciate
Operational Costs - e.g. Building Maintenance etc

Technical and business expertise of the

Service Level Managers
Accurate formulation of the mission and objectives
of the Service Level Management process
Details mentioned in the SLA that help in
quantifying agreed service levels

Awareness of the Service Level Management process

among the employees of the IT organization

Clearly defined OLA and UC that help

maintain the service levels agreed in the SLA

Clear definition of the tasks and roles within

the Service Level Management process

Number of monitored elements of the SLA

9. Critical Success
Factors

Agreed service levels are maintained,

monitored, and improved continuously
Design services based on customer
requirements

2. Benefits to the IT
Organisation

8. KPI'S

Reported number of deviations from agreed service levels

IT services are provided at the agreed quality levels and costs

1. Objectives

Elements of the SLA that meet the agreed service levels

Improve relationships with customers

Service
Level Management

Providers, Customers, and Users

Service Level Requirements (SLR)

Inability of the customers to specify their

requirements clearly

Service Spec sheets

Service Catalogs

Difficulty in quantifying customer expectations

Service Desk
Availability Mgt

Balance the required quality of services with

costs
Reduce costs in the long run

Shortfalls in meeting the agreed service levels

and the consequent improvement measures
included in the next phase plans
Cultural changes required within the IT
organization

Possibility of over-ambitious agreements with

customers

Provide measurable performance indicators for

IT services

3. Concepts

7. Bottlenecks

Service Level Agreements (SLA)

Operational Level Agreements (OLA)

Underestimation of overhead costs for

monitoring and reviewing service levels

Underpinning Contracts (UC)

Non-conformance to the Service Level

Management process

Service Quality Plans (SQP)

Reaching Agreements

Service Improvement Plan (SIP)

Change mgt
IT service continuity mgt
Security Mgt
Configuration Mgt
Financial Mgt
Release Mgt

Defining services
Finalising

Capacity Mgt
Incident and problem mgt

Identifying requirements

Monitoring

6. Relationships with
other ITIL Processes

Fulfilling Agreements

Reviewing Service Levels

Owns and manages the process, and is

responsible for its implementation

Average response times and transaction rates during peak periods

Creating and updating the

service catalogue

Downtime

4. Activities

Maintaining the SLA process by

defining SLA's OLA's and UC's
Updating the SIP

Reporting achieved targets

Service Level Manager

Activities

Service Management Reports

5. Roles

Responsible for:

Number of functional errors

Frequency of duration of service not meeting service levels
Successful/unsuccessful breaches of security
Completed/Ongoing changes

Updating the SLA's, UC's and OLA's

Reviewing and improving the performance of the
IT organisation to meet agreed service levels

Changes made to the SLA

Problems and incidents related to services
Service Improvement Plans

Performance trends
Changes to procedures
Consequences of failure to provide agreed service levels

Comply with the security requirements of the

Service Level Agreements (SLAs)

1. Objectives

Security Management prevents

unauthorised access to information,
intrusion or access violation

Provide a basic level of security to the Information

System, independent of the external requirements

Total commitment from the management

User involvement in the process development

Meet the external requirements not defined in the

contracts, legislation, and policies

Ensure that effective security measures are taken

at strategic, tactical, and operational levels

9. Critical Success Factors

Clarity in the division of employees'

responsibilities

Providing correct and complete information to

relevant people when required

2. Benefits to the IT
Organisation

Security elements included in SLAs

Security elements of the SLA supported by OLA and UCs
Security elements of the SLAs which are
monitored, and where no shortcomings are
reported

Maintaining standards of products and services

Providing value to an Information System
Ensuring the continuity of the IT services
Helping in meeting the objectives of the organization
SLAs

8. KPI'S

Security elements of the SLAs reviewed regularly

Inputs
Information Security

Security elements of the SLAs where the agreed

service levels are fulfilled

External Requirments

Confidentiality

Security
Management

Lack of commitment

3. Concepts

Outputs

Integrity
Availability
Privacy

Insufficient awareness

Policies

Routine Security Plans

Exception Reports
Planning

Verifiability

Compliance requirements are located in SLA

Objectives are specified in the Security Plan

Resistant attitude
Immediate implementation

Classification of IT Resources

7. Bottlenecks

Input for CMDB

Task and responsibilities

Inefficient verification
No link to Change Management

Confidentiality agreements

Personnel Security

Guidelines

Lack of detection systems

Disciplinary Measures

6. Relationships with
other ITIL Processes

Operating instructions
Internal regulations

Monitoring the Security Management process

Handling problems and incidents related to security

Security Guidelines

Implementation

Developing and maintaining the Security Plan according to

the organization's security requirements

Managing Security

4. Scope

Procedures for dealing with incident

Recovery of activities

Security Manager

Inputs for change management

Ensuring that the Security demands specified in the SLA are met
Generating reports containing results of progress,
self-assessment, and internal audits

5. Roles

Virus protection methods

Activities

Control policy

Acting as a mediator between the Security

Manager and the customer
Coordinating escalations for security incidents
Managing the security measures to be
implemented at the customer end

Assess control
Security Officer

Assess info
Network security barriers
Measures for ID of computer systems

Evaluation
Maintenance
Reporting

Self Assessments and audits

Found in SLA and Security Plan OLA
Reporting
Performance and Issues
Functions

Controlling

Organisational Structure
Roles and Responsibilities
Reporting Structure