Lesson 6 - ITIL Management Practices

Download as pdf or txt
Download as pdf or txt
You are on page 1of 90

ITIL® 4 Foundation

Based on AXELOS ITIL® material. Material is reproduced under licence from AXELOS. All rights reserved.
ITIL® is a registered trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
IT Infrastructure Library® is a registered trade mark of AXELOS Limited used under permission of AXELOS Limited. All rights reserved.
AXELOS® is a registered trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.
The Swirl logo™ is a trade mark of AXELOS Limited, used under the permission of AXELOS Limited. All rights reserved.
ITIL Management Practices
Learning Objectives

By the end of this lesson, you will be able to:

Recall the purpose of the ITIL management practices

Recall definitions of the ITIL terms

Explain the ITIL management practices


ITIL Practices and Terms
ITIL Practices

General Management Practices Service Management Practices Technical Management


Practices
1. Architecture management 1. Availability management 1. Deployment management
2. Continual improvement* 2. Business analysis 2. Infrastructure and platform
3. Information security 3. Capacity and performance management management
3. Software development and
management 4. Change enablement*
management
4. Knowledge management 5. Incident management*
5. Measurement and reporting 6. IT asset management
6. Organizational change management 7. Monitoring and event management
7. Portfolio management 8. Problem management*
8. Project management 9. Release management
9. Relationship management 10.Service catalog management
10.Risk management 11.Service configuration management
11.Service financial management 12.Service continuity management
12.Strategy management 13.Service design
13.Supplier management 14.Service desk*
14.Workforce and talent management 15.Service level management*
16.Service request management*
17.Service validation and testing

Out of 34 practices, 15 practices are covered in this course. The practices with * are covered in detail.
Definitions of ITIL Terms

Term Definition

IT asset Any financially valuable component that contributes to the delivery of


an IT product or service
Event Any change of state that has significance for the management of a
service or other configuration item (CI)
Configuration item Any component that needs to be managed in order to deliver an IT
service
Change The addition, modification, or removal of anything that could have a
direct or indirect effect on services
Incident An unplanned interruption to a service or reduction in the quality of a
service
Problem A cause, or potential cause, of one or more incidents

Known error A problem that has been analyzed but has not been resolved
Continual Improvement
Continual Improvement

A recurring organizational activity performed at all levels to ensure that an organization’s


performance continually meets the stakeholders’ expectations

Figure 4.1 The ITIL service value system

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 37
Continual Improvement

The continual improvement model applies to the SVS in its entirety and to all of the
organization’s products, services, service components, and relationships.

To support continual improvement at all levels, the ITIL SVS includes:

ITIL continual The continual


improvement model improvement practice

The improve service


value chain activity
Continual Improvement Model

● It can be used as a high-level guide to support


improvement initiatives.

● It puts a strong focus on customer value.

● It ensures that improvement efforts can be linked


back to the organization’s vision.

● It also supports an iterative approach to


improvement, dividing work into manageable
pieces with separate goals that can be achieved
incrementally.
Continual Improvement Model

Figure 4.3 The Continual Improvement Model

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 66
Continual Improvement Practice

It aligns the organization’s practices and services with changing business needs through:

The ongoing improvement of Or, any element involved in


products, services, and the management of products
practices and services
Continual Improvement Practice

It is the development of improvement-related methods and techniques and the propagation of a continual
improvement culture across the organization, in alignment with the organization’s overall strategy.

Key activities:
• Encourage continual improvement across the
organization
• Secure time and budget for continual improvement
• Identify and log improvement opportunities
• Assess and prioritize improvement opportunities
• Make business cases for improvement action
• Plan and implement improvements
• Measure and evaluate improvement results
• Coordinate improvement activities across the
organization
Continual Improvement Practice

The practice is integral to the development and maintenance of every other practice as well as to
the complete lifecycle of all services and the SVS itself.

Figure 5.2 Heat map of the contribution of continual improvement to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 82
Information Security Management
Information Security Management

The purpose of the information security management practice is to protect the information needed
by the organization to conduct its business.

This includes understanding and managing risks to the confidentiality, integrity, and availability of information.
Information Security Management

The required security is established by means of policies, processes, behaviors, risk management, and
controls, which must maintain a balance between:

Prevention: Ensures that security incidents do not occur

Detection: Prevents rapid and reliable detection of incidents

Correction: Recovers from incidents after they are detected


Information Security Management

Information security management interacts with every other practice.

● It creates controls that each practice must consider


when planning the work to be done.
● It is critically dependent on the behavior of people
throughout the organization.
● It requires proper training to make sure people
understand the information security policy.
Information Security Management

Processes and procedures required to support information security management include:

● An information security incident management processes


● A risk management process
● A control review and audit process
● An identity and access management process
● Event management
● Procedures for penetration testing, vulnerability scanning, etc.
● Procedures for managing information security related changes
Information Security Management

The figure shows the contribution of information security management to the service value chain, with
the practice being involved in all value chain activities.

Figure 5.3 Heat map of the contribution of information security management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 84
Relationship Management
Relationship Management

The purpose of the relationship management practice is to establish and nurture the links between the
organization and its stakeholders at strategic and tactical levels.
Relationship Management

The figure shows the contribution of relationship management to the service value chain, with the
practice being involved in all value chain activities.

Figure 5.9 Heat map of the contribution of relationship management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 97
Supplier Management
Supplier Management

The purpose of the supplier management practice is to ensure that the organization’s suppliers and their
performances are managed appropriately to support the seamless provision of quality products and services.
Supplier Management

Activities that are central to the practice include:

● Creating a single point of visibility and control to ensure


consistency
● Maintaining a supplier strategy, policy, and contract
management information
● Negotiating and agreeing contracts and arrangements
● Managing relationships and contracts with internal and external
suppliers
● Managing supplier performance
Sourcing, Supplier Strategy, and Relationships

The supplier strategy defines the organization’s plan for how it will leverage the contribution of
suppliers in the achievement of its overall service management strategy.

A successful sourcing strategy requires a thorough understanding of an organization’s objectives,


the resources required to deliver that strategy, the environmental factors, and the risks associated
with implementing specific approaches.
Sourcing, Supplier Strategy, and Relationships

Different types of supplier relationships between an organization and its suppliers that need to be
considered as part of the organization’s sourcing strategy include:

Insourcing Outsourcing

Single source/Partnership Multisourcing


Evaluation and Selection of Suppliers

The organization should evaluate and select suppliers based on:

● Importance and impact of the value of the service provided to


the business by the supplier
● Risk associated with using the service
● Cost of the service and its provision
Supplier Management: Activities

Activities of the supplier management practice include:

Supplier planning Supplier and contract management

Evaluation of suppliers and contracts Warranty management

Performance management
Supplier and contract negotiation

Supplier categorization Contract renewal or termination


Change Enablement
Change Enablement

The purpose is to maximize the number of successful IT changes by ensuring that risks have been
properly assessed, authorizing changes to proceed, and managing the change schedule.

The scope includes:


● All IT infrastructure
● Applications
● Documentation
● Processes
● Supplier relationships

All changes should be assessed by people who are able to understand the risks and
the expected benefits.
Three Types of Change

Standard changes Normal changes Emergency changes

These are low-risk, pre- These are changes that These are changes that
authorized changes that need to be scheduled, must be implemented as
are well understood and assessed, and authorized soon as possible; for
fully documented, and can in order to follow a example, to resolve an
be implemented without standard process. incident or implement a
any additional security patch.
authorization.
Contribution of Change Enablement

The contribution of change enablement to the service value chain, with the practice
being involved in all value chain activities is shown in the image.

Figure 5.19 Heat map of the contribution of change enablement to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 120
Incident Management
Incident Management

The purpose is to minimize the negative impact of incidents by restoring normal service operation
as quickly as possible.

● Log and manage every incident to ensure that it is


resolved in time and meets the expectations of the
customer and user.

Incident ● Agree, document, and communicate target resolution


management times to ensure that expectations are realistic.

● Prioritize incidents based on an agreed classification


to ensure that incidents with the highest business
impact are resolved first.

● Store information about incidents under incident


records in a suitable tool.

● Update the incident’s progress on a timely basis.


Incident Management

The contribution of incident management to the service value chain, with the practice being applied mainly
to the engage, and deliver and support value chain activities is shown in the image.

Figure 5.20 Heat map of the contribution of incident management to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 123
IT Asset Management
IT Asset Management

The purpose of IT asset management practice is to plan and manage the complete lifecycle of all IT
assets to help the organization to:

● Maximize value
● Control costs
● Manage risks
● Support decision-making about purchase, re-
use, retirement, and disposal of assets
● Meet regulatory and contractual requirements
IT Asset Management

The scope of IT asset management includes all software, hardware, networking, cloud services, and
client devices. In some cases, it may also include non-IT assets such as buildings or information.
IT Asset Management

Asset management is a well-established practice that includes the acquisition, operation, care, and
disposal of organizational assets, particularly critical infrastructure.

The two types of asset management include:

IT asset management (ITAM) Software asset management (SAM)

This is a sub-practice of asset This is the infrastructure and process


management that is specifically aimed necessary for the effective
at managing the lifecycles and total management, control, and protection of
costs of IT equipment and the software assets within an
infrastructure. organization, throughout all stages of
their lifecycle.
IT Asset Management

The activities and requirements of IT asset management will vary for different types of assets:

Hardware assets must be labelled for clear identification.

Software assets must be protected from unlawful copying, which could result in unlicensed use.

Cloud-based assets must be assigned to specific products or groups so that the costs can be
managed.

Client assets must be assigned to individuals who take responsibility for their care.
IT Asset Management

IT asset management maintains information about the assets, their costs, and related contracts.
IT asset management typically includes the following activities:

Define, populate, and maintain the asset register in terms of structure and content, and the storage
facilities for assets and related media.

Control the asset lifecycle in collaboration with other practices and record all changes made to assets.

Provide current and historical data, reports, and support to other practices about IT assets.

Audit assets, related media, and conformity and drive corrective and preventive improvements to deal
with the detected issues.
IT Asset Management

The contribution of IT asset management to the service value chain, with the practice being applied
mainly to the design and transition, and obtain or build value chain activities.

Figure 5.21 Heat map of the contribution of IT asset management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 127
Monitoring and Event Management
Monitoring and Event Management

The purpose is to systematically observe services and service components, and record and report
the selected changes of state, identified as events.
Monitoring and Event Management

The processes and procedures needed in the monitoring and event management practice must address the
key activities:

● Identify what services, systems, CIs, or other service


components should be monitored, and establish the
monitoring strategy.
● Implement and maintain monitoring, leverage both the native
monitoring features of the elements being observed as well as
the use of designed-for-purpose monitoring tools.
● Establish and maintain thresholds and other criteria for
determining which changes of state will be treated as events
and choose criteria to define each type of event.
● Establish and maintain policies for how each type of detected
event should be handled to ensure proper management.
● Implement processes and automations required to
operationalize the defined thresholds, criteria, and policies.
Monitoring and Event Management

The figure shows the contribution of monitoring and event management to the service
value chain, with the practice being involved in all value chain activities except plan.

Figure 5.22 Heat map of the contribution of IT asset management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 130
Problem Management
Problem Management

Problem management reduces the likelihood and impact of incidents by identifying the actual and
potential causes of incidents, and manages workarounds and known errors.

Problem:
It is a cause, or potential cause, of one or
more incidents.

Known error:
It is a problem that has been analyzed
but has not been resolved
Problem Management

Figure 5.23 The phases of problem management

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 131
Problem Management

When a problem cannot be resolved quickly, it is often useful to find and document a
workaround for future incidents.

Workarounds are documented in problem records.

This can be done at any stage and it doesn’t need to wait for the analysis to be complete.
Problem Management

The contribution of problem management to the service value chain, with the practice being applied
mainly to the improve, and deliver and support value chain activities.

Figure 5.24 Heat map of the contribution of problem management to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 133
Release Management
Release Management

The purpose is to make new and changed services and features available for use.

Release is a version of service or other configuration item, or a collection of configuration items,


that is made available for use.
Release Management

The figure shows how release management is handled in a traditional or waterfall environment. In these
environments, release management, and deployment may be combined and executed as a single process.

Figure 5.25 Release management in a traditional/waterfall environment


Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 135
Release Management

The figure shows how release management is handled in an Agile/DevOps environment.

Figure 5.26 Release management in an Agile/DevOps environment


Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 135
Release Management

The contribution of release management to the service value chain, with the practice being
involved in all value chain activities

Figure 5.27 Heat map of the contribution of release management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 136
Service Configuration Management
Service Configuration Management

The purpose is to ensure that accurate and reliable information about the configuration of services, and
the CIs that support them, is available when and where it is needed.
Service Configuration Management

The figure is a simplified diagram showing how multiple CIs contribute to an IT service.

Figure 5.29 Simplified service model for a typical IT service


Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 140
Service Configuration Management

The figure shows the contribution of configuration management to the service value chain, with
the practice being involved in all value chain activities

Figure 5.30 Heat map of the contribution of service configuration management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 142
Service Desk
Service Desk

The purpose is to capture demand for incident resolution and service requests. It should also be
the entry point and single point of contact for the service provider with all its users.

Service desks provide a clear path for users to report issues, queries, and requests; and have
them acknowledged, classified, owned, and actioned.
Service Desk

Service desks provide a variety of channels for access.

Chat Email
Service portals and
Phone calls
mobile applications

Text and social


Walk-in service media messaging Public and corporate
desks social media
Service Desk

Supporting technologies for a centralized service desk:

Intelligent telephony Workflow systems


systems

Workforce Knowledge base


management

Call recording and Remote access tools


quality control

Dashboard and Configuration


monitoring tools management systems
Service Desk

The contribution of service desk to the service value chain, with the practice being
involved in all value chain activities.

Figure 5.33 Heat map of the contribution of service desk to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 151
Service Level Management
Service Level Management

The purpose is to set clear business-based targets for service levels, and to ensure the delivery of
services is properly assessed, monitored, and managed against these targets.
Service Level Management

Service level management provides the end-to-end visibility of the organization’s services.

A service level management:

• Establishes a shared view of the services and


target service levels with customers
• Ensures that the organization meets the defined
service levels through the collection, analysis,
storage, and reporting of the relevant metrics for
the identified services
• Performs service reviews to ensure that the
current set of services continues to meet the
needs of the organization and its customers
• Captures and reports service issues, including
performance against defined service levels
Service Level Agreement (SLA)

Service level agreement is a documented agreement between a service provider and a customer that
identifies both services required and the expected level of service.

Key requirements for successful SLAs:

Should relate to defined outcomes


Must be related to a defined
and not operational metrics
service in the service catalogue

Must be simply written and easy to


Must reflect an agreement understand and use for all parties
Service Level Management

Service level management requires focus and effort to engage and listen to the requirements,
issues, concerns, and daily needs of customers:

Engagement Listening

It is required to understand and It is important as a relationship-building


confirm the actual ongoing needs and and trust-building activity, to show
requirements of customers. customers that they are valued and
understood.
Service Level Management

Service level management involves collating and analyzing information from a number of
sources, including:

Customer engagement Customer feedback

Operational metrics Business metrics


Service Level Management

The contribution of service level management to the service value chain, with the
practice being involved in all value chain activities.

Figure 5.34 Heat map of the contribution of service level management to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 155
Service Request Management
Service Request Management

The purpose is to support the agreed quality of a service by handling all predefined, user-initiated
service requests in an effective and user-friendly manner

A service request includes:


● Request for a service delivery action
● Request for information
● Request for provision of a resource or
service
● Request for access to a resource or
service
● Feedback, compliments, and complaints
Service Request Management

To be handled successfully, service request management should follow these guidelines:

● Service requests and their fulfillments should be


standardized and automated
● Policies should be established with limited or no
additional approvals so that fulfilment can be
streamlined
● Expectations of users regarding fulfilment times
should be clearly set
● Opportunities for improvement should be identified
and implemented to produce faster fulfilment times
● Policies and workflows should be included for
documentation and redirection of any service
requests
Service Request Management

The contribution of service request management to the service value chain, with the practice being
involved in all service value chain activities except the plan activity.

Figure 5.35 Heat map of the contribution of service request management to value chain activities

Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 157
Deployment Management
Deployment Management

The purpose is to move new or changed hardware, software, documentation, processes, or any other
component to live environments.
Deployment Management

There are a number of distinct approaches that can be used for deployment.

Many organizations use a combination of these approaches, depending on their specific services and
requirements as well as the release sizes, types, and impact.

Phased
deployment

Continuous
Pul deployment
delivery

Big bang
deployment
Deployment Management

The contribution of deployment management to the service value chain activities.

Figure 5.37 Heat map of the contribution of deployment management to value chain activities
Copyright © AXELOS Limited 2019. Used under permission of AXELOS Limited. All rights reserved, Page 161
Key Takeaways

ITIL practices are divided into three categories: general


management practices, service management practices, and
technical management practices.

General management practices include 14 practices. Some of


these include continual improvement, information security
management, risk management, and supplier management.

Service management practices include 17 practices. Some of


which are availability management, release management,
configuration management, and service level management.

Technical management practices include deployment


management, infrastructure management and platform
management, and software development and management.
Knowledge Check
Knowledge
Check Which practice protects the information needed by the organization to conduct its
business?
1

a. Supplier Management

b. Incident Management

c. Information Security Management

d. None of the above


Knowledge
Check Which practice protects the information needed by the organization to conduct its
business?
1

a. Supplier Management

b. Incident Management

c. Information Security Management

d. None of the above

The correct answer is C

Information security management practice protects the information needed by the organization to conduct its
business.
Knowledge
Check
Which of the following is true about emergency changes?
2

a. Are pre-authorized

b. Are implemented without any additional authorization

c. Are authorized based on change type

d. Are implemented as soon as possible


Knowledge
Check
Which of the following is true about emergency changes?
2

a. Are pre-authorized

b. Are implemented without any additional authorization

c. Are authorized based on change type

d. Are implemented as soon as possible

The correct answer is D

Emergency changes need to be implemented as soon as possible.


Knowledge
Check
What is an event?
3

a. Change of state that has significance for the management of a configuration item (CI) or IT
service

b. Cause, or potential cause, of one or more incidents

c. Unplanned interruption to a service or reduction in the quality of a service

d. None of the options


Knowledge
Check
What is an event?
3

a. Change of state that has significance for the management of a configuration item (CI) or IT
service

b. Cause, or potential cause, of one or more incidents

c. Unplanned interruption to a service or reduction in the quality of a service

d. None of the options

The correct answer is A

An event is any change of state that has significance for the management of a configuration item (CI) or IT service.

You might also like