Information Technology Infrastructure Library Article Index for
Information Technology 		Website Links For
Information Technology 		 

Information About

Information Technology Infrastructure Library
  CATEGORIES ABOUT INFORMATION TECHNOLOGY INFRASTRUCTURE LIBRARY
   
information technology management
   
standards
   
method engineering
   
APPAREL
BABY
BEAUTY
BOOKS
CAR TOYS
CELL PHONES
DVD'S
ELECTRONICS
GOURMET FOOD
GROCERIES
HEALTH & PERSONAL
HOME & GARDEN
JEWELRY
MUSIC
MUSIC INSTRUMENTS
OFFICE PRODUCTS
SOFTWARE
SPORTING GOODS
TOOLS & HARDWARE
TOYS
VIDEO GAMES
SHOPPING HOME
MORE SHOPPING...



ITIL is published in a series of books, each of which covers one topic.
The names ''ITIL'' and ''IT Infrastructure Library'' are Registered Trade Marks of the Office Of Government Commerce (OGC), which is an Office of the United Kingdom 's Treasury . The content of the books is protected by Crown Copyright .

The recommendations of ITIL were developed in the late 1980's by the Central Computer And Telecommunications Agency (CCTA), which merged into the OGC in April, 2001 and disappeared as a distinct organization. The CCTA created ITIL in response to the growing dependence on information technology to meet business needs and goals.

ITIL is currently embodied in the ISO 20000 standard (previously BS 15000 ).

In December 2005, the OGC issued notice of an ITIL refresh , commonly known as ITIL V3 , which is planned to be available late 2006.

ITIL Version Three will begin with the publication of five core texts namely: IT Service Design, IT Service Introduction, IT Service Operations, IT Service Improvement and IT Service Strategies.


BENEFITS OF ITIL

ITIL benefits the IT community in many ways.

  • It is ''comprehensive''.

  • It creates a common ''vocabulary''. ITIL creates a Glossary of tightly defined terms, which facilitates communication.



OVERVIEW OF THE ITIL FRAMEWORKS

ITIL is defined by a collection of books that describe guidelines for different aspects of best-practice data center management. Taken as a whole, ITIL presents a comprehensive view of the field. The subjects of the individual books are referred to as ''sets''; currently there are eight. The sets are further divided into ''disciplines'', each of which is focused on a specific subject.

The eight sets and their disciplines are:

# Service Delivery. What services must the data center provide to the business to adequately support it.
## ''IT Financial Management''
## ''Capacity Management''
## ''Availability Management''
## ''IT Continuity Management''
## ''Service Level Management''
# Service Support. How does the data center ensure that the customer has access to the appropriate services.
## ''Change Management''
## ''Release Management''
## ''Problem Management''
## ''Incident Management''
## ''Configuration Management''
## ''Service Desk''
# Planning to Implement Service Management. How to start the changeover to ITIL. It explains the necessary steps to identify how an organisation might expect to benefit from ITIL and how to set about reaping those benefits.
# Security Management.
# ICT Infrastructure Management. What processes, organisation, and tools are needed to provide a stable IT and communications infrastructure. This is the foundation for ITIL service management processes.
## ''ICT Design and Planning''
## ''ICT Operations Management''
## ''ICT Deployment''
## ''ICT Technical Support''
# The Business Perspective. It explains the key principles and requirements of the business organisation and operation and how these relate to the development, delivery and support of IT services.
# Application Management. How to manage the software development lifecycle, expanding the issues touched upon in Software Development lifecycle and testing of IT Services .
# Software Asset Management.



The following diagram shows the framework of ITIL.

From the beginning, the ITIL Framework has been publicly available (however, it is copyright protected). This means that any organisation can use the framework described by the OGC in its numerous books. Because of this, ITIL guidance has been used by a wide range of organisations including the local and central government, energy, public utilities, retail, finance, and manufacturing. Very large organisations, very small organisations and everything in between have implemented ITIL processes. Each set in the diagram above represents a book. The Service Management set is the main discipline of ITIL split into two sections, ''Service Support'' and ''Service Delivery'', the service management is concerned with delivering and supporting IT services that are appropriate to the business requirements of the organisations. There are four sets around the IT service management. First, ''planning to implement service management'' create the planning to implement ITIL inside an organisation. Then, ''the Business perspective'' investigate if the services are efficient on the business and control the cost/revenue for the services. The right side is the ''ICT infrastructure'' which deal more with technical issues. The last side is the ''Application Management'' which address the complex subject of managing applications from the initial business need, through the ''Application Management'' lifecycle, up to and including retirement.


INDIVIDUAL SETS


Service Delivery

The scope and details of the ''Service Delivery'' set are defined in the book

:1

The Service Delivery discipline is concerned, primarily, with the pro-active and forward looking services that the business requires of its ICT provider in order to provide adequate support to the business users (compare with: Service Support ). The discipline consists of the following processes:
  • Service Level Management

  • Capacity Management

  • IT Service Continuity Management

  • Availability Management

  • Financial Management




. Service Delivery is explained in the following subsections.


Service Level Management

Service Level Management provides for continual identification, monitoring and review of the levels of IT services specified in the Service Level Agreement s (SLAs). Service Level Management ensures that arrangements are in place with internal IT support providers and external suppliers in the form of Operational Level Agreements (OLAs) and Underpinning Contracts (UpCs). The process involves assessing the impact of change upon service quality and SLAs. The service level management process is in close relation with the operational processes to control their activities. The central role of Service Level Management leads to it being the natural place for Metrics to be established and monitored against a Benchmark .


Capacity Management

Capacity Management supports the optimum and cost effective provision of IT services by helping organizations match their IT resources to the business demands. The high level activities are: Application Sizing, Workload Management, Demand Management, Modeling, Capacity Planning, Resource Management, and Performance Management.


IT Service Continuity Management

IT Service Continuity Management helps to ensure the availability and rapid restoration of IT services in the event of a disaster. The high level activities are: Risk Analysis, Manage Contingency Plan Management, Contingency Plan Testing, and Risk Management.


Availability Management

Availability Management allows organizations to sustain the IT service availability in order to support the business at a justifiable cost. The high level activities are: Realize Availability Requirements, Compile Availability Plan, Monitor Availability, and Monitor Maintenance Obligations.


Financial Management for IT services

Financial Management for IT services assesses the Total Cost Of Ownership.


Service Support

The scope and details of the Service Support set are defined in the book

:2

The service support ITIL discipline ensures that the Customer has access to the appropriate services to support the business functions.



To a business, customers and users are the entry point to the process model. They get involved in service support by asking:
  • Asking for changes

  • Needing communication, updates

  • Having difficulties, queries.

    • The service desk is the single contact point for the customers to record their problems. It will try to resolve it, if there is a direct solution or will create an Incident . ''Incidents'' initiate a chain of processes: Incident Management, Problem Management, Change Management, Release Management and Configuration Management (see following sections for details). This chain of processes is tracked using the Configuration Management Database (CMDB), which records each process, and creates output documents for traceability (Quality Management).



Service Desk

To meet the communications needs of both users and IT and to satisfy both Customer and IT Provider objectives, many organisations have implemented a central point of contact for handling Customer, User and related issues. This function is known under several titles, including:


The Service Desk acts as the central point of contact between service providers and users/customers, on a day-to-day basis. It is also a focal point for reporting Incidents and for users making service requests. It handles incidents and service requests, as well as providing an interface, with users, for other Service Management activities such as Change, Problem, Configuration, Release, Service Level and IT Service Continuity Management.

The Service Desk pro-actively keeps users informed of all relevant service events, actions and service changes that are likely to affect them. The Service Desk is in the direct line of any impact on the Service Level Agreement and as such should be kept rapidly informed of any planned or unexpected changes or service unavailability.

The Service Desk differs from a Call Centre , Contact Centre or a Help Desk by offering a more broad and user centric approach, which seeks to provide a user with an informed single point of contact for all of their ICT requirements. A Service Desk seeks to facilitate the integration of business processes into the Service Management infrastructure. In addition to atively monitoring and owning Incidents, and user questions and providing the communications channel for other Service Management disciplines with the user community, a Service Desk also provides an interface for other activities such as customer Change requests, third parties (e.g. maintenance contracts), and software licencing.

The objectives of the Service Desk are:
  • Providing a single (informed) point of contact for customers

  • Facilitating the restoration of normal operational service with minimal business impact on the customer within agreed levels ( SLA ) and business priorities.


The common Service Desk functions include:
  • Receiving calls, first-line customer liaison

  • Recording and tracking incidents and complaints

  • Keeping customers informed on request status and progress

  • Making an initial assessment of requests, attempting to resolve them or refer them to someone who can

  • Monitoring and escalation procedures relative to the appropriate SLAs

  • Identifying problems

  • Closing incidents and confirmation with the customers

  • Coordinating second-line and third line support



Incident Management

The first goal of the incident management process is to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained. 'Normal service operation' is defined here as service operation within Service Level Agreement (SLA).

ITIL terminology defines an ''incident'' as:
Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service


Incidents may match with existing 'Known Problems', without a known root cause or 'Known Errors' with a root cause and under the control of Problem Management and registered in the Known Error Database (KeDB) and may have existing work-arounds allowing the Service Desk to provide a quick first-line fix. Other Incidents may be isolated or individual occurences and may be (once the initial issue has been addressed) involve Problem Management and may result in a new problem record being raised.

The main incident management processes are the following:
  • Incident detection and recording

  • Classification and initial support

  • Investigation and diagnosis

  • Resolution and recovery

  • Incident closure

  • Incident ownership, monitoring, tracking and communication


Incidents should be classified as they are recorded, Examples of Incidents by classification:

  • Application

  • --- service not available

  • --- application bug

  • --- disk-usage threshold exceeded

  • Hardware

  • --- system-down

  • --- automatic alert

  • --- printer not printing

  • Service requests

  • --- request for information/advice/documentation

  • --- forgotten password


The incidents that cannot be resolved quickly by the Help desk will be assigned to specialist Technical Support groups. A resolution or work-around should be established as quickly as possible in order to restore the service.


==Relationship

Incidents are the result of failures or errors in the IT infrastructure . The cause of Incidents may be apparent and that cause be addressed without the need for further investigation, resulting in a repair, a Work-around or an Request For Change (RFC) to remove the error. The following diagram shows the relationship between incidents, problems, known errors and RFCs.



Where an incident is considered to be serious in nature, or multiple occurences of similar incidents are observed, a problem record might be created as a result (it's possible that the Problem will not be recorded until several incidents have occurred). The management of a problem varies from the process of managing an incident and is typically performed by different staff and therefore is controlled by the problem management process. When a problem has been properly identified and a work-around is known, the problem becomes a 'known problem', when it's 'root cause' has been identified, it becomes a 'known error'. Finally a request for change (RFC) may be raised to modify the system by resolving the known error, this process is covered by the Change Management process.

A request for new additional service is often not regarded as an incident but as a Request for Change (RFC).


Problem management

The goal of Problem Management is to minimize the adverse impact of incidents and problems on business that are caused by errors within the IT infrastructure, and to prevent recurrence of incidents related to these errors.
A `problem' is an unknown underlying cause of one or more incidents, and a `known error' is a problem that is successfully diagnosed and for which a work-around has been identified. The CCTA defines problems and known errors as follows:

''A problem is a condition often identified as a result of multiple Incidents that exhibit common symptoms. Problems can also be identified from a single significant Incident, indicative of a single error, for which the cause is unknown, but for which the impact is significant.''

''A known error is a condition identified by successful diagnosis of the root cause of a problem, and the subsequent development of a Work-around.''

''Problem management'' is different than ''incident management''. The principal purpose of ''problem management'' is the detection, resolution, and prevention of incidents; ''incident management'' records the incident.



The above diagram shows the details of the problem management process. The problem management process is intended to reduce the number and severity of incidents and problems on the business, and report it in documentation to be available for the first-line and second line of the help desk.
The proactive process identifies and resolves problems before incidents occur. These activities are:
  • Trend analysis;

  • Targeting support action;

  • Providing information to the organization.


The ''Error Control Process'' is an iterative to process known errors until they are eliminated by the successful implementation of a change under the control of the Change Management process.

The ''Problem Control Process'' aims to handle problems in an efficient way. Problem control identifies the root cause of incidents and reports it to the service desk. Other activities are:
  • Problem identification and recording;

  • Problem classification;

  • Problem investigation and diagnosis.

    • The standard technique for identifying the root cause of a problem is to use an '' Ishikawa Diagram '', also referred to as a cause-and-effect diagram, tree diagram, or fishbone diagram. An Ishikawa diagram is typically the result of a brainstorming session in which members of a group offer ideas to improve a product. For problem-solving, the goal will be to find the cause and effect of the problem.




Ishikawa diagrams can be defined in a meta-model.

First there is the main subject, it's the backbone of the diagram what we try to solve or improve, the main subject is derived from a cause.
The relationship between a cause and an effect is a double relation, a cause is result of effects, and the effect is the root of causes. But there is just one effect for several causes and one cause for several effects.
The following example shows an application of the meta-model.




Configuration management

Configuration Management is a ''process'' that tracks all of the individual Configuration Items (CI) in a system. A ''system'' may be as simple as a single server, or as complex as the entire IT department. Configuration Management includes:
  • Creating a parts list of every CI (hardware or software) in the system.

  • Defining the relationship of CIs in the system

  • Tracking of the status of each CI, both its current status and its history.

  • Tracking all Requests For Change to the system.

  • Verifying and ensuring that the CI parts list is complete and correct.


There are five basic activities of Configuration Management:

  • Planning: The Configuration Management plan covers the next three to six months in detail, and the following twelve months in outline. It is reviewed at least twice a year and will include a strategy, policy, scope, objectives, roles and responsibilities, the Configuration Management processes, activities and procedures, the CMDB , relationships with other processes and third parties, as well as tools and other resource requirements.

  • Identification: The selection, identification and labelling of all CIs. This covers the recording of information about CI's, including ownership, relationships, versions and unique identifiers. CIs should be recorded at a level of detail justified by the business need, typically to the level of "independent change".

  • Control: This gives the assurance that only authorised and identifiable CIs are accepted and recorded from receipt to disposal. It ensures that no CI is added, modified, replaced or removed without the appropriate controlling documentation e.g. approved RFC , updated specification. All CIs will be under Change Management Control.

  • Status Accounting: The reporting of all current and historical data concerned with each CI throughout its life-cycle. It enables changes to CIs and tracking of their records through various statuses, e.g. ordered, received, under test, live, under repair, withdrawn or for disposal.

  • Verification and Audit: This is a series of reviews and audits that verifies the physical existence of CIs, and checks that they are correctly recorded in the CMDB . It includes the process of verifying Release and Configuration documentation before changes are made to the live environment.



Change Management

ITIL defines the change management process this way:

The goal of the Change Management process is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes, in order to minimize the impact of change-related incidents upon service quality, and consequently improve the day-to-day operations of the organization.


Change management is responsible for managing change process involving:
  • Hardware

  • Communications equipment and software

  • System software

  • All documentation and procedures associated with the running, support and maintenance of live systems.


Any proposed change must be approved in the change management process. While change management makes the process happen, the decision authority is the Change Advisory Board (CAB), which is made up for the most part of people from other functions within the organisation.
The main activities of the change management are:
  • Filtering changes

  • Managing changes and the change process

  • Chairing the CAB and the CAB/Emergency committee

  • Reviewing and closing RFCs

  • Management reporting and providing management information


More information on the Change Management process can be found on the Change Management Process (ITIL) page.


Release Management

Release Management is used for platform-independent and automated distribution of software and hardware, including license controls across the entire IT infrastructure. Proper Software and Hardware Control ensure the availability of licensed, tested, and version certified software and hardware, which will function correctly and respectively with the available hardware. Quality control during the development and implementation of new hardware and software is also the responsibility of Release Management. This guarantees that all software can be conceptually optimized to meet the demands of the business processes.
The goals of release management are:
  • Plan to rollout of software

  • Design and implement procedures for the distribution and installation of changes to IT systems

  • Communicate and manage expectations of the customer during the planning and rollout of new releases

  • Control the distribution and installation of changes to IT systems

    • The focus of release management is the protection of the live environment and its services through the use of formal procedures and checks.



Planning To Implement Service Management


The planning to implement service management publication is about the alignment of Business needs and IT provision requirements. The book provides a detailed approach for the implementation and continuous improvement of IT Service Management within an organisation. Planning To Implement Service Management is mainly focused on the Service Management processes, but also generically applicable to other ITIL disciplines.

An approach to implement or improve service management is the Continuous Service Improvement Programme (CSIP). This programme consists of the following steps regarding ''one single'' improvement:
  • create vision

  • analyze organization

  • set goals

  • implement IT service management

  • measure goals


Further information can be found by referring to ITIL Planning To Implement Service Management .

The scope and details of the ''Planning To Implement Service Management'' set are defined in the book

:3


Security Management

The ITIL-process Security Management describes the structured fitting of information security in the management organization. ITIL Security Management is based on the code of practice for information security management also known as ISO/IEC 17799 .

A basic concept of the Security Management is the Information Security . The primary goal of information security is to guarantee Safety of the Information . Safety is to be protected against Risks . Security is the means to be safe against risks. When protecting information it is the value of the information that has to be protected. These values are stipulated by the confidentiality, integrity and availability. Inferred aspects are privacy, anonymity and verifiability.

For more information about ITIL Security Process refer to ITIL Security Management .

The scope and details of the ''Security Management'' set are defined in the book

:4


ICT Infrastructure Management

The scope and details of the ''ICT Infrastructure Management'' set are defined in the book

:5

The Infrastructure Management set describes server installation and acceptance, operations management, system management, and network management.

The Infrastructure Management processes describe those processes within ITIL that directly relate to the ICT equipment and software that is involved in providing ICT services to customers.

  • ICT Design and Planning

  • ICT Deployment

  • ICT Operations

  • ICT Technical Support


These disciplines are less well understood than those of Service Management and therefore often some of their content is believed to be covered 'by implication' in Service Management disciplines.


ICT Design and Planning

ICT Design and Planning provides a framework and approach for the Strategic and Technical Design and Planning of ICT infrastructures. It includes the necessary combination of Business (and overall IS) strategy, with technical design and architecture. ICT Design and Planning drives both the Procurement of new ICT solutions through the production of Statements of Requirement ("SOR") and Invitations to Tender ("ITT") and is responsible for the initiation and management of ICT Programmes for strategic business change. Key Outputs from Design and Planning are:
  • ICT Strategies, Policies and Plans

  • The ICT Overall Architecture & Management Architecture

  • Business Cases, Feasibility Studies, ITTs and SORs



ICT Deployment Management

ICT Deployment provides a framework for the successful management of design, build, test and roll-out (deploy) projects within an overall ICT Programme . It includes many Project Management disciplines in common with Prince2 , but has a broader focus to include the necessary integration of Release Management and both functional and non functional testing.


ICT Operations Management

ICT Operations Management provides the day-to-day technical supervision of the ICT infrastructure. Often confused with the role of Incident Management from Service Support, Operations is more technical and is concerned not solely with Incidents reported by users, but with Events generated by or recorded by the Infrastructure. ICT Operations may often work closely alongside Incident Management and the Service Desk, which are not-necessarily technical in order to provide an 'Operations Bridge'. Operations, however should primarily work from documented processes and procedures and should be concerned with a number of specific sub-processes, such as: Ouput Management, Job Scheduling, Backup and Restore, Network Monitoring/Management, System Monitoring/Management, Database Monitoring/Management Storage Monitoring/Management. Operations are responsible for:

  • A stable, secure ICT infrastructure

  • A current, up to date Operational Documentation Library ("ODL")

  • A log of all operational Events

  • Maintenance of operational monitoring and management tools.

  • Operational Scripts



ICT Technical Support

ICT Technical Support is the specialist technical function for infrastructure within ICT. Primarily as a support to other processes, both in Infrastructure Management and Service Management, Technical Support provides a number of specialist functions: Research and Evaluation, Market Intelligence (particularly for Design and Planning and Capacity Management), Proof of Concept and Pilot engineering, specialist technical expertise (particularly to Operations and Problem Management), creation of documentation (perhaps for the Operational Documentation Library or Known Error DataBase).


The Business Perspective

The scope and details of the ''Business Perspective'' set are defined in the book

:6

The Business Perspective covers a range of issues concerned with understanding and improving IT service provision, as a part of the entire business requirement for high IS quality management. These issues are:

  • ''Business Continuity Management'' describes the responsibilities and opportunities available to the business manager to improve what is, in most organizations one of the key contributing services to business efficiency and effectiveness.

  • ''Surviving Change''. IT infrastructure changes can impact the manner in which business is conducted or the continuity of business operations. It is important that business managers take notice of these changes and ensure that steps are taken to safeguard the business from adverse side effects.

  • ''Transformation of business practice through radical change'' helps to control IT and to integrate it with the business.

  • ''Partnerships and outsourcing''



Application Management

The scope and details of the ''Application Management'' set are defined in the book

:7

The ''Application Management'' set covers the life-cycle of software development projects, with particular attention to gathering and defining requirements that meet business objectives.


PROCESS THEORY

This section gives an introduction to Process Theory , which is the basis for ITIL process models.
A process is a connected series of actions, activities, and changes etc, performed by agents with the intent of satisfying a purpose or achieving a goal. A process model enables understanding and helps to articulate the distinctive features of a process. When a process has been defined it should be under control to be manageable, the process control is the process of planning and regulating, with the objective of performing the process in an effective and efficient way.
The output produced by a process has to conform to operational norms that are derived from business objectives. If products conform to the set norm, the process can be considered effective (because it can be repeated, measured and managed).If the activities are carried out with a minimum effort, the process can also be considered efficient. Process results metrics should be incorporated in regular management reports.


The model shown above is a generic process model. Data enters in the process, is processed and then the data comes out, the output has been measured and reviewed by the process control. This very basic description underpins any process description. A process is always organized around a goal. The main output of that process is the result of that goal.
The approach underpins the `plan-do-check-act' cycle of any quality management system. Plan the purpose of your process in such a way that the process action can be audited for successful achievement and, if necessary, improved.


CERTIFICATION

Examination and certification is managed via two independent bodies:

EXIN - This is the Examination Institute for Information Science

ISEB - This is the Information Systems Examination Board .

These groups organise and control the certification activity. Both bodies accredit training organisations to guarantee a consistent level of quality in course delivery.

Although no formal register of qualified individuals is maintained, a voluntary register is operated by the ITIL Certification Register

There are currently 3 levels of certification offered in Service Management:
  • The ITIL Foundation Certificate in Service Management

  • The ITIL Practitioners Certificate

  • The ITIL Managers Certificate in Service Management


A single level of certification is offered in Application Management
  • Certificate in ITIL Application Management Essentials


A single level of certification is also offered in Infrastructure Management
  • The ITIL Managers Certificate in Infrastructure Management



REFERENCES