An Overview of the Information Technology Infrastructure Library

August 27, 2007

Agenda

• What is ITIL?

• Why is it important?

• ITIL – an overview • Questions and answers 2

What Is ITIL?

The Infrastructure Technology Infrastructure Library is a framework of best practices – Developed by the UK Office of Government Commerce • Promotes quality computing services in the IT sector.

• Forms the foundation on which an organization can either design and/or adopt a methodology to meet its own specific needs.

• Addresses the organizational structure and skill requirements for an IT organization by presenting a comprehensive set of management procedures with which an organization can manage its IT operations.

3

Best Practice

• How would you define “Best Practice”?

– Widely recognized, proven through use and regular improvement, flexible, and documented • Technique, method, process, etc that is more effective at delivering a desired outcome than any other.

• Most efficient (least amount of effort) and effective (best results) way of accomplishing a task, based on repeatable procedures that have proven themselves over time for large numbers of people 4

ITIL As a Quality Framework

• • Supports • • British Standards Institution Code of Practice for IT Service Management (PD0005) • A code of practice for IT Service Management ISO quality standard ISO9000/20000 (ISO20k) Supported by: • COBIT • Aligns with: • • • • • CMM/CMMi Balanced Scorecard Six Sigma Baldridge Award Criteria TQM 5

Why Is ITIL Important?

• Criteria for professionalism • • • Formal body of knowledge Formally recognized Maintains a code of behavior • • • • Business alignment System support Common language Recognized best practice 6

Industry Forces

• Commodization of IT • IT as a cost center • CIO reports to CFO • Outsourcing is prevalent 7

Business Drivers

• IT must the business and provide consultative advice • More change in less time • Ensure existing quality • Cost control 8

Technology Drivers

• IT must understand the business and provide consultative advice • More change in less time • Ensure existing quality • Cost control 9

IT Service Management

• A collection of shared responsibilities plus interrelated disciplines and processes, that enable an organization to measure, control, and ultimately manage the IT infrastructure to delivery quality, cost effective services to meet both short- and long-term business requirements.

10

IT Service Management

Mission • To: Decrease and control cost, improve customer satisfaction • By: Stabilizing and Standardizing the infrastructure • So: We can have predictability in service delivery Advantages • Scalability • Cost • Capacity • Availability • Throughput • Utilization 11

Goals

• Align IT services with the current and future needs of the business, customers, and users • Improve quality of IT services • Reduce and control the long-term cost of providing IT services 12

IT Service Management Core Tactical Disciplines

Service Support • Incident Mgt • Problem Mgt • Change Mgt • Release Mgt • Configuration Mgt Service Delivery • Service Level Mgt • Financial Mgt • Capacity Mgt • IT Service Continuity Mgt (ITSCM) • Availability Mgt Service Desk Security 13

Service Delivery

• Consists of five best practice processes – Service Level Management – Availability Management – Financial Management – Capacity Management – IT Service Continuity Management (ITSCM) 14

Service Level Management

• Objective: Maintain and improve IT service quality through a constant cycle of agreeing, monitoring, reporting, and reviewing IT service requirements 15

Service Level Management Definitions

• Service – One or more IT systems that enables a business process • Service Catalog – Clarifies what you offer • Service Providers – The organization that provides IT services • Service Level Agreement (SLA) – Formal, written agreement between provider and customer of the service targets for services • Operational Level Agreement (OLA) – Internal agreement on services that support the delivery of a service • Vital Business Function – The reason IT exists 16

Service Level Management Responsibilities

• Service Catalog • Service Level Agreement • Operational Level Agreement (OLA) • Underpinning Contracts (UC) • Service Improvement Program (SIP) • Communications 17

Service Level Management Activities

• Define • Negotiate • Contract • Monitor • Report & Review • Improvement 18

Availability Management

• Objective: Optimize the capability of the IT infrastructure and supporting organization to deliver a cost effective and sustained level of availability to satisfy business objectives – The ability of a service or component to perform a stated function under defined circumstances or over a designated period of time • Component calculation • Key dependencies 19

Availability Management

• Reliability – Freedom from operational failure (MTBF) • Maintainability – Focuses on component failure and what can be done to prevent and restore the component • Serviceability – Third-party underpinning contracts to guard availability, reliability, and maintainability 20

Availability Management Activities

• Requirements • Improvement • Plan • Monitor • Control • Contract • Cost 21

Types of Availability

• Continuous – Minimize the impact of any outage and maintenance • High Availability – Minimize the effect of an outage • Continuous Operation – Minimize the effect of maintenance • Scheduled outage – Planned downtime – Customer visibility and approval • Unscheduled outage – Not planned – Not approved by the customer – Result of an infrastructure fault 22

Financial Management

• Objective: Provide cost effective stewardship of IT assets and resources used to provide IT services – Stewardship – Fact-based – Value 23

Financial Management

• Budgeting – Financial plan that ensures money will be available at a specific point in time over a specific period • Accounting – Keeps track of where the money is going • Charging – Recover the costs of services or provide visibility to the costs of consuming the services 24

Capacity Management

• Objective: Ensure that capacity and performance aspects of the business requirements are provided in a timely and cost effective manner – Balance costs and capacity against supply and evolving demands of the business 25

Capacity Management

• Activities – Monitoring – Analysis – Tuning – Implementation – Data Storage – Understand Demand – Modeling – Application Sizing – Planning 26

Capacity Management

• Demand Management – Constraints • Physical • Financial – Perspective • Short-term • Long-term 27

IT Service Continuity Management

• Objective: Support the overall Business Continuity Management Process by ensuring that the required IT technical service facilities can be recovered within the timeframe required by Business Continuity Management – Manage ability to continued an agreed level of support after a business interruption 28

IT Service Continuity

• Scope – In Scope • Business critical processes, systems, and networks • Impact analysis • Organizational risk tolerance – Out of Scope • Business direction • Technical failures 29

IT Service Continuity

• Requirements and Strategy – Business Impact Analysis (BIA) – Risk Assessment – Business Continuity Strategy 30

Service Support

• Five best practice processes – Incident management – Problem management – Change management – Release management – Configuration management 31

Incident Management

Objective: Restore normal service operation as quickly as possible and minimize the adverse impact on business operations, ensuring that the best possible levels of service, quality, and availability are maintained.

Prime Directive 32

Incident Management

• Activities – Detection and recording – Classification – support – Investigation – diagnostics – Resolution & recovery – Incident closure – Monitoring, tracking, communication • Scope – Application & hardware – System availability – Question/password/ request status 33

Problem Management

Objective: Minimize the averse impact of incidents and problems on the business that are caused by errors within the IT infrastructure and to prevent recurrence of incidents related to those errors – Problem control – Error control 34

Change Management

Objective: Ensure that standardized methods and procedures are used for efficient and prompt handling of all changes in order to minimize the impact of change-related incidents upon service quality and consequently to improve day-to-day operations 35

Change Management

Scope • Hardware • Communications equipment & S/W • System S/W • Live application S/W • Documents and procedures Activities • Categorization – Defines work effort required • Minor, significant, major • Assessment & Evaluation • Prioritization – Immediate – High – Medium – Low 36

Release Management

Objective: Assume a holistic view of a change to a defined IT service, ensure that all aspects of a release are considered together and protect the live environment through formal procedures and checks “orchestration of changes” 37

Release Management

• Hardware – Large/critical particularly for those dependent upon a S/W change • Software – Initial rollout of new S/W – Major rollouts • Bundling – Grouping related changes into manageable sizes • Types – Major – Minor – Urgent 38

Configuration Management

Objective: Provide a logical model of the IT infrastructure by identifying, controlling, maintaining, and verifying the versions of all configuration items 39

Configuration Management

• Activities – Planning – Identification – Control – Status accounting – Verification/audit • CI Types – Categories • Lifecycles – Track to monitor cost, specifications, progress 40

Service Desk

Objective: Provide interface with customers for questions, complaints and comments regarding the IT infrastructure and restore services as quickly as possible following a deviation from agreed service levels.

41

Service Desk Overview

• Activities – Incident control – Customer interface – Support • Responsibilities – Manage incidents – Manage to the SLA • Benefits – Improved customer service, perception, and satisfaction 42

Security

Objective: Ensure the safety and value of information in the enterprise by assuring the confidentiality, integrity, and availability of the information: – Confidentiality seeks to protect the access and use of information – Integrity addresses the context of the information. Seeks to ensure the accuracy, completeness, and timeliness of the information – Availability ensures the information is available when desired 43

Certification

• Examination and certification is managed by the APM Group, the OGC's Official Accreditor for ITIL. Also known as the APMG • Three certifications: – Foundation – Practitioner – Manager 44

Certification

• Licensed Examination Institutes: – EXIN - The Examination Institute for Information Science in the Netherlands – ISEB - The Information Systems Examination Board – These groups organize and control the accreditation and certification activity within the ITIL Community. All of the above bodies accredit training organizations to guarantee a consistent level of quality in course delivery.

45

Questions and Answers

46