Transcript Your Title Business Service Management

ITS Service Improvement
Len Hendershott
Hendershott Consulting Inc
Highlights

There are benefits to be derived from
improved service management practices

Discuss concepts – frameworks, best
practices, processes, etc

Explain the KEY elements contained in
ITIL, CobIT and CMM

Envisioning an ITIL defined future

How to achieve that future

Not training into each ITIL discipline: for
each process area visit http://www.hciitil.com
2
Information Technology Service Management
ITSM is the concept that IT should be all about servicing the customer
… that means IT managers are being told that they need to change the
way they think about their jobs, the way they think about their systems
and the way they spend their work day.
While the management of
technologies and application
components has been the
traditional mainstay of IT, most IT
organizations are waking up to the
fact that past and even current poor
service delivery has less to do with
the technologies they are or are not
using, than it does with
poorly designed or "missing"
critical IT processes.
3
Why Now
IT Management and Governance systems have entered the mainstream,
joining ERP, CRM, HR and e-mail as part of the standard enterprise
applications landscape.This development is primarily due to the convergence
of five changes in the IT universe.

The systems that IT provides to the enterprise are now used by
customers and suppliers, not just employees, raising the bar for IT’s
management and governance processes.

Enterprise applications are now central to virtually every business
initiative, leading to an unprecedented need for alignment between IT and
line of business executives.

Cost reduction opportunities are now numerous and compelling within IT.
Outsourcing and consolidation are the highest profile of these.

The return on IT must now be demonstrated, as expected of any mature
and critical business function.

Today’s expensive and mandatory requirements for compliance and
transparency fall disproportionately on IT.
David Hurwitz, Clarity, Why Now, IT management and Governance 102
4
Drivers for Improved Service Management

IT increasingly being asked to justify itself in business
terms

Control over Total Cost of Ownership

Identified accountability for IT strategic decisions

Improved integration of IT planning within context of
overall business planning

Customer demands for more responsive IT services

Viability of out-sourcing options

Marketing of approaches such as ITIL, CobIT & CMM

Increasing number of integrated tool vendors

Introduction of commonly used terminology

Improved ability to periodically assess IT value to
organization
5
Typical Current Practices
Do you recognize any of these findings ?
Service Desk Response
7
Standard Equipment Policy
8
Availability Management
9
Customer Service
10
How well are you doing ?

Performance measured by complaints
IT managers say they know when their users are really happy by the
number of phone calls they receive. No calls means a satisfied customer
since they don’t call to complain about poor service.

Poor understanding of Customer concerns
Often, this has become the de-facto measure of customer service. In
reality, it is typical that an IT manager understands little about their
customers except for the ones who are willing to pick up the phone.

Poor Customer understanding of IT issues
From the customer viewpoint, their expectations of what service really is
and how quickly the data center could respond, of what levels of service
were reasonable are rarely based on the business realities of managing
a technology infrastructure
11
Common Findings (HP)

…unscheduled changes lead to false starts, multiple
reworks, duplicate efforts, periodic work stoppages
…unscheduled (and therefore uncontrolled) changes occurred to the
production environment due to an unclear and undocumented IT process
being performed (e.g., Change Management). This can lead to false starts,
multiple reworks, duplicate efforts, periodic work stoppages, and often means
lengthy time-to-repair intervals, and increased customer anxiety and
frustration.

inconsistent service delivery
…the manner in which a particular IT process is triggered is vague (e.g.,
software distribution, etc.), thus leading to possible inconsistent service
delivery, meaning the customer never gets the same quality of service twice.
This can seriously impact customer satisfaction, prevent repeat business and
is a sure sign that IT cannot make a commitment to strict service levels.
12
Common Findings (HP)

uncoordinated or undefined processes
the linkages between IT processes (e.g., Build & Test and Release to
Production) are undefined, or worse, non-existent, thereby causing further
delays to already tight production schedules, missed customer commitments,
and loss of revenue.

unclear roles and responsibilities & unmeasured
performance
the staff whose job it is to perform a process (e.g., Helpdesk or Problem
Management) have unclear roles and responsibilities and are not measured on
performing the process, thus leading to accountability failures when things go
wrong, and complicated finger-pointing when trying to fix a broken service

poor communications.
Is your Support Center the last to know about product and service changes? Do your
customers call into the Support Center with questions on applications and systems your
staff has never heard of? Are changes frequently implemented into your production
environment without any prior risk analysis or critical path analysis be conducted? If the
answer to any of these questions is "yes", then your Support Center has a problem!
However, it’s a problem shared by many organizations.
13
Organizing IT Services
Frameworks
What is a Framework
"The purpose of the framework is to provide a basic
structure which supports the organization, access,
integration, interpretation, development, management, and
changing of a set of architectural representations of the
organizations information systems. Such objects or
descriptions of architectural representations are usually
referred to as Artifacts.
The framework, then, can contain global plans as well as
technical details, lists and charts as well as natural
language statements. Any appropriate approach, standard,
role, method, technique, or tool may be placed in it. In fact,
the framework can be viewed as a tool to organize any
form of meta-data for the enterprise.”
Zachman Framework, INFORMATION SYSTEMS ARCHITECTURE - ISA
15
ITIL Framework
A taxonomy to highlight the ITIL booklets
16
Models – Cirba Corporation
Groupings based on ITIL with some directional relationships
17
Models – Art of Service
More complexity & adding some key outputs
http://www.itsmdirect.com/default.asp
18
Microsoft Operations Framework
Groupings according to a model
19
Models - HP
Groupings according to a model with prioritization
20
Models – HP – detailed description
Much greater complexity with many products
21
CobIT Governance Framework
22
The field is still in flux
The fact that specific frameworks like ITIL, MOP, PRINCE2,
ASL, BSD/SSADM, RUP, DSDM, ISPL, IS-7799, COBIT
and Catalyst POLDAT, were developed separately and in
parallel by different groups with different outlooks, means
that they were not designed to align with one another and so
they don’t!
The reality is that the IT domains and frameworks are
incompatible:
1. They overlap
2. There are gaps
3. They are inconsistent
4. They have no common unifying framework
5. They do not unify IT, nor unify IT with the Business
Mapping IT Governance onto a Unified Framework,
John Gilbert, Southcourt, UK, http://www.bitacenter.com
23
Unified Process Framework
The UPF is a process unifying framework
that aligns not only the domains within IT
together but also aligns IT with the
business.
Mapping IT Governance onto a Unified Framework,
John Gilbert, Southcourt, UK, http://www.bitacenter.com
24
Organizational Focus
– another framework consideration
Business
(Strategic)
responsible for ensuring that the future business requirements
for IT Services are considered, planned and implemented in a
timely fashion. These future requirements come from business
plans outlining new services, improvements and growth in
existing services, development plans etc.
Service
(Tactical)
management of the performance of the live, operational IT
Services used by the Customers. It is responsible for ensuring
that the performance of all services, as detailed in the targets in
the SLAs and SLRs, is monitored and measured, and that the
collected data is recorded, analyzed and reported.
Resource
(Operational)
the management of the individual components of the IT
Infrastructure. It is responsible for ensuring that all components
within the IT Infrastructure that have finite resource are
monitored and measured, and that the collected data is
recorded, analyzed and reported
25
Integrating this element into a framework
26
Value of Frameworks

CIOs and the IT managers that report to them have all
been in need of a clear picture that depicts the IT
processes required to deliver quality IT services in
support of their emerging e-services. Without a clear
picture, IT organizations will continue to struggle as
they try to understand and determine:





The current state of IT with regard to process
(the “AS-IS")
The desired future state of IT (the “To-BE")
The gaps between the current and future states of IT
The steps needed to bridge those gaps
Therefore, the need for a concise picture - one that
reflects an enterprise service management capability is very real for most IT organizations and critical to their
success.
The HP IT Service Management Reference Model, White
Paper, Version 2, January 2000
27
Caveats

There will be no “precise” or “definitive” framework
for some time.

Though the need is real, the progress towards better
IT service management remains a “work in
progress”

There are “proprietary” solutions which can be
secured at high costs, but all require “fitting” to an
organizational setting

There are generally recognized “best practices”
which, through the OGC and itSMF are within the
public domain
The HP IT Service Management Reference Model, White
Paper, Version 2, January 2000
28
ITIL
Information Technology
Infrastructure Library
What is ITIL ?
INFRASTRUCTURE
A logical means of dividing the overall IT environment
into components of related functionality.
LIBRARY
A depository built to contain books and other materials
for reading and study
SO ITIL is..
A method of organizing the Information Technology
departments of organizations. ITIL defines the (work)
processes involved and the interfaces between them.
Hyperdictionary
30
Pink Elephant Definition
ITIL is all about which processes need to be
realized within the organization for
management and operation of the IT
infrastructure to promote optimal service
provision to the customer of the services at
justifiable costs.
process
A series of definable, repeatable, and measurable tasks leading to a useful
result for an internal or external customer
optimal
The point at which returns on investment do not justify further costs
customer
groups or individuals who have a business relationship with the organization;
those who receive and use or are directly affected by the products and services
of the organization.
Justifiable
Taking into consideration the strategic and operational considerations of the
organization
31
ITIL ….
provides a framework in which to place
existing methods and activities in a
structured context.
Structure: how an interface is
organized and optimized for ease
of use and understanding
32
The Structure ?
Phases of Management
1.
Setting Objectives
2.
Planning
3.
Execution
4.
Measurement
5.
Control
High Availability, Piedad, Hawkins, p.39
Service Level Management
Application & System Design
Capacity Planning
Configuration/Asset Management
Problem Management
Backup & Recovery
Performance Management
Change Management
Security Management
Availability Management
33
ITIL ….
provides a framework in which to
place existing methods and activities
in a structured context.
Get complicated when
participants are not all subject to
same processes
Process 1
Department Silos
34
Dept F
Dept E
Dept D
Dept C
Process 4
Dept B
Process 3
Dept A
Process 2
LOB A
LOB Process 1
LOB Process 2
LOB Process 3
ITIL ….
provides a framework in which to
place existing methods and activities
in a structured context.

Since processes and their activities run through an
organization, they should be mapped and coordinated by
process managers

In a product-oriented organization, the flow of [functional]
activities and processes is not generally recognized at all; the
focus is on the product, and management and control is often
lacking. The evidence is in the lack of any useful metrics
related to the production process, because the process
activities are not clear or even not identified.
35
ITIL ….
provides a framework in which to
Communication, cooperation
place
Process
2 existing methods and activities
Communication, cooperation
in a structured context.
Process 3
Process 1
Communication, cooperation
Process 4
By emphasizing the relationships
between the processes, the lack of
communication and co-operation
between various IT functions can be
eliminated or minimized.
36
ITIL Defines ---- Best Practices
What are Best Practices ?
techniques or methodologies that, through experience and research, have proven
to reliably lead to desired results.
A commitment to using the best practices in any field is a commitment to using
all the knowledge and technology at one's disposal to ensure success.
Who’s Best Practices ?
the organization who wrote the books
– U.K. Office of Government Commerce
ITIL provides a cohesive set of best practice, drawn from the public and private sectors
internationally. It is supported by a comprehensive qualification scheme, accredited
training organizations, and implementation and assessment tools. The best-practice
processes promoted in ITIL both support and are supported by the British Standards
Institution’s Standard for IT Service Management (BS15000).
37
Implementing Best Practices may be problematic...

the organization has not made the mistake - thus, not clearly
understanding the reasoning behind the adopted practice.

the organization may not have adapted its' internal support
processes sufficiently to implement the processes - ie., not
sufficiently mature in CMM terms.

the implementation of one ITIL process will have dependencies with
other ITIL processes - these interrelationships can be complex and
differ with the characteristics of the organization implementing ITIL

different ITIL disciplines have base implementation scenarios
targeted for different levels of organizational maturity - they reflect
the "best" amongst a discrete number (and not an unbiased sample)
of organizations reviewed and not the theoretical best (ie. too few
organization's at higher maturity levels).
Note: Sorry new slide – not in set distributed
38
A Methodology
A methodology is not a best practice in and of itself. It is the collected sum of best practices
that, when carefully orchestrated, create synergistic, tangible value to an organization.
Methodology is also a business process that an organization executes. The process is a
collection of best practices (call them methods or tasks if you wish) that are organized to
produce value at one or more points along the process path, or if you’ve been reading the
latest management texts, the value chain."
Myths of Methodology, Dan Drislane, Beggs-Heidt, August 2002
39
ITIL Key Concepts
What I think is truly different from
how you may currently be
operating
The Journey – describing the environment
Reach, Range, Maneuverability Architecture
The IM&M architecture of the business which
permits anyone, anywhere, at any time to
access (reach) any sharable information object
(range) or service.
Business
Goals
Generalized
Organizational
Goal
Infrastructure & services
Bernard Boar, the Art of Strategic Planning for
Information Technology, 1993
41
Infinite reach, range
& maneuvrability
IT Planning
Assumptions
If perfectly defined infrastructure faults should
ONLY occur due to:
• Changes to definition
• Normal wear and tear
42
The Journey
Metadata on infrastructure
CMDB
Business
Goals
Infrastructure & services
43
Infinite reach, range
& maneuvrability
IT Planning
Assumptions
If perfectly defined infrastructure faults should
ONLY occur due to:
• Changes to definition
• Normal wear and tear
The infrastructure CAN BE highly defined at
acceptable costs using appropriate tools
44
The Journey
Business
Goals
Environmental Scanning
Infrastructure & services
45
IT Planning
Infinite reach, range
& maneuvrability
Tool & approach improvements
Assumptions
If perfectly defined infrastructure faults should
ONLY occur due to:
• Changes to definition
• Normal wear and tear
The infrastructure CAN BE highly defined at
acceptable costs using appropriate tools
There will be better tools offered in the future to
achieve higher (or the same) availability and
capacity at lower costs
46
The Journey
Business
Goals
Environmental Scanning
Releases
Infrastructure & services
Incidents,
Problems,
Changes
Infrastructure is NOT perfectly defined
And there is wear and tear
47
IT Planning
Infinite reach, range
& maneuvrability
Tool & approach improvements
ITIL Key Concepts – Business Alignment
“Strategic alignment is achieved between the business and information technology
when IM&M can be used to create, design, and exploit business opportunities.”
Bernard Boar, The Art of Strategic Planning for Information technology, p. 323

Event: Economic down-turns result in business cut-backs

Leads to review of IT operations and renewed attempts to
manage technology according to business goals and
objectives.

Using ITIL SLM, IT organizations commit to describing the
services they offer and to detailing the level at which
those services can be offered and to measure their
performance against those commitments
48
ITIL Key Concepts – Manage Customer
Relations
Corporate Support
?
Treat internal clients
Like external customers
Application Support
CRM
Business Customer
49
ITIL Key Concepts – Simplify contact

Service Desk rather than Help Desk

A Single Point of Contact (SPOC) – one number for
all technology queries

Service Desk “owns” calls from cradle to grave –
ensures they don’t get lost

Specialization of Service Desk as generalists

Complimented by self-service tools
50
ITIL Key Concepts – Emphasize service
restoration

Distinguish between service restoration and problem
solving activities

Involve different goals and skill sets

Focus all attention and the correct resources on
service restoration efforts

“Park” problems for later treatment
51
Event Management - It’s all about finding and
removing infrastructure faults
52
ITIL Key Concepts – Control Changes

Achieve a “Known state” for environment in CMDB

Evidence suggests majority of incidents are a result
of changes

Any change is carefully assessed for risk

Selected treatment is a function of evaluated risk of
change with procedures designed to streamline
known and low risk changes
53
ITIL Key Concepts – Communication

Make all attempts to mitigate impact of faults and
outages by strategic communications to User and
businesses

Allowing them to take alternate actions to offset
productivity losses from faults

Improve processes by engaging them in change
acceptance activities

Improving overall customer satisfaction by
participation
54
ITIL Key Concepts – Measurement

Performance expressed in a ‘performance
architecture’ signified by logical collection of SLA –
OLA/UC network

SLA outlines end-to-end service expressed in
Customer terms

Supported by network of internal & external
agreements describing performance requirements of
elements of service chain
55
ITIL Key Concepts – Control Customer
Expectations

Service levels are achieved at a cost

SLAs control “expectation creep” by tying additional
service levels to their associated costs

Financial costing methods should clearly identify
costs to customers in order to re-orient IT spending
from “administrative overhead” to “strategic
enabler”
56
ITIL Key Concepts – Availability Trade-off

Trade-off between High Availability and Restoration
strategies

Based upon review of systems

need for high availability VS business impact of failure
57
In Summary
ITIL improves Quality of Service
Elimination of
repeat incidents
Increases
Uptime
Faster , more
accurate
resolution



Increased Uptime
Elimination of repeat
incidents
Faster resolution time
Value of ITIL Process Framework to IT Service Management
WHITE PAPER, Author: Viswanathan. S
58
In Summary
ITIL can improve timeliness of service
Decreased rollbacks &
incidents from poor Change
Management
Fewer Incident through
proactive removal of faults
More accurate
rollouts



Value of ITIL Process Framework to IT Service Management
WHITE PAPER, Author: Viswanathan. S
59
Fewer rollbacks & incidents caused
by poor changes
More accurate rollouts from releases
Decreased incident volume thru
effective Problem Management
In Summary
ITIL can reduce Cost of service
Fewer reported incidents
Caused by poor changes
Lower ave cost
per incident



Less incident volume &
Firefighting activity through
better Problem Management
Reduced incidents caused
by changes
Decreased ave. cost / call
Decreased incident volume
and firefighting costs
Value of ITIL Process Framework to IT Service Management
WHITE PAPER, Author: Viswanathan. S
60
COBIT
Control Objectives for IT-Related
Technology
Adaptation for auditors
What is Governance?
“a structure of relationships and
processes to direct and control
the enterprise’s goals by adding
value while balancing risk
versus return over IT and its
processes”
COBIT Implementation Tool Set
3rd Edition, July 2000
62
CobIT Structure
63
CobIT Governance Framework
64
4 domains and 34 processes:
1. Planning &
Organization
Domain
2. Acquisition &
Implementation
Domain
3. Delivery &
Support
Domain
4. Monitoring
Domain
65
1. Planning & Organization Domain
Domain
PO1
PO2
PO3
PO4
PO5
PO6
PO7
PO8
PO9
PO10
PO11
Process
- Define a strategic IT plan
- Define the information architecture
- Determine the technological direction
- Define the IT organization and relationships
- Manage the IT investment
- Communicate management aims and direction
- Manage human resources
- Ensure compliance with external requirements
- Assess risks
- Manage projects
- Manage quality
66
66
2. Acquisition & Implementation
Domain
Process
A11
- Identify solutions
A12
- Acquire and maintain application software
A13
- Acquire and maintain technology architecture
A14
- Develop and maintain IT procedures
A15
- Install and accredit systems
A16
- Manage changes
67
67
3. Delivery & Support
Domain
DS1
DS2
DS3
DS4
DS5
DS6
DS7
DS8
DS9
DS10
DS11
DS12
DS13
Process
- Define service levels
- Manage third-party services
- Manage performance and capacity
- Ensure continuous service
- Ensure systems security
- Identify and attribute costs
- Educate and train users
- Assist and advise IT customers
- Manage the configuration
- Manage problems and incidents
- Manage data
- Manage facilities
- Manage operations
68
68
4. Monitoring
Domain
Process
M1
- Monitor the processes
M2
- Assess internal control adequacy
M3
- Obtain independent assurance
M4
- Provide for independent audit
69
69
COBIT
Control Objectives for Information Related Technologies
70
COBIT
Defining and
managing service
levels
Business need to
understand levels
of service needed
 formal agreements
 defined responsibilities
SLAs
 response times &
volumes
 charging
 integrity guarantees
 non-disclosure
agreements
 customer satisfaction
criteria
 cost/benefit analysis of
service levels
 monitoring & reporting
71
It’s Not that Simple
Knowing What is Best Practice
Isn’t much good if you can’t
achieve it.
Giga Research - October 23, 2003
Despite significant vendor hype, fully fledged IT Infrastructure
Library (ITIL) implementations by enterprise IT departments have
remained an exception. The majority of companies have not
advanced beyond the piloting or even exploration phases. There
are two main reasons for the failure of ITIL to live up to
expectations

Implementation issues: The ITIL methodology has proven to be notoriously timeconsuming and difficult to implement. Although ITIL promises cost-saving and process
improvements, there is no guaranteed return on investment (ROI), making the ITIL
proposition a not very attractive one for corporate IT departments.

Expectation mismanagement: Vendors have oversold the ITIL methodology as a
means of mapping business processes to IT processes, which is indeed a big concern
for many IT departments these days. Unfortunately, ITIL is unsuitable for this task. It is
merely a way of structuring the internal IT service delivery and once fully implemented
will increase the efficiency of the IT department. Once clients started to familiarize
themselves with the ITIL concept, this mismatch between promise and reality became
obvious, effectively diminishing the ITIL value proposition even further.
73
Why do implementations fail?

Simply implementing a ‘process control function’,
as implementations were considered to be in the
past, is not enough.

In most cases failure was caused by lack of
attention to the ‘process enablers’.

Management should be committed during the
entire ‘plan-do-check-act’ cycle, and should also
address all aspects of the service management
framework
Stop Being a Victim!
By: Char LaBounty President
http://labountyassociates.com/pubs/publications02.html
74
What can be done ?
ITIL establishes a target
But provides little
guidance on how to
hit the target
75
Need process improvement advice to hit
target
CMMI provides guidance
for organizational
improvement
ITIL is an excellent base for driving performance and quality improvements in the Service
management domain. It is also going to be an integral part of a wider quality initiative from
other frameworks, such as for Capability Maturity Model,(CMM) impacting application
development, or COBIT.
Assyst – Service Matters (http://mediaproducts.gartner.com)
76
ITIL Implementation: Vital elements to
consider -
the scope and complexity of the organization

the resources at your disposal, including staff
numbers

the level of maturity of the organization –
particularly with achieving a “Defined” capability

the impact of IT on the business – how important is
the area to the overall business

the culture of the organization

continuous communication with the User population.
ITIL Service Management, C1
77
Capability Maturity Modeling
The ability to deliver is determined
by organizational capabilities and
maturities
Remember the methodology
The ability to call upon, utilize and sustain enablers is a function
of the organization’s capability maturity level.
Myths of Methodology, Dan Drislane, Beggs-Heidt, August 2002
79
Capability Maturity Model (CMM)

First advanced by Crosby in “Quality is Free” (1979)

Adapted by IBM in 1980s to instill TQM into
software development. Humphrey observed…



TQM needed to be implemented in stages to be successful
New software development practices did not survive unless
organization changed supporting behaviors
Work is chronically over-committed in low maturity organizations –
results depended on skills of exceptional individuals

Carnegie-Melon Institute uses approach to devise
Software CMM, Software Engineering CMM and Product
Development CMM

In 1995 Carnegie-Melon developed People CMM to
improve the capability of the workforce.

In 2000 Carnegie-Melon integrated SW with system
engineering processes in CMM-Integrated

Information Systems Audit and Control Association devise
COBIT for IT Governance auditing

IT Service CMM is a work in progress in the Netherlands
by Professor Niessink
80
CMMI Maturity Levels
81
CMMI - Levels 1 through 3
A process cannot be improved if it cannot be repeated

Repeatable: The first step in helping an organization improve its maturity is
focused on helping organizations remove the impediments that keep them from
repeating successful .. practices.

Managed: The effort to establish a repeatable capability is the effort to establish
basic management practices locally within each unit or project. Only when this
management capability is established will the organization have the foundation on
which it can deploy common processes.

Defined: When the organization defines a standard process for performing its
business activities, it has laid the foundation for a professional culture. Most
organizations report the emergence of a common culture as they achieve Level 3.
This culture is based on common professional practices and common beliefs about
the effectiveness of these practices.
82
What Does CMMI offer
“This history of productivity and quality improvement in software has
been riddled with silver bullets.
Complex, advanced technologies were usually implemented in a big
bang that often proved too large for the organization to absorb.
The SW-CMM achieved widespread adoption because it broke the cycle
of silver bullets and big bangs. At each stage of its evolutionary
improvement path, the SW-CMM implemented an integrated collection of
management and development practices that the organization was
prepared to adopt.
Each level of maturity established a new foundation of practices on which
more sophisticated practices could be implemented in later stages.
More importantly, each level shifted the organization’s culture one step
further away from its initial frenzied state toward an environment of
professionalism and continuous improvement.”
People CMM, p.12
83
So, CMMI can provide advice on HOW to
implement

Some ITIL processes exist predominantly at a specific, but
attainable level of maturity – but, can achieve additional
benefits at higher implementation levels

Some aspects of ITIL processes exist at levels of maturity
beyond the capability of the organization at its current
maturity levels. These require enabling processes to be
implemented.



Eg. availability, SLM measurement require sophisticated
quantitative measurement capability associated with level 4
Problem Management Root Case Analysis is associated with
level 5 activities (Continuous improvement through
elimination of defects)
There are implied orders amongst ITIL disciplines
and within sub-divisions of disciplines in HOW they
should best be implemented
84
CMMI – A Distinction
CMM makes an important distinction between practices designed to implement a workforce
habit and practices designed to institutionalize the practice. Without the later, all too often
newly embedded practices will revert to previous, well-entrenched behaviors. The four
institutional practices are displayed below.
85
CMMI - Generic Practices
Generic practices are practices that should be included in every process area in addition to the
specific practices that appear in each process area description. The generic practices improve the
power of a process by assuring that the specific practices are executed and that there is
appropriate planning of the process to assure that it is feasible and well-supported.

Establish and maintain an organizational policy for planning and performing the
process

Establish and maintain the plan for performing the process

Provide adequate resources

Assign responsibility and authority

Train the people

Identify and involve the relevant stakeholders

Monitor and control the process against the plan

Objectively evaluate adherence of the process against its process description,
standards, and procedures, and address noncompliance

Establish and maintain the description of a defined process

Collect work products, measures, measurement results, and improvement
information
SEI'S Capability Maturity Model - Integrated Acquisition Model vs 1 86
Pre-requisites for repeatable services (level 2)

Service Commitment Management - to ensure that service commitments are based on the current and future
IT service needs of the customer.

Service Delivery Planning - ensure that the service delivery planning is developed in accordance with the
service commitments and that internal commitments are secured.

Service Tracking and Oversight - During service delivery, performance is monitored to enable corrective
actions before the service commitments are breached. In addition, the tracking forms the basis for service
reports to the customer.

Service Sub-contract Management - Parts of the service that are sub-contracted to third parties are managed
and controlled.

Configuration Management - The information technology subject to the IT service is identified and controlled.

Event Management - managing events that occur during service delivery. Events can be incidents, such as
unavailable servers, or service requests from end-users. Both types of events need to be handled in time in
order to meet the service commitments.

Service Quality Assurance - An independent quality assurance group provides insight for senior management
into the processes used and work products produced
Frank Niessink Version 1.0.2-en, January 15, 2003 download from
www.itservicecmm.org/download.html
87
Pre-requisites for defined services (level 3)

Organization Service Definition - a service catalogue is developed that describes the services, in terms of
customer benefits, that the service provider can deliver.

Organization Process Definition - the organization describes the processes used to deliver the services,
described in the service catalogue. Service catalogue and standard service processes undergo improvement as
a result of practical experience.

Organization Process Focus - this key process area is aimed at implementing the standard processes and
assessing the performance of the processes in practice.

Integrated Service Management - this key process area is aimed at tailoring the standard service processes to
specific service commitments for a specific customer so that the tailored process can be used to manage and
deliver services to the customer.

Service Delivery - the tailored service processes are performed to deliver the services.

Training Program - based on the standard processes, a training program is developed. Employees are trained
to fulfill their roles in the standard process.

Intergroup Coordination - delivering services requires different groups and disciplines to coordinate their work.
This key process area makes sure communication between different groups is facilitated.

Problem Management - incidents and service requests that are registered as part of the Event Management
key process area are analyzed to identify and solve underlying problems in the information technology.

Resource Management - required resources for delivering different services to different customers are
coordinated across the organization
Frank Niessink Version 1.0.2-en, January 15, 2003 download from
www.itservicecmm.org/download.html
88
Success is still not guaranteed
P-CMM
Organizational workforce practices
need to be addressed.
Processes Require Departmental Cooperation
Process 1
The implementation of processes modifies the traditional
structure by requiring the initiation of “workforce
competencies” rather than departmental skillsets.
An example is the view of Availability as being composed of
generic or cross-organizational issues rather than productcentric (eg. network).
90
Dept F
Dept E
Dept D
Dept C
Process 4
Dept B
Process 3
Dept A
Process 2
People CMM - Management
Change
Optimized
Capability
Predictable
Develop an organization-wide infrastructure atop
lower practices that ties the capability of the
workforce to strategic business objectives.
Competency
People
The organization builds an organization-wide
framework of workforce competencies that
establishes the architecture of the organization’s
workforce. Each workforce competency is an
element of the workforce architecture, and
dependencies among competency based processes
describe how these architectural elements interact.
Managers to take workforce activities as high priority
responsibilities of their job with focus on Unit level activities.
Inconsistent
Organization has not defined workforce practices, and, in
other areas, it has not trained responsible individuals to
perform the practices that exist.
91
Defined
Managed
Initial
Achieving a Defined Maturity is a process
enabler:
P-CMM findings:

frequent failure of organization-wide improvement programs... Because they
were thrust on an unprepared management team - It is difficult to implement
organization-wide practices if managers are not performing the basic workforce
practices required to manage their units.

competency-based processes (P-CMM Maturity Level 3) form a basis for defining
workgroup roles and operating processes. Rather than just relying on the interpersonal
coordination skills developed at Maturity Level 2, workgroups can now organize
themselves by tailoring and applying standard competency-based
processes. The ability to use defined processes simplifies coordination within the
workgroup, since it no longer rests solely on the interpersonal skills of group members
to figure out how to manage their mutual dependencies.

Competent professionals demand a level of autonomy in performing their work. To
best utilize competent professionals, the organization must create an environment that
involves people in decisions about their business activities. Decision-making
processes are adjusted to maximize the level of competency applied to
decisions, while shortening the time required to make them. Individuals and
workgroups should be provided with the business and performance information
needed to make competent decisions. A participatory culture enables an organization
to gain maximum benefit from the capability of its workforce competencies while
establishing the environment necessary for empowering workgroups.
92
Management CMM
93
Other Techniques/Approaches

TCO Management – benchmark financial costs

BPR – change management – the organization

BPM – the acknowledged successor to BPR

BS15000 – ISO – certify thyself

quality – TQM, six sigma

Microsoft MSF / MOF

Balanced scorecards
94
Approaches Applicability to IT
News Story by Gary H. Anthes, http://www.computerworld.com/,
95
So, where do I go ?
Some Keys
Concerns
97
Key to A Coherent Strategy ?
Alice: Which way should I go?
Cat: That depends on where
you are going.
Alice: I don’t know where I
am going.
Be clear
about what
you want to
accomplish
Cat: Then it doesn’t matter
which way you go.
99
Implementing ITIL is not revenue neutral
The benefits to the
organization
Cost to
Cost to
Business of
IT service
provision
Business of
IT service
provision
The cost to the
Service Provider
Cost of
Processes
Cost of ITIL
Processes
Replaced
Before ITIL
After ITIL
100
Harder to
define
But, the road is long and the target is moving
Queen of Hearts: it takes all the running you can do, to keep in
the same place. If you want to get somewhere else, you must
run at least twice as fast as that!'
101
Perhaps Wayne Gretsky said it best
Skate to where the puck
will be
102
What to Expect
Today
Future
Best Practices
Certification
Service Desk SW
Integrated Service Mgmt SW
Gap Analysis
“Mature” Maturity Modeling
ITIL modules
ITIL-3
Process emphases
ITIL/CMM/COBIT integration
103
1954 Popular Mechanics Magazine....
104
Suggestions
Some basic suggestions on how to
implement ITIL processes
META
Due to the diversity and complexity of deploying IT processes, we
recommend the following four-phased implementation scheme:

Phase 1 (6-8 months): Develop selling, marketing, service
deployment planning, service deployment, change
management, problem management, event management, and
service level management processes

Phase 2 (8-12 months): Develop capacity planning,
performance (server/network) management, configuration
management, and cost/chargeback processes

Phase 3 (12-15 months): Develop the remaining
miscellaneous processes

Phase 4 (15-18 months): Analyze measurements and
undertake ongoing optimization use this structure for
citations
META - Process Clustering - Service Management Strategies, Oct 23, 2000
106
Microsoft “Quick Wins”

Service Desk - Merge multifunctional service desk into one central point
of contact, either virtually or physically.

Incident Management - Establish consistent definitions of incident
severities to ensure proper response by support staff to logged incidents.

Problem Management - Ensure that changes are correctly referenced to
problems so that the root cause is only resolved once

Change Management - Establish a standard Request for Change (RFC)
form.

Release Management - Ensure that Operations Acceptance Testing
(OAT) is carried out as a separate exercise to User Acceptance Testing
(UAT).

Configuration Management - Produce a "logical" CMDB from existing
system data (for example, inventory, human resources, purchasing) rather
than a "physical" CMDB.
107
Microsoft “Quick Wins”

Availability Management - Use historical analysis on hardware mean
time before failure (MTBF) in order to proactively replace equipment before
it fails.

Capacity Management - Input threshold figures for CPU, memory, and
disk to Service Monitoring and Control.

Service Level Management - Summarize service level agreements into
two pages or less so that they are easier to read.

Service Monitoring and Control - Identify system baselines to establish
accurate thresholds for monitoring and alerting on normal and abnormal
system utilization.

Financial Management - Charge on service management issues
(service desk calls, problems/changes raised) rather then CPU, memory
I/O, etc...

IT Service Continuity Management - Ensure that documentation copies
are stored at an off-site location either electronically or physically.
108
Proactive – Service Management
109
Proactive – Service Delivery
110
The Art of Service

Determine the base line; start with an assessment to determine priorities.

Survey the services/system(s) currently used by the organization for providing day-to-day user
support and for handling incidents, problems and known errors. Review the support tools
used, and the interfaces to change management and configuration management including
inventory management, and the operational use of the current system within the IT provider.
Identify strengths to be retained, and weaknesses to be eliminated. Ascertain the agreements
in place between service providers and customers

Ascertain service level requirements and document these. Plan and implement the service
desk using tools designed for this function which support incident control. These tools should
either support or be capable of integration with tools for the aspects of Problem Management
as well as for configuration management and change management. Implement at least the
inventory elements of configuration management required for incident control and change
management.

Extend the incident control system to allow other domains such as Computer Operations and
Network Control staff to log incidents directly. Negotiate and set up SLAs

Develop the management reporting system

Implement the balance of 'reactive' Problem Management (problem control, error control and
management reporting) and configuration management. The proactive parts of Problem
Management should be implemented as staff are released from reactive duties by gradually
improving service quality. Implement the release management process.
Re-published from www.artofservice.com publication has been
decommissioned
111
Interprom Caveats

Goals Are Unclear - An IT organization which starts implementing ITIL processes because “We have a problem”,
will probably be less successful compared to an IT organization which is aware of its weaknesses after having
done an audit or a customer review.

Lack of Tactical Management Processes - IT organizations after having implemented operational processes
such as Incident Management, Configuration Management and Change Management, immediately jump to
Service Level Management to have Service Level Agreements and service level reports. With this, IT
organizations skip the implementation of formal tactical processes such as Availability Management,
Capacity Management, IT Service Continuity Management and Cost Management.

Duration Times - ITIL offers process models, which are based on ‘Industry Best Practices’. This means that outof-the-box implementations of ITIL simply don’t exist. Instead, ITIL provides IT organizations with a framework. It
depends on each individual IT organization to have ITIL fit to its needs and priorities. A complete and full
implementation of one process can last months, and while maturing, IT organizations continue to optimize their
processes.

Bad Change Management - it is important to spend enough time to deal with resistance an implementation of a
new way of working introduces. Managing these changes is therefore very important. Introducing these kinds
of changes asks for an incremental approach. In short cycles the new process is introduced to the organization,
which allows enough time to adjust, and to absorb the new situation. The Plan-Do-Check-Act (PDCA) cycles we
know from TQM-implementation projects can be useful in this perspective.

Process Itself is Not the Goal - Implementation of formal (ITIL) processes help to increase the performance of
the IT organization. Processes are implemented to provide management information, which directly contributes to
the most effective and efficient way to contribute to the realization of the primary business processes of the
company. Line managers, process managers and product managers are responsible to define
performance indicators, process characteristics and control variables. By measuring performance,
periodical management reports can be generated. Strategic decisions can then be based on hard figures instead
of intuition.
Implementation of ITIL, Copyright 2002 InterProm USA Corporation
112
ITIL Disciplines Maturity Placement
Maturity Level
j
k
Incident
l
Major Incident
m
CMDB References
Reactive Problem
Assets
Mission Critical Configurations
Change
n
Asset Reference
Proactive Problem
Configuration Mgmt
CMDB Reference
Release
MOU
Service Catalogue
Demand
Recovery
App Sizing
OLA
Financial
113
Measurement Reporting
Workload
High Availability
Service Continuity
SLA
Modeling
Preparing for an Implementation

Determine Organization’s Ability to Change
The attainment of Level 3 - defined Maturity is a pre-requisite for implementing many ITIL processes so that
they will be self-sustaining

Determine the Cost of Downtime for Major Applications
Assigning costs of Unavailability allow the organization to establish what is acceptable risk. Once established
then highly reliable analyses of the optimal level of availability are possible and a correct assessment of the
availability-recoverability trade-off is possible.

Develop a Vision for the Implementation
A vision includes both a description of the organization's most desirable future state and a declaration of what the
organization needs to care about most to reach that future state."

Develop Process Repository
The organization should select appropriate standards and toolsets for describing process attributes and
processes.
114
Some Common Approaches
Start with Service Management practices

Incident then change (quick wins requiring level 2
(repeatable) maturity

Consolidate to have SPOC Service Desk

Develop Asset Mgmt database then migrate to
CMDB

Identify Services

Improve change process to greater maturity

Ensure QA on Incident Tickets & improve Ticket
reporting to enhance quality of “fault data”

Implement reactive Problem Management

Identify costs of services & add to Service Catalogue
description
115
Issues w. Traditional Approach

Success assumes highly mature organization –
particularly with regard to Project Management
capabilities (as defined by CMMI)

Strategic definitional steps preclude early initiation
of easily definable initiatives enjoying high degrees
of organizational consensus

Does not fully utilize benefits of implementing “best
practices” which have gained acclaim by virtue of
their wide applicability
118
Poor Project Management
A few examples of poor project management, “have
you ever been involved with or heard of a project
within your organization or department that has or
is exhibiting these or similar weaknesses?”










Poor estimation of duration leading to the project taking more
time than expected
Poor estimation of costs leading to the project costing more than
expected
Lack of quality control resulting in a product (or service) that is
unusable or inadequate
Lack of planning
Inadequate criteria for what is required
Poor managerial support
Poor administrative support
Poor communication
Unclear roles and responsibilities
Lack of resource commitment
What is PRINCE2? - by Fiona Spence (CC Consulting Ltd) http://www.crazycolour.com/p2/0009.shtml
119
CMMI – Project Management
“it is much better to apply a simple method correctly than
to adopt a more complex approach inconsistently. “
http://www.albacore.ltd.uk/PRINCE2.html
The basic Project Management process areas address the basic activities
related to establishing and maintaining the project plan, establishing and
maintaining commitments, monitoring progress against the plan, taking
corrective action, and managing supplier agreements.
Capability Maturity Model® Integration (CMMI), Version 1.1
120
CMMI – Project Management
The advanced Project Management process areas address activities such as
establishing a defined process that is tailored from the organization’s set of
standard processes, coordinating and collaborating with relevant
stakeholders (including suppliers), risk management, forming and sustaining
integrated teams for the conduct of projects, and quantitatively managing
the project’s defined process.
Capability Maturity Model® Integration (CMMI), Version 1.1
121
Project Lifecycle
Planning
Maintain
Integration
Requirements
Project
Lifecycle
Iteration
Acquisition
Modify/Build
Implementation
122
Continuous Implementation
INTEGRATE
ITERATE
IMPLEMENT
Publish
information on the
Web
123
In Conclusion
Wrapping it up
What’s been Said

Many organizations are demanding greater ROI from their
IT services

Used together, ITIL, CobIT and CMM frameworks can
provide a structure to achieve enhanced IT service
management

A coherent, encompassing service improvement process
will take several years. You need strategies to ensure
sustained momentum.

Be aware of the need to achieve enabling organizational
practices as pre-requisites for implementing ITIL
processes which require greater levels of maturity
125
Thank You
126