Post on 03-Apr-2018
7/29/2019 ITSM Foundation Course Material
1/245
Training Reference Material
IT Service Management
according to ISO/IEC 20000
7/29/2019 ITSM Foundation Course Material
2/245
2
Welcome & Administration
Structure of the training
ISO/IEC 20000 certification and course outline
Examination format
Agenda
7/29/2019 ITSM Foundation Course Material
3/245
3
Welcome & Administration Introduction to IT Service Management Content of ISO/IEC 20000, section 1-5 - basics
ScopeTerms and definitionsRequirements for a management systemPlanning and implementing service managementPlanning and implementing new or changed services
Content of ISO/IEC 20000, section 6-10ITService Management Processes:
Resolution ProcessControl ProcessRelease ProcessService Delivery ProcessRelationship Process
Classification and PreviewISO/IEC 20000 certificationRelated practices and standards
ISO/IEC 20000 Qualification Program
ContentofISO/IEC
20000-
1
a
ndISO/IEC
20000-2
Structure of the training
7/29/2019 ITSM Foundation Course Material
4/245
4
ISO/IEC 20000 Qualification Program
7/29/2019 ITSM Foundation Course Material
5/245
5
Examination Format
Already available in English, Dutch, French,Portuguese, Japanese, Chinese, German, Italian,Latin-American Spanish and European Spanish.
This is a closed book exam. No materials are permitted
in the examination room.Duration: 1 hour
Number of questions: 40
Multiple-choice with
four options: A, B, C or D and
a single answer
Score minimum of 65 percent (26 of 40) to pass theexam.
7/29/2019 ITSM Foundation Course Material
6/245
6
BEST
PRACTICEaccording to
Goal of this slide set
Preparation for an ISO/IEC 20000 Foundation Examaccording to specifications from EXIN and TV SD
Akademie.
Notations used in this slide set:
Course Material
Blue background Definitions according to ISO/IEC 20000
Minimum requirements of ISO/IEC 20000-1
ISO/IEC 20000-2 recommendation
A best practice, but no ISO/IEC 20000
requirement or recommendation
7/29/2019 ITSM Foundation Course Material
7/245
7
Introduction to IT Service
Management
Motivation of process-oriented IT Service Management
Background, History
Basic principles
Check all IT Service Management Trainings conducted by Simplilearn.com
http://www.simplilearn.com/it-service-managementhttp://www.simplilearn.com/it-service-management7/29/2019 ITSM Foundation Course Material
8/245
8
Learning target of this section
IT Services and their elements (1.2.1, 1.2.2)
IT Service Management: Concept, Benefit, Risks
(1.3.1, 1.3.2)
Process orientation: Concept, Benefit (1.4.1) Process control and measurement (1.4.2)
Roles of IT Service Management (1.4.3)
Quality, Quality of Service (1.1.1, 1.1.2, 1.2.3)
Principles of quality management and setup of aquality management system (1.1.3)
ISO/IEC 20000: Purpose, Benefit, History, Owner
(2.3.1, 2.3.2)
Groups of processes within ISO/IEC 20000 (2.3.4)
7/29/2019 ITSM Foundation Course Material
9/245
9
Motivation of Process Orientation
Availability is the most essential
service parameter of enterprise
services.
Availability is determined by
frequency and duration of servicefailure.
About 80% of failures are a
consequence of people and process
issues.
Duration of failures heavily dependson non-technical factors.
Operator
Errors
Application
Failures
[Gartner 1999]
Causes of service failure
Technology
Need for Management of IT Processes!
7/29/2019 ITSM Foundation Course Material
10/245
10
What is ISO/IEC 20000?
ISO/IEC 20000 is a worldwide standard that
describes the implementation of an integrated
process approach for the delivery of IT
services.
A set of minimum requirements to audit anorganization for effective IT Service
Management.
Owner:
ISO (International Organization for Standardization)
IEC (International Electro-technical Commission
Developed by JTC 1 / SC 7)(Joint Technical Committee 1 / Subcommittee 7)
7/29/2019 ITSM Foundation Course Material
11/245
11
History: from BS 15000 to ISO/IEC 20000 BS 15000:
Direct predecessor of ISO/IEC 20000
Developed by BSI (British Standards Institution)
1995, 1998: Code of practice (non-certifiable)PD 0005 A Code of Practice for Service Management
2000: First release of the standardBS 15000: 2000 Specification for Service Management
PD 0015: 2000 IT Service Management Self-Assessment Workbook
2002, 2003: Second releaseBS 15000-1: 2002 Specification for Service Management
BS 15000-2: 2003 Code of Practice for Service Management
PD 0015: 2002 IT Service Management Self-Assessment Workbook
2004: Adoption in other countriesAustralia: AS8018
South Africa: SANS 15000
7/29/2019 ITSM Foundation Course Material
12/245
12
ISO/IEC 20000: Development and Parts Date of Publication: December 15, 2005 - Developed using a
fast-track approach by adoption of BS 15000 during 14 months
Changes to BS 15000
Formally 450 changes (renumbering, etc.)
In terms of content, just slight differences (sole terms, etc.)
No other official publications by ISO/IEC but increasing number
of secondary publications by BSI (BIP 0030-0039, BIP 0015)
Two Parts:
ISO/IEC 20000-1:Information Technology Service Management
Part 1: SpecificationISO/IEC 20000-2:Information Technology Service ManagementPart 2: Code of Practice
Requirements -shall
Recommendations -should
7/29/2019 ITSM Foundation Course Material
13/245
13
Context of ISO/IEC 20000
Basics:IT Service Management(e.g. ITIL, MOF, CobiT)
& Quality Management (e.g. ISO 9000)
ISO/IEC 20000-2
ISO/IEC
20000-1
SHALL/MUST-HAVEs
Minimum Requirements Check lists
SHOULD-HAVEs
Enhancement of Part 1 Recommendations
7/29/2019 ITSM Foundation Course Material
14/245
14
Related Standards Overview
ITIL V2 ITIL V3
CobiT
MOF
ISO/IEC 20000
ISO 9000
CMM CMMI
ISO/IEC 15504
Software EngineeringMaturity Degree Model
IT ManagementFramework
Quality Managementstandard / methodology
BS 15000
Six Sigma
Adoption of concepts
Predecessor
Legend
ISO/IEC 27000
(since CobiT V4)
7/29/2019 ITSM Foundation Course Material
15/245
15
Basic Principles and Concepts
Process
Processes in general
Business Processes
IT Processes
Service
Process Management
Process Assessment Quality and Quality Management
7/29/2019 ITSM Foundation Course Material
16/245
16
What is a Process?
Hammer, Champy (Reengineering the Corporation):A business process is a bundle of activities, which
requires one or several inputs and which creates
value for the customer.
Office of Government Commerce (ITILVersion 3):A structured set of Activities designed to
accomplish a specific Objective. ()
DIN/ISO (ISO 9000):A business process is a collection of interrelated
resources and activities, that transform inputs into
outputs. Resources could be personnel, buildings,machinery, technology and methodology.
7/29/2019 ITSM Foundation Course Material
17/245
17
Example Business Process Workflow
7/29/2019 ITSM Foundation Course Material
18/245
18
Managements Process Orientation
Processes control and impact on
individuals behavior employment of technology usage of information/knowledge
Processes make results of activities predictable Process Orientation as a Management Paradigm
ActivityActivity Activity
Output
Output
OutputInput
Input
Input
Domain 1 Domain 2 Domain 3
Control factors Control factors Control factors
7/29/2019 ITSM Foundation Course Material
19/245
19
Process Assessment
Critical Success Factors
Meet all critical conditions to achieve success What are the basic conditions of the process?
Does the process operate effectively?
Qualitative consideration
Key Performance Indicators
Metrics reflect the degree of target achievement Calculation based on parameter values measured during process
execution
Does the process actually operate (now, last month, last quarter, etc.)
effectively and efficiently?
Quantitative consideration
7/29/2019 ITSM Foundation Course Material
20/245
20
What is a Service?
Definition according to ITILVersion 3 (goal-oriented)
A means of delivering value to customers by facilitatingoutcomes customers want to achieve without the
ownership of specific costs and risks.
Model-based Definition (technology-oriented)
Target A view of all components and management-relevant aspects of a service.
7/29/2019 ITSM Foundation Course Material
21/245
21
Components of an IT Service
Information System:- People, Processes, Technology, Partners- Used to manage information
Support:
- Changes, system restoration in case of failure- Maintenance- To ensure performance according to the agreed
requirements
Quality:- Availability, Capacity, Performance, Security
Scalability, Adjustability, Portability- Quality attributes of the information system to be
specified and agreed upon
7/29/2019 ITSM Foundation Course Material
22/245
22
A Possible Service Model
7/29/2019 ITSM Foundation Course Material
23/245
23
ITSM: Basic Relationships
Business Processes are
supported by IT Services.
Delivering IT Services is the key
task of an IT provider.
Customers of the IT provider arebasically organizations that are
involved in business processes.
Users use IT Services to carry
out day-to-day activities.
ITSM Frameworks describe BestPractices of IT Service
Management.
Manage-ment
IT Service
Business Process
supports
IT Provider
Customer
is responsible
delivers
ITSMBest
Practice
use
User
7/29/2019 ITSM Foundation Course Material
24/245
24
Process-oriented ITSM: Objectives and Benefit
Objectives: Management of IT Services forFulfillment of Business Requirements
Benefit:Effectiveness and efficiency of workflows will be
increased. IT Management will be placed on a stable foundation by
focusing on business objectives and customerorientation.
Improved external communication, competitiveadvantage.
Improved communication, Knowledge Management
Output is more predictable and comprehensible.
Less failures and resultant faults.
Better management of risks (reduced insurance rates,compliance requirements)
7/29/2019 ITSM Foundation Course Material
25/245
25
Process-oriented ITSM: Risks
Bureaucratic procedures, more paperwork.
Lower effectiveness and efficiency, if The staff is not aware of processes and measures
and personnel do not accept the system.
Senior Management only pays lip-service to thesystem.
Important work is done outside of the system andprocess is not complied with.
7/29/2019 ITSM Foundation Course Material
26/245
26
Roles in Process Management
Sets of responsibilities, activities and authoritiesgranted to a person or team
Per process:- Process owner is responsible for process results.
- Process manager is responsible for realization of the process,day-to-day control and management.
- Process operatives (professionals) are responsible for definedactivities.
Results assessed based upon agreed performance
indicators.
One person or team may have multiple roles.
7/29/2019 ITSM Foundation Course Material
27/245
27
Role of Tools
Automated support aids in the performance of tasks/activities
Purpose:
Increased efficiency = cost reduction
Provide evidence of the process activities performed
Examples:
- Monitoring tools
- Software distribution tools
- Service Management / workflow tools
- Remote infrastructure management tools
A fool with a tool is still a fool!
7/29/2019 ITSM Foundation Course Material
28/245
28
Service Quality
Quality of Service is a measure that indicates the overalleffect of service performance that determines thedegree of satisfaction of a user of the service. Themeasure is derived from the ability of the resources toprovide different levels of services. The measure can be
both quantitative and qualitative.
Quality of service is a critical part of customer and end usersatisfaction
Measure of the ability of a service to provide the intendedvalue to a customer
Specific to the individual customer; quality metrics should bedefined from the customers perspective
Customer perception of service quality may vary over time
7/29/2019 ITSM Foundation Course Material
29/245
29
Quality Policy
The Quality Policy recognizes that there is always thepotential to increase effectiveness and efficiency(continual improvement).
The Quality Policy determines the general quality goals of anorganization.
The Quality Policy however does notcover:Legal Requirements
Customer specific requirements in quality (cp. SLAs)
Requirements of ISO/IEC 20000
7/29/2019 ITSM Foundation Course Material
30/245
30
Relationship between IT Services and Quality
A service is provided through the interaction of theprovider with customers and users; quality of the servicedepends upon this interaction.
Quality is a measure of the extent to which the service
fulfills the requirements and expectations of thecustomer.
Customer perception of quality is largely based onexpectations:
Common language/terminology required to ensure effective
dialogue.Expectations need to be clearly defined.
Supplier should continually assess how service is being
experienced and what the customer expects in the future.
Providing constant quality is crucial to perception.
7/29/2019 ITSM Foundation Course Material
31/245
31
Principles of Quality Management
ISO/IEC 20000 is predicated on basic principles ofQuality Management as defined in ISO 9000e.g.
Principles of Quality Management (QM):Customer focus
Leadership
Involvement of people
Process approach
System approach to management
Continual improvement
Factual approach to decision making
Mutually beneficial supplier relationships
7/29/2019 ITSM Foundation Course Material
32/245
32
Strategy
Process
QUALITY
MANAGEMENT
SYSTEM
What is a Quality Management System?
7/29/2019 ITSM Foundation Course Material
33/245
33
Objective of a Quality Management System
Requirements
for aManagementSystem (Sec
3)
SeniorManagementBuy-In
Right PeopleCompetent,aware and
trained
Right products Right Suppliers
RightDocuments
that aremanaged
Goodcommunication
7/29/2019 ITSM Foundation Course Material
34/245
34
Steps to Establish a Quality Management System
Identify customers requirements and expectations.
Define and assign required resources to achieve thecommitted quality goals.
Launch procedures to measure effectiveness andefficiency.
7/29/2019 ITSM Foundation Course Material
35/245
35
Summary
ISO/IEC 20000
Worldwide Standard
Process-Oriented Approach for IT ServiceManagement
Based on:Best Practices in IT Service Management (as per
description in ITILe.g.)
Principles of Quality Management (as per description
in ISO 9000 e.g.) Consists of two parts:
ISO/IEC 20000-1: Specification
ISO/IEC 20000-2: Code of Practice
Structure of both parts is identical.
7/29/2019 ITSM Foundation Course Material
36/245
36
Basic Structure ISO/IEC 20000
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accounting
for IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &
Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] Release
Process[8] Resolution Processes
[7] Relationship
Processes
[4] Planning & Implementing Service Management
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
[6] Service Delivery Processes
7/29/2019 ITSM Foundation Course Material
37/245
37
Revision Course
What is IT Service Management? What is a Management Process?
What is ISO/IEC 20000?Content?
Structure?Processes and process clusters?
History?
Relationship to ITSM Frameworks?
What is the advantage of process-orientedmanagement?
What are the risks?
What is a QM System?
7/29/2019 ITSM Foundation Course Material
38/245
38
Content of ISO/IEC 20000 Part 1:Basics
(section 1 - 5)
[4] Planning & Implementing SM
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
Management responsibilityDocumentation requirements
Competencies, awareness & trainingPlan, Do, Check, Act
7/29/2019 ITSM Foundation Course Material
39/245
39
Section 1: Scope
[4] Planning & Implementing SM
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
Management responsibilityDocumentation requirementsCompetencies, awareness & training
Plan, Do, Check, Act
Objective
Description of ISO/IEC 20000 Standards and its content
7/29/2019 ITSM Foundation Course Material
40/245
40
Learning target of this section
Applicability and Scope of the Standards(2.2.1)
Usefulness and benefit of a certification(2.2.2)
Difference of ISO/IEC 20000-1 and ISO/IEC20000-2 (2.3.3)
7/29/2019 ITSM Foundation Course Material
41/245
41
Scope: Description ISO/IEC 20000
What is the common advantage of ISO/IEC
20000?
ISO/IEC 20000 defines requirements for Service providers.
ISO/IEC 20000 sets up a basis of standardized terminologyfor IT Service Management.
ISO/IEC 20000 is applicable ...
in a bid context
securing consistency in a supply chain approach
as IT Service Management benchmarking as basis for an independent assessment
to prove capability in meeting customer requirements
improving service
7/29/2019 ITSM Foundation Course Material
42/245
42
Scope: Description ISO/IEC 20000
What is the purpose of the respective parts of
ISO/IEC?
ISO/IEC 20000-1: Requirements for service providers intendingto offer managed services with acceptable quality levels
ISO/IEC 20000-2: Additional guidelines for auditors and serviceproviders
Where is ISO/IEC 20000 not suitable?
Product evaluation of tools, etc.
7/29/2019 ITSM Foundation Course Material
43/245
43
Section 2: Terms and Definitions
[4] Planning & Implementing SM
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
Management responsibilityDocumentation requirementsCompetencies, awareness & training
Plan, Do, Check, Act
Objective
Basic Definitions and Standardized Terminology
7/29/2019 ITSM Foundation Course Material
44/245
44
Learning target of this section
Terms and Definitions according to
ISO/IEC 20000 (2.3.6)
7/29/2019 ITSM Foundation Course Material
45/245
45
Terms and Definitions: Overview
Availability (6.3) Baseline (9.1)
Change Record (9.2)
Configuration Item
(9.1) Configuration
Management
Database (9.1)
Document
Incident (8.2)
Problem (8.3)
Record Release (10.1)
Request for Change (9.2)
Service Desk
Service Level Agreement(6.1)
Service Management
Service Provider
Grey highlighted terms: Definitions - see the following slides
All other terms: See Specification Sheet Section 7.5 for full list
7/29/2019 ITSM Foundation Course Material
46/245
46
Documents and Records
Document Information and its supported medium.
Record (objective evidence) A record is a document which shows whatkind of results are being achieved or how wellactivities are being performed.
7/29/2019 ITSM Foundation Course Material
47/245
47
Service
Service Desk
Interface function for communication of provider anduser, which covers the bigger part of the first levelsupport.
Service Management
Management of IT Services in order to support andmeet business requirements.
Service Provider
Supplier of IT Services (target object of ISO/IEC20000 certification).
7/29/2019 ITSM Foundation Course Material
48/245
48
Service Desk
Service Desk Objectives
To ensure availability of the IT provider
Single Point of Contact (SPOC) for Users
Tasks -
To take over tasks of service support (e.g. particularly
within Incident Management Process) Communication to users
Service Desk is a Core Definition, but not part of the ISO/IEC 20000 requirements.
BEST
PRACTICE
according to
ITIL Version 2 & 3, MOF
7/29/2019 ITSM Foundation Course Material
49/245
49
Requirements for a Management System
[4] Planning & Implementing SM
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
Management responsibilityDocumentation requirementsCompetencies, awareness & training
Plan, Do, Check, Act
Objective:
To provide a management system enabling the effectivemanagement of all IT Services.
7/29/2019 ITSM Foundation Course Material
50/245
50
Learning target of this section
Objective and purpose of a management system
(3.1.1)
Management responsibilities (3.1.2, 4.1.1)
Documentation requirements (3.1.3, 4.1.2) Competence, Awareness and Training (3.1.4, 4.1.3)
7/29/2019 ITSM Foundation Course Material
51/245
51
Management Systems
What is a management system?
A possible definition: A management system is theframework of processes, tools and resources(personnel and machinery) used to plan,
execute, document and continually improvemanagement tasks in a target-oriented,customer-oriented and quality-oriented way.
Important Aspects: Quality (cp. Quality Management) Management responsibilities Documentation Competence, Awareness and Training
7/29/2019 ITSM Foundation Course Material
52/245
52
Management Responsibilities
Management shall:
prove commitment to development, implementation andimprovement of service management capabilities byappropriate leadership behavior and appropriate
measures; establish policy, objectives and plans;
communicate the importance of meeting the objectives andthe need for continual improvement;
ensure that customer requirements are determined and are
met; appoint a member of management responsible for the co-
ordination and management of all services.
7/29/2019 ITSM Foundation Course Material
53/245
53
Management Responsibilities (continued)
Management shall: (continued)
determine and provide resources (e.g. personnel) forService Management;
manage risks to the organization and services;
conduct reviews of service management at plannedintervals.
7/29/2019 ITSM Foundation Course Material
54/245
54
Management Responsibilities (continued)
Furthermore, Senior Management should: require and support the implementation of service
management processes;
assign an executive position to the senior responsibleowner of IT Service Management ;
provide management representatives with requiredresources for continual or project-related improvement;
allocate a decision-making group to the managementrepresentatives with sufficient authority to define guidelinesand make decisions.
7/29/2019 ITSM Foundation Course Material
55/245
55
Documentation
Documentation and records shall be provided to
support effective planning, operation and control.
Including at least: Documentation of Service Management guidelines and
plans Documentation of Service Level Agreements
Documentation of processes required by ISO/IEC 20000
Records required by ISO/IEC 20000
Procedures and responsibilities shall be establishedfor the creation, review, approval, maintenance,
disposal, and control.
7/29/2019 ITSM Foundation Course Material
56/245
56
Documentation: Best Practices
Senior responsible owner should ensure evidence isavailable for audit, such as:
Policies and plans
Service documentation
Procedures
Processes
Process control records
Documents should be in a medium suitable for their purpose.
Documents should be protected from damage due to
circumstances (e.g. environmental conditions, computerdisasters).
7/29/2019 ITSM Foundation Course Material
57/245
57
Competence, Awareness & Training
All roles and responsibilities in combination with therequired competencies shall be defined.
Competencies and training needs shall be determinedand managed:
Maintain appropriate records of qualifications,experience, skills and trainings
Arrange for training and further education
Control effectiveness of qualification and training
Management shall ensure that staff are aware of therelevance and importance of their activities and howthey contribute to the achievement of servicemanagement objectives.
7/29/2019 ITSM Foundation Course Material
58/245
58
Section 4: Planning and Implementing SM
Objective Planning and
Implementing ITService Management
using DemingsQuality Circle.
PLAN
[4.1] Plan ServiceManagement
DO
[4.2] Implement ServiceManagement
CHECK[4.3] Monitor, Measure
and Review
ACT
[4.4] ContinualImprovement
[4] Planning & Implementing SM
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
Management responsibility
Documentation requirementsCompetencies, awareness & training
Plan, Do, Check, Act
7/29/2019 ITSM Foundation Course Material
59/245
59
Learning target of this section
Objective and purpose of the section Planning and
Implementing IT Service Management (3.1.5)
Plan-Do-Check-Act methodology for Service
Management Processes (1.5.1, 3.1.6, 3.1.8)
Principles of a Service Management Plan (3.1.7)
Internal and external audits (4.1.5, 4.1.6)
Conduct internal and external audits (4.1.6)
7/29/2019 ITSM Foundation Course Material
60/245
60
Continual Improvement
1. Necessary in order to improve the performance of theorganization and increase customer satisfaction.
2. Needs to be a permanent objective of the organiation.
3. Continual activity which keeps the wheel of the PDCAcycle turning.
4. Ensures improvement activities at all levels are aligned tothe organizations strategy.
5. Increases flexibility to act quickly on opportunities.
6. Applying the principle leads to a company culture andorganization-wide approach to continual improvement.
7. Leads to more business in the mid-term by activelyimproving the relationship with customers.
7/29/2019 ITSM Foundation Course Material
61/245
61
Demings Quality Circle PDCA
Process model of quality management according
to W. Edwards Deming Cyclical optimization of quality leads to continual
improvement
Plan-Do-Check-Act is applicable to all processes
defined in ISO/IEC 20000
time
maturity
7/29/2019 ITSM Foundation Course Material
62/245
62
PDCA in Service ManagementBusiness
Requirements
CustomerRequirements
Request for
new/changed services
Other processes(e.g. business,
supplier, customer)
Other teams(e.g. Security,IT Operations)
Management of Services
Management Responsibility
PLAN
Plan Service
Management
ACT
ContinualImprovement
DO
Implement ServiceManagement
CHECK
monitor, measureand review
Service Desk
Business results
Customer satisfaction
New/changed Services
Team and peoplesatisfaction
Other processes(e.g. business,
supplier, customer)
7/29/2019 ITSM Foundation Course Material
63/245
63
Section 4.1: Plan Service Management
Objective "Plan"To plan the implementation and delivery of servicemanagement.
PLAN
DO
CHECK
ACT
7/29/2019 ITSM Foundation Course Material
64/245
64
Planning for Service Management
Create a plan for implementing servicemanagement.
The plan is called the Service Management
Plan.Responsibilities shall be determined anddocumented to control, authorize,communicate, operate and maintain the plans.
All process-related plans have to becompatible with the service management plan.
7/29/2019 ITSM Foundation Course Material
65/245
65
Service Management Plan
The plans shall at a minimum define:
1. Scope of service management
2. Objectives and requirements to be achieved by
service management3. Processes to be executed
4. Framework of roles and responsibilities
5. Interfaces between service management
processes
7/29/2019 ITSM Foundation Course Material
66/245
66
Service Management Plan
The plans shall at a minimum define (continued):
6. Approach to risk management
7. Methods for interfacing with development projects
8. Resources, facilities, budget9. Tools for process support
10.Methods to manage service quality including auditand improving
7/29/2019 ITSM Foundation Course Material
67/245
67
Service Management Plan
Approaches to implementing the Service Management Plan
The Service Management Plan should be implemented byconsidering the following issues (providing a map for directingprogress):
Required new service management processesChanges in existing processes
Improvement of established procedures
etc.
Other possible content of the plan: Appropriate tool support for processes
Change procedure for the plan
7/29/2019 ITSM Foundation Course Material
68/245
68
Service Management Plan
Events with impact on the Service Management Plan:
Service Improvement
Changed Services
Changes to the target-state of infrastructure Changed legal/official requirements
Regulation or deregulation of branches
Mergers and acquisitions
7/29/2019 ITSM Foundation Course Material
69/245
69
Objective "Do"To implement the service managementobjectives and plan.
PLAN
DO
CHECK
ACT
Implement Service Management & Provide the Services
70
7/29/2019 ITSM Foundation Course Material
70/245
70
Implementing Service Management
Implementing Service Management
Allocation of budgets
Allocation of roles and responsibilities
Documenting and maintaining policies, plans,procedures and definitions for each process
Identify and manage risks to the service
Managing teams (staff)
Managing facilities and budgets
Managing teams for service desk and operations
Reporting on progress of Service Management Plan
Co-ordination of service management processes
71
7/29/2019 ITSM Foundation Course Material
71/245
71
Objective "Check"To monitor, measure, and review that theservice management objectives and plan arebeing achieved.
PLAN
DO
CHECK
ACT
Monitoring, Measuring and Reviewing
72
7/29/2019 ITSM Foundation Course Material
72/245
72
Achievement of Objectives
Appropriate methods shall be applied for monitoring andmeasuring processes to disclose achievement of targets.
Management shall conduct reviews at planned intervals todetermine whether:
Service management requirements conform with the
Service Management Plan and requirements ofISO/IEC 20000
Service management requirements are effectivelyimplemented and maintained
An audit program shall be planned.
Objectives of reviews, assessments and audits shall bedocumented together with the results and detectedresolutions.
In case of failure to fulfill obligations and otherproblematical concerns, all relevant parties shall beinformed.
73
7/29/2019 ITSM Foundation Course Material
73/245
73
Characteristics of Assessments and Audits
Self-assessmente.g. a department assesses its own procedures
Poor comparability, often not objective
First party (internal) audit
Auditing is performed by a department within theorganization
Auditor belongs to same organization, but is notinvolved in audited department
Second party (vendor) audit
Third party (external) audit
Auditing is performed by an independent externalorganization
In the context of standard audits mostly a registered
certified body (RCB).
74
7/29/2019 ITSM Foundation Course Material
74/245
74
Comparison: Characteristics of Assessments and Audits
Objectiveness
Costs/effort
Self-assessment
First party
(internal) audit
Third party
(external) audit
Second party
(vendor) audit
75
7/29/2019 ITSM Foundation Course Material
75/245
75
Audit Program
To be considered by internal audit
program:
Status and importance of the audited processes andorganizations
Results of previous audits
Criteria, scope, frequency and methods
shall be defined in a procedure.
Selection of auditors shall take into
consideration:Audit has to be objective and impartial.
Auditors shall not audit their own work.
76
7/29/2019 ITSM Foundation Course Material
76/245
76
Management Review
Management Reviews should focus on:
Achievements compared to service objectives (e.g.from audit results)
Customer satisfactionResource utilization
Trends
Certain service discrepancies
77
7/29/2019 ITSM Foundation Course Material
77/245
77
Objective "Act" To improve the effectiveness and efficiency of
service delivery and management.
PLAN
DO
CHECK
ACT
Continual Improvement
78
7/29/2019 ITSM Foundation Course Material
78/245
78
Policy
A published policy for service improvement is
required.
Any non-compliance with ISO/IEC 20000 or with
service management plan shall be remedied.
Roles and responsibilities for service
improvement shall be defined clearly.
79
7/29/2019 ITSM Foundation Course Material
79/245
79
Management of Improvement
All suggested service improvements shall beevaluated, documented, prioritized andauthorized. Monitoring these activities shall beplanned.
A specific process is required for continuallyidentifying, measuring, reporting and managingimprovement. This encompasses:
Improvements concerning individual processes that
can be implemented by process owners meansOrganization-wide or cross-process improvements
80
7/29/2019 ITSM Foundation Course Material
80/245
80
Activities to be carried out
Information shall be recorded and analyzed asa baseline and a benchmark against theproviders capability in managing services and
service management processes.
Identify, plan, and implement improvements.
Consultation with all involved parties.
Set a goal for improvements regarding quality,
costs, resources.
81
7/29/2019 ITSM Foundation Course Material
81/245
81
Activities to be carried out
Consider relevant requests for improvementof all services and management processes.
Measure, report and communicate serviceimprovements.
Revise service management policies,processes, procedures and plans wherenecessary.
Ensure that all approved actions aredelivered and that they achieve theirintended objectives.
82
7/29/2019 ITSM Foundation Course Material
82/245
82
Section 5: Planning and Implementing Services
[4] Planning & Implementing SM
[3] Management System
[5] Planning & Implementing new or changed Services
[1] Scope
[2] Terms and Definitions
Management responsibility
Documentation requirementsCompetencies, awareness & training
Plan, Do, Check, Act
Objective:
To ensure that new services and changes to services will bedeliverable at the agreed cost and service quality.
83
7/29/2019 ITSM Foundation Course Material
83/245
83
Learning target of this section
Parties involved in planning new or changed services(3.2.1)
Objective and purpose of planning and implementingnew or changed services (3.2.2)
Quality requirements for new or changed services (3.2.3) Content of an implementation plan for new or changed
services (3.2.4)
Planning and implementation policy for new or changedservices (4.1.4)
Reviews for planning new or changed services (4.2.1) Records for service changes (4.2.2)
84
7/29/2019 ITSM Foundation Course Material
84/245
84
Minimum Requirements
The costs, commercial and organizational impact of anyproposed new or changed services shall be considered byoperations and management of these services.
New or changed services, including closure of service,
shall be planned and authorized/approved through changemanagement.
Planning of new/changed services shall consider aspectsof funding and allocation of resources.
New/changed services require acceptance by service
provider before deployment to live environment. Post implementation review (including target-performance
comparison) through change management process.
85
7/29/2019 ITSM Foundation Course Material
85/245
Implementation Plans for New/Changed Services
Implementation plans for new/changed
services comprises at least:
Roles and responsibilities for implementing,
operating and managing (as well at the customer andat vendor)
Required changes to existing services and systems
Communication to the stakeholders
New and changed contracts and agreements Manpower requirements
Skills and training requirements
86
7/29/2019 ITSM Foundation Course Material
86/245
Implementation Plans for new/changed Services
Implementation plans for new/changed services
consists of at least (continued):
Processes, measures, methods, and tools to be used inconnection with the new/changed service
Budgets and timelines
Service Acceptance Criteria
The expected outcomes from operating the new service
expressed in measurable terms
87
7/29/2019 ITSM Foundation Course Material
87/245
PINCS: Involved Parties
Roles and responsibilities related to the service need
to be defined, including activities to be performed by:
Customers
Suppliers
Service Provider
Implementation via Change Management
Skills and training requirements for:
Users
Technical support of the service
88
7/29/2019 ITSM Foundation Course Material
88/245
Reviews at planning new or changed services
During planning new/changed services, thefollowing should be reviewed:
Budget Adjustment of budgeting required?
Increased financial requirements through new
services?Reduction of costs through changes or replacementof expensive services?
Staff Is existing staff able to provide/support
new/changed services?
Increased headcount (e.g. at support)?Possible personnel consolidation throughnew/changed services?
Service Levels Impact on existing service
levels?
89
7/29/2019 ITSM Foundation Course Material
89/245
Reviews for planning new or changed services
During planning new/changed services thefollowing should be reviewed (continued):
SLAs and other commitments
Changing existing or concluding new SLAs required?
Other commitments? Processes, procedures and documentation
Changing existing processes and procedures required (e.g.at support)?
Changed services require new documentation or update ofexisting documents?
Scope of Service Management
New or not yet implemented service managementprocesses required?
Service Management Plans update required?
90
7/29/2019 ITSM Foundation Course Material
90/245
Change Records of Changed Services
All changes to existing services should be
documented in relevant change records.
Staff training - conducted update training forsupport staff
Move or transfer
Conducted user training
Any change-related communication
Changes to supporting technologies (e.g.system components, software)
Closure of services
91
7/29/2019 ITSM Foundation Course Material
91/245
Content of ISO/IEC 20000
Part 2:IT Service Management Processes
(section 6 - 10)
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security ManagementService Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] Release
Process[8] Resolution Processes
[7] Relationship
Processes
[6] Service Delivery Processes
92
7/29/2019 ITSM Foundation Course Material
92/245
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] Release
Process[8] Resolution Processes
[7] Relationship
Processes
[6] Service Delivery Processes
Section 8: Resolution Processes
About the process groupIncident and Problem Management are closely related
processes but differ in their objectives. These processes are coveredin the Professional module Support of IT Services within the ISO/IEC20000 Qualification Program.
93
7/29/2019 ITSM Foundation Course Material
93/245
Learning target of this section Objectives and requirements within
Incident Management (3.5.1)
Best Practices within Incident
Management (4.5.1)
Objectives and requirements within
Problem Management (3.5.2)
Best Practices within Problem
Management (4.5.2)
94
7/29/2019 ITSM Foundation Course Material
94/245
Code of Practice
Classification Incident vs. Problem Management Incident Management: Quickest possible service
recovery
Problem Management: Root cause identification and
resolution
Similarities and connections between Incident and
Problem Management
Prioritization of Incidents and Problems Problem Management develops and maintains work-
arounds provided to Incident Management.
95
7/29/2019 ITSM Foundation Course Material
95/245
Code of Practice
Aspects to consider scheduling Incidents andProblems
Priority: Control factor resulting fromImpact
Urgency
Staff skills
Competing requests for resource allocation
Costs of implementing the resolution
Approximated time to implement the resolution
ISO/IEC 20000
Code of Practice
96
7/29/2019 ITSM Foundation Course Material
96/245
Objective:
Resolve incidents as quickly as possible and minimize theadverse impact on business operations.
Incident Management
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident Management
Problem Management
Configuration Management
Change Management
[9] Control Processes
[10] ReleaseProcess[8] Resolution Processes
[7] RelationshipProcesses
[6] Service Delivery Processes
97
7/29/2019 ITSM Foundation Course Material
97/245
Fundamental terms
Incident An unplanned interruption to a service or
reduction in the quality of an service.
Further Terms Service Request:
Request for documentation
User Request for Change
Escalation:procedure of forwarding an incidentFunctional Escalation
Hierarchical Escalation
98
7/29/2019 ITSM Foundation Course Material
98/245
Process
Activities:
Detection and Recording - description of symptoms,creation of ticket
Classification and Initial Support - if possible,resolution through first level support (Service Desk);incident prioritization and categorization
Investigation and Diagnosis - find a resolution torestore the service as quickly as possible
Resolution and Recovery - initiation of requiredrecovery measures
Closure - resolution documentation, userconfirmation, close ticket
BEST
PRACTICE
according to
ITIL Version 2 & 3
99
7/29/2019 ITSM Foundation Course Material
99/245
Functional Escalation
Request?
Detection
1st Support
Resolvable?
Resolution
Diagnosis
Resolvable?
Resolution
Closure
RequestFulfillment
Yes
Yes Yes
No No No
2nd Level
Support3rd Level
Support
ServiceDesk
Co-ordination of support units
Diagnosis
Resolvable?
Resolution
Yes
No
BEST
PRACTICE
according to
ITIL Version 2 & 3
100
7/29/2019 ITSM Foundation Course Material
100/245
Service Requests and Incidents
The 20 GB hard disk of mynotebook is too small !
I have forgotten my Wiki-Password!
The color printer in room
D.2 stopped printing red!
It takes a long time toload our external web
sites!
I cannot accessmy emails!
Service Request for a storageupgrade
Service Request for a
cartridge change or a printerfailure
Performance Incident
Service Request for apassword or account reset
E-mail service failure
101
7/29/2019 ITSM Foundation Course Material
101/245
Minimum Requirements
All Incidents shall be recorded.
Procedures for detection, impact analysis, prioritization,classification, escalation, resolution and closure ofincidents shall be defined.
Customers shall be kept informed of the process progress andalerted BEFORE SLA is breached or at risk of beingbreached.
All staff involved in incident management shall have access torelevant information such as:
Known errors Problem resolutions
Configuration Management Database (CMDB)
Major Incidents shall be managed according to a process.
102
7/29/2019 ITSM Foundation Course Material
102/245
Code of Practice
Process closure
Prerequisite - Final closure of an incident should only takeplace when the initiating user has confirmed that the
service is restored.
Major incidents
Important - There should be a clear definition of whatconstitutes a major incident.
All major incidents should have a clearly definedresponsible manager at all times.
The process for a major incident should include review.
103
7/29/2019 ITSM Foundation Course Material
103/245
Assessment Card Template
SectionSub
SectionRequirement of ISO20000
8.1 Incident Managem ent
8.2 a All incidents shall be recorded
8.2 bProcedures shall be adopted to manage the impact of
service incidents
8.2 c
Procedures shall define the recording, prioritization,
business impact, classification, updating, escalation,
resolution and formal closure of all incidents
8.2 d
The customer shall be kept informed of the progress of their
reported incidents or service request and alerted in
advance if their service levels cannot be met and an action
agreed
8.2 e
All staff involved in incident management shall have access
to relevant information such as know n errors, problem
resolutions and the configuration management database
8.2 f Major incidents shall be classified and managed according
to a defined process
104
7/29/2019 ITSM Foundation Course Material
104/245
Objective:To avoid disruption by proactive and reactive analysis of the cause ofpotential incidents.
Problem Management
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration Management
Change Management
[9] Control Processes
[10] ReleaseProcess
[8] Resolution Processes[7] Relationship
Processes
[6] Service Delivery Processes
105
7/29/2019 ITSM Foundation Course Material
105/245
Fundamental terms
Problem
An unknown cause of one or more incidents
Additional terms:
Known Error- root cause of one or more incidents forwhich work-arounds exist, if applicable.
Reactive and proactive problem management
106
7/29/2019 ITSM Foundation Course Material
106/245
Problem Control
Process
Sub-processes within reactive problem management
Problem control
Error control
Problem Known Error
unknown cause known cause
Error Control
Request for Change
Change Management
BEST
PRACTICE
according to
ITIL Version 2
Problem Management
107
7/29/2019 ITSM Foundation Course Material
107/245
Process
Process activities within reactive problem management
Problem detection
Problem logging
Categorization
Prioritization
Investigation and Diagnosis
Find out work-arounds, if possible
Create Known Error Record
Submit request for change, if requiredResolution
Closure
BEST
PRACTICE
according to
ITIL Version 3
108
7/29/2019 ITSM Foundation Course Material
108/245
Trend Analysis
Definition: Analysis of data of various sources to identify time-
related patterns.
Examples of sources:
Ticket system - number of similar incidents
Monitoring tools - resource utilization peaks
Examples of time-related patterns:
Each Monday between 7:30-9:30 p.m. noticeable accumulationof submitting network incidents
Problem identification (reactive problem management sinceincidents already occured)
Every day between 2-5 a.m. marginally high utilization of aninformation system
Problem identification (proactive problem managementsince incidents should be avoided)
109
7/29/2019 ITSM Foundation Course Material
109/245
Minimum Requirements
All identified problems shall be recorded.
Procedures shall be adopted to identify, minimize or avoid theimpact of incidents and problems. They shall define therecording, classification, updating, escalation, resolution and
closure of all problems. Preventive action shall be taken to reduce potential problems.
Changes required in order to correct the underlying cause ofproblems shall be passed to the change management process.
110
7/29/2019 ITSM Foundation Course Material
110/245
Minimum Requirements
Problem resolution shall be monitored, reviewed and reportedon for effectiveness.
Problem management shall be responsible for ensuring up-to-date information on known errors and corrected problems isavailable to incident management.
Actions for improvement identified during this process shall berecorded and implemented.
111
7/29/2019 ITSM Foundation Course Material
111/245
Code of Practice
CommunicationAll processes and people involved in service supportparticularly incident management should be informed of:
Work-arounds
Permanent fixes
Progress of problems
112
7/29/2019 ITSM Foundation Course Material
112/245
Example: From Problem to Change
It takes a long time toload our external web
sites!
Incident
Category: SW/ServiceImpact:Highest (all users)Urgency:
Low (no SLA affected)
Problem
1. Back up log file2. Empty log file
Failure in writing logfiles causes delays
Root cause
Max. file size of webserver log files reached
Known Error
Install patch forweb server
Resolution
Install patch T12-02 forweb server onmachine pclx3
RfC
Work-around
113
7/29/2019 ITSM Foundation Course Material
113/245
Assessment Card Template
SectionSub
SectionRequirement of ISO20000
8.3 a All identif ied problems shall be recorded
8.3 bProcedures shall be adopted to identify, minimize or avoid
the impact of incidents and problems.
8.3 cProcedures shall define the recording, classification,
updating, escalation, resolution and closure of all problems
8.3 dPreventive action w ill be taken to reduce potential problems,
eg. Follow ing trend analysis of incident volumes and types
8.3 e
Changes required in order to correct the underlying cause
of problems shall be passed to change management
process
8.3 f Problem resolution shall be monitored, review ed and
reported on for eff ectiveness
8.3 g
Problem management shall be responsible for ensuring up-
to-date information on know n errors and corrected
problems is available to incident management
8.3 hActions for improvement identif ied during this process shall
be recorded and input into the service improvement plan
8.3 Problem Management
114
7/29/2019 ITSM Foundation Course Material
114/245
Revision Course
Trend analysis is important during what activity of problem
management process?
What is the difference between a problem and an error?
What are the sub-processes of problem management?
How is problem management linked to change
management? What is the next step within problem management after a
change was implemented to resolve an error?
What kind of information does problem management
provide for the incident management process?
115
7/29/2019 ITSM Foundation Course Material
115/245
Section 9: Control Processes
About the process groupObjective:
To manage configuration information and changes effectively.
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] Release
Process[8] Resolution Processes
[7] Relationship
Processes
[6] Service Delivery Processes
116
7/29/2019 ITSM Foundation Course Material
116/245
Learning target of this section
Objectives and requirements of Configuration Management (3.2.5)
Best Practices of Configuration Management (4.2.3)
Objectives and requirements of Change Management (3.2.6)
Best Practices of Change Management (4.2.4)
117
7/29/2019 ITSM Foundation Course Material
117/245
Configuration Management
Objective:
To define and control the components of the service and infrastructureand maintain accurate configuration information.
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration Management
Change Management
[9] Control Processes
[10] ReleaseProcess
[8] Resolution Processes
[7] RelationshipProcesses
[6] Service Delivery Processes
118
7/29/2019 ITSM Foundation Course Material
118/245
Fundamental terms
Configuration Item (CI)
Any IT infrastructure component or other element that isrecorded and maintained by configuration managementprocess
Configuration Management Database (CMDB)
A database used to store:
all relevant information of all CIs
relationships with other CIs
119
7/29/2019 ITSM Foundation Course Material
119/245
Fundamental terms
Additional terms
Attribute - a piece of information about a CI (e.g. asset id,location)
Baseline - a benchmark used as a reference point.Configuration Management System (CMS) - a set of tools anddatabases that are used to manage configuration information:
includes one or more CMDBs Federated CMDB
manages relationships with other CIs and related incidents,
problems, known errors, changes, etc.
BEST
PRACTICE
according to
ITILIL Version 3
120
7/29/2019 ITSM Foundation Course Material
120/245
Process
ActivitiesPlanning of:
CMDB targets (e.g. Which processes have to be supported?How?)
Scope of CMDBIdentification - define types of CIs, name conventions,
versioning
Recording and Control:
record new CIs
update existing CIsStatus Accounting - record/update lifecycle status of each CI
Verification - mapping CMDB and actual situation
BEST
PRACTICEaccording to
ITIL Version 2 & 3
121
7/29/2019 ITSM Foundation Course Material
121/245
Process
Planning
Identification
Recording and Control
Status Accounting
Verification
CMDB
Targets, Scope
Types of CIs, Baselines,Name conventions
New CIs, changed CIs
Update CI Status
Difference betweenCMDB and reality
BEST
PRACTICE
according to
ITIL Version 2 & 3
122
7/29/2019 ITSM Foundation Course Material
122/245
Minimum Requirements
There shall be an integrated approach to change andconfiguration management planning Scope of CMDB= Scope of change management!
Configuration management shall have an interface tofinancial asset accounting processes.
There shall be a configuration management policy onwhat is defined as a configuration item and its constituentcomponents.
The information to be recorded for each item shall bedefined and shall include the relationships anddocumentation necessary for effective servicemanagement.
123
7/29/2019 ITSM Foundation Course Material
123/245
Minimum Requirements
Configuration management shall provide the mechanismsfor identifying, recording, controlling and trackingversions of CIs. It shall be ensured that the process
meets the business needs, risk of failure and servicecriticality.
Configuration management shall provide information tothe change management process:
Supporting Change Management in risk and impact analysis
of planned changes Tracking of hardware/software changes
124
7/29/2019 ITSM Foundation Course Material
124/245
Minimum Requirements
A baseline of the appropriate configuration items shallbe taken before a release to the live environment.
Master copies of digital CIs (software, documents) shall
be controlled in secure physical or electronic libraries
(cp. release management: definitive software library) andreferenced to the configuration records.
All configuration items shall be uniquely identifiable andrecorded in a CMDB to which update access shall bestrictly limited and controlled.
Audit procedures shall include process and CMDB.
125
7/29/2019 ITSM Foundation Course Material
125/245
Configuration Management: Best
Practices
Should be planned and implemented together with Change and ReleaseManagement.
All major assets and configurations should be accounted for and have a
responsible manager who is accountable. There should be an up-to-date configuration management plan for the
infrastructure and/or services.
Managed CIs should be defined by relevant and auditable. Attributes,relationships and dependencies between CIs should be identified.
CIs should be held in a secure and suitable environment.
No CI should be added or undergo an uncontrolled status change. Statusrecords should provide current and historical data and be available to allrelevant parties.
Configuration audits should be carried out regularly.
126
7/29/2019 ITSM Foundation Course Material
126/245
Assessment Card Template
9.1 aThere shall be an integrated approach to change and
configuration management planning
9.1 bThe service provider shall define the interface to f inancial
asset and accounting processes
9.1 cThere shall be a policy on w hat is defined as a
conf iguration item and it's constituent components
9.1 d
The information to be recorded for each item shall be
defined and shall include the relationships and
documentation necessary for effective service
management
9.1 e
Configuration management shall provide the mechanisms for
identifying, controlling and tracking versions of identifiable
components of the service and infrastructure
9.1 f The degree of control shall be suf ficient to meet the
business needs, risk of failure and service criticality
9.1 g
Configuration management shall provide information to the
change management process on the impact of a requested
change on the service and infrastructure configurations
9.1 h
Changes to configuration items shall be traceable and
auditable where appropriate, eg. For changes and
movements of softw are and hardw are
9.1 i
Configuration control procedures shall ensure that integrity
of systems, services and service components are
maintained
9.1 jA baseline of the appropriate conf iguration items shall be
taken before a release to the live environment
9.1 Service Asset and Configuration Management
127
7/29/2019 ITSM Foundation Course Material
127/245
Excursus: Service Knowledge Mgmt. according to ITIL
Why Service Knowledge Management?
Sole Configuration Management is insufficient to soundly supportmanagement decisions.
Service Knowledge Managementadditional documentation of:
experiences
key findings of former projects
expert knowledge
Service Knowledge Management System (SKMS): A set of tools
and databases that are used to manage knowledge andinformation. The SKMS includes the:
CMDBs
CMS
BEST
PRACTICE
according to
ITILVersion 3
128
Ch M
7/29/2019 ITSM Foundation Course Material
128/245
Change Management
Objective:
To ensure all changes are assessed, approved, implemented andreviewed in a controlled manner.
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] ReleaseProcess
[8] ResolutionProcesses
[7] RelationshipProcesses
[6] Service Delivery Processes
129
F d l
7/29/2019 ITSM Foundation Course Material
129/245
Fundamental terms
Request for Change (RfC)
Form to register all relevant details of a required change to a CI.
Change Record
A record containing the CI details of an authorized change.
130
7/29/2019 ITSM Foundation Course Material
130/245
Fundamental terms
Additional terms:
Change Advisory Board (CAB) - A group of people
that advises in the assessment, prioritization andscheduling of changes.
Emergency Change Advisory Board (ECAB) - Asubset of the Change Advisory Board put together ondemand that plans and makes decisions about
emergency changes.Forward Schedule of Change (FSC) - Schedule of allplanned changes.
BEST
PRACTICE
according to
ITIL Version 2 & 3, MOF
131
P
7/29/2019 ITSM Foundation Course Material
131/245
Process
Activities:
Records all RfCs
Review and Filter - decide on RfC acceptance bydefined formal criteria
Classification: Priority (impact, urgency)
Category (Risks)
Authorize and Plan - release changes for development,budgeting and resource planning
Coordination of change development and changerelease
Post implementation review (PIR)
BEST
PRACTICE
according to
ITIL Version 2 & 3, MOF
132
P
7/29/2019 ITSM Foundation Course Material
132/245
Process
Release Management
Review & Filter
Record
Authorization
Classification
Coordination
Assess (PIR)
RfC
accepted?
Yes
RfCrejected
No
authorized?Changerejected
No
YesChangeManag
ement
BEST
PRACTICE
according to
ITIL Version 2 & 3, MOF
133
7/29/2019 ITSM Foundation Course Material
133/245
Minimum Requirements
Changes shall have a clearly defined and documentedscope.
All requests for change shall be recorded and classified
and assessed for their risk, impact and business benefit.The process shall include the manner in which thechange shall be reversed or remedied if unsuccessful.
All changes shall be reviewed after implementation(PIR).
There shall be policies and procedures to control theauthorization and implementation of emergencychanges.
134
Minimum Requirements
7/29/2019 ITSM Foundation Course Material
134/245
Minimum Requirements
The scheduled implementation dates of changes
shall be documented including details of all the
changes (FSC).
Change records shall be analyzed regularly to detect
increasing levels of changes, frequently recurring
types and other trends.
135
7/29/2019 ITSM Foundation Course Material
135/245
Code of Practice
Standard Change
Established, documented and practiced procedure
Pre-authorized by Change Management
Emergency Change
Emergency change procedure will follow the normal changeprocedure as far as possible.
Regular requirements can be relaxed for time-critical steps,e.g.
Testing may be reduced, or in extreme cases forgone
completely Documentation may be deferred
Emergency changes should be reviewed after the change toverify that it was a true emergency.
136
A t C d T l t
7/29/2019 ITSM Foundation Course Material
136/245
Assessment Card TemplateSection
Sub
SectionRequirement of ISO20000
9.2 aService and infrastructure changes shall have a clearly
defined and documented scope
9.2 bAll requests for change shall be recorded and classified.
Eg. Urgent, emergency, major, minor
9.2 cRequests for changes shall be assessed for their risk,
impact and business benefit.
9.2 d
The change management process shall include the manner
in w hich the change shall be reversed or remedied if
unsuccessful
9.2 e Changes shall be approved and then checked, and shall beimplemented in a controlled manner.
9.2 f All changes shall be review ed for success and any actions
af ter implementation
9.2 gThere shall be policies and procedures to control the
authorization and implementation of emergency changes
9.2 hThe scheduled implementation dates of changes shall be
used as the basis for change and release scheduling
9.2 i
A schedule that contains the details of all changes
approved for implementation and their proposed
implementation dates shall be maintained and communicated
to relevant parties
9.2 j
Change records shall be analyzed regularly to detect
increasing levels of changes, f requently recurring types,
emerging trends and other relevant information.
9.2 kThe results and conclusions draw n from change analysis
shall be recorded
9.2 lActions f or improvement identified during this process shall
be recorded and input into the service improvement plan
9.2 Change Managem ent
ISO/IE
C
20000
CodeofPractice
137
Section 10: Release Process/Release Management
7/29/2019 ITSM Foundation Course Material
137/245
Section 10: Release Process/Release Management
Objective:
To distribute one or more changes in a release to the liveenvironment including planning and documentation.
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration Management
Change Management
[9] Control Processes
[10] ReleaseProcess
[8] Resolution Processes
[7] RelationshipProcesses
[6] Service Delivery Processes
138
7/29/2019 ITSM Foundation Course Material
138/245
Learning target of this section
Objectives and requirements within release management
(3.2.7)
Best Practices within release management (4.2.5)
139
Fundamental terms
7/29/2019 ITSM Foundation Course Material
139/245
ReleaseA collection of new or changed CIs required to be tested together and
deployed to live environment.
Additional termsDefinitive Media Library (DML):
Master copies of deployed software (licensed third-party software andproprietary)
Basis for packaging of releases
Definitive Hardware Store (DHS):Physical storage location of approved and registered hardware
Fundamental terms
140
Process
7/29/2019 ITSM Foundation Course Material
140/245
Process
Activities leading to Release Readiness Review
Release Planning - release plan development, strategyand guidelines on further steps
Release Building - release package constructionincluding all required tools and documents for releaseroll-out
Acceptance Tests - release test in a simulatedproduction environment
Release Readiness Review - assessment of testresults, Go/No-Go decision on release
Information to change management, if release wasrejected.
BEST
PRACTICE
according to
MOF
141
Process
7/29/2019 ITSM Foundation Course Material
141/245
Process
Activities after Release Readiness Review
Roll-out planning:
details of physical provisioning in production environment
verify environment is ready for release (e.g. capacity: storage,
room in hardware racks, etc.)concrete roll-out times and timeframes for resource allocation
communication and training
separate plans for different locations as an option
Roll-out Preparation: Ensure that
all resources included in roll-out plan are available.prerequisites for contingency plan are met.
Roll-out - coordination, documentation and final provisioning
of releases
BEST
PRACTICE
according to
MOF
142
Exemplary Workflow
7/29/2019 ITSM Foundation Course Material
142/245
Exemplary WorkflowBEST
PRACTICE
according to
MOF
Review & filter
Record
Authorization
Classification
Asses (PIR)
Release building
Release planning
Readiness Review
Acceptance test
Roll-out preparation
Roll-out Planning
Roll-out
approvedChange
approvedChange
approvedChange
C
hangeManagem
ent R
eleaseManagem
ent
143
Minimum Requirements
7/29/2019 ITSM Foundation Course Material
143/245
Minimum Requirements
The release policy stating the frequency and type ofreleases shall be documented and agreed upon.
The service provider shall plan with the business therelease of services, systems, software and hardware.
Plans on how to roll out the release shall be agreed to byall relevant parties (e.g. customers, users and supportstaff).
The process shall include the manner in which the releaseshall be reversed or remedied if unsuccessful.
Plans shall record the release dates and deliverables andrefer to related change requests, known errors andproblems.
Requests for change shall be assessed for their impact onrelease plans.
144
Minimum Requirements
7/29/2019 ITSM Foundation Course Material
144/245
Minimum Requirements
Release management process requires update andchange procedures for configurations items.
To test releases before distribution requires acontrolled test environment.
Release and distribution shall be designed andimplemented so that the integrity of hardware andsoftware is maintained at all times.
Success and failure of releases shall be measured.Measurements shall include incidents related to a
release in the period following a release. Analysis shallprovide input to a plan for improving the service.
145
C d f P ti
7/29/2019 ITSM Foundation Course Material
145/245
Code of Practice
Release Policy
A document to define general requirements for release management.
A Release Policy should include:
frequency and type of release (release types)
roles and responsibilities for process
authority for the release into acceptance test
unique identification and description of all releases
approach to grouping changes into a release
approach to automating the plan, build and release distribution processes
verification and acceptance of a release (e.g. error-free or covered byknown error database)
146
Code of Practice
7/29/2019 ITSM Foundation Course Material
146/245
Code of Practice
Release and Roll-out Plan
Objective of Release Planning: Compatible with CIs in target environment
Ensure that all changes are authorized by Change Management (feedback)
Release Plan: Detailed document to plan a concrete release (important: differs from release policy)
The planning for a release and roll-out should typically include (abstract):
release dates
related changes
problems and known errors closed or resolved by this release
known errors that have been identified during testing of the release
the manner in which the release will be reverted or remedied if unsuccessful
detailed description of the required test
communication training (particularly for customer and support staff)
resources required for release
147
Example: From Change to Release
7/29/2019 ITSM Foundation Course Material
147/245
Example: From Change to Release
It takes a long time toload our external web
sites!
Incident
Install patch T12-02for web server
Status: Accepted
RfC
Install patch T12-02
Priority:
Medium (high impact,low urgency)
Category (risk):Minor Change
Change
Schedule:Complete until2008-06-25
1. Download patch2. Install in test
environment
Roll-out Plan
1. Install in operativeenvironment
2. Post ImplementationReview
PIR Report
Release
148
Assessment Card Template
7/29/2019 ITSM Foundation Course Material
148/245
Assessment Card Template
ISO/IE
C
20000
Codeo
fPractice
SectionSub
SectionRequirement of ISO20000
10.1 aThe release policy stating the frequency and type of
releases shall be documented and agreed
10.1 bThe service provider shall plan w ith the business the
release of services, systems, softw are and hardw are
10.1 c
Plans on how to roll out the release shall be agreed and
authorized by all relevant parties, eg. Customers, users,
operations and support staff
10.1 dThe process shall include the manner in w hich the release
shall be backed out or remedied if unsuccessful
10.1 e
Plans shall record the release dates and deliverables and
refer to related change requests, know n errors and
problems
10.1 f The release management process shall pass suitable
information to the incident management process
10.1 gRequests f or change shall be assessed for their impact on
release plans
10.1 h
Release management procedures shall include the updating
and changing of configuration information and change
records.
10.1 i
Emergency releases shall be managed according to a
defined process that interfaces the emergency change
management process
10.1 jA controlled acceptance test environment shall be
established to build and test all releases prior to distribution
10.1 k
Release and distribution shall be designed and implemented
so that the integrity of hardw are and softw are is maintained
during installation, handling, packaging and delivery
10.1 Release Managem ent
149
Section 6: Service Delivery Processes
7/29/2019 ITSM Foundation Course Material
149/245
Section 6: Service Delivery Processes
About the process group
Service delivery processes handle long-term service planning andmanagement of service delivery requirements.
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] Release
Process[8] Resolution Processes
[7] Relationship
Processes
[6] Service Delivery Processes
150
Learning target of this section
7/29/2019 ITSM Foundation Course Material
150/245
Learning target of this section
Objectives, requirements and best practices withinService Level Management (3.3.1, 4.3.1)
Objectives, requirements and best practices withinService Reporting (4.3.2)
Objectives, requirements and best practices withinBudgeting and Accounting for IT Services (3.3.3, 4.3.3)
Objectives, requirements and best practices withinService Continuity and Availability Management (3.4.1,4.4.1)
Objectives, requirements and best practices withinCapacity Management (3.4.2, 4.4.2)
Objectives, requirements and best practices withinInformation Security Management (3.4.3, 4.4.3)
151
Service Level Management
7/29/2019 ITSM Foundation Course Material
151/245
Service Level Management
Objective:To define, agree, record and manage levels of service.
Release Management
Business RelationshipManagement
Supplier Management
Budgeting & Accountingfor IT services
Information Security Management
Service Level Management
Service ReportingCapacity Management
Service Continuity &Availability Management
Incident ManagementProblem Management
Configuration ManagementChange Management
[9] Control Processes
[10] Release
Process[8] Resolution Processes
[7] Relationship
Processes
[6] Service Delivery Processes
152
Fundamental terms
7/29/2019 ITSM Foundation Course Material
152/245
Fundamental terms
Service Level Agreement (SLA)An agreement between an IT service provider and acustomer which describes the IT service and servicelevel targets.
Additional terms
Service Level -Acceptable quality level of aservice
Service Catalogue -A structured documentwith information about all provided services (maycontain reference to SLA)
153
Supporting Service Agreements
7/29/2019 ITSM Foundation Course Material
153/245
Internal Organizations
Service Agreements / OLAs
Lead Suppliers
Contracts
Service A
IT Systems
Service Level Agreements
Business
Subcontracted Suppliers
Suppliers
Contracts
Service B ServiceC
ServiceProvider
Supporting Service Agreements
154
Service Level Agreements
7/29/2019 ITSM Foundation Course Material
154/245
Service Level Agreements
Possible SLA content (abstract): Service description
Validity period
Authorization details
Service hours
Service targets
Escalation and notification process
Guidelines to define impact and priority Workload limits
etc.
155
Minimum Requirements
7/29/2019 ITSM Foundation Course Material
155/245
Minimum Requirements
The full range of services to be provided together with thecorresponding service level targets and workloadcharacteristics shall be agreed to by the parties andrecorded.
Each service provided shall be defined, agreed upon and
documented in one or more service level agreements(SLAs).
SLAs, together with supporting service agreements,supplier contracts and corresponding procedures, shall beagreed to by all relevant parties and recorded.
The SLAs shall be under the control of the changemanagement process.
The SLAs shall be maintained by regular reviews.
Service levels shall be monitored and reported ascompared to targets.
156
Service Level Management: Best Practices
7/29/2019 ITSM Foundation Course Material
156/245
A service catalogue defining all services should be up-to-dateand easily accessible for both customers and support staff.
SLAs should be defined from a customer perspective. SLM process should be flexible to accommodate major business
changes and changing customer requirements.
Service provider should be given adequate information in orderto understand their customers business drivers andrequirements.
SLM process should encourage both the service provider andthe customer to be proactive and take joint responsibility for theservice.
Customer satisfaction is key but should be recognized as asubjective measurement.
Supported services should be documented and agreed uponwith each supplier, including internal groups.
157
Assessment Card Template
7/29/2019 ITSM Foundation Course Material
157/245
Assessment Card Template
ISO/IE
C
20000
Codeo
fPractice
6.1 Service Level Management
6.1 a
The full range of services to be provided together w ith the
corresponding service level targets and w orkload
cha