Christy Cirino, Dir IT & Business Process

Aug 2011

IT Organization and Controls

1

Service Delivery Management

Methodology & Governance

2

ArchitectureLab

ManagementSuite

StrategyForum Result Station

ProgramProgram

Project 1

Project 3

Project 5

Program

X

Y W

Z

Q

1 3

5

24

!

?

@

Benefits

Solution

Vision

Mission

Objectives

RealityOrganization

Resources

Market

Product

TargetOrganization

Resources

Market

Product

Dynamics(Services)

Structure(Resources)

Dynamics(Services)

Structure(Resources)

Current CapabilitiesTarget Capabilities

X Y Z Q WDirection

Solution Solution Solution

Project

Selection

Change Blueprint

1 2 3 54

Change Initiatives

ProductivityCentre

Team LeaderProject Team

Solution Architect

Program and Project Managers

Business System Manager

UpperMgmt

Enterprise Architect

Operational Management

Organization

2

Service Delivery Management

Methodology & Governance

3

3

IT Service Management Process Framework

Service Desk

IT Manager System Manager

Business Users

Incident Management

Problem Management

Change Management

Configuration Management

Release Management

Service Management Process Framework

4

Incident Management

Level2

Legends

Level1 Receive Call

Record Incident

Knowledge Base

Classify incident

Prioritize on impact & urgency

Provide solution

Escalate to L2

Solution Available?

• Incident details• Analysis • Related info• Workaround, if any

Solution Satisfactory?

Y

N

Confirm resolution with Customer

Log details

• Incident detail log• Customer

satisfaction log• Time & effort log

Close Incident

N

Analyze incident and its details

Check for similar incidents in the past

Design solution

Software change

required?

NImplement solution / Inform L1

Y Initiate Change Management

Incident detection & recording

Classification & initial support

Investigation and diagnosis

Resolution and recovery

Incident ownership, monitoring, tracking and

communication

Config Mgmt DB

Check against problems, known errors or recurrence

Y

Level3

5

Incident Management Process Flow

Incident detection and recording

Classification and initial support

Service Request

Investigation and diagnosis

Resolution and recovery

Incident closure

Service Request Procedure

Ow

ners

hip,

mon

itorin

g, tr

acki

ng a

nd

com

mun

icat

ion

6

Problem Management Process Flow

Problem Control

Problem identification and

recording

Problem Classification

Problem Investigation and

diagnosis

RFC, Problem Resolution and

closureTra

ckin

g an

d m

onito

ring

Pro

blem

s

Error Control

Error identification and recording

Error Assessment

Record error resolution

Close error and associated problem(s)

Tra

ckin

g an

d m

onito

ring

Err

ors

RFC

Change successfully implemented

7

Process for Change and Configuration Management

Change Management Release Management Configuration Management

Request for ChangeFilter, Record & Identify

Prepare for ChangeClassification & Planning

ReleaseChange built, tested

ImplementationChange implemented

Evaluation

Closure

End

Release & Distribution of new documented software versions

Reports and Audit Information

Reports

Update CI Details

Update CMDB & DSL. Release from DSL

Verify CMDB

Co

nfi

gu

rati

on

Man

agem

ent

DB

(C

MD

B)

Def

init

ive

So

ftw

are

Lib

rary

(D

SL

)

8

Regular Tool Update & Interaction with other Service towers

Locations:

- Globally

Requirements Gathering

Change Review Board

Approved RequestsDefine TestBuild Deploy Close

Test

Break-Fix

Level 1: Help Desk

Severity 1 Calls &

Multi-User Outages

Severity 1 Problem

Plan

E

nd

Use

rs

Minor/Major Enhancements

SW Vendor Escalation

Critical Situation

Team

Severity 1 Problem

L3 Support

Analyze & Fix

Enhancement Lifecycle

Fix Release RCA

Level 4: Application

Support Escalation

Onsite

Coordinator / Team Level 3: Application Support

ERP + Reporting

Preventative Maintenance & Monitoring

Change Request Process

9

Microsoft Office Word 97 - 2003 Template

9

Some Sample Templates

Requirements Management Process for SAP

Change Management Process

Coding Standards (SAP – ABAP)

SDLC Controls during AMS projects

Information Security Process

Adobe Acrobat Document

Microsoft Office Word 97 - 2003 Template

Adobe Acrobat Document

HTML Document

Adobe Acrobat Document

10

Source Code / Document Version Control

• Source Code will be Used Standard SAP Tools Provided in SAP – Solution Manager

• Document Version Control will be implemented using Microsoft Share Point

11

Application Controls

• Completeness checks - controls that ensure all records were processed from initiation to completion.

• - Validity checks - controls that ensure only valid data is input or processed.

• - Identification - controls that ensure all users are uniquely and irrefutably identified.

• - Authentication - controls that provide an authentication mechanism in the application system.

• - Authorization - controls that ensure only approved business users have access to the application system.

• - Input controls - controls that ensure data integrity fed from upstream sources into the application system.