Slide 1

Slide 2 IT Service Management and ITIL Introducing: ITIL is a Registered Trade Mark of the Cabinet Office in the United Kingdom. The trade mark symbol should be inferred wherever the term ITIL appears in these materials. Slide 3 Agenda Why are we here? IT Service Management Concepts IT Service Management Benefits The ITIL Framework Key ITSM Processes for HUIT Process Unification and Roadmap Agenda 2 Slide 4 Why are we here? 3 Slide 5 IT Service Management IT Service Management (ITSM) is a process-based approach to aligning IT services with the needs of the university. Industry-developed and accepted best practice Focused on delivering services effectively and efficiently Well-established in Higher Education Why are we here? 4 Slide 6 Mission To assure Harvards leadership in IT, we strive to: Make it easier for faculty, students, and staff to teach, research, learn, and work through the effective use of information technology. HUITs mission Why are we here? 5 Slide 7 How do we enable Harvards business goals? IT Service Management concepts 6 Slide 8 What are services? Services are a means of delivering value to customers by facilitating outcomes customers want to achieve without taking on the ownership of specific costs and risks. People do not want quarter- inch drills. They want quarter- inch holes. Professor Emeritus Theodore Levitt, Harvard Business School IT Service Management concepts 7 Slide 9 What goes into providing a service? People & Partners Products (Technology) + = IT Service Management concepts 8 Slide 10 What goes into providing a service? People & Partners Products (Technology) + = + = Process IT Service Management concepts 9 Slide 11 What is process? A Process is a structured set of activities designed to accomplish specific objectives Takes one or more inputs and turns them into outputs Includes roles, tools, and management controls Activities Inputs Outputs Governance, Controls & Feedback Capabilities Resources IT Service Management concepts 10 Slide 12 Process Maturity Ad hoc Prescribed Standardized Quantitative Optimized 11 Slide 13 As processes mature, IT is transformed To: Proactive Service oriented Accountability across teams Consistent approach Predictable quality Metrics-based continuous improvement From: Reactive System oriented Organizational silos Disparate approach Best efforts Ad hoc improvement IT Service Management concepts 12 Slide 14 IT Service Management IT Service Management (ITSM) is a process-based approach to aligning IT services with the needs of the university ITSM involves a paradigm shift: From managing IT as stacks of individual components, groups and technologies To focusing on the delivery of end-to-end services IT Service Management concepts 13 Slide 15 AcademicTechnologyAdministrativeTechnologyInfrastructureSupport ServicesIT Security ITSM processes span all IT service areas Project Management Risk Management Development Lifecycles IT Service Management IT Service Management concepts 14 Slide 16 ITSM provides Operational benefits DimensionMedian Reduction Overall IT support costs16% Failed changes15% Recurring incidents7% User downtime10% Incident resolution time28% Recovery time after disaster40% 2008 Research Study Conducted by Glomark-Governan IT Service Management benefits 15 Slide 17 ITSM provides Individual benefits Clearer responsibilities and expectations More targeted training More productivity and satisfaction Improved reputation and visibility of IT staff Professional development IT Service Management benefits 16 Slide 18 The core principles of ITSM align with HUITs values HUIT Value User-focused Collaborative Innovative Open IT Service Management benefits 17 Slide 19 So how are we going to do ITSM? ITSM Frameworks Aberdeen Group 2008 The ITIL framework 18 Slide 20 What is ITIL? ITIL provides guidance on delivering the right end-to-end services efficiently and effectively using well-defined and repeatable processes Information Technology Infrastructure Library (ITIL) is a best-practice framework for IT Service Management Globally recognized Evolving and flexible The ITIL framework 19 Slide 21 Service Design Supplier Management Service Continuity Management Service Catalog Management Information Security Management Availability Management Capacity Management Service Level Management Design Coordination Service Strategy Strategy Mgt. for IT Services Financial Management Demand Management Service Portfolio Management Business Relationship Management Service Transition Service Validation & Testing Release & Deployment Management Svc Asset & Config Management Change Management Change Evaluation Transition Planning & Support Knowledge Management Service Operation Problem Management Operational Activities of other lifecycle phase processes Event Management Incident Management Access Management Request Fulfillment Crown copyright 2007 Reproduced under license from OGC Service Operation Service Transition Service Design Service Strategy The ITIL Service Lifecycle is a five-stage holistic view of the interconnected processes that make up service management Continual Service Improvement 7-Step Improvement Process Continual Service Improvement The ITIL service lifecycle The ITIL framework 20 Slide 22 Initial HUIT process focus Continual Service Improvement 7-Step Improvement Process Service Operation Problem Management Operational Activities of other lifecycle phase processes Event Management Incident Management Access Management Request Fulfillment Service Design Supplier Management Service Continuity Management Service Catalog Management Information Security Management Availability Management Capacity Management Service Level Management Service Strategy Strategy Mgt. for IT Services Financial Management Demand Management Service Portfolio Management Service Transition Service Validation & Testing Release & Deployment Management Config Management Change Management Change Evaluation Transition Planning & Support Knowledge Management Configuration Management System (CMS) Service Portfolio / Catalog Design Coordination Business Relationship Management The ITIL framework 21 Slide 23 Service Catalog Management Definition: Service Catalog The service catalog is a database or structured document with information about all live IT services, including those available for deployment. 22 The purpose of the service catalog management process is to provide and maintain a single source of consistent information on all operational services (and those being prepared to be run operationally), and to ensure that it is widely available to those who are authorized to access it. Key ITSM processes for HUIT Slide 24 Request Fulfillment The term Service Request is used as a generic description for many varying types of demands that are placed upon the IT Department by the users. A Service Request may be a request from a User for: Information, advice or training a application feature or enhancement access to an IT Service Examples: Reset a password Onboard a new user into the IT service environment Email & Calendar provisioning, New Computer, Phone, PIN, FAS || UIS systems accounts Request Fulfillment is the ITIL process responsible for managing the lifecycle of all service requests from the users. Key ITSM processes for HUIT 23 Slide 25 Incident Management Incident Management is not too concerned with finding the root cause of an incident (see Problem Management) Increase visibility and communication of incidents to business and IT support staff Enhance business perception of IT through use of a professional approach in quickly resolving and communicating incidents when they occur Align incident management activities and priorities with those of the business Maintain user satisfaction with the quality of IT services. Key ITSM processes for HUIT An Incident is an unplanned interruption to an IT service or a reduction in the quality of an IT service The purpose of incident management is to restore normal service operation as quickly as possible 24 Slide 26 Major Incidents Key ITSM processes for HUIT "Houston, we have a Major Incident When a service critical to a Harvard business processes is interrupted, many people need to know about it: Business process owners (Customers) whose work the service supports IT Service owners who provide the service to the business The Service Desk and distributed support people close to the users The Incident Manager coordinates the Major Incident Process Some incidents will affect one or more services in a way that has major impact for the business. ITIL classifies these as Major Incidents. A separate procedure, with shorter timescales and greater urgency, and communication plans must be used for major incidents. 25 Slide 27 Minimize the adverse impact of problems to the business Proactively prevent recurrence of incidents related to problems Investigate root cause and document known errors, and workarounds Communicate known errors and workarounds to support staff to resolve incidents faster Correction of problems often involve a request for change to the service requested Problem Management Key ITSM processes for HUIT A problem as the underlying cause of one or more incidents. The purpose of problem management is to manage the lifecycle of all problems from first identification through further investigation, documentation and eventual removal. 26 Slide 28 Change Management Key ITSM processes for HUIT The purpose of the change management process is to control the lifecycle of all changes, enabling beneficial changes to be made with minimum disruption to IT services. Changes are made for a variety of reasons and in different ways for example: Proactively, e.g. when organizations are seeking business benefits such as reduction in costs, improved services or increased ease and effectiveness of support Reactively as a means of resolving errors and adapting to changing circumstances. 27 A Change is defined as the addition, modification, or removal of anything that could have an effect on IT Services Slide 29 The ITSM Unification Project Has Begun Process unification and roadmap Deliverables will include: Request Management Incident Management Problem Management Change Management Enterprise Tool Selection HUIT website & Service Catalog The ITSM Unification project will find ways to make our existing processes and new processes work together to achieve our common goals. 28 Slide 30 ITSM Unification Roadmap 29 Slide 31 HUIT ITSM Awareness (1 hours) Tue. May 22 at 1:00 Tue. May 22 at 3:00 Thu. Jun. 21 at 9:00 Thu. Jun. 21 at 2:30 ITIL 2011 Foundations (3-day, exam on 4 th day) May 14 16 May 29 June 1 June 11 13 June 25 28 July 9 12 Oct 1 3 (tentative) Nov 12 14 (tentative) Dec 3 5 (tentative) ITIL Intermediate (subsidized by HUIT) Release, Control & Validation (TBD) Operational Support & Analysis (TBD) Day ITSM Overview (TBD) Training schedule 30 Process unification and roadmap Slide 32 We need your help! Additional ITSM training ITIL Foundations Advanced ITIL Certifications ITSM Unification Project participation Service Catalog refinement Input to ITSM and project teams Core teams and subteams ITSM contact information: HUIT Intranet (http://huitintranet.harvard.edu)http://huitintranet.harvard.edu Email: huit-service-management@calists.harvard.edu Process unification and roadmap 31 Slide 33 Q & A Slide 34 Thank you for attending! Slide 35 Appendix Slide 36 Purpose and objectives ITIL usually defines a Purpose and some Objectives for each process The Purpose of a process is the overall reason for carrying out the activities defined in each process. It defines the business-focused outcome obtained by following the process. It answers the question Why do we have this process? The Objectives of a process define, at a high level, the activities and targets that the process involves. They answer the question What do we do in this process? 35 Slide 37 36 Service Catalog Management The objectives of Service Catalog Management are: To manage the information contained within the Service Catalog To ensure that the service catalog is accurate and reflects the current details, status, interfaces and dependencies of all services that are being run, or being prepared to run, in the live environment, according to the defined policies Ensure that the service catalog is made available to those approved to access it in a manner that supports their effective and efficient use of service catalog information Ensure that the service catalog supports the evolving needs of all other service management processes for service catalog information, including all interface and dependency information. Process Scope The scope of the service catalog management process is to provide and maintain accurate information on all services that are being transitioned or have been transitioned to the live environment. The services presented in the service catalog may be listed individually or, more typically, some or all of the services may be presented in the form of service packages (see ITIL Service Strategy for information about service packages). The purpose of the service catalog management process is to provide and maintain a single source of consistent information on all operational services (and those being prepared to be run operationally), and to ensure that it is widely available to those who are authorized to access it. Slide 38 Service Catalog Management The service catalog management process covers: Contribution to the definition of services and service packages Development and maintenance of service and service package descriptions appropriate for the service catalog Production and maintenance of an accurate service catalog Interfaces, dependencies and consistency between the service catalog and the overall service portfolio Interfaces and dependencies between all services and supporting services within the service catalog and the CMS Interfaces and dependencies between all services, and supporting components and configuration items (CIs) within the service catalog and the CMS. The service catalog management process does not include: Detailed attention to the capturing, maintenance and use of service asset and configuration data as performed through the service asset and configuration management process (see ITIL Service Transition) Detailed attention to the capturing, maintenance and fulfillment of service requests as performed through request fulfillment (see ITIL Service Operation). 37 Slide 39 38 Request Fulfillment The term Service Request is used as a generic description for many varying types of demands that are placed upon the IT Department by the users. A Service Request may be a request from a User for: information or advice, a Standard Change access to an IT Service. Examples: reset a password (where not self service) Onboard a new user into the IT service environment Email/calendar provisioning Computer Phone PIN FAS || UIS systems Accounts Request Fulfillment is the ITIL process responsible for managing the lifecycle of all service requests from the users. Slide 40 39 Request Fulfillment Objectives The objectives of request fulfillment are: Maintain user and customer satisfaction through efficient and professional handling of all service requests Provide a channel for users to request and receive standard services for which a predefined authorization and qualification process exists Provide information to users and customers about the availability of services and the procedure for obtaining them Source and deliver the components of requested standard services (e.g. licenses and software media) Assist with general information, complaints or comments. Slide 41 40 Request - Key Concepts Request Model ITILspeak for a templated approach to processing requests There is overlap with Service Catalog Management Users should be able to initiate requests for service after learning about it from the public version of the Service Catalog (to come!) Financial approval may be required in order to fulfill a request. Not just for charge-back environments. Non-standard software and hardware might need to be approved in advance. When designing the Request Fulfillment process it is advised to: Create predefined process flows and Request Models Create a standard procedure for handling specific requests Gain approval from Change Management in advance to handle standard changes as requests Slide 42 41 Incident Management An Incident is an unplanned interruption to an IT service or a reduction in the quality of an IT service, Incident Management is the process for dealing with all incidents The purpose of incident management is to restore normal service operation as quickly as possible Incident Management is not too concerned with finding the root cause of an incident. That is the purpose of Problem Management (coming up!) Incident Management Objectives The objectives of Incident Management are to: Ensure that standardized methods and procedures are used for efficient and prompt response, analysis, documentation, on-going management and reporting of incidents Increase visibility and communication of incidents to business and IT support staff Enhance business perception of IT through use of a professional approach in quickly resolving and communicating incidents when they occur Align incident management activities and priorities with those of the business Maintain user satisfaction with the quality of IT services. Slide 43 Incident Management cont. Process Scope Incident management includes any event which disrupts, or which could disrupt, a service. This includes events which are communicated directly by users, either through the service desk or through an interface from event management to incident management tools. Incidents can also be reported and/or logged by technical staff (if, for example, they notice something untoward with a hardware or network component they may report or log an incident and refer it to the service desk). This does not mean, however, that all events are incidents. Many classes of events are not related to disruptions at all, but are indicators of normal operation or are simply informational. An Incident is an unplanned interruption to an IT service or a reduction in the quality of an IT service, or a failure of a configuration item that has not yet impacted an IT service. For example one disk in a RAID array. It doesnt cause an interruption but will affect performance, and if left unhandled, will eventually lead to an interruption when another disk in the array fails. Incident Management is the process for dealing with all incidents 42 Slide 44 Incident Management cont. The purpose of incident management is to restore normal service operation as quickly as possible and minimize the adverse impact on business operations, thus ensuring that agreed levels of service quality are maintained. Normal service operation is defined as an operational state where services and CIs are performing within their agreed service and operational levels. Example: field technicians are basically in the business of Incident Management. Their job is to restore normal service operation which may involve some troubleshooting. However the overriding imperative is to restore service. Recently a batch of Dell desktops started blue screening. Details were not known but it started after a Windows Update, and evidence pointed to the graphics card drivers. One tech was assisting a VIP who was having this problem. Running out of time and unable to correct the problem in software, he swapped the graphics card for an older one, installed its driver and returned the machine to its user. He succeeded in restoring the normal service. Doing detailed troubleshooting can come later when the user is back up and running. Normal service operation is defined as an operational state where services and CIs are performing within their agreed service and operational levels. 43 Slide 45 Major Incident Process Coordinating response to a MI is the job of the Incident Manager Same basics as any incident: Identification, Logging, Categorization, Prioritization, Diagnosis, Incident Escalation (Functional and Hierarchic), Investigation and Diagnosis, Resolution and Recovery, Incident Closure We communicate to the impacted customers or users and responsible Service Owners and their management at more stages. FAS has a defined procedure for which services are handled by the MI process Other services have defined notification and escalation procedures. The Incident Manager is the role responsible for coordinating the Major Incident response 44 Slide 46 45 Incident Management Activities Incident Identification Detection from users and event monitoring tools; Early detection is key! Incident Logging Log 100% of Incidents Incident Categorization Example: Hardware->Server->Memory board->Card failure Incident Prioritization Relative Importance to the business Initial Diagnosis Discovery of the full symptoms of the incident Crown copyright 2011 Reproduced under license from the Cabinet Office Slide 47 46 Incident Management Activities - Continued Incident Escalation Functional and Hierarchic Investigation and Diagnosis Troubleshooting steps to determine what has gone wrong, including searching knowledge databases (Problems, Known Errors, etc.) Resolution and Recovery Application and testing of potential resolutions Incident Closure Incident resolved to user satisfaction Leverage self-help technologies that link into Service Management tools Make the procedures for issuing a request clear and simple for users to follow Crown copyright 2011 Reproduced under license from the Cabinet Office Slide 48 47 Problem Management A problem is a cause of one or more Incidents. The cause is not usually known at the time a Problem Record is created, and the Problem Management Process is responsible for further investigation. The purpose of problem management is to manage the lifecycle of all problems from first identification through further investigation, documentation and eventual removal. Problem management seeks to: minimize the adverse impact of incidents and problems on the business that are caused by underlying errors within the IT Infrastructure, and to proactively prevent recurrence of incidents related to these errors. In order to achieve this, problem management seeks to get to the root cause of incidents, document and communicate known errors and initiate actions to improve or correct the situation. The correction may involve a Request For Change to the service affected Slide 49 Problem Management Cont. Process Scope Problem management includes the activities required to diagnose the root cause of incidents and to determine the resolution to those problems. It is also responsible for ensuring that the resolution is implemented through the appropriate control procedures, especially change management and release and deployment management. Problem management will also maintain information about problems and the appropriate workarounds and resolutions, so that the organization is able to reduce the number and impact of incidents over time. In this respect, problem management has a strong interface with knowledge management, and tools such as the KEDB will be used for both. 48 Slide 50 49 Change Management The purpose of the change management process is to control the lifecycle of all changes, enabling beneficial changes to be made with minimum disruption to IT services. Changes are made for a variety of reasons and in different ways for example: Proactively, e.g. when organizations are seeking business benefits such as reduction in costs, improved services or increased ease and effectiveness of support Reactively as a means of resolving errors and adapting to changing circumstances. Change Management Objectives The objectives of change management include: Respond to the business and IT requests for change that will align the services with the business needs. Ensure that changes are recorded and evaluated, and that authorized changes are prioritized, planned, tested, implemented, documented and reviewed in a controlled manner. Optimize overall business risk. Slide 51 Change Management The service portfolio provides a clear definition of all current, planned and retired services. Understanding the service portfolio helps all parties involved in the service transition to understand the potential impact of the new or changed service on current services and other new or changed services. Strategic changes are brought in via service strategy and the service portfolio management process in the form of change proposals. Changes to a service will be brought in via service design, continual service improvement, service level management and service catalog management. Corrective change, resolving errors detected in services, will be initiated from service operation and may route via support or external suppliers into a formal RFC. Exclusion Change management is not responsible for coordinating all of the service management processes to ensure the smooth implementation of projects. This activity is carried out by transition planning and support. The objectives of change management include: Respond to the business and IT requests for change that will align the services with the business needs. Ensure that changes are recorded and evaluated, and that authorized changes are prioritized, planned, tested, implemented, documented and reviewed in a controlled manner. Optimize overall business risk. 50 Slide 52 51 Change Management Scope The scope should include changes to all architectures, processes, tools, metrics and documentation, as well as changes to IT services and other configuration items. Each organization should define the changes that lie outside the scope of their service change process. Typically these might include: Changes with significantly wider impacts than service changes, e.g. departmental organization, policies and business operations these changes would produce RFCs to generate consequential service changes Changes at an operational level such as repair to printers or other routine service components. The diagram above shows a typical scope for the service Change Management process an IT organization and how it interfaces with the business and suppliers at strategic, tactical and operational levels. It covers interfaces to internal and external service providers where there are shared assets and configuration items that need to be under change management. Change management must interface with business change management and with the suppliers change management. This may be an external supplier within a formal change management system, or the project change mechanisms within an internal development project. Slide 53 52 Key Concepts Service Change The addition, modification or removal of anything that could have an effect on IT services. There are three different types of service change: Standard change: A pre-authorized change that is low risk, relatively common and follows a procedure or work instruction. Emergency change: A change that must be implemented as soon as possible, for example to resolve a major incident or implement a security patch. Normal change: Any service change that is not a standard change or an emergency change. Slide 54 53 Crown copyright 2011 Reproduced under license from the Cabinet Office Key Concepts Change Types Normal A change that is not an emergency change or a standard change. Normal changes follow the defined steps of the change management process. In this process RFCs are recorded, assessed and then approved or disapproved by a Change Authority usually a Change Advisory Board or CAB. Slide 55 54 Crown copyright 2011 Reproduced under license from the Cabinet Office Normal Change Activities Slide 56 Secondary HUIT processes Continual Service Improvement 7-Step Improvement Process Service Operation Problem Management Operational Activities of other lifecycle phase processes Event Management Incident Management Access Management Request Fulfillment Service Design Supplier Management Service Continuity Management Service Catalog Management Information Security Management Availability Management Capacity Management Service Level Management Service Strategy Strategy Mgt. for IT Services Financial Management Demand Management Service Portfolio Management Service Transition Service Validation & Testing Release & Deployment Management Config Management Change Management Change Evaluation Transition Planning & Support Knowledge Management Configuration Management System (CMS) Service Portfolio / Catalog Design Coordination Business Relationship Management 55 Slide 57 56 Release and Deployment Management The purpose of the release and deployment management process is to plan, schedule and control the build, test and deployment of releases, and to deliver new functionality required by the business while protecting the integrity of existing services. Release and Deployment Management aims to build, test and deliver the capability to provide the services specified by Service Design and that will accomplish the stakeholders requirements and deliver the intended objectives. Slide 58 57 Service Level Management The purpose of the SLM process is to ensure that all current and planned IT services are delivered to agreed achievable targets. This is accomplished through a constant cycle of negotiating, agreeing, monitoring, reporting on and reviewing IT service targets and achievements, and through instigation of actions to correct or improve the level of service delivered. Slide 59 58 Service Asset & Configuration Management The purpose of the service asset and configuration management (SACM) process is to ensure that the assets required to deliver services are properly controlled, and that accurate and reliable information about those assets is available when and where it is needed. This information includes details of how the assets have been configured and the relationships between assets. Slide 60 59 IT Service Continuity Management The purpose of the IT service continuity management process is to support the overall business continuity management (BCM) process by ensuring that, by managing the risks that could seriously affect IT services, the IT service provider can always provide minimum agreed business continuity-related service levels. As technology is a core component of most business processes, continued or high availability of IT is critical to the survival of the business as a whole. This is achieved by introducing risk reduction measures and recovery options. Slide 61 Continual Service Improvement The purpose of the CSI stage of the lifecycle is to align IT services with changing business needs by identifying and implementing improvements to IT services that support business processes. These improvement activities support the lifecycle approach through service strategy, service design. service transition and service operation. CSI is always seeking ways to improve service effectiveness. process effectiveness and cost effectiveness. 60 Slide 62 HUIT exists to provide services HUIT is an essential part of the larger institution, and exists to provide a variety of services that support the institutions goals. Harvard Goals Business Outcomes IT Services IT Providers 61