IT Service Management Maturity Assessment Kickoff

University of Alaska - FairbanksJune 22, 2012

Kristin Colburn - IT Management ConsultantPink Elephant

1

AGENDA

• Continual Service Improvement Model• About Process Maturity Assessments• Process Model• PinkSCAN™ Assessment Framework• Process Maturity Examples• ITIL Overview• Questions

2

THE CSI MODELWhat is the vision?

Service & process improvement

Measurable targets

Baselineassessments

Where do we want to be?

How do we get there?

Did we get there? Measurements & metrics

Business vision, mission, goals and

objectives

Where are we now?

How do we keep the momentum

going?

© Crown Copyright 2011. Reproduced under license from the Cabinet Office Figure 3.1 Continual Service Improvement model – CSI 3.1.1

A PROCESS ASSESSMENT IS…

• A repeatable method of objectively gaining an understanding of the quality, structure maturity and bottlenecks of an IT organization’s Service Management processes

4

ASSESSMENT OBJECTIVES

• Assess IT management practices against a good practice reference set of processes (ITIL)

• Provide an objective snapshot of the current situation in terms of process maturity

• Identify key problem areas in relation to organizational needs

• Set an internal benchmark for improvement initiatives

5

LIFECYCLE PROCESSESSERVICE STRATEGY• Service Strategy for IT Services• Service Portfolio Management• Business Relationship

Management• Financial Management for IT

Services• Demand Management

SERVICE OPERATION• Event Management• Incident Management• Request Fulfillment• Problem Management • Access Management

Functions• Service Desk• Technical Management• IT Operations Management• Application Management

SERVICE DESIGN• Design Coordination• Service Catalog Management• Service Level Management• Availability Management• Capacity Management • IT Service Continuity Management• Information Security Management• Supplier Management

SERVICE TRANSITION• Transition Planning and Support• Change Management• Service Asset & Configuration

Management• Release & Deployment Management• Service Validation• Change Evaluation• Knowledge Management

CONTINUAL SERVICE IMPROVEMENT• Seven Step Improvement

© Crown Copyright 2011. Reproduced under license from the Cabinet OfficeFigure 1.1 Service Strategy

BASIS OF THE ASSESSMENT

• How do the current practices relate to ITIL best practices?• Is there a consistent approach to the process

across groups?• Is the documentation at an appropriate level to

enable consistent delivery?• Are there adequate governance roles to manage

and continually improve the process?• Are there measures that demonstrate process

effectiveness and efficiency?• Are the tools being used in a way that enable the

process?7

PROCESS MODEL

Process ControlProcessowner

Processdocumentation

Processfeedback

Processobjectives

Process EnablersProcess

resourcesProcess

capabilities

TriggersProcess

Processinputs

Processoutputs

Work instructions

Procedures Improvements

Roles

Includingprocess reports& reviews

Processpolicy

ActivitiesMetrics

CSFs/KPIs

© Crown Copyright 2011. Reproduced under license from the Cabinet Office. Based on Figure 2.5 Service Strategy 2.2.2

The first set of survey statements are about process control.

“Process policies have been identified, documented and communicated and … “

The second set of survey statements are about process activities.

“A multi-level incident categorization schema is defined and actively used to … “

The third set of survey statements are about process enablers.

“Tools to automate Incident Management activities are standardized and … “

A PROCESS MATURITY ASSESSMENT IS NOT

• Not an employee performance appraisal• Not a compliance audit• Not a technical survey• Not a final plan for improvement

9

All Survey Responses

are Confidential

PINKSCAN™ ASSESSMENT FRAMEWORK

10

PINKSCAN ASSESSMENT FRAMEWORK

• Process Maturity Levels vs. Management Targets• Process consistency and practice• CMM based

• Process Importance• Benchmark for Improvements• Degree of integration with other processes• Culture Assessment

• Process Readiness (Mgmt., Staff, Contractors)

• Recommendations

11

Maturity Level Description

0. Non-Existent We do not do this or we do not have this across the organization.

1. InitialThis may be done from time to time across the organization but is not done consistently each time. We have talked about developing something like this but we have not yet started to do so.

2. RepeatableThere may be procedures for this in some parts of the organization but since they are not formally documented or adopted there is a high reliance on individual knowledge, experience and informal relationships.

3. Defined

We have standardized this across the organization with documented objectives, activities, procedures, roles and metrics. All of the people who perform the process activities have received appropriate training and are expected to follow them in accordance with the documentation.

4. ManagedThis is fully recognized and accepted throughout the organization as the way we work. We have performance standards that we use to measure this activity and report against planned results.

5. Optimized

Everyone involved in this process across the organization being assessed assures consistency by considering this as part of their everyday activities. As an organization we continually use feedback to ensure this activity aligns with overall business and IT goals a to identify improvement opportunities.

6. I Don’t KnowChoose this response if you have no knowledge of how this statement relates to the organization being assessed.

Process Maturity Levels

12

Opportunity Definition Scope Definition Organizational Context Selection of Assessment

Team, stakeholders and participants

Assessment scheduling Online Tool Administration

AssessmentAwareness

andKick-Off

OnlineCulture Survey

OnlineProcessSurveys

Data Analysis

andReport

Generation

CommunicationOf

AssessmentResults

Scope Reason Explanation Context ITIL

Refresh

Data Gathering and Validation Opportunity Definition

Answer Formulation

Findings Scores Quick Wins Road map

Date Date Date Date

FacilitatedWorkshops

DateDate

Sur

vey

Dat

a A

naly

sis

Date

Assessment Planning and Preparation

Assessment Planning and Awareness

PROCESS ASSESSMENT MILESTONES

13

SAMPLE SURVEY PARTICIPANT EMAIL

From: pinkscansurveyadmin@pinkelephant.comTo: participant@alaska.eduSent: Mon, 25 Jun 2012 4:00 amSubject: Message From Karl Kowalski: You Are Invited To Participate In A Process Maturity Assessment –

University of Alaska Baseline Assessment - JUN2012

We are launching an assessment to determine the level of IT Service Management process maturity in our organization. Your input is a valuable part of this assessment. The survey opens on 25-Jun-12 and closes on 12-Jul-12.

To participate, click on the link below and enter your user name and password. Please keep your password confidential.

https://online.pinkelephant.com/PinkSCAN.htmUser name: participant@alaska.eduPassword: uoa099

Thank you in advance for your participation.Regards,

Karl Kowalski14

PARTICIPANT VIEW: SURVEY HOME PAGE

15

PARTICIPANT VIEW: MATURITY STATEMENTS

16

PARTICIPANT VIEW: 5 INTEGRATION STATEMENTS

PARTICIPANT VIEW: 5 IMPORTANCE STATEMENTS

18

GUIDELINES: RESPONDING TO SURVEY

• Your answers for maturity should indicate the “as is” for UAF

• Your answers for importance should indicate how important the statement is based on the current priorities

• If the process element or activity does not exist, select “Non-Existent”

• If you do not understand the statement or you don’t know how to respond then score it as “I Don’t Know”

19

VALIDATION WORKSHOPS

• 90 minute facilitated workshops• Review and validate survey data• Describe the current process

• Look for good practices• Look for gaps compared to ITIL

• Review process artifacts to confirm survey results

20

WORKSHOPS: WHAT IS EXPECTED OF YOU

21

Attend the workshop as designated bythe schedule and be an active participant

Provide feedback on the current state of the process

We are looking for an end-to-end perspective Highlight any current improvement initiatives

Be open and honest in your answers during the workshop It’s OK to say “I don’t know”

Provide any documentation you feel would be beneficial in supporting your answers

EXAMPLE PINKSCAN RESULTS

22

WHAT IS THE RESULT?

Final Report • Assessment objective• Results of the survey• Process scores• Conclusions• Recommendations• Indication of organizational culture

23

PINKSCAN MATURITY RESULTS

24

PROCESS MATURITY AND IMPORTANCE

25

PINKSCAN CULTURE SURVEY

26

MATURITY EXAMPLE

Change Management

27

28

LEVEL 0: NON-EXISTENT

Change Management Scoring Characteristics:• No process designed, no procedures and documentation • No clear definition of a change• No recording of changes is taking place• No evaluation of change impact• No knowledge of changes taking place between IT groups or by

the Service Desk• No reporting is taking place

“We do not do this.”

29

LEVEL 1: INITIAL

Change Management Scoring Characteristics:• No responsibility for the process – no Process Owner or Process

Manager• Loosely defined processes, procedures and roles &

responsibilities that are used differently across IT groups for their changes

• Change requests are logged but there are no standards in place and the logging is ‘ad hoc’

• Impact and priority codes may exist but no standards for using them

• No historical or accurate data for trend analysis, for instance no knowledge of the number of changes implemented

“We know we need to do something, but have not started.”

30

LEVEL 2: REPEATABLE

Change Management Scoring Characteristics:• Processes and procedures are developed as needed (reactively)

and may not be consistent across IT• Requests for Change have to be authorized• Change records are being updated ‘ad hoc’• Simple planning; scheduling of individual changes• There is no view of all changes• Authorization/competencies are unclear• Management reports are developed reactively

“The work is being accomplished in areas of strength, but Change Management is not well defined or consistently followed.”

31

LEVEL 3: DEFINED

Change Management Scoring Characteristics:• Change policies, standardized workflow and procedures are

established and have been documented • A Change Management Process Owner has been designated and other

roles and responsibilities (e.g.: a CAB) are defined and established• Formal communication, awareness and training programs have been

established for all Change Management roles• All Requests for Change are logged and reviewed using guidelines• Standardized change categories are used• Changes are being authorized by the appropriate authority based on

impact• Management reports are used for controlling Change Management

activities

“Change Management is defined, understood, practiced and measured.”

32

Change Management Scoring Characteristics:• Well-defined processes, procedures, and standards included in all

IT staff job descriptions • Changes are logged and tracked through the life of the change• Changes are logged in an integrated tool with integration to other

processes• Change Management activities are guided by service level values

and configuration data• Effective management reports are tied to service levels and used

by management of various departments

“Change Management is fully recognized and accepted throughout the organization. We have performance standards that we use to measure this process and we report against planned results.”

Level 4: Managed

33

LEVEL 5: OPTIMIZED

Change Management Scoring Characteristics:• Change Management is fully recognized across the organization and is

“institutionalized” as part of the everyday activities of those involved with the process activities

• Change Management activities are regularly reviewed to make sure they are fit for purpose and to improve service

• Optimization of procedures and coordination with other departments is a continuous effort

• Change logging and reporting is tailored to support and integrate with other processes

• Reports serve as input for quality improvement of the various IT departments

• Third parties are included in the Change Management process

“Change Management is done consistently; everyone involved considers this as part of their everyday activities. We continually use feedback to ensure this process aligns with overall business and IT goals and to identify improvement opportunities.”

Any questions before we move

on to the ITIL overview?

QUESTIONS?

34

ITIL PROCESS OVERVIEW Service Catalog Management Service Level Management Change Management Knowledge Management Incident Management Problem Management

35

WHAT IS A SERVICE?

36

‘People do not want quarter-inch drills. They want quarter-inch holes.’

Professor Emeritus Theodore Levitt,Harvard Business School

Services are a means of delivering business value to customers by facilitating outcomes customers want to

achieve without the ownership of specific costs and risks

SERVICE-BASED ORGANIZATIONS

• Organizations whose mission, goals, objectives, operating models, governance and functional structures are developed to focus on:

• Externally defining and delivering value through services – rather than internally focusing only on the management of the systems or technologies

• The management and delivery of (IT) services to the customers to create business value in a cost efficient way supported by:

People, Products, Partners, Processes = Performance

37

38

IT Goals

IT Processes

Applications

People

Infrastructure

Information

IT Services

Enterprise

Business Goals

Business Units

ITIL is a Service Management Framework.

This means that the processes described by ITIL

exist for the primary purpose of planning,

delivering and supporting IT services.

Based on CobiT 4.1 p. 12 fig. 7

Services vs. Processes

SERVICE CATALOG MANAGEMENT

39

The service catalog is a database or structured document with information about all live IT services, including those available for deployment

The service catalog is the only part of the service portfolio published to customers, and is used to support the sale and delivery of IT services

The service catalog includes information about deliverables, prices, contact points, ordering and request processes

The Service Catalog

40

41

To provide a single source of consistent information on all agreed services, and ensure it is available to those approved to access it

To ensure the Service Catalog is kept accurate and up-to-date

Service Catalog Mgmt Objectives

42

Business Service Catalog

Technical Service Catalog

Business Process 1

Business Process 2

Business Process 3

Service A Service B Service C Service D Service E

SupportServices Hardware ApplicationsSoftware Data

Based on OGC ITIL® material. Reproduced under license from OGC Figure 4.3 Service Design 4.1.4

Service Catalog

43

Concept or Term Description

Defining a ServiceEach organization should establish a policy of what a service is and how it is defined within the organization; consider a top-down approach beginning with business processes

Hierarchy of Services Defining services in terms of type, such as business/customer-facing and supporting/technical

Business Services Those services seen by the customer, e.g. communication, logistics and procurement services, etc.

Supporting ServicesThose services typically invisible to the customer but which are essential to the delivery of Business Services, e.g., infrastructure, network, and application services, etc.

Service Catalog Terminology

44

Define the Services

Identify Interfaces, Dependencies

Agree to Contents

Produce the Catalog

Maintain the Catalog

Service Catalog Mgmt Activities

Service Level Management

45

The Purpose & Objectives Of SLM

Purpose Ensure that all current and planned IT services are delivered to agreed achievable targets.

Objectives Define, document, agree, monitor, measure, report and

review the level of IT services Provide and improve the relationship and communication

with the business and customers

46

Developing contacts and relationships

Handling complaints and compliments

Reviewing and revising OLAs and service scope

Reviewing and revising SLAs, service scope and underpinning

agreements

Collating, measuring and improving customer satisfaction

Monitoring service performance against SLA

Producing service reportsConducting service reviews &

instigating improvements within an overall service improvement

plan

Negotiating, documenting and agreeing SLAs for operational

services

Determining, documenting and agreeing requirements for new services and producing SLRs

Design SLA frameworks

Service Level Management Activities

47

Change Management

48

CHANGE MANAGEMENT

Goals:• To respond to the customer’s changing business

requirements while maximizing value and reducing incidents, disruption and re-work

• To respond to the business and ITrequests for change that will align theservices with the business needs

49

Concept or Term Description

Change Types

Normal Change Standard Change – pre-approved Emergency Change – requires immediate attention; impacts

business significantly

Request for Change (RFC)

A formal proposal for a Change; includes details of the proposed Change and may be in paper or electronic form.

Configuration Item (CI)

A component that needs to be managed in order to deliver an IT Service. CIs are under the control of Change Management and typically include Services, hardware, software, people, formal documentation and relationships between CIs are defined to help assess impact and risk of Changes to the CIs.

Change Advisory Board (CAB)

A group of people that advises the Change Manager (owner of the Change Management process) in the assessment, prioritization and scheduling of Changes. Made up of representatives from all areas within the Service Provider organization.

Key Change Management Terminology

50

Concept or Term Description

Emergency Change Advisory Board (ECAB)

A sub-set of the CAB that makes decisions about high-impact Emergency Changes.

Forward Schedule of Change or Change Schedule

A document that lists all approved Changes and their planned implementation dates.

Post Implementation Review (PIR)

A review that takes place after a Change has been implemented. A PIR determines if the Change was successful and identifies opportunities for improvement.

Assessing Risk and Impact of Change

CABs and ECABs assist the Change Manager in assessing the risk and impact of each proposed Change. Authorized changes are then scheduled and carried out by Release & Deployment Management.

KEY CHANGE MANAGEMENT TERMINOLOGY

51

Record RFC

Review RFC

Assess & Evaluate

Authorize

Plan Updates

Coordinate Implementation

Review & Close

Change Management Activities

52

KNOWLEDGE MANAGEMENT

53

Share perspectives, ideas, experience and information Ensure these are available in the right place at the right time

to enable informed decisions Improve efficiency by reducing the need to rediscover

knowledge

Knowledge Management Purpose

54

Improve management decision-making Improve efficiency and quality of service Increase satisfaction and reduce cost Ensure staff understand the value their services provide to

customers Establish and maintain knowledge, information and data in a

service knowledge management system Share and use the SKMS and its contents throughout the

service provider organization

Knowledge Management Objectives

55

Knowledge Transfer

Knowledge identification, capture and maintenance

Learning styles Knowledge visualization Driving behaviors Seminars, webinars and advertising Journals and newsletter Discussion forums and social media

What knowledge is necessary Which conditions to be monitored What data is available Defining information architecture Establishing DIKW procedures Evaluation and improvement

Managing Data, Information, & Knowledge

Knowledge Management Strategy

Knowledge Management Activities

56

Incident Management

57

INCIDENT MANAGEMENT

58

Goals: Restore normal service operation as quickly

as possible Minimize the adverse impact on business

operations Incident Management helps ensure the best

possible levels of service quality and availability are maintained

Key Incident Management TerminologyConcept or Term Description

IncidentAn unplanned interruption to an IT service or reduction in the quality of an IT service. Failure of a Configuration Item that has not yet impacted service is also an Incident

Prioritization Priority = Impact (business impact) + Urgency (time-based)

Categorization Determining which service category the Incident fits into

Hierarchical Escalation

Escalating the incident to a higher level of authority

Functional Escalation Escalating the incident to a 2nd – nth level function

Major IncidentAn Incident that grows in impact or priority. Major Incident Management procedures should be available. Major Incidents should not be confused with Problems

Closing Incidents In ITIL, only the Service Desk can close Incidents once the user/customer has verified that service is restored

Incident Ownership In ITIL, the Service Desk owns the incident from ‘cradle to grave’

59

Logging

Categorization

Prioritization

Initial Diagnosis

Escalation

Investigation & Diagnosis

Resolution & Recovery

Closure

INCIDENT

Incident Management Activities

60

PROBLEM MANAGEMENT

61

Objectives:• Prevent Problems and resulting Incidents from happening• Eliminate recurring Incidents • Minimize the impact of Incidents that cannot be prevented

Problem Management is the processresponsible for managing the lifecycleof all Problems.

62

Problem

Problem Management

Concept or Term Description

ProblemThe unknown cause of one or more incidents. The cause is not usually known at the time a problem record is created, and the Problem Management process is responsible for further investigation

Workaround Reducing or eliminating the impact of an Incident or Problem for which a full resolution is not yet available

Root Cause The underlying or original cause of an Incident or Problem

Root Cause Analysis An activity that identifies the Root Cause of an Incident or Problem

Known Error A Problem that has a documented Root Cause and a Workaround

Major Problem Review

A review conducted to learn any lessons for the future. What we did correctly; what we did wrong; what we could do better; how to prevent recurrence

Key Problem Management Terminology

63

Detection/Logging

Categorization

Prioritization

Initial Diagnosis

Create Known Error

Resolution

Closure

Problem

Change Needed?

Workaround?

MajorProblem?

Problem Management Activities

64

QUESTIONS?

k.colburn@pinkelephant.com

www.pinkelephant.com

65