Post on 07-Nov-2014
description
transcript
1
ITIL: What is it?How does ITIL link to COBIT
and ISO 17799?
2
The IT Infrastructure Library A set of books comprising an IT service
management Best Practices framework An industry of products, services, and
organizations Unique: consistent, comprehensive, non-
proprietary Created by and for the British
government, later expanded for use in all organizations
Gives a detailed description of important IT practices, with comprehensive checklists, tasks, procedures and responsibilities. And can be tailored to any IT organization.
What is ITIL?
3
Create a set of comprehensive, consistent and coherent codes of Best Practice for quality IT service management, promoting business effectiveness in the use of IT
Encourage the private sector to develop services and products (training, consultancy and tools) that support ITIL®
Provide an approach based on the best examples taken from practice
ITIL Objectives
4
Codes of practice for Quality management of IT Services and Infrastructure
ITIL® has its own definition for key terms
Quality means “matched to business needs and user requirements as these evolve"
ITIL defined !
5
Why use ITIL®?
IT service providers use ITIL® concepts and practices to:
Increase satisfaction of customers / users with IT services
Enhance communication with customers Achieve higher reliability in mission-critical
systems and infrastructure Improve the cost/benefit of services Create a “common sense” among staff
7
ITIL, not just tools & processes
Culture, Attitudes
Beliefs & Skills
Infrastructure (Technology &
Tools)
Service Support &
Service Delivery
StrategySteeringDirection
Integration
Process Products
People
8
The Office of Government Commerce created ITIL® in the late 1980’s; still own it today.
The National Exam Institute for Informatics (Netherlands). Current ITIL ® examination caretakers. Contracted in 1995 by the OGC to maintain and develop ITIL®. In 2004, the OGC transferred the responsibility of managing EXIN to the itSMF.
Who Made & Maintains ITIL®?
9
The Information Systems Examination Board (UK). Part of the British Computer Society.
The National Exam Institute for Informatics (Netherlands). Contracted since 1995 to maintain ITIL‘s examination and certification process. Loyalist College in Canada
Loyalist and Prometric (Sylvan) in the USA
Certifying Bodies
10
EXIN and ISEB provide certification testing at Foundation, Practitioner, and Manager levels
Training is typically 2-3 days for Foundation, 2-3 days for Practitioner, 10 days for Manager
Deeper understanding of all eleven ITIL® service management modules
Service Manager
Deep understanding of one of the ITIL® service management modulesPractitioner
Basic understanding of all eleven ITIL® service management modulesFoundation
ITIL® Certification & Training
12
ITIL - 7 Core volumes
The Business Perspective Covers a range of issues concerned with understanding and
improving IT service provision, as an integral part of an overall business requirement for high quality IS management.
Planning to Implement Service Management Discusses the key issues of planning and implementing IT service
management. It explains the steps required for implementation and improvement
of IT service delivery.
13
ITIL - 7 Core volumes
Information & Communications Technology (ICT) Infrastructure Management Covers all aspects of ICT infrastructure from the identification of
business requirements through the tendering process, to the testing, installation, deployment, and ongoing support and maintenance of the ICT components and IT services. Network Service Management Operations Management Management of Local Processors Computer Installation and Acceptance Systems Management.
Applications Management Discusses software development using a life cycle approach and
expands on the issues of business change with emphasis on clear requirements definition and implementation of solutions to meet business needs.
14
ITIL - 7 Core volumes
Security Management Details the process of planning and managing a defined level of
security on information and ICT services, including all aspects associated with the reaction to security incidents.
Service Support Is concerned with ensuring that the Customer has access to the
appropriate services to support the business functions. Service Delivery
Looks at what service the business requires of the provider in order to provide adequate support to the business Users.
17
Service Desk
Service LevelManagement
CapacityManagement
IT Service ContinuityManagement
FinancialManagement
AvailabilityManagement Service
Delivery
ChangeManagement
ProblemManagement
ConfigurationManagement
ReleaseManagement
IncidentManagement Service
Support
Service Desk
18
Service Desk Goals
To support business activities and drive service improvement
To be primary point of contact To manage the Incident
lifecycle To manage service requests To maintain ownership of a
User Incident through to completion
19
To provide a single point of contact for Customers
To be a Customer interface for IT To improve incident response
performance Improving service levels To facilitate the restoration of
normal operational service, quickly as possible, with minimal business impact on the Customer within agreed service levels and business priorities
Service Desk Objectives
20
Incident Management
Service LevelManagement
CapacityManagement
IT Service ContinuityManagement
FinancialManagement
AvailabilityManagement Service
Delivery
ChangeManagement
ProblemManagement
ConfigurationManagement
ReleaseManagementService
Support
Service Desk
IncidentManagement
21
Incident Management Goals
Restore normal service operation as quickly as possible within Service Level Agreements (SLA) limits
Minimize the adverse impact on business operations
Ensuring that the best possible levels of service quality and availability are maintained
Maintain and apply a consistent approach to managing Incidents
22
Return to the normal service level as defined in the Service Level Agreement as soon as possible with the smallest possible impact on the
business activities Keep effective records of incidents to:
measure and improve the process Provide appropriate information to other
services management processes Report on incident progress
Incident Management Objectives
23
Problem Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
24
Problem Management Goals
Stabilize IT services through: Minimizing the consequences of incidents
by identifying trusted quick fixes Identifying and removing the root causes
of potential incidents Identifying and managing Known Errors
To improve the quality of services delivered to customers by reducing the number of preventable service disruptions
25
To reduce both the number and severity of Incidents and Problems on the business that are caused by errors within the IT Infrastructure.
Problem Management Objectives
What’s causing
these Incidents?
26
Incident Management Cycle
ChangeRequest
KnownError ProblemIncident
Event Progression
ProblemService Desk Management ChangeManagement
Resolution Resolution Resolution
Problem Control
ProblemsKnown Error from Release Management
Error ControlIncident Control
27
Change Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
28
Change Management Goals
Ensure that standardized methods and procedures are used for efficient and prompt handling of all Changes
Minimize the impact of Change-related incidents upon service quality
Improve the day-to-day operations of the organization
Maintain a balance between the need for change against the impact of change
29
Standard methods and procedures are used
Changes be dealt with quickly, with the lowest impact on service quality
All changes are traceable
Change Management Objectives
“Change is good, donkey!!”
30
Release Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
31
Release Management Goals
Plan and oversee the successful rollout of software and related hardware
Ensure that hardware and software being changed is traceable, secure and that only correct, authorised and tested versions are installed
Communicate and manage expectations of the customer during the planning and rollout of new releases
Agree on the exact content and rollout plan for the release, through liaison with Change Management
Implement new software releases or hardware into the operational environment using the controlling processes of Configuration Management (CIs) and Change Management
32
Safeguard all software, hardware & related items
Ensure that only tested / correct versions of authorized software and hardware are in use
Right software / hardware, right time, right place
Redundant hardware, software identified for Request For Change
Release Management Objectives
Protect the live environment & its services !
33
Configuration Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
34
Configuration Management Goals
To enable control of the infrastructure and services by monitoring, maintaining and verifying information on: All resources needed to deliver services Configuration Item status and history Configuration Item relationships
Provide accurate information on the IT infrastructure for all the other Service Management processes & IT Management
To assist with impact assessment of proposed changes
Verify the configuration records against the infrastructure and correct any exceptions
35
Keeping reliable records of details of IT Assets and services provided by the organization All Resources needed to deliver
Services Configuration Items (CI) Status and
History Configuration Item Relationships
Providing accurate information and documentation to support the other Service Management processes
Configuration Management Objectives
Do I get stored in
the CMDB?
36
Service Relationship
RelatedIncidents
RelatedProblems
RelatedChanges
OperationalState
- Current- Historical
CapacityManagement
SLAManagement
Incident Management
AvailabilityManagement
ChangeManagement
ProblemManagement
Configuration items
Inventory
Asset Financial & Contract
Physical AttributesHW-SW Asset statusStockroomsLocations
LicenseCost
Invoice Reconciliation
CapitalizationChargeback Info. WarrantyVendor Information
LeaseContract
Capacity- Current
- HistoricalAvailability
ConfigurationManagement
IT Service Continuity
ManagementRelease
Management
Total Cost of Ownership
IT Financial Management
DepreciationTCO
Lease mgmtVendor mgmt
SW licence mgmtWarranty mgmtContract mgmt
Service chargebacks
Configuration Management Database (CMDB)Complete record of all CI’s associated with the IT infrastructure: versions, location, documentation, components, services and the relationships between them
HW, SW, Network, Documents, people, organization
Relationships : Peer-to-peer, parent-child, free-form relations Product catalogueService catalogue
CGI Integrated IT Service Management
ERPFinancial
ProcurementHR
System mgmtRemote access
Auto-discovery toolAuto-recovery tool
MonitoringMetering (HW-SW usage)
DSLDefinitive Software LibraryDHL: Definitive Hardware library
CI relationships include the usage, the ownership, the service relationships, etc.
Identifies, records, controls and reports on IT components.
-Standard/Basic change (pre-approved): IMAC, - Urgent change, Planned change
Containment Hierarchy
37
Service Level Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
38
Service Level Management Goals
Maintain and improve IT Service quality
Constant cycle of agreeing, monitoring and reporting upon IT service achievements
Instigation of actions to eradicate poor service - in line with business or cost justification.
Better relationship between IT and its Customers
39
Ensures that the IT services required by the customer are continuously maintained and improved
Achieved by agreeing, monitoring and reporting the performance of the IT organization
Service Level Management Objectives
40
Availability Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
41
Availability Management Goals
To understand the availability requirements of the business and to plan, measure, monitor and continuously strive to improve the availability of the IT infrastructure, services and supporting organization to ensure these requirements are met consistently
To enable the business to satisfy its business objectives by: Optimizing the capability of the IT
infrastructure, services and supporting organization
Delivering a cost-effective and sustained level of availability
42
Ensure IT services are designed to deliver the levels of availability required by the business
Provide a range of IT availability reporting to ensure that agreed levels of availability, reliability and maintainability are measured and monitored on an ongoing basis
Optimize the availability of the IT infrastructure to deliver cost effective improvements that deliver tangible benefits to the business & user
Achieve over a period of time a reduction in the frequency and duration of incidents that impact IT availability
Availability Management Objectives
43
Capacity Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
44
Capacity Management Goals
To determine the right, cost justifiable, capacity of IT resources
To understand the business requirements, current operations and IT infrastructure to ensure that the current and future capacity and performance aspects of the business are provided cost-effectively
To understand the potential for improved service design and delivery
45
Consistently provide the required IT resources: At the right time At the right cost Aligned with the current and future
business requirements Need to understand the expected
business developments affecting customers and anticipate technical developments
Important role in determining returns on investment and cost justification
Capacity Management Objectives
46
Financial Management for IT Services
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
47
Financial Management Goals
To provide cost-effective stewardship of any of the organization’s IT asset or resources used to deliver IT services
To be able to account fully for IT service expenditures
To attribute these costs to the services delivered to Customers and determine whether value for money is being obtained
To assist management decisions on IT investment by providing detailed business cases for changes to IT services
48
Assist the internal IT organization with the cost-effective management of IT resources required for the provision of IT services
Break down the IT service costs, and associate them with IT services
Support management decisions with respect to IT investments
Encourage the cost aware use of IT facilities
Financial Management Objectives
49
IT Service Continuity Management
ServiceSupport
ServiceDelivery
ConfigurationManagement
ProblemManagement
ReleaseManagement
ChangeManagement
IncidentManagement
Service LevelManagement
FinancialManagement
CapacityManagement
IT Service ContinuityManagement
AvailabilityManagement
Service Desk
50
IT Service Continuity Management Goals
To support overall Business Continuity Management
To improve the chance of business survival by: Reducing the service vulnerability and risk
to the business Reducing the impact of a disaster or
major failure Maintaining a pre-determined level of
service in the event of a disaster
To preserve high customer and user confidence
51
Support the overall Business Continuity Management by ensuring that the required IT infrastructure and IT services can be restored within specified time limits after a disaster.
IT Service Continuity Management Objectives
52
COBIT & How does it map to ITIL
53
Control Objectives for Information and Related Technology (COBIT)
Sponsor: Information Systems Audit and Control Association and the IT Governance Institute
What it is: An audit-oriented set of guidelines for IT processes, practices and controls. Geared to risk reduction, focusing on integrity, reliability and security. Addresses four domains: planning and organization, acquisition and implementation, delivery and support, and monitoring. Has six maturity levels, similar to CMM's.
Strengths: Good checklists for IT. Enables IT to address risks not explicitly addressed by other frameworks and to pass audits. Can work well with other frameworks, especially ITIL.
Limitations: Says what to do but not how to do it. Doesn't deal directly with software development or IT services. Doesn't provide road map for continuous process improvement.
54
COBIT & ITIL Mappings
PLANNING & ORGANISATION
Quality Management for IT Services (CCTA Quality Management Library)
11. Manage Quality
10. Manage Projects
9. Assess Risks
8. Ensure Compliance with External Requirements
7. Manage Human Resources
6. Communicate Management Aims and Direction
Financial Management5. Manage the Investment in Information Technology
IT Services Organization4. Define the IT Organization and Relationships
Determine the Technology Direction3. Determine the Technology Direction
Security Management2. Define the Information Architecture
Planning & control for IT Services1. Define a Strategic Information Technology Plan
ITILCOBIT
55
COBIT & ITIL Mappings
ACQUISITION & IMPLEMENTATION
Capacity Management; Change Management; Security Management
5. Install and Accredit Systems
4. Develop and Maintain Information Technology Procedures
Problem Management; Security Management; Change Management
3. Acquire and Maintain Technology Architecture
Change Management, Availability Management
2. Acquire and Maintain Application Software
Service Level Management; Change Management; Security Management; Release Management
1. Identify Solutions
ITILCOBIT
56
COBIT & ITIL Mappings
DELIVERY & SUPPORT
13. Manage Operations
12. Manage Facilities
Capacity Management, Release Management, Availability Management; Contingency Planning
11. Manage Data
Problem Management10. Manage Problems and Incident
Configuration Management9. Manage the Configuration
Incident Management (Service Desk)8. Assisting and Advising Information Technology Customers
Customer Liaison7. Educate and Train Users
Financial Management6. Identify and Allocate Costs
Security Management5. Ensure Systems Security
Availability Management, Contingency Planning4. Ensure Continuous Service
Capacity Management3. Manage Performance and Capacity
Service Level Management2. Manage Third-Party Services
Service Level Management1. Define Service Levels
ITILCOBIT
57
COBIT & ITIL Mappings
MONITORING
4. Provide for Independent Audit
3. Obtain Independent Assurance
2. Obtain Independent Assurance
1. Monitor the ProcessITILCOBIT
58
ISO17799 & How does it map to ITIL
59
ISO17799
Sponsor: British Standards Institution What it is: ISO/IEC 17799:2000 provides information to
responsible parties for implementing information security within an organisation. It can be seen as a basis for developing security standards and management practices within an organisation to improve reliability on information security in inter-organisational relationships.
60
ISO17799 & ITIL Mappings
IT Service Continuity Management Business Continuity Management (BCM)
Configuration ManagementAsset Classification and Control
Security ManagementSecurity Organization
Security ManagementPersonnel Security
Security ManagementComplianceSecurity ManagementPhysical and Environmental Security
Application ManagementSystem Development and Maintenance
ICT Infrastructure ManagementComputer & Operations Management
Security ManagementSystem Access Control
ITILISO17799
61
itSMF
62
The IT Service Management Forum. The independent forum for ITIL® users, formed in 1991.
Promotes exchange of information and experience to assist IT organizations in managing the delivery of IT services.
Chapters in the UK, Netherlands, Belgium, Germany/Austria/Switzerland, Canada, South Africa, the USA and Australia.
A major influencer and contributor to Industry Best Practice and Standards worldwide.
IT Service Management Forum
63
CGI
64
About CGI
CGI is the 8th largest independent IT services firm in the world
We combine industry expertise, end-to-end services and global delivery capabilities to deliver cost-effective solutions that help clients win and grow
65
CGI Contact
Steve Worth Senior Consultant ITSM / ITIL Centre of Excellence CGI Email - steve.worth@cgi.com
66
Thank You!