Date post: | 26-Dec-2015 |
Category: |
Documents |
Upload: | randolf-mccormick |
View: | 221 times |
Download: | 2 times |
Continual Service Improvement Process
General Understanding
Knowledge Sources
ISO/IEC 20000:2011•Section 4.5 Establish and Improve SMS.
ITIL®•Continual Service Improvement.
COBIT 5•Manage Quality•Monitor, Evaluate and Assess Performance and Conformance.•Monitor, Evaluate and Assess the System of Internal Controls.•Monitor, Evaluate and Assess Compliance with External Requirements.
Continual Improvement – PDCA Cycle
Plan Do
Act Check
ImprovementQuality Assurance
7 Steps to Service ImprovementIdentify• Vision• Strategy• Tactical Goals• Operational Goals
1. Define what youshould measure
7. Implementcorrective action
6. Present and use theinformation, assessmentsummary, action plans, etc.
2. Define what youcan measure
3. Gather the dataWho? How? When?Integrity of data?
4. Process the dataFrequency? Format?System? Accuracy?
5. Analyze the dataRelations? Trends?According to plan?Targets met?Corrective action?
Goals
© C
row
n C
opyr
ight
201
3 R
epro
duce
d un
der
licen
ce fr
om A
XE
LOS
COBIT Processes
Provides the governance and management structures to manage and improve:
•Quality.
•Performance.
•Control.
•Compliance.
Continual Service Improvement
Plan
Planning for Improvements
ISO/IEC 20000: Plan – scope and service management plan.
ITIL: Define what should be measured (strategy).
Define what will be measured (measurement framework).
COBIT: Establish a quality management system.
Define and management quality standards, practices, and procedures.
Establish a monitoring approach.
Set performance and control targets.
Identify compliance requirements.
Optimize responses to compliance.
Step 1 – Defining Strategy
Defining what should be measured:
•Corporate Strategy.
•IT Strategy.
•Improvement Strategy.
The Continual Service Improvement Model
What is the vision?
Where do we want to be?
How do we get there?
Did we get there?
Where are we now?
How do we keep the momentum
going?
Service & process
improvement
Measurabletargets
Baselineassessments
Measurements &
metrics
Business vision,mission, goals, and objectives
Items to consider:
•Vision aligns with business and IT strategies
•Obtain an accurate baseline assessment.
•Understand and agree upon the priorities for improvement.
•Verify that measurements and metrics are in place.
•Momentum for quality improvement is maintained by assuring Changes are embedded in the organization.
© C
row
n C
opyr
ight
201
3 R
epro
duce
d un
der
licen
ce fr
om A
XE
LOS
The Continual Service Improvement Model
What is the vision?
Where do we wantto be?
How do we get there?
Did we get there?
Where are we now?
How do we keepthe momentum going?
Service & processimprovement
Measurabletargets
Baselineassessments
Measurements &
metrics
Business vision,mission, goals, and
objectives
© C
row
n C
opyr
ight
201
3 R
epro
duce
d un
der
licen
ce fr
om A
XE
LOS
Scope
Why scope?
•To provide the greatest value to the customer.
•To prioritize appropriately.
•To manage budgets and resources effectively.
•To minimize risk.
Service Management Plan
A service management plan will include information on:•Objectives.•Service requirements.•Policies, standards, and external requirements.•Roles, responsibilities, and authorities.•Resource allocations (human, technical, information, and financial).•Stakeholders and suppliers.•Process and system interfaces.•Risk acceptance and management.•Approved technologies.•Measurements and reporting.
Quality Management Systems
Benefits to Continuous Improvement:•Performance advantage through improved organizational capabilities.•Alignment of improvement activities to organization’s strategic intent.•Flexibility to react quickly to opportunities.•Employing a consistent approach to continual improvement.•Providing people with training .•Making continual improvement an objective for every person in the organization.•Establishing goals and measures in continual improvement.•Recognizing and acknowledging improvements.
Source: Quality Management Principles (ISO)
Approaches to Monitoring
• Identify stakeholders.
• Define requirements on monitoring and reporting.
• Maintain alignment with current business, customer, and IT objectives.
• Create agreement around goals, metrics, taxonomy, and retention periods.
• Create agreement around change control.
• Allocate resources to monitoring and reporting.
• Assess effectiveness of approach.
Identifying compliance requirements
1. Legislation
2. Regulations
3. Standards
4. Architectures
5. Policies
CSI – Implementation Issues
• Identify and fill critical roles and responsibilities, e.g.
CSI Manager, Service Owner, SLM and reporting analyst.
• Governance.
• CSI and Organizational Change.
• Communication and Strategy planning.
CSI - value to the business
For CSI to be successful, it must provide improvement opportunities throughout the entire service lifecycle.
There is much greater value to the business when service improvement takes a holistic approach throughout the entire lifecycle.
Improvements
Benefits
Return on Investment
Value of Investment
Continual Service Improvement
Service and Process Improvements, Guidance for Investments into IT and refreshed Service Portfolios
Service and Process Improvements, guidance for KPIs, metrics and reporting, refined SLRs, SLAs, OLAs, & UCs.
Request for Changes, Service and Process Improvements, guidance and refinements for testing & validation.
Process and Function organization improvements, refined SLAs & OLAs, guidance for metrics and reporting
Service Strategy
Service Transition
Service Operation
Service Design
CSI and the Service Lifecycle
Step 2 – Define Measurement Framework
Defining what to measure
Creating relationships between objectives, critical success factors, key performance indicators, and metrics
Identifying methods of reporting communicating service levels, customer satisfaction, business impact, supplier performance, and market performance
Governance
Governance has been around the IT arena for decades.
IT is forced to comply with sweeping legislation and an
ever increasing number of external regulations.
IT organizations must operate under full transparency.
IT Governance
“IT governance is the responsibility of the board of directors and executive management.
It is an integral part of enterprise governance and consists of the leadership, organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies
and objectives."
Source: Board briefing on IT Governance, 2nd Edition, 2003, IT Governance Institute – ITGI.
Defining Service Levels
Service Levels are a means of defining and measuring the behavior of service components within the context of providing value to the customer.
Defining Service Target
Service Targets represent the required level of service needed to deliver value to the customer.
Quality Management
What is quality?
•A measure of excellence.
•A comparison between similar objects.
•A fulfillment of requirements.
•etc.
Process Management
The activities of process management include:
•Process definition.
•Defining roles, responsibilities, and authorities.
•Evaluating performance.
•Identifying opportunities for improvement.
Continual Service Improvement
Do
Implementing and Operating CSI
ISO/IEC 20000: Do – service management system.
ITIL: Gather Data.
Process Data.
COBIT: Monitoring, control and review of performance.
Performance and conformance data.
Monitor internal controls.
Self-Assessments.
Confirm compliance.
Step 3 – Data Collection
Quality
Performance
Internal Control
Compliance
Procedure for Data Collection
Performance Monitoring
• Capability assessment.
• Investment performance reports.
• Service level reports and service reviews.
• Supplier reports and reviews.
• Project performance reviews.
• Availability, performance, and capacity monitoring.
• Incident and problem reports.
• Service request and change reports.
Internal Controls
What is an Internal Control?
“A process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achieving of objectives to operations, reporting, and compliance.”
From COSO Internal Control – Integrated Framework Executive Summary
COSO Internal Controls Framework
The framework consists of:•Three objective categories
• Operations• Reporting• Compliance
•Five components• Control Environment• Risk Assessment• Control Activities• Information and Communication• Monitoring Activities
•17 principles
3333
Capability Assessments
A capability assessment compares the performance of a process
against a performance standard. This can be an agreement in a SLA,
maturity standard, or an average compared to companies in the same
industry (known as a benchmark).
An assessment for ISO/IEC 20000 is a capability assessment; it shows whether or not the requirements of ISO/IEC 20000 are being met.
3434
Purpose of Internal & External Audits
An independent evaluation is needed to assess the performance,
and is also required by customers and third parties.
The results can be used to update the agreed measures in
consultation with the customers, and also for their implementation.
There are three forms of evaluation:• Self-assessment.• Internal Audit.• External Audit.
3535
Types of Audit
Audit findings are used to assess the effectiveness of the quality
management system and to identify opportunities for improvement.
There are three main types of audit:
• First-Party Audit• Second-Party Audit• Third-Party Audit
Step 4 – Data Processing
Continual Service Improvement
Check
Monitor and Review
ISO/IEC 20000: Check – internal audits and management reviews.
ITIL: Analyze Data.
Present and Use Data.
COBIT: Analyze and report performance.
Identify and report control deficiencies.
Obtain compliance assessment.
Step 5 – Analyze Data
1. Review the data collected.
2. Current process results• Statistical measurements• Descriptive Analysis• Variation Analysis• Root Cause Analysis
3. Can we learn anything from a SWOT analysis?
40
Step 6 – Presenting Data
Objective: To produce agreed, timely, reliable, and accurate reports for informed decision making and effective communication
Management Reviews
Top Management must regularly review the service management system and services.
The purpose of the review is to determine continued suitability and effectiveness of the targeted area.
The review may include:
• Assessment of improvement opportunities.
• Assessment of SMS changes, including strategic and policy changes.
Service Reviews
Service and Service Level Agreements are reviewed with customer at planned intervals
Continual Service Improvement
Act
Step 7 - Implementation
Data drive Decisions
Objectives drive Priorities
Necessity drive Implementation