INNOTRAIN IT

IT Service Management

QUICK – SIMPLE - CLEAR

Preview

Extract

Chapter 3.1

2011

IT Service Management

I

Authors

Dr. Mariusz Grabowski, Universität der Wirtschaft Krakau

Dr. Claus Hoffmann, Beatrix Lang GmbH

Philipp Küller, Hochschule Heilbronn

Elena-Teodora Miron, Universität Wien

Dr. Dariusz Put, Universität der Wirtschaft Krakau

Dr. Piotr Soja, Universität der Wirtschaft Krakau

Dr. Janusz Stal, Universität der Wirtschaft Krakau

Marcus Vogt, Hochschule Heilbronn

Dr. Eng. Tadeusz Wilusz, Universität der Wirtschaft Krakau

Dr. Agnieszka Zając, Universität der Wirtschaft Krakau

3.1 Strategic planning

Each company should define its strategic goals clearly in order to remain a successful player in the

market in the future. These goals and requirements should be aligned with an overarching vision

and mission. In defining strategic goals, we can apply the SMART principles. According to these

principles, objectives should be:

! Specific,

! Measurable,

! Achievable,

! Realistic and

! Time related.

To evaluate the business objectives with regard to these five criteria, factors such as market

metrics (e.g. market share, brand, corporate image, sales figures), financial metrics (e.g. revenues,

return on investment/ROI, cash flow, profitability) or operational metrics (e.g. capacity, lead time,

inventory levels) are used.

Strategic planning consists of two main steps:

! Strategy formation

! Strategy evaluation

Strategy formation starts with analysing the existing situation (internal and external), continues with

specifying goals and finally results in a strategic plan. Strategy evaluation means reviewing

strategic options based on three central criteria for successii:

! Suitability (will it work?)

! Feasibility (can it actually be implemented?)

! Acceptance (will it be accepted?)

Information technology (IT) offers numerous options for attaining the strategic objectives and

targets. However, IT must already be taken into account at a very early phase of strategic planning.

3.1.1 Aligning the IT strategy with the corporate strategy

When aligning the IT strategy for small and medium-sized enterprises (SMEs), the focus is on

practical benefits of IT and associated concepts. However, even for SMEs, the interaction of

business strategy, IT strategy, IT architecture and business architecture has to be taken into

account. The following figure explain these relationships.

Figure 3 - Overview of strategies and architectures

The business strategy describes which medium to long-term financial goals the company is

pursuing. To stick with our example of Charly's service shop, one of Charly's financial strategy

objectives is to reach more customers to ensure optimal utilisation of his shop.

The IT strategy is derived from the business strategy. Charly's IT strategy might be increasing his

online marketing presence to reach more customers and thus better utilise his shop. Conversely,

however, an IT strategy can have implications for the business strategy. New technologies

evaluated as part of the IT strategy can enable new products or services and thus have an impact

on the future business strategy. In our sample company, Charly expands his business by not only

offering a reservation system, but also by successfully setting up a spare parts marketplace.

The IT architecture, in turn, results from the IT strategy. To improve his online presence, Charly

has to provide and manage new hardware and software. As in the architecture of buildings,

essential considerations include function, extensibility and structural stability (in the case of IT,

however, we are more likely to talk about data security and availability). Thus the IT architecture

describes the dynamic interaction of all IT components to support the IT strategy. Of course, an IT

architecture also has an effect on the IT strategy. Let's stay with our example of building

architecture: it is very difficult to take a building originally designed as a residence and turn it into a

hotel/restaurant. Similarly, great effort is required to centralise a decentralised IT architecture. In

other words: an IT architecture should be as flexible as possible in order to provide the best

possible support to changes of IT strategy.

The business architecture defines the business processes and how they interact to support the

corporate strategy. Optimisation of these business processes can be attained with changes in the

IT architecture. On the other hand, technical limitations can be an obstacle to this optimisation.

In terms of supporting the business strategy with IT-related investments, the value contribution of

IT is of central importance for the company.

To gain a complete understanding of the value contribution of IT, we must first consider the subject

from various perspectives. First, we have to consider whether using IT brings optimal results with a

defined effort and/or expense. Secondly, we have to consider whether companies are able to

create competitive advantages using IT and attain higher profits with IT investments. Thirdly, the

effect of the company on its customers must be considered, and we have to ask to what extent the

benefits are passed on to the customers or demanded by the customers.

To align IT with business goals and/or the existing business processes, management should

concentrate on the following areas:

! Strategic alignment – with the primary goal of ensuring the correct link between business

plans and IT plans. To do so, the additional value created by IT must be defined, safeguarded

for the long term and reviewed. In addition, IT workflows and operational workflows must be

attuned to each other.

! Value delivery – here, the focus is on practical use of the additional value created. This

guarantees that the IT actually delivers the promised strategic benefits, chief among them

cost optimisation.

! Resource management – with the primary goal of optimising investments in IT-related

resources and/or management of these resources. These include applications, information,

infrastructure and employees. This focuses in particular on optimising knowledge and

infrastructure.

! Risk management – here, the focus is on creating risk awareness throughout the

organisation, from top management down to the last employee. In this context, it is necessary

to understand compliance requirements and assign responsibility for risk management within

the company.

! Performance measurement – this involves tracking and monitoring a variety of tasks and

projects related to implementing strategies, utilising resources and provisioning services.

Various tools, such as balanced scorecards, can be used to ensure that strategic

requirements are implemented in measurable targets.

The alignment of business and IT begins at the top level of management during the strategy

formation process. In doing so, multiple requirements should be taken into accountiii:

! The alignment must make quantifiable improvements to a business plan—each proposed

project should contain financial metrics related to the associated costs and revenues (e.g.

discounted cash flow, expected financial earnings). Those who are proposing the project

should be responsible for its documentation. In addition, the results should be reviewed on a

regular basis.

! The alignment must always be kept up to date based on business trends and developments:

All changes within the company and in its surroundings have an effect on the actual project.

Provision should already be made for changing circumstances in the project, and this should

be taken into account in the project's scheduling and budgeting. Information must be

exchanged between the IT department and the rest of the company, as otherwise

"technologists will drift away from the business and misalignment will prevail."

! During implementation, obstacles to alignment have to be overcome. The discrepancy

between project design and reality are not visible until execution. Initial project plans should

be based on the objectives that can be attained during execution. All problems that arise

should be documented and reviewed from the perspective of the overall project.

! The alignment has to be planned—the original project plan requires documented agreements

for all changes in order to remain up-to-date. During the execution phase, the project plan

must be updated continuously in terms of scheduling, budgeting, scope, processes etc. This

plan should be the central source of knowledge pertaining to the progress of the project and

any changes to it.

! For IT projects, the focus has to be on requirements of the users; this has to take into account

the benefits for users and for the company. IT cannot solve any of a company's problems on

its own. From a financial perspective, IT mostly means costs, but positive effects on business

can justify the outlay for IT. The topic of "How much should we spend on IT?" is not so much

a question as an answer to: What benefits does IT provide?

To measure the alignment of IT with the business, and thus to determine how well the areas

work together for technical and business processes in the company, we should take into account

the following factors and associated questionsiv:

! Maturity of communication – how well do employees in the technical and business areas get

along? Is communication frequent and problem-free? Does your company communicate

effectively with consultants, suppliers and partners? Is value placed on conveying knowledge

internally?

! Maturity of competence/value measurement – how well does the company measure its own

performance and the value of its own projects? After projects are closed out, does it evaluate

what went well and what not so well? Does it improve its internal processes so that the next

project can go better?

! Maturity of governance – how well does the company bring its business strategy into line with

priorities with regard to IT, technical planning and budgeting? Are the current projects based

on an understanding of the business strategy? Do they support this strategy?

! Maturity of partnership – to what extent do the business and IT departments have a genuine

partnership based on mutual trust and are ready and willing to share the risks and rewards?

! Maturity of the scope and architecture – to what extent has the technology evolved to deliver

more than simply supporting business processes? How has this contributed to the company's

growth, competitiveness and profits?

! Maturity of competence – do the employees have the competencies they need to work

effectively? How well do the technology employees understand the central factors that have

an impact on the business, and how familiar are they with corporate business processes?

How do the employees of the business departments understand the relevant technology

concepts?

IT-related investments require careful financial management to attain the planned benefits. In

addition, the priorities in terms of the scope of the IT projects must be defined appropriately. For

the specific activities for managing IT investment, these are:v:

! Framework for financial management – required the for managing and maintaining the IT

investments and costs of IT facilities and services. This should be done with consideration of

the portfolio that includes the IT-related investments, business scenarios and IT budgets.

! Setting priorities within the IT budget – a decision-making process is required in order to set

priorities when allocating IT resources. The resource allocation is necessary for workflows,

projects and maintenance. The objective of this process should be to attain the maximum

possible return on investment from the company's portfolio of IT-related investment programs

and IT services.

! IT budgeting – the budget must be created based on priorities specified by the portfolio of IT-

based investment programs. The budgeting process should include costs for operating and

maintaining the current infrastructure. The budget workflows should enable a company to

develop the overall IT budget and budgets for individual programs. In doing so, the ability to

continuously review, refine and approve all types of budgets should be provided.

! Cost management – each company should implement a process for cost management that

compares the actual costs with the allocated budget amounts. There should be a way to

monitor the costs and create reports. Any deviations should be identified at an early stage,

including a review of their effect on the programs. This would enable the company to take

suitable countermeasures and, if necessary, update the business scenario for the program.

! Benefit management—a process for monitoring the benefits provided by provisioning and

maintaining the IT capabilities—should be implemented. The company should determine and

document the contribution of IT to the business. This can be based on the direct effect on the

IT-based investment programs or on the indirect contribution as a part of support of regular

business workflows. The reports should be monitored and reviewed so that the company can

make suitable changes to improve the contribution made by IT, either with IT investments or

associated programs.

3.1.2 Information Technology strategy

As described above, the IT strategy has a mutual interaction with the corporate strategy and IT

architecture. The following chapter describes in greater detail a couple of the most important

aspects for developing the IT strategy and the associated IT architecture. This involves:

1. IT portfolio management

2. Requirements management

3. Defining the information architecture

4. Determining the technological orientation

5. Reviewing and evaluating IT risks

1. IT portfolio management (investment portfolio)

Portfolio management, in the context of the IT strategy, describes the step between the business

strategy and the technological implementation. As described in the previous chapter, for the

purposes of the IT/business alignment, the IT investments have to be evaluated based on financial

and added-value creation criteria. However, because only limited financial and personnel resources

are available in a company, these IT investments compete with each other. As a result, it is

necessary to ask which of the IT investments are to be implemented with the available resources.

Portfolio management helps the company prioritise these IT investments. In doing so, an attempt

should be made to balance the portfolio of planned IT investments with regard to the risks,

opportunities, implementation time frame and costs. The following figure describes the process of

portfolio management and its interface to the IT strategy.

Figure 4 - IT portfolio management life cycle (based on Gadatschvi)

The second figure shows an example of a two-dimensional portfolio analysis based on return on

investment (ROI) and support of corporate strategy. However, it is important to note that for a

comprehensive portfolio analysis and associated prioritisation of IT investments, other dimensions

should be taken into account (e.g. implementation risk, implementation time frame, etc.).

Figure 5 - Prioritisation of projects (based on an Gadatschvi)

2. Demand management

Demand management is a critical process within the life cycle phase of the IT service strategy.

Demand management describes the business requirements that result from the business strategy

and the existing business processes and thus defines the necessary capacity and flexibility of the

IT architecture. To stick with our example of Charly's service shop: Charly's business strategy is to

reach more customers, so he expands his marketing presence on the Internet (this objective

corresponds to the definition of the IT strategy). One of the business requirements for successfully

expanding the Internet presence is uninterrupted operation, 24 hours a day on all 365 days of the

business year. This requirement must be supported by the IT architecture. The server and software

must be designed for uninterrupted operation. Demand management is a central activity within

service management that has to continuously pursue a balance between the utilisation and

provisioning of services.

Demand management is associated with various processes and activities for strategic planning. In

particular, it relates to the strategic plan for IT, IT portfolio management, customer focus and the

definition of services.

3. Information architecture

The definition of information architecture is an important task when developing a corporate IT

strategy. This process pertains to creating and updating a business information model and defining

suitable systems for optimising information use. This integrates the applications seamlessly into the

business process.

The process for defining an information architecture improves the quality of decision-making at the

management level, as the presence of consistent and secure information is ensured. This process

also enables management of resources of the information systems for taking into account business

strategies. In addition, the definition of the information architecture helps to strengthen

responsibility for the integrity and security of data within the company and improve effectiveness of

data exchange across applications.

The correct definition of the information architecture helps to attain a number of goals in

conjunction with the company's IT and corporate strategy. Most of all, it helps to optimise the use of

information and make IT more flexible. It ensures the integration of applications into the business

processes.

For example, if Charly wants to sell spare parts over the Internet in the future, his architecture has

to be flexible enough to integrate the data of the online store into his application software.

4. Determining the technological orientation

The IT strategy of a company determines the technological direction for supporting the business.

The technological orientation should be based on the company's business requirements. It needs

stable, cost-effective, integrated and standardised application systems, resources and

competencies in order to fulfil present and future business requirements. This process requires

defining and implementing a technology infrastructure plan as well as architecture and standards

that allow the possibilities of the technology to be identified and used optimally.

The purpose of the technology infrastructure plan is to specify and manage clear and realistic

expectations for what technology can deliver in terms of products, services and provisioning

mechanisms. The plan should be updated on a regular basis and cover topics related to the system

architecture, technological orientation, procurement plans, standards, migration strategies and

possible exceptional situations. This gives the company the ability to react to changes in the

competitive situation in a timely manner and improve the interaction of platforms and applications.

The correct determination of the technological direction should help the company obtain and

update integrated and standardised application systems. It should promote the optimisation of IT

infrastructure, IT resources and competencies of IT. If, for example, the ERP system in Charly's

company were based on Java, it would be logical to also procure other applications based on this

technology. Thus maintenance can be carried out by the same developers. Moreover, knowledge

of Java is widely available on the marketplace and, as a result, additional employees can be hired

quickly.

For additional information about drafting, planning, implementation and maintenance of IT and

corporate architectures, refer to the TOGAF framework.

5. Reviewing and evaluating risks

To implement a good IT strategy, the company has to review and manage the IT risks. The

purpose of this process is to analyse IT risks and their potential effects on business processes and

objectives and to provide notification of the corresponding results.

The review of risks should be expressed in terms of the associated costs so that decision-makers

are equipped to find an acceptable level of tolerated risks (see portfolio analysis). This also proves

beneficial for recommending and communicating action plans conceived as a response to the risk.

Thus for Charly's company, it would surely not make any sense to operate an earthquake-proof

data centre. However, it is certainly reasonable to back up the data, store it offsite and create a

disaster recovery plan in case of a serious environmental event.

An appropriate review of IT risks and their management helps the company take into account and

protect all IT facilities. This can help to ensure that IT specifications are met and provide clarity with

regard to the business impact of risks on IT specifications and IT resources.

3.1.3 IT service - definition & agreement

The following section discusses important points

for defining IT services and managing them

within the company. These include service

catalogue management as well as defining and

managing service levels.

Of central importance for the company is

effective communication between IT

management and business customers with

regard to necessary services. To meet this

requirement, the company has to define, agree

on and document IT services and service levels.

Within IT Service Management, service

catalogue management is responsible for

administration of the services within the service

portfolio and the service catalogue. As part of creating services, the service portfolio depends on

the investment portfolio (refer also to Chapter 3.1.2), which defines and prioritises the investments.

Figure 6 - Structure of the service portfolio

A service portfolio of this kind should be a central repository of the basic definitions of the IT

services, which includes service features and business requirements. The process of service

catalogue management is responsible for creating and updating the service catalogue. This

process should ensure that the service portfolio contains precise information about all services that

relate to operating workflows or are in a close relationship with these.

A suitable definition and management of the services should help the company react better to

business requirements in co-ordination with the business strategy. This should also ensure that the

end users are satisfied with the services offered and service levels. In addition, this can provide

greater transparency with better understanding of the IT costs, IT benefits and IT strategy.

As part of service level management (SLM), suitable IT service objectives are negotiated, agreed

and documented with the business departments. Afterwards, the provided service is monitored and

associated reports are created. SLM should ensure continuous orientation towards business

requirements and priorities. SLM should make it easier to bring customers and service providers

into harmony.

Service Level Management is inseparable with the concepts of Service Level Agreements (SLA),

Operating Level Agreements (OLA) and Underpinning Contracts (UC). This process not only

agrees on SLAs, but also ensures compliance with them. Generally, SLM is responsible for

ensuring that all processes of IT Service Management and underpinning contracts (SLA, OLA, UC)

are designed for the agreed goals.

SLAs should be defined and agreed for all critical IT services, based on customer requests and IT

capabilities. Many areas of co-ordination exist that should be covered by SLAs. The most important

points pertain to obligations towards the customer, service support requirements, financing and

business agreements, as well as roles and responsibilities within SLA monitoring.

3.1.4 IT-based innovation management

A structured processes based on best practices are not only logical, but also making the working

life noticeably easier. Studies - carried out as part of the INNOTRAIN IT project in 6 countries -

have proven that in companies using ITSM an IT employee can support a significantly greater

number of workstations. In other words, the utilization of ITSM can provide a reduction of workload

in the lower double-digit percentage range. Of course, people who are focused on maximising

profits can save costs here and widen the profit margin. However, as a forward-looking measure, it

would make more sense to optimise profits over the long term by investing the newly freed

resources into the innovative ability of the company.

The INNOTRAIN project focuses on precisely this question: How can free resources based on

ITSM be used to foster innovations in the organisation? Of course, this kind of development is not

an instantaneous change. Taking the first step requires a certain level of motivation and strenuous

efforts. However, if the decision is made to go ahead, the development could look like this:

Figure 7 - Developing the innovation potential based on ITSM

1. Phase 1 illustrates the situation before introducing ITSM. Expressed as a ratio, 100% of

the time is used for original tasks.

2. The efficiency of IT increases by using best practices. The workload from the original IT

activities is reduced over the medium term. Sustained optimisation and expansion of the

use of ITSM can attain a further reduction of the load and open up corresponding potential

for innovations. For the basic knowledge and procedure, refer to Chapters 3 and 4.

3. In the third step, the innovation potential is set free. Other changes must be made to the

way of thinking and acting. Using technology stabilises the use of innovation potential. For

more information, refer to Chapters 5 and 6.

4. In the final state (for the time being), the workload is reduced and the resources thus freed

up are used to create innovation.

But what are innovations, anyway? Innovation can be defined as follows: Inventions or adaptations

that result in new methods for redesigning the production system. Thus an innovation of this kind

could involve ideas, products, methods or services that are perceived by the company or business

area as new and that are adopted in everyday life ("internal market launch"). A flea market where

you can browse online and anyone can buy and sell—without even having to leave home? Fifteen

years ago, this idea of Pierre Omidyar's still seemed utopian. However, he turned his idea into

reality and founded Internet auction site eBay.

Based on the innovation spiral presented below, we can define three levels of innovation based on

the principles of IT Service Management.

Figure 8 - INNOTRAIN IT innovation spiral

Layer 1 – Management of IT infrastructure services: Innovations in this level pertain to the

company's IT infrastructure. In the example of Charly's service shop provided here, extensive

growth of the company and a resulting change in printer management could lead the company to

outsource non-business critical printer maintenance to the manufacturer or a service provider,

paying only the actual printing costs ("pay-per -click") and shifting the risk (printer malfunctions,

etc.) to this other party.

Level 2 – Innovation of business processes: Today, IT is frequently cited as an enabler of

business processes. Therefore, this level offers a great potential for improvements. Charly, for

example, can establish an additional sales channel by adding the use of a spare part marketplace,

while fundamentally changing the business process.

Level 3 – Innovation of products and services: The level that is surely most demanding

considers innovations on the product and service level. The most prominent example today are the

countless smart phone apps provided as product supplements. Automakers couple these with their

vehicles, thus changing the product.

The field of responsibility of the IT-based innovation management module includes identifying

areas of potential, engaging in dialogue with the business, and initiating and supporting

innovations. Because the innovation process takes place in several steps, the complexity of the

associated problems increases. Therefore, introducing IT-based innovations is a complex process

that can bring about a radical change in corporate business process. Accordingly, Chapter 6 deals

with the topic of innovation management exclusively and thus begins with this subject. This is

supplemented by Chapter 5, which talks about dealing with changes and thereby supports the

organisation's change process.

ii Johnson, G., Scholes, K., Whittington, R., (2008). Exploring Corporate Strategy, 8th edition, FT Prentice Hall:

Essex. iii Strassmann, P. (1997) What is Alignment? Alignment is the Delivery of the Required Results. The

Squandered Computer, The Information Economics Press, 1997 [taken from:

http://www.strassmann.com/pubs/alignment/]. iv Luftman, N.J. (2003) Measure Your Business-IT Alignment". Optimize: Business Execution for CIOs

Magazine. Issue 26, December. v IT Governance Institute (2007a) Control Objectives for Information and Related Technology (CobiT) 4.1. IT

Governance Institute, Rolling Meadows, IL, http://www.isaca.org/Knowledge-

Center/Research/ResearchDeliverables/Pages/COBIT-4-1.aspx (retrieved on 2011-03-15). vi