The eight ITIL version 2 books and their disciplines are:
The IT Service Management sets
1. Service Support
2. Service Delivery
Other operational guidance
3. ICT Infrastructure Management
4. Security Management
5. The Business Perspective
6. Application Management
7. Software Asset Management
To assist with the implementation of ITIL practices a further book was published providing guidance on implementation (mainly of Service Management):
8. Planning to Implement Service Management
And this has more recently been supplemented with guidelines for smaller IT units, not included in the original eight publications:
9. ITIL Small-Scale Implementation
1. Service Support
The Service Support ITIL discipline focuses on the User of the ICT services and is primarily concerned with ensuring that they have access to the appropriate services to support the business functions.
To a business, customers and users are the entry point to the process model.
They get involved in service support by:
The service desk functions as the single contact-point for end-users’ incidents. Its first function is always to “create” an incident. If there is a direct solution, it attempts to resolve the incident at the first level. If the service desk cannot solve the incident then it is passed to a 2nd/3rd level group within the incident management system. Incidents can initiate a chain of processes: Incident Management, Problem Management, Change Management, Release Management and Configuration Management. This chain of processes is tracked using the Configuration Management Database (CMDB), which records each process, and creates output documents for traceability (Quality Management).
Service Desk / Service Request Management
Tasks include handling incidents and requests, and providing an interface for other ITSM processes. Features include:
Primary functions of the Service Desk include:
The Service Desk function can have various names, such as:
The three types of structure for consideration:
Local Service Desk: to meet local business needs – practical only until multiple locations requiring support services are involved
Central Service Desk: for organizations having multiple locations – reduces operational costs and improves usage of available resources
Virtual Service Desk: for organizations having multi-country locations – can be situated and accessed from anywhere in the world due to advances in network performance and telecommunications, reducing operational costs and improving usage of available resources
Incident Management aims to restore normal service operation as quickly as possible and minimize the adverse effect on business operations, thus ensuring that the best possible levels of service-quality and -availability are maintained. ‘Normal service operation’ is defined here as service operation within Service Level Agreement (SLA) limits.
Incident Management can be defined as :
An ‘Incident’ is any event which is not part of the standard operation of the service and which causes, or may cause, an interruption or a reduction of the quality of the service.
The objective of Incident Management is to restore normal operations as quickly as possible with the least possible impact on either the business or the user, at a cost-effective price.
Main article: Incident Management (ITSM)
Problem Management aims to resolve the root causes of incidents and thus to minimize the adverse impact of incidents and problems on business that are caused by errors within the IT infrastructure, and to prevent recurrence of incidents related to these errors. A `problem’ is an unknown underlying cause of one or more incidents, and a `known error’ is a problem that is successfully diagnosed and for which either a work-around or a permanent resolution has been identified. The CCTA defines problems and known errors as follows
A problem is a condition often identified as a result of multiple incidents that exhibit common symptoms. Problems can also be identified from a single significant incident, indicative of a single error, for which the cause is unknown, but for which the impact is significant.
A known error is a condition identified by successful diagnosis of the root cause of a problem, and the subsequent development of a work-around.
Problem management differs from incident management. The principal purpose of problem management is to find and resolve the root cause of a problem and prevention of incidents; the purpose of incident management is to return the service to normal level as soon as possible, with smallest possible business impact.
The problem-management process is intended to reduce the number and severity of incidents and problems on the business, and report it in documentation to be available for the first-line and second line of the help desk. The proactive process identifies and resolves problems before incidents occur. Such processes include:
Providing information to the organization
The Error Control Process iteratively diagnoses known errors until they are eliminated by the successful implementation of a change under the control of the Change Management process.
The Problem Control Process aims to handle problems in an efficient way. Problem control identifies the root cause of incidents and reports it to the service desk. Other activities are:
A technique for identifying the root cause of a problem is to use an Ishikawa diagram, also referred to as a cause-and-effect diagram, tree diagram, or fishbone diagram. Alternatively, a formal Root Cause Analysis method such as Apollo Root Cause Analysis can be implemented and used to identify causes and solutions. An effective root cause analysis method and/or tool will provide the most effective/efficient solutions to address problems in the Problem Management process.
Change Management aims to ensure that standardised methods and procedures are used for efficient handling of all changes,
Main article: Change Management (ITSM)
A change is “an event that results in a new status of one or more configuration items (CI’s)” approved by management, cost effective, enhances business process changes (fixes) – with a minimum risk to IT infrastructure.
The main aims of Change Management include:
Change Management Terminology
Change: the addition, modification or removal of CIs
Change Request (CR): form used to record details of a request for a change and is sent as an input to Change Management by the Change Requestor
Forward Schedule of Changes (FSC): schedule that contains details of all forthcoming Changes..
Release Management is used by the software migration team for platform-independent and automated distribution of software and hardware, including license controls across the entire IT infrastructure. Proper software and hardware control ensures the availability of licensed, tested, and version-certified software and hardware, which functions as intended when introduced into existing infrastructure. Quality control during the development and implementation of new hardware and software is also the responsibility of Release Management. This guarantees that all software meets the demands of the business processes.
The goals of release management include:
Release management focuses on the protection of the live environment and its services through the use of formal procedures and checks.
A Release consists of the new or changed software and/or hardware required to implement approved changes.
Release categories include:
Releases can be divided based on the release unit into:
Configuration Management is a process that tracks all individual Configuration Items (CI) in a system.
2. Service Delivery
The Service Delivery discipline concentrates on the proactive services the ICT must deliver to provide adequate support to business users. It focuses on the business as the customer of the ICT services (compare with: Service Support). The discipline consists of the following processes, explained in subsections below:
Service Level Management
Service Level Management provides for continual identification, monitoring and review of the levels of IT services specified in the service level agreements (SLAs). Service Level Management ensures that arrangements are in place with internal IT Support-Providers and external suppliers in the form of Operational Level Agreements (OLAs) and Underpinning Contracts (UCs). The process involves assessing the impact of change upon service quality and SLAs. The service level management process is in close relation with the operational processes to control their activities. The central role of Service Level Management makes it the natural place for metrics to be established and monitored against a benchmark.
Service Level Management is the primary interface with the customer (as opposed to the user serviced by the Service Desk). Service Level Management is responsible for:
The Service Level Manager relies on the other areas of the Service Delivery process to provide the necessary support which ensures the agreed services are provided in a cost-effective, secure and efficient manner.
Capacity Management supports the optimum and cost-effective provision of IT services by helping organizations match their IT resources to business demands. The high-level activities include:
IT Service Continuity Management
IT Service Continuity management covers the processes by which plans are put in place and managed to ensure that IT Services can recover and continue should a serious incident occur. It is not just about reactive measures, but also about proactive measures – reducing the risk of a disaster in the first instance.
Continuity management is regarded by the application owners as the recovery of the IT infrastructure used to deliver IT Services, but as of 2009 many businesses practice the much further-reaching process of Business Continuity Planning (BCP), to ensure that the whole end-to-end business process can continue should a serious incident occur (at primary support level).
Continuity management involves the following basic steps:
Availability Management targets allowing organisations to sustain the IT service-availability to support the business at a justifiable cost. The high-level activities are Realise Availability Requirements, Compile Availability Plan, Monitor Availability, and Monitor Maintenance Obligations.
Availability Management addresses the ability of an IT component to perform at an agreed level over a period of time.
Reliability: Ability of an IT component to perform at an agreed level at described conditions.
Maintainability: The ability of an IT component to remain in, or be restored to an operational state.
Serviceability: The ability for an external supplier to maintain the availability of component or function under a third-party contract.
Resilience: A measure of freedom from operational failure and a method of keeping services reliable. One popular method of resilience is redundancy.
Security: A service may have associated data. Security refers to the confidentiality, integrity, and availability of that data. Availability gives a clear overview of the end-to-end availability of the system.
Financial Management for IT Services
Main article: Financial Management
IT Financial Management comprises the discipline of ensuring that the IT infrastructure is obtained at the most effective price (which does not necessarily mean cheapest) and calculating the cost of providing IT services so that an organisation can understand the costs of its IT services. These costs may then be recovered from the customer of the service. this is the 2nd component of service delivery process.
3. ICT Infrastructure Management
ICT Infrastructure Management processes recommend best practice for requirements analysis, planning, design, deployment and ongoing operations management and technical support of an ICT Infrastructure. (“ICT” is an acronym for “Information and Communication Technology”.)
The Infrastructure Management processes describe those processes within ITIL that directly relate to the ICT equipment and software that is involved in providing ICT services to customers.
These disciplines are less well understood than those of Service Management and therefore often some of their content is believed to be covered ‘by implication’ in Service Management disciplines.
ICT Design and Planning
ICT Design and Planning provides a framework and approach for the Strategic and Technical Design and Planning of ICT infrastructures. It includes the necessary combination of business (and overall IS) strategy, with technical design and architecture. ICT Design and Planning drives both the Procurement of new ICT solutions through the production of Statements of Requirement (“SOR”) and Invitations to Tender (“ITT”) and is responsible for the initiation and management of ICT Programmes for strategic business change. Key Outputs from Design and Planning are:
ICT Deployment Management
ICT Deployment provides a framework for the successful management of design, build, test and roll-out (deploy) projects within an overall ICT programme. It includes many project management disciplines in common with PRINCE2, but has a broader focus to include the necessary integration of Release Management and both functional and non functional testing.
ICT Operations Management
ICT Operations Management provides the day-to-day technical supervision of the ICT infrastructure. Often confused with the role of Incident Management from Service Support, Operations has a more technical bias and is concerned not solely with Incidents reported by users, but with Events generated by or recorded by the Infrastructure. ICT Operations may often work closely alongside Incident Management and the Service Desk, which are not-necessarily technical, to provide an ‘Operations Bridge’. Operations, however should primarily work from documented processes and procedures and should be concerned with a number of specific sub-processes, such as: Output Management, Job Scheduling, Backup and Restore, Network Monitoring/Management, System Monitoring/Management, Database Monitoring/Management Storage Monitoring/Management. Operations are responsible for:
ICT Technical Support
ICT Technical Support is the specialist technical function for infrastructure within ICT. Primarily as a support to other processes, both in Infrastructure Management and Service Management, Technical Support provides a number of specialist functions: Research and Evaluation, Market Intelligence (particularly for Design and Planning and Capacity Management), Proof of Concept and Pilot engineering, specialist technical expertise (particularly to Operations and Problem Management), creation of documentation (perhaps for the Operational Documentation Library or Known Error Database). There are different levels of support under the ITIL structure, these being primary support level, secondary support level and tertiary support level, higher-level administrators being responsible for support at primary level.
4. Security Management
Main article: ITIL Security Management
The ITIL-process Security Management describes the structured fitting of information security in the management organization. ITIL Security Management is based on the code of practice for information security management now known as ISO/IEC 27002.
A basic goal of Security Management is to ensure adequate information security. The primary goal of information security, in turn, is to protect information assets against risks, and thus to maintain their value to the organization. This is commonly expressed in terms of ensuring their confidentiality, integrity and availability, along with related properties or goals such as authenticity, accountability, non-repudiation and reliability.
Mounting pressure for many organizations to structure their Information Security Management Systems in accordance with ISO/IEC 27001 requires revision of the ITIL v2 Security Management volume, and indeed a v3 release is in the works.
5. The Business Perspective
ITIL gives the name “The Business Perspective” to the collection of best practices that is suggested to address some of the issues often encountered in understanding and improving IT service provision, as a part of the entire business requirement for high IS quality management.
These issues are:
This volume is related to the topics of IT Governance and IT Portfolio Management.
6. Application Management
ITIL Application Management set encompasses a set of best practices proposed to improve the overall quality of IT software development and support through the life-cycle of software development projects, with particular attention to gathering and defining requirements that meet business objectives.
This volume is related to the topics of Software Engineering and IT Portfolio Management.
7. Software Asset Management
Software Asset Management (SAM) is the practice of integrating people, processes and technology to allow software licenses and usage to be systematically tracked, evaluated and managed. The goal of SAM is to reduce IT expenditures, human resource overhead and risks inherent in owning and managing software assets.
SAM represents the software component of IT asset management. This includes hardware asset management because effective hardware inventory controls are critical to efforts to control software. This means overseeing software and hardware that comprise an organization’s computers and network.
8. Planning to implement service management
Main article: ITIL Planning to implement service management
The ITIL discipline – Planning To Implement Service Management attempts to provide practitioners with a framework for the alignment of business needs and IT provision requirements. The processes and approaches incorporated within the guidelines suggest the development of a Continuous Service Improvement Program (CSIP) as the basis for implementing other ITIL disciplines as projects within a controlled program of work. Planning To Implement Service Management focuses mainly on the Service Management processes, but also applies generically to other ITIL disciplines. Components include:
9. Small-Scale Implementation
ITIL Small-Scale Implementation provides an approach to ITIL framework implementation for smaller IT units or departments. It is primarily an auxiliary work that covers many of the same best practice guidelines as Planning To Implement Service Management, Service Support, and Service Delivery but provides additional guidance on the combination of roles and responsibilities, and avoiding conflict between ITIL priorities.
Overview of the ITIL v3 library
Five volumes comprise the ITIL v3, published in May 2007:
1. ITIL Service Strategy
2. ITIL Service Design
3. ITIL Service Transition
4. ITIL Service Operation
5. ITIL Continual Service Improvement
As the center and origin point of the ITIL Service Lifecycle, the ITIL Service Strategy volume provides guidance on clarification and prioritization of service-provider investments in services. More generally, Service Strategy focuses on helping IT organizations improve and develop over the long term. In both cases, Service Strategy relies largely upon a market-driven approach. Key topics covered include service value definition, business-case development, service assets, market analysis, and service provider types. List of covered processes:
The ITIL Service Design volume provides good-practice guidance on the design of IT services, processes, and other aspects of the service management effort. Significantly, design within ITIL is understood to encompass all elements relevant to technology service delivery, rather than focusing solely on design of the technology itself. As such, Service Design addresses how a planned service solution interacts with the larger business and technical environments, service management systems required to support the service, processes which interact with the service, technology, and architecture required to support the service, and the supply chain required to support the planned service. Within ITIL v2, design work for an IT service is aggregated into a single Service Design Package (SDP). Service Design Packages, along with other information about services, are managed within the service catalogs. List of covered processes:
Service transition, as described by the ITIL Service Transition volume, relates to the delivery of services required by a business into live/operational use, and often encompasses the “project” side of IT rather than “BAU” (Business as usual). This area also covers topics such as managing changes to the “BAU” environment.
List of processes:
Best practice for achieving the delivery of agreed levels of services both to end-users and the customers (where “customers” refer to those individuals who pay for the service and negotiate the SLAs). Service operation, as described in the ITIL Service Operation volume, is the part of the lifecycle where the services and value is actually directly delivered. Also the monitoring of problems and balance between service reliability and cost etc are considered. The functions include technical management, application management, operations management and Service Desk as well as, responsibilities for staff engaging in Service Operation.
Continual Service Improvement (CSI)
Aligning and realigning IT services to changing business needs (because standstill implies decline).
Continual Service Improvement, defined in the ITIL Continual Service Improvement volume, aims to align and realign IT Services to changing business needs by identifying and implementing improvements to the IT services that support the Business Processes. The perspective of CSI on improvement is the business perspective of service quality, even though CSI aims to improve process effectiveness, efficiency and cost effectiveness of the IT processes through the whole lifecycle. To manage improvement, CSI should clearly define what should be controlled and measured.
CSI needs to be treated just like any other service practice. There needs to be upfront planning, training and awareness, ongoing scheduling, roles created, ownership assigned,and activities identified to be successful. CSI must be planned and scheduled as process with defined activities, inputs, outputs, roles and reporting.
Primary Source: Wikipedia