Transcription

Services successfully delivered into the live environment cannotdeliver value unless they are managed effectively on a dayto-day basis to ensure that service expectations are met orexceeded. It is here, at the customer interface, that perceptionsabout your performance as a service provider are created.ITIL Service Operation introduces and explains delivery andcontrol activities that support high-quality service operation.Use of the guidance will help to ensure a balanced and flexibleapproach to service provision, setting you firmly on the road toachieving excellence as a service provider.ITIL Service OperationITIL Service Operation2011 editionBESwww.best-management-practice.comNT PRACME9 780113 313075ANAGETMTUCISBN 978-0-11-331307-5E PRODTIC7188 ITIL SO AN Cover V0 3.indd 1-311/07/2011 10:56

Published by TSO (The Stationery Office) and available from:Onlinewww.tsoshop.co.ukMail, Telephone, Fax & E-mailTSOPO Box 29, Norwich, NR3 1GNTelephone orders/General enquiries: 0870 600 5522Fax orders: 0870 600 5533E-mail: [email protected] 0870 240 [email protected] and other Accredited AgentsCustomers can also order publications from:TSO Ireland16 Arthur Street, Belfast BT1 4GDTel 028 9023 8451 Fax 028 9023 5401 Crown Copyright 2011This is a Crown copyright value added product, reuse of which requires a Licence from the Cabinet OfficeApplications to reuse, reproduce or republish material in this publication should be sent to The Efficiency & Reform Group Service Desk,Cabinet Office, Rosebery Court, St Andrews Business Park, Norwich, Norfolk NR7 0HS Tel No: ( 44) (0)845 000 4999,E-mail: [email protected] or complete the application form on the Cabinet Office website, Licensing section.Copyright in the typographical arrangement and design is vested in The Stationery Office Limited. Applications for reproduction should bemade in writing to The Stationery Office Limited, St Crispins, Duke Street, Norwich, NR3 1PD.The Swirl logo is a trade mark of the Cabinet OfficeITIL is a registered trade mark of the Cabinet OfficePRINCE2 is a registered trade mark of the Cabinet OfficeM o R is a registered trade mark of the Cabinet OfficeP3O is a registered trade mark of the Cabinet OfficeMSP is a registered trade mark of the Cabinet OfficeMoV is a trade mark of the Cabinet OfficeMoP is a trade mark of the Cabinet OfficeThe OGC Official Product endorsement logo is a trade mark of the Cabinet OfficeOGC (former owner of Best Management Practice) and its functions have moved into the Cabinet Office part of HM Government –www.cabinetoffice.gov.ukFirst edition Crown Copyright 2007Second edition Crown Copyright 2011First published 2011ISBN 9780113313075Printed in the United Kingdom for The Stationery OfficeMaterial is FSC certified and produced using ECF pulp, sourced from fully sustainable forests.P002425502 c70 07/11 19585 1246812468 00 Prelims.indd 212/7/11 14:27:36

ContentsList of figuresviList of troduction11.1 Overview31.2 Context5231.3 ITIL in relation to other publicationsin the Best Management Practiceportfolio724.3 Request fulfilment864.4 Problem management974.5 Access management110Common service operationactivities1195.1 Monitoring and control1225.2 IT operations1325.3 Server and mainframe managementand support1365.4 Network management13775.5 Storage and archive1381.4 Why is ITIL so successful?95.6 Database administration1391.5 Chapter summary95.7 Directory services management1395.8 Desktop and mobile device support1405.9 Middleware management1405.10 Internet/web management1415.11 Facilities and data centremanagement1415.12 Operational activities of processescovered in other lifecycle stages1435.13 Improvement of operationalactivities150Service management as a practice112.1 Services and service management132.2 Basic concepts202.3 Governance and managementsystems252.4 The service lifecycle28Service operation principles333.1 Service operation fundamentals353.2 Achieving balance in serviceoperationOrganizing for service operation151396.1 Organizational development1533.3 Providing good service466.2 Functions1536.3 Service desk function1576.4 Technical management function17063.4 Operation staff involvement in otherservice lifecycle stages463.5 Operational health483.6 Communication493.7 Documentation523.8 Service operation inputs and outputs 52454.2 Incident managementService operation processes554.1 Event management5812468 00 Prelims.indd 36.5 IT operations management function 1756.6 Application management function1796.7 Roles1916.8 Responsibility model – RACI2036.9 Competence and training20412/7/11 14:27:36

iv Contents786.10 Service operation organizationstructures205Technology considerationsA.8 ISO standards and publicationsfor IT248215A.9 ITIL and the OSI framework2487.1 Generic requirements217A.10 Programme and projectmanagement2497.2 Event management219A.11 Organizational change2497.3 Incident management2197.4 Request fulfilment2207.5 Problem management2207.6 Access management2217.7 Service desk221Implementation of serviceoperation2258.1 Managing change in serviceoperationAppendix B: Communication in serviceoperation253227B.1 Routine operational communication 2558.2 Service operation and projectmanagement2278.3 Assessing and managing risk in serviceoperation2288.4 Operational staff in service designand transition8.5 Planning and implementing servicemanagement technologies2282289 Challenges, risks and critical successfactors2319.1 Challenges2339.2 Critical success factors2359.3 Risks237A.12 Skills Framework for the InformationAge250A.13 Carnegie Mellon: CMMI and eSCMframework250A.14 Balanced scorecard250A.15 Six Sigma251B.2 Communication between shifts255B.3 Performance reporting255B.4 Communication in projects257B.5 Communication related to changes258B.6 Communication related toexceptions258B.7 Communication related toemergencies260B.8 Global communications262B.9 Communication with users andcustomers263Appendix C: Kepner and Tregoe265C.1 Defining the problem267C.2 Describing the problem267Afterword239Appendix A: Related guidance243C.3 Establishing possible causes267A.1 ITIL guidance and web services245C.4 Testing the most probable cause267A.2 Quality management system245C.5 Verifying the true cause267A.3 Risk management246A.4 Governance of IT246A.5 COBIT246A.6 ISO/IEC 20000 service managementseries247A.7 Environmental management andgreen/sustainable IT12468 00 Prelims.indd 4247Appendix D: Ishikawa diagrams269Appendix E: Considerations for facilitiesmanagement273E.1 Building management275E.2 Equipment rooms275E.3 Power management27712/7/11 14:27:36

Contents E.4 Environmental conditioning andalert systems277E.5 Safety279E.6 Physical access control279E.7 Shipping and receiving279E.8 Involvement in suppliermanagement279E.9 Maintenance280E.10 Office environments280Appendix F: Physical access control281Appendix G: Risk assessment andmanagement287G.1 Definition of risk and riskmanagement289G.2 Management of Risk (M o R)289G.3 ISO 31000290G.4 ISO/IEC 27001291G.5 Risk IT292Appendix H: Pareto analysis295Appendix I: Examples of inputs andoutputs across the service lifecycle299References and further reading303Abbreviations and glossary307Index35112468 00 Prelims.indd 5v12/7/11 14:27:37

List of figuresFigure 1.1The ITIL service lifecycleFigure 1.2ITIL’s relationship with otherBestManagement Practice guidesFigure 2.1Figure 2.2Figure 2.338Conversation about the definitionand meaning of services14Logic of value creation throughservices18Sources of service managementpractice19Figure 4.5Example of an incident-matchingprocedure81Figure 4.6Request fulfilment process flow90Figure 4.7Problem management process flow 102Figure 4.8Examples of data and informationin the service knowledgemanagement system108Figure 4.9Access management process flow112Figure 5.1Achieving maturity intechnology management121Figure 5.2The monitor control loop123Figure 2.4Examples of capabilities and resources 21Figure 2.5Process model21Figure 2.6The service portfolio andits contentsFigure 5.3Complex monitor control loop12425Figure 5.4The ITSM monitor control loop126Figure 2.7Architectural layers of an SKMS26Figure 6.1Service operation functions155Figure 2.8Plan-Do-Check-Act cycle27Figure 6.2Local service desk159Figure 2.9Integration across the servicelifecycle30Figure 6.3Centralized service desk160Figure 6.4Virtual service desk161Figure 6.5Application management lifecycle181Figure 6.6Role of teams in the applicationmanagement lifecycle188Figure 2.10 Continual service improvement andthe service lifecycleFigure 3.1Figure 3.2Figure 3.3Examples of service requestslinked to IT servicesRelationship between a service,service request, request modeland request for changeAchieving a balance betweenexternal and internal focus31363739Figure 6.7IT operations organized accordingto technical specialization (sample) 206Figure 6.8A department based onexecuting a set of activities208IT operations organizedaccording to geography210Figure 6.9Achieving a balance between focuson stability and responsiveness41Figure 3.5Balancing service quality and cost43Figure 3.6Achieving a balance betweenfocus on cost and qualityFigure 6.10 Centralized IT operations,technical and applicationmanagement structure44Figure D.1Figure 3.4Figure 3.7Achieving a balance between being too45reactive or too proactiveFigure 4.1Relationship between events forphysical infrastructure CIs, servicesand business processes62Figure 4.2The event management processFigure 4.3Figure 4.412468 00 Prelims.indd 6Sample of starting anIshikawa diagram212271Figure D.2 Sample of a completedIshikawa diagram272Figure G.1290The M o R framework64Figure G.2 ISO 31000 risk managementprocess flow291Incident management process flow77Figure G.3 ISACA Risk IT process framework293Multi-level incident categorization78Figure H.1Important versus trivial causes29812/7/11 14:27:37

List of tablesTable 2.1Table 3.1The processes described ineach core ITIL publication28Examples of extreme internal andexternal focus40Table 3.2 Examples of extreme focuson stability and responsiveness42Table 3.3 Examples of extreme focuson quality and cost45Table 3.4Table 3.5Table 4.1Examples of extremely reactiveand proactive behaviour47Service operation inputs andoutputs by lifecycle stage53Simple priority coding system79Table 4.2 Problem situations and themost useful techniques foridentifying root causesTable 5.1Table 6.1Active and passive reactive andproactive monitoring129Survey techniques and tools167187Table 6.3 An example of a simple RACImatrix204Communication requirementsin IT services255Table B.2 Communication requirementsbetween shifts256Table B.3 Performance reportingrequirements: IT service256Table B.4 Performance reportingrequirements: service operationteam or department257Table B.5 Performance reportingrequirements: infrastructureor process258Table B.6 Project team communications259Table B.7 Communication about changes260Table B.8 Communication duringexceptions26112468 00 Prelims.indd 7262Table B.10 Global communications263Table B.11 Communication with usersand customers264Table F.1Access control devicesTable H.1 Pareto cause ranking chart284297101Table 6.2 Application development versusapplication managementTable B.1Table B.9 Communication duringemergencies12/7/11 14:27:37

ForewordBack in the 1980s no one truly understood ITservice management (ITSM), although it wasclear that it was a concept that needed to beexplored. Hence a UK government initiative wasinstigated and ITIL was born. Over the years,ITIL has evolved and, arguably, is now the mostwidely adopted approach in ITSM. It is globallyrecognized as the best-practice framework. ITIL’suniversal appeal is that it continues to provide aset of processes and procedures that are efficient,reliable and adaptable to organizations of allsizes, enabling them to improve their own serviceprovision.In the modern world the concept of havinga strategy to drive the business forward withadequate planning and design transitioning intoday-to-day operation is compelling. Once serviceshave been transitioned into the live environmentthey need to be monitored, controlled andreviewed as part of service operation. Whenthings go wrong, there should be robust processesin place to record, resolve and ensure that theydo not re-occur. The aim of service operation isto ensure that the live operational environmentruns as smoothly as possible. Business users andcustomers interact directly with the operationalservices and any problems here can have a directimpact on their perception of your business andultimately to your reputation. In that respectservice operation is the most visible part of theservice lifecycle. However, it is important thatservice operation does not drive the lifecycle.Good operational services have been throughthe stages of strategy, design and transition, andhave captured the appropriate metrics in order tomaintain the levels of service required.There is an associated qualification scheme so thatindividuals can demonstrate their understandingand application of the ITIL practices. So whetheryou are starting out or continuing along the ITILpath, you are joining a legion of individuals andorganizations who have recognized the benefits ofgood quality service and have a genuine resolve toimprove their service level provision.ITIL is not a panacea to all problems. It is, however,a tried and tested approach that has been provento work.I wish you every success in your servicemanagement journey.Frances ScarffHead of Best Management PracticeCabinet OfficeThe principles contained within ITIL ServiceOperation have been proven countless times in thereal world. We encourage feedback from businessand the ITSM community, as well as other expertsin the field, to ensure that ITIL remains relevant.This practice of continual service improvement isone of the cornerstones of the ITIL framework andthe fruits of this labour are here bef