Berat Kaya

What is ITIL Service Strategy?

ITIL Service Strategy helps organizations understand the merits of using a market-driven approach. To succeed organizations must deliver and support services and products that their customers need. Service Strategy helps them to do this by encouraging a practice of service management for managing IT services.
No organization acts in a vacuum. Customers always have alternatives. Even government and nonprofits where social services compete for tax dollars and contributions.
Competitive forces demand that an IT organization do its job better than the alternatives. What service strategy is about is positioning your organization as non-optional.
Service Strategy process areas include:

service portfolio management
financial management for IT services
demand management
business relationship management
strategy management for IT services

Service Portfolio Management

Service portfolio management (SPM) is a means by which you can dynamically and transparently govern resource investment. The goal of SPM is to maximize value to the business while managing risks and costs. We do this by ensuring that the content of the service portfolio is in line with the organization’s service management strategy.
In cooperation with the change management process it evaluates proposed services. As well as major changes to existing services.
Service Portfolio Management is a cradle to grave process.
It monitors services in the pipeline. First as they proceed through funding, then through design, development, testing, and deployment. Once operational it monitors to ensure we are achieving expected returns. And finally, when the service has reached the end of its useful life, it works with Service Transition processes to ensure an orderly retirement and preservation of essential records and assets.

Financial Management for IT Service

Financial management for IT services ensures we track and associate IT investment and spending with the services provided.
Why do we need to do this? We want to deliver the best quality service at the lowest possible cost. We want to create business value and increase the opportunity to take on extra projects that result in even greater value to the business.
The three major activities which take place within financial management for IT services are:

Accounting
Budgeting
Charging

(the “ABCs” of financial management).
Accounting involves applying cost accounting principles to IT spending. We do this to answer the question, “What does it cost to provide each service?”
We use Budgeting to show the funding required to support the defined services at a given level of business activity. The budget assures that IT Service Management will have adequate funding to deliver promised services.
Charging is the process of assuring that IT Service Management will “capture” value. That is, that the consumers of services are aware of the cost of providing services to them.
Financial Management for IT is one of five components in the ITIL Service Delivery area. It determines the costs of services and provides financial accounting support to ensure expenditures fall within approved plans and that funds are well-spent.
The role of Financial Management varies depending upon the view of IT within the company. Some companies view IT as an expense center, some as a profit center, and some as a cost-recovery center. However, in all cases, Financial Management supports the "business" of IT.
Financial Management activities include:

Providing oversight of all IT expenditures
Ensuring funds are available for planned events
Providing detailed financial information for proposed initiatives
Influencing the use of IT assets to maximize the return on IT investments through chargeback systems
Tracking current expenditures against the budget

WHY SHOULD I IMPLEMENT FINANCIAL MANAGEMENT?

Financial Management processes allow you to:

Plan and predict IT expenditures required to maintain or improve services
Ensure expenditures fall within approved plan guidelines and that money is well-spent
Assist senior management in understanding the ongoing total cost of a proposed IT initiative
Promote a better understanding of the costs associated with providing specific services
Foster an environment of control to ensure IT services are effectively and efficiently used

Financial Management has close ties to Service Level Management, Capacity Management, and Configuration Management areas, as well as the Corporate Finance Department.

ITIL Demand Management 101

At some point during the service design or service strategy phase, someone may ask what services your organization actually needs and uses. Or perhaps the statement of work is coming up for renewal, requiring a new service level agreement (SLA). Reevaluating your services is also important when an organization has been financially burdened by inadequately planning for an influx of tickets or service usage. To determine "how much" service is enough, decisions should be based on data rather than gut feeling. Fortunately, ITIL has defined the IT service management strategies needed to identify, analyze, and plan for changes in usage patterns.

This process is called demand management.

What is ITIL Demand Management?

ITIL Demand Management helps a business understand and predict customer demand for services. Every business is subject to cyclical behavior. This means that demand for services can grow or shrink with the business cycle. In deciding whether to provide a service, IT Service Management must understand the patterns of business activity (PBAs) related to the service. While it is important to avoid having inadequate capacity, excess capacity is also a business risk, involving expense which typically cannot be recovered, since customers cannot be expected to pay for capacity they are not using.
PBAs are typically thought of in terms of transaction volumes. ITIL suggests other factors be considered as well, such as the source of the demand, special needs such as enhanced security, and tolerance for delay. The job of demand management is to identify appropriate PBAs and to associate them with user profiles (UPs). This becomes important input to the capacity management process in the Service Design lifecycle phase.
According to ITIL, the purpose of demand management is to understand, anticipate, and influence customer demand for services. As a process, it is part of the ITIL service strategy stage of the ITIL lifecycle. Service strategy determines which services to offer to prospective customers or markets. The decisions that are made in the service strategy stage affect the service catalog, the business processes, the service desk, the required capacity, and the financial requirements of the service provider.

As part of the service strategy stage, demand management rationalizes and optimizes the use of IT resources. It ensures that the amount of technical and human resources that has been budgeted matches the expected demand for the service. If the prediction is too low, the agreed-upon service levels may not be delivered. If the predictions are too high, resources will have been allocated to a service that will not be used (or paid for). Demand management bridges the gap between service design, capacity management, and business relationship management to ensure that the predictions are accurate.

Demand management is a process within ITIL that is more supportive of other processes than a self-contained process. Unlike incident management, for example, the activities inside demand management are not visible to the customer. When service demand is not properly balanced, it affects nearly every part of the ITIL lifecycle.

Demand Management Roles

Like every process within the ITIL framework, demand management has a chain of responsibility and ownership. Here, the owners are called business relationship managers. Business relationship management creates and grows the connection between the customer and the service provider.

Demand Management Objectives and Activities

The purpose of demand management is to detect and influence the demand that customers have on IT services. This process involves three main actions:

Analyzing current customer usage of IT services: The easiest way to do this is to analyze service desk data regarding incidents, requests, and problems. Network usage and uptime can be measured via a service dashboard, such as the kind used in a network operations center (NOC) environment.
Anticipating future customer demands for IT services: Here, the business relationship manager comes into play. He or she may speak with the customer directly about forecasted needs, will analyze trends in usage or tickets, and will make educated projections about future usage based on similar customers trends.
Influencing consumption as necessary by financial or technical means: For example, if a customer uses more service than anticipated in the SLA, a service provider may charge fees for the excessive consumption to offset the costs of the unforeseen demand. Demand management also makes sure that the appropriate costs are included in the service design. Formally, this involves two processes:

Demand Prognosis

In demand prognosis, the business relationship manager analyzes IT service consumption. This individual will also forecast future consumption based on known information, such as consumption trends and service-quality feedback from the customer. Sometimes, the customer will directly indicate when more capacity or a great number of services are needed. In ITIL, this is called the Pattern of Business Activity (PBA). According to ITIL, the PBA is a workload profile of one or more business activities that helps service providers establish usage patterns.

The pattern of business activity measures the following aspects of customer service usage:

Frequency
Volume
Duration
Location

The duration of usage is how long the pattern of business usage lasts. Does peak database usage occur only during business hours, for example, or only during certain months? How long ago did the increase or decrease in usage begin?

The volume of usage is the amount of activity. For example, this could be the number of transactions processed or a service desk ticket number. Volume can increase or decrease.

The frequency of usage is how often the volume of usage occurs.

The location of usage is where the business usage occurred. Is it in the service desk or the sales department, for example?

The PBA also includes a user profile, which is a pattern of service usage that is tied to a type of user. For example, developers may have a higher database usage pattern than business users.

Demand Control

Demand control is the way that providers control IT service consumption. This can be done through technical means (such as network throttling) or financial means (such as increased charges for usage higher than the agreed-upon levels). The control is implemented until the capacity for greater demand is implemented into the service catalog.

Developing differentiated offerings and service packages also controls demand. Differentiated offerings and service packages control demand and cost while providing the customer with the services they use and value most.

The ITIL Demand Management Communication Flow

Unlike other processes within the ITIL lifecycle, demand management relies on communication between different processes rather than on a self-contained set of procedures. Unlike some other processes, demand management interfaces with the other service strategy lifecycle processes. On one side, demand management receives customer feedback from the business relationship manager and the PBA. On the other side, demand management informs many other processes based on the information obtained and the conclusions drawn.

Demand management is seen in service strategy when the pattern of business activity is used alongside service portfolio management to invest in new services and increased capacity.

It is seen in service transition when the data collected is used to validate that the new service catalog meets the projected needs of the pattern of business activity.

It is used in service operation as the end point for feedback from the service desk. The service desk detects trends in service usage and sends that information to demand management, which alerts capacity management to increase or decrease resources as needed.

Finally, demand management is seen in continual service improvement (CSI) when the data from demand management and the PBA is used to proactively improve services based on usage forecasts.

Why is ITIL Demand Management So Important?

Demand management is essential for one simple reason: It is impossible to adequately plan for and meet service demands based on gut check alone. Predicting how much service will increase based on what you think you remember about current demand versus the demand of other similar customers results in inaccurate data at best and expensive overstaffing at worst. Accurate planning requires analyzing the data gathered and client feedback, as seen in the demand prognosis process. Inaccurate estimates have negative impacts on:

SLA metrics
KPIs
Customer satisfaction
Financial management
Incident management
Business relationship management
Service strategy

Poorly managed service demand is a huge risk for organizations. Inadequately planning for increases in service usage could mean missed service levels and poor service quality across the entire service catalog. For businesses, that could mean anything from financial implications to lost business altogether.

Related ITIL Stages and Processes

Demand management interfaces with many ITIL processes. As a part of service strategy stage, it is closely aligned with service portfolio management, financial management for IT services, and business relationship management. This is because the question of "how much" service is enough is integral to those processes. In financial management, for example, the question of how much of a service to provide directly impacts the IT budget and the costs passed on to the service customer. In service portfolio management, demand directly impacts which services are offered in the customer service catalog. service operations is thus also impacted, since it relies on the service catalog for its range of services, as well as on the associated capacity and asset management of operations.

Demand management is a small but important component within ITIL. Getting demand management wrong impacts the entire organization and the services rendered. Read on to learn about the other processes within service strategy.

Business Relationship Management

process ensures good relationship between service provider and the customer. It is generally achieved by identifying, understanding, and supporting customer’s need and appropriate services are developed to meet those needs.

ITIL business relationship management works closely with service portfolio management and strategy management. It helps IT services to inform and implement the strategy and service selection.
Participants in this process seek to form a relationship with customers to understand their needs for service. This involves:

ensuring that services provided are delivering the value expected by the customer
understanding the customer’s environment well enough to identify opportunities for new services or new applications of existing services
being aware of changes in the customer’s business environment which may impact service needs

The most important key performance indicator (KPI) for business relationship management is customer satisfaction.

Strategy Management for IT Services

ITIL strategy management for IT services seeks to enable IT Service Management to become a strategic asset to the organization. It’s not enough to align IT with the business; IT should also integrate with the business.
Any service provider, to be successful, must have a thorough understanding of the market space in which they operate. They must know what their strengths and weaknesses as a provider are, as well as what opportunities are available. Strategy management for IT services seeks to answer questions such as the following:

Who are our customers?
What business outcomes do they need?
How do the services we provide support those outcomes?
How can we position ourselves to be the only logical provider of these services?
What market spaces do we operate in?
Are there ways to expand our current service offerings into new markets?
Are there unmet needs in our current market spaces for which we can develop services?

These are the Strategy Management for IT Services sub-processes and their process objectives:

Strategic Service Assessment

Process Objective: To assess the present situation of the service provider within its current market spaces. This includes an assessment of current service offerings, customer needs and competing offers from other service providers.

Service Strategy Definition

Process Objective: To define the overall goals the service provider should pursue in its development, and to identify what services will be offered to what customers or customer segments, based on the results of the Strategic Service Assessment.

Service Strategy Execution

Process Objective: To define and plan strategic initiatives, and ensure the implementation of those initiatives.

Why Design?

Why bother? Why don’t we let the operation people introduce new services into the Operation stage, as surely they know best what the customer needs? They are there in the trenches all the time, after all. Well, this was done many, many times in the early days of IT Service Management. And it has been recognized as a bad practice. ITIL and ISO/IEC20000 are about good and best practices.
A quick example: a part of a customer’s organization declares a need for a, say, project management system. Their number of projects has risen and they want to manage them more effectively. Operations offers them our in-house solution, which covers our basic needs. It is implemented quickly and after some initial adoption problems it seems to work OK for some time. Later, it starts to show some flaws. The customer needs new functionalities to keep it alive, our development team is cluttered with other projects and can’t help, the database is under-capacitated, GUI is unacceptably slow (remember Utility and Warranty from Service Strategy?), and everyone is disappointed. Parallel to this, our other department was negotiating with a vendor of a similar product which is much more aligned with the customer’s business needs, and is integrated with the existing customer infrastructure. Tough luck.
This is why we need an organized set of skills, knowledge and processes that will help us create efficient, effective services aligned with the big picture.
To be able to do that, Service Design must have in mind the effective and efficient use of the four Ps:

People – human resources involved
Processes – what and how
Products – services, technology and tools
Partners – suppliers, manufacturers and vendors

As a curiosity, it was People, Process and Technology in ITIL V2. It is now enriched with the Products bubble, and in the meantime the need to address suppliers, manufacturers and vendors is recognized.

Principles of Service Design

To form a quick picture about Design, let us walk briefly through its five key aspects:
Designing service solutions – we need a formal iterative approach to create services with the right balance of functionality and cost, on time. Services must be aligned with often-changing business needs. In order to accomplish this, we have to analyze business requirements properly and create a set of Service Acceptance Criteria (SAC) to define and analyze budgets, costs and deadlines. Also, we need to align services with our strategic goals, policies, infrastructure and changing business requirements.
Designing management information systems and tools – ITIL defines quite a few management systems; let me mention the most important: service portfolio, configuration management system (CMS), capacity management information system (CMIS), availability management system (AMS) and security management information system (SMIS). Using and maintaining these systems is the most effective way of managing services. From a Service Design standpoint, the most critical system here is service portfolio, since it supports all processes.
Designing technology and management architectures – This is all about technology architectures and management architectures, the two seemingly opposed approaches that complement each other well. Technology architectures bring in technological competencies, which are bottom-up powered by their nature, and take care of designs, plans and processes – but also their relations to IT policies, strategies and architectures. It is about their relations and interactions. Management architectures introduce a top-down approach, avoiding a technology-driven paradigm and thinking more of business alignment.
Designing processes – The processes model is the one of the most elaborated paradigms in the ITIL world. Processes have their inputs, activities and outputs. Every process has its owner, who is responsible for it. The two words people hear the most and understand the least are effectiveness and efficiency. Effective process produces output according to specifications, and if the result is optimal concerning usage of resources, it is efficient. Simple as that.
Designing measurement methods and metrics – This is a very important area that can be very dependent upon the scope, size goals and objectives of a service. An often-omitted aspect of the metric is the behavioral change of the employees. Quick example: if the main metric in Incident Management is number of open incidents by employee, then people are driven to keep as many of their incidents as possible in some kind of pending status, looking busy. If you change the main metric to the number of resolved incidents, they will tend to grab simpler incidents in order to resolve them quickly. Selecting the simple and obvious metrics will often lead to behavioral changes that are poorly aligned to the strategic and tactical goals of the organization. Process metrics should be aligned with organizational goals, and drilled down to each individual role as in balanced scorecard metrics.

Design processes

Design is a serious business; it defines eight processes, more than any other stage. Key design processes rely on their additional definition from the Strategy stage. Let us mention them only briefly, since most of them will be described in separate posts:

Design Coordination is a new process in ITIL 2011; it acts as the central point of communication and control for all processes in the Design stage. It is in charge of all design activities, and it ensures consistent design of services aligned with Strategy and their proper preparation for Transition.
Service Catalogue Management – management of information about all live services. These are mature operational services, services which are being introduced into operation through Transition, and old services which are in the process of retirement. Provides accurate info to business about services, how and where they are used and which business processes they support.
Service Level Management (SLM) – this is a key Design process. It ensures that all services are delivered according to agreement with the business. It is aligned with other processes emerged from the Service Delivery group, especially Availability and Capacity. The main mission of SLM is to improve communication and understanding of Service Provider and Business.
Availability Management – one of the oldest ITIL service delivery processes. Ensures that the availability of delivered services is in alignment with the agreed levels, in a cost-effective, timely manner.
Capacity Management – another mature process; ensures that IT infrastructure and services meet the agreed requirements in a cost-effective and timely manner. Capacity management spans through all ITIL lifecycles.
IT Service Continuity Management – the IT Service Continuity Management (ITSCM) process is responsible for the alignment of IT services to Business Continuity Management.
Information Security Management (ISM) – ensures that information security policy is aligned with business security. ISM maintains and enforces the security policy.
Supplier Management – ensures getting value for money from suppliers. Activities included are: negotiation, agreements, supplier performance management, seamless integration of underpinning contracts and delivered services.

From the above brief example it is obvious that if we let services grow organically, they will respond to particular obvious short-term customer needs, without taking into account strategic business needs. In that way, a service organization will waste resources and services will be expensive to run and maintain.
Designing services according to the five design principles, while respecting the rules of the eight mentioned processes will enable the organization to create business-/customer-oriented, efficient and cost-effective services. Such services will be able to absorb frequent changes in demand, and they will be responsive, with availability and capacity aligned to business needs. What’s not to like?

ITIL v3 Basics: Strategy, Design, Transition, Operations, and Improvement

There are 5 ITIL Lifecycle Phases as prescribed in ITIL v3: Service Strategy, Service Design, Service Transition, Service Operations, and Continual Service Improvement.These lifecycles define what IT has to do to deliver value to the business and/or customers. ITIL v3 advises you to change your IT organizational functions and processes in this manner to deliver IT services and value to your customers. If your company makes the decision to launch an ITIL initiative, you have decided to introduce the necessary change to your current organizational structure and processes to align with ITIL advised structure and processes. Our intent is to help you understand what that really means!!

What is the ITIL v3 structure? ITILv3 defines 5 IT Lifecycle Phases with the following Goals:

Service Strategy: build a cost effective IT strategy. Find the right balance between performance and cost. Defines what to build and why it is needed. Its output is a business approved, business funded IT strategy.
Service Design: design IT services in alignment with Service Strategy. Defines how IT services will be built. Its output is a Service Design Package.
Service Transition: build and deploy IT services as specified by Service Design. Build and deploy services with minimal impact to the Production environment. Its output is a Live Application/Service that functions as expected.
Service Operations: Deliver and manage services at the agreed levels to business users/customers. Its expected output is managed services with happy customers.
Continual Service Improvement: Continual improvement of IT processes and metrics. Prioritize and initiate improvement projects. Its expected output is better metrics of all IT processes - cheaper, faster, better IT services.

Point Guard ITILv3 Presentation

The subprocesses and functions within each of the ITILv3 Lifecycles are:

Service Strategy:

Strategy Generation
Demand Management
Service Portfolio Management
Financial Management

Service Design:

Supplier Management
Service Catalog Management
Information Security Management
Capacity Management
Availability Management
Service Level Management
7.IT Service continuity Management
8.Design Coordination

What is Service Design?

Service Design covers the fundamentals of designing services and processes. It provides a holistic design approach to help an organization deliver better services.
Designing a service to meet an organization’s strategic and customer needs requires coordination and collaboration. Aim for high service maturity when designing services rather than the completion of an IT project. The higher the service maturity the higher customer and user satisfaction will be.

The five key aspects of Service Design are:

Designing the service solution
Management information systems and tools
Technology
Processes
Measurements and metrics

Approach all aspects with service oriented thinking and decision making.

Service Level Management

ITIL Service Level Management aims to negotiate Service Level Agreements with the customers and to design services in accordance with the agreed service level targets. Service Level Management is also responsible for ensuring that all Operational Level Agreements and Underpinning Contracts are appropriate, and to monitor and report on service levels.
Service Level Management has been completely redesigned in ITIL 2011 following the introduction of the Design Coordination process.

Service Level Management

Coordinating activities have been removed.

Service Level Management is now mainly responsible for gathering service requirements, as well as monitoring and reporting with regards to agreed service levels.

The process overview of Service Level Management (.JPG) is showing the most important interfaces (see Figure 1).

Sub-Processes

These are the Service Level Management sub-processes and their process objectives:

Maintenance of the SLM Framework

Process Objective: To design and maintain the underlying structure of the Customer Agreement Portfolio, and to provide templates for the various SLM documents.

Identification of Service Requirements

Process Objective: To capture desired outcomes (requirements from the customer viewpoint) for new services or major service modifications. The service requirements are to be documented and submitted to an initial evaluation, so that alternatives may be sought at an early stage for requirements which are not technically or economically feasible.

Agreements Sign-Off and Service Activation

Process Objective: To have all relevant contracts signed off after completion of Service Transition, and to check if Service Acceptance Criteria are fulfilled. In particular, this process makes sure that all relevant OLAs are signed off by their Service Owners, and that the SLA is signed off by the customer.

Service Level Monitoring and Reporting

Process Objective: To monitor achieved service levels and compare them with agreed service level targets ("Service Level Report"). This information is circulated to customers and all other relevant parties, as a basis for measures to improve service quality.

The service level management (SLM) process focuses on researching and understanding requirements. Areas include:

defining, negotiating, agreeing upon and documenting IT service targets
monitoring, measuring and reporting on how well the service provider delivered the agreed upon targets

When targets are appropriate and met, then the business and IT have a better chance of becoming aligned.
Agreed upon targets are often spelled out in service level agreements (SLAs). Monitoring, measuring and reporting on SLA's in this way provides close links to Continual Service Improvement (CSI).
SLAs are agreements to provide specific services at a defined level of quality (warranty) for a specific price. SLAs typically need negotiation of agreements with other internal organizations (OLA's) or external suppliers (Underpinning Contracts).
Negotiating SLAs to ensure service commitments are met, service level management works with the following warranty processes:

capacity management
availability management
security management
service continuity management

Service level management is accountable for monitoring conformance to the SLAs and take action if there is a breach of the SLA. This means working with the service desk, incident management, and problem management.
Customer satisfaction is not determined only by SLA performance. Therefore service level management should meet with customers face-to-face on a regular basis. This helps to maintain a positive relationship address any concerns the customer may have.

Service Catalog Management

Service catalog management ensures that an accurate and up-to-date service catalog is available to all parties authorized to see it. All parts of IT Service Management, as well as customers and users, use the service catalog. Accuracy and availability are essential.
Service catalog management must work closely with service portfolio management as new services move from the pipeline into the catalog and older services are retired. It also helps define how services can be requested and what options are available (gold/silver levels, for instance). The service catalog should document all defined services.
The service catalog generally comprises two views:

a business service view that is visible to the customer
a technical service view that is visible only to IT personnel.

This enables the customer to choose services based on their business requirements. At the same IT personnel can use their view to determine what technical services they need to support a given business service.

Service Catalogue Composition

Each service in the catalogue contains the following elements:

· A identification label for the service

· Description of services

· Related service request types

· Any supporting or underpinning services

· Service categorization or type that allows it to be grouped with other similar services

· Interfaces and dependencies between all services, and supporting components and configuration items (CIs) within the service catalogue and the CMS

· Clear ownership of and accountability for the service

· Associated costs

· How to request the service and how its delivery is fulfilled

· Escalation points and key contracts

· Service level agreement (SLA) data

Service Catalogue Aspects

Service catalogue has two aspects:

Business Service Catalogue

It contains all the IT services delivered to the customer, together with their relationship to the business units and the business process that rely on the IT services.

Technical Service Catalogue

It contains all the IT services delivered to the customer, together with their relationship with supporting services, shared services, components, and CIs necessary to support the provision of the service to the business.
Service catalogue management process is responsible for providing information regarding all agreed services to all authorized persons. This process also takes care of creation and maintenance of service catalogue with correct and updated information.

Service Catalogue Manager is the process owner of this process.

Any change to service portfolio or service catalogue is subject to Change Management process.

SCM Activities

Here are the key activities included in Service Catalogue Management:

· Agreeing and documenting a service definition with all relevant parties

· Interfacing and Service Portfolio Management to agree the contents of the Service Portfolio Management to agree the contents of the Service Portfolio and Service catalogue

· Interfacing with the business and IT Service Continuity Management on the dependencies of business units and their business processes with the supporting IT services contained within the Business Service Catalogue

· Producing and maintaining a Service Catalogue and its contents, in conjunction with service portfolio

· Interfacing with Business Relationship Management and Service Level Management to ensure that the information is aligned to the business and business process.

What is Capacity Management?

ITIL capacity management is responsible for ensuring that adequate capacity is available at all times to meet the agreed needs of the business in a cost-effective manner. The capacity management process works closely with service level management to ensure that the business’ requirements for capacity and performance can be met. Capacity management also serves as a focal point for any capacity issues in IT Service Management. Capacity management supports the service desk and incident and problem management in the resolution of incidents and problems related to capacity.

Successful capacity management requires a thorough understanding of how business demand influences demand for services, and how service demand influences demand on components. This is reflected by the three subprocesses of capacity management: business capacity management, service capacity management, and component capacity management. It is required that capacity management develop a capacity plan, which addresses both current capacity and performance issues, as well as future requirements. The capacity plan should be used throughout IT Service Management for planning and budgeting purposes.

Capacity management is responsible for defining the metrics to be captured during service operation to measure performance and use of capacity. This includes monitoring tools, which can provide input to the event management process. Capacity management may be called upon to perform tactical demand management, which involves using techniques such as differential charging to change users’ behavior so that demand does not exceed supply. Other activities of Capacity management include sizing (working with developers to understand capacity requirements of new services) and modeling (building statistical representations of systems).

Capacity Management Definitions

Before implementing capacity management, it’s important everyone is on the same page. One way for an organization to accomplish this is to learn and own the definition. Capacity management introduces new ideas and terms that should be discussed before they are implemented, including component, capacity plan, capacity report, capacity management information system, and performance.

A component is the underlying structure behind a service. For example, it is the database behind the application or the server underneath the website. It is a component that must be purchased, built, maintained, and monitored. Improving performance often involves a replacement, upgrade, or load balancing of the individual component.

The capacity plan contains different scenarios for predicted business demand and offers costed options for delivering the service-level targets as specified. This plan allows service designers to make the best choices about how to provide quality service at an affordable price point.

The capacity report is a document that provides other IT management with data regarding service and resource usage and performance. This is used to help other managers make service-level decisions or decisions regarding individual components.

The capacity management information system (CMIS) is the virtual repository used to store capacity data. Dashboards are one way to store and report on capacity data.

Performance is how quickly a system responds to requests. For example, how quickly an application processes data and returns a new screen is one indicator of its performance.

The Purpose of Capacity Management

The purpose of capacity management is to determine how much capacity should be provided based on the information from demand management regarding what should be provided. In particular, capacity management is concerned with speed and efficiency. If IT capacity forecasts are accurate and the amount of IT capacity in place meets business needs, the capacity management process is a success.

Capacity Management Activities

This process involves constant measurement, modeling, management, and reporting. More specifically, these activities include:

Designing a service so that it meets service-level agreement (SLA) objectives once implemented
Managing resource performance so that services meet SLA objectives
Assisting with the diagnosis of performance-related incidents and problems
Creating and maintaining a capacity plan that aligns with the organization’s budget cycle, paying particular attention to costs against resources and supply versus demand
Continually reviewing current service capacity and service performance
Gathering and assessing data regarding service usage, and documenting new requirements as necessary
Guiding the implementation of changes related to capacity

In practice, implementing this from scratch would involve the same steps as for other projects. For example, implementation might follow these broad steps:
1. Gather the data
Work with business to determine the service-level need. Determine what this means relative to service availability and service capacity. Identify the individual components necessary. Work with demand management resources to predict demand based on user roles. Work with the financial management team to determine the costs.
2. Design a service and reach agreement

Once you've identified the services and the level of performance needed, the cost, and the expected demand, you'll be able to work with ITIL service level management to build an SLA that everyone can agree to. You will also have designed a service at this point.

3. Build the service
The next step is to build the service. This involves purchasing the components and building the IT infrastructure, processes, and documentation necessary to support the new service/s. Capacity management should continue to monitor the business needs and any new data to ensure that the service being built will have the necessary capacity for quality performance. Financial management will be involved at this stage to facilitate purchasing of components and other resources.
4. Operation
Once you have built the service, and everyone agrees it will meet demand, capacity, and availability requirements, it's go-live time. This is when service operation takes over. Capacity management then supports service operation to deliver services that meet targets.
Monitoring and managing services and their individual components are most easily done via monitoring dashboards that provide data on multiple components in one location. Gathering the data manually from each service or component adds to the total time it takes to produce service-capacity reports.

Capacity Management Processes

This process is built on several sub-processes, including business capacity management, service capacity management, component capacity management, and capacity management reporting. These processes share common activities, such as modeling, workload management, analysis, and optimization.

Business capacity management is the sub-process that turns the needs of the business into IT service requirements. It is involved in service strategy and service design, reviewing the data to ensure that there will be not be any changes in demand before the IT service is implemented. This sub-process works with demand management to ensure that the service is meeting business needs. Other sub-processes make sure that the service meets service-level targets; this sub-process ensures that the service-level targets meet the business needs. A thorough understanding of the business and the service-level agreements is necessary to effectively perform the activities in this sub-process.

Service capacity management is the sub-process that focuses on the operation of the service. Unlike component capacity management, this process focuses solely on the service itself. It ensures that the end-to-end service provided meets agreed-upon service-level targets. For example, this process would monitor, control, and predict a ticketing system to ensure it was up and running efficiently.

Component capacity management focuses on the technology that provides the performance and capacity to the IT service. Components are things like hard disks, phones, and databases. This sub-process requires knowledge of how each component individually contributes to service performance. It manages, controls, and predicts performance usage and capacity of individual components rather than the service as a whole (as seen in service capacity management). The goal of this sub-process is to reduce the total amount of service downtime by monitoring current performance and predicting future performance. Component capacities are designed around service capacities and not the other way around.

Capacity management reporting is the final sub-process. It gathers and then provides other stages with the data related to service capacity, service usage, and service performance. The output of this sub-process is the service capacity report.

Capacity Management and Other ITIL Processes

Capacity management must interface with other processes within ITIL, including demand management, availability management, service-level management, and financial management. When the business has a service need, it comes from demand management. It's then relayed to the business continuity management team, which then translates it into an SLA and capacity terms. Service-level management helps with this. Once the service is deployed, service capacity management and component capacity management come in to keep everything at peak performance. Availability management works hand-in-hand with capacity management to keep services running and prevent downtime. Financial management comes into play when individual components must be estimated, purchased, maintained, and replaced. Not working closely with financial management can result in either untimely drops in uptime or organizational budget losses.

Takeaways

ITIL capacity management is an important one. With it, your organization can save costs by having the data necessary to make decisions regarding service performance. Rather than being based on gut decisions and guesses, you can use gathered component data to make business cases that win over financial management. What's more, this process can identify where performance tuning is a better choice than upgrading, thereby saving the organization money. Other barriers, such as performance bottlenecks and early indicators of performance issues, are identified before they become problems. This maintains uptime and increases customer and end-user satisfaction.

Availability Management

Availability Management ensures that infrastructure, tools, roles etc. are appropriate for the agreed targets. It also works with the design teams to ensure that availability is designed into services.
Part of the process is to identify vital business functions (VBFs) which IT services support. This will help clarify which approach to availability to take:

prevention (making sure, as far as possible, that unavailability never happens)
recovery (developing plans to restore service rapidly in the event of an outage).

Availability management views availability from the user’s perspective, from end to end. This means identifying single points of failure and designing resilience into any infrastructure supporting the service. Availability management serves as a focal point for all issues in IT Service Management related to availability.
Availability management handles specifying which metrics to use to measure availability. And, monitors availability to ensure that the SLA targets are met.

The responsibilities of Availability Management include:

Determining availability requirements in close collaboration with customers.
Guaranteeing the level of availability established for the IT services.
Monitoring the availability of the IT services.
Proposing improvements in the IT infrastructure and services with a view to increasing levels of availability.
Supervising compliance with the OLAs and UCs agreed with internal and external service providers.

The key indicators on which the Availability Management process rests are:

Availability: the time that the service functioned correctly expressed as a percentage the total time it has been agreed that the IT services are to be accessible to users.
Reliability: measure of the time the services functioned correctly without interruptions.
Maintainability: capacity to maintain the service operational and recover it in the event of an interruption.
Service Capacity: determines the availability of the internal and external services contracted and their appropriateness for the OLAs and UCs in force. When an IT service as a whole is subcontracted, the terms availability and service capacity are equivalent.

http://itil.osiatis.es/ITIL_course/it_service_management/availability_management/introduction_and_objectives_availability_management/img/disponibilidad_fiabilidad_capacidad_mantenimiento.gif

The availability depends on the correct design of the IT services, the reliability of the CIs involved, their proper maintenance and the quality of the internal and external services agreed.

The main benefits of correct Availability Management are:

Fulfilment of the agreed service levels.
Reduction in the costs associated with a given level of availability.
The customer perceives a better quality of service.
The levels of availability progressively increase.
The number of incidents is reduced.

The main difficulties in Availability Management are:

The real availability of the service is not monitored correctly.
There is no commitment to the process in the IT organisation.
The appropriate software tools and personnel are not available.
The availability objectives do not match the customer's needs.
There is a lack of coordination with other processes.
Internal and external service providers do not recognise the authority of the Availability Manager as a result of a lack of support from management.

IT Service Continuity Management

IT service continuity management (ITSCM) focuses on supporting the overall continuity of the business. We define ITSCM as the process responsible for managing risks that could seriously impact IT services.
Risks so serious they could threaten the very survival of the business.
This activity is often referred to as disaster recovery (DR). But, the use of the term ITSCM should show that there is a corresponding business continuity management (BCM) process. ITSCM supports the BCM process.
ITSCM must work closely with BCM to perform risk analysis and business impact analysis (BIA). This analysis determines how different types of disruptions impact the business. The business areas determined to suffer the greatest impact need the most focus from the service continuity teams.
ITSCM is responsible for development and deployment of the service continuity plan. This includes regular testing and training of all personnel associated with the plan. ITSCM also works with change management to ensure that continuity plans are updated as the operational model changes.

IT Service Continuity Management activities include:

Working with BCM and Service Level Management (SLM) to determine potential issues and recovery requirements through a Business Impact Analysis
Assessing risks, determining costs to mitigate those risks, and prioritizing which recovery plans will be developed through a Risk Assessment
Translating recovery requirements into infrastructure options and data storage requirements
Implementing and testing backup and recovery techniques, as well as negotiating and signing contracts for alternate site arrangements
Periodically reviewing and refining plans to ensure they remain effective as business events dictate

WHY SHOULD I IMPLEMENT IT SERVICE CONTINUITY MANAGEMENT?

Benefits to implementing ITSCM processes include:

Minimizing disruption in IT services following a major interruption or disaster
Minimizing costs associated with recovery plans through proper proactive planning and testing
Properly prioritizing the recovery of IT services by working closely with BCM and SLM

ITSCM processes are closely tied to Service Level Management, Availability Management, Capacity Management, Configuration Management, Change Management and Incident Management processes.

Information Security Management

The information security management (ISM) process focuses on aligning IT security with business security. Information security is an activity that happens as part of corporate governance.
We use information security to protect data stores, databases, and metadata. It protects the interests of people who rely on this information, and it protects the systems that deliver the data.
Information security management works closely with service level management to ensure that the business’s needs for security are documented in service level agreements.
To introduce and maintain a required level of security, as defined by law, contracts or other agreements.

Information Security Management contributes to an integrated Service Management approach by achieving the following activities:

Identifying and defining the internal and external security requirements
Planning of security procedures
Creating a security chapter in the SLA and Service Description
Managing the implementation of security actions
Evaluating the security procedures and security measures
Security Reporting
Security Improvement

Information security measures include the following:

Preventive: Preventing security breaches. This is primarily accomplished via access controls.
Reductive: Minimizing the impact of potential security incidents using measures such as taking regular back-ups.
Detective: Ensuring instantaneous awareness of security breaches which do occur.
Repressive: Preventing further damage as the result of a breach such as by quarantining servers that are compromised.
Corrective: Repairing any damage done, such as by restoring from a backup

Security Management specific roles

Static Process Roles

Security Process Owner

Initiator of the process, accountable for defining the process strategic goals and allocating all required process resources. See Continual Process Improvement Management for a detailed description of these activities.

Security Process Manager (Security Manager)

IT Security Management Process is controlled by the Security Manager. The Security Manager can delegate tasks to specialized staff. Should it be necessary to use external staff, an approval of the budget by the responsible person is required.

IT Security Management Team

Team in Security Management perform mandatory tasks for the Security Manager.

Dynamic Process Roles

Security Auditor

Security Auditor is providing the verification of security policies, processes and tools. Auditor should be altering an external and internal resource to provide independent and reliable audit.

Service Specific Roles

Roles depending on the affected service are found in the Service Description. The Service Description, including the service specific roles, is delivered from the Service Portfolio Management.

Service Expert/Service Specialist:
Service Owner:
Service User:

Customer Specific Roles

Roles depending on the affected customer(s) are found in the Service Level Agreement. The Service Level Agreement for the customer specific roles is maintained by theService Level Agreement Management.

Customer(s)

Customers of the affected service with a valid SLA

Supplier Management

Supplier management works with third parties, such as suppliers, to negotiate contracts for products or services. Supplier management monitor conformance to the contract conditions and address any breaches. At renewal, supplier management will determine whether to renew, renegotiate, or end the contract.
The objectives of supplier management is to ensure alignment of contracts with the needs of the business. It is also responsible for ensuring suppliers are meeting their commitments. The supplier and contract management information system (SCMIS) holds supplier and contract details.

The main task of the supplier management is to ensure that suppliers adhere to the conditions and targets contained in the contracts. Suppliers make a key contribution towards the delivery of the IT services. The supplier management process should therefore be supplier strategy driven. Contracts and suppliers are documented in the supplier and contracts database so the consistency of the contracts and adherence to the corporate guidelines can be verified on a centralized basis.

The supplier management must cover all suppliers and contracts required to deliver a service for the business. The relationship between supplier and service provider must be formally defined. However, depending upon the strategic importance of the supplier, provision must be made for greater integration of the supplier within the strategy planning or service design. The smaller the additional benefit generated by the supplier the more it can also be managed on the operational level in the transition or operation phases.

Design Coordination

The central principles in design coordination are balance, prioritization and integration with project management. Balance and prioritization address the utility and warranty of a service, as well as the needs of the service throughout its lifecycle.
Design coordination oversees all activity in the Service Design phase of the service lifecycle. Its aim is to ensure that a holistic, integrated approach is taken to the design of services. This is necessary because of the variety of disciplines involved in Service Design and the need to take a consistent approach.
Design coordination is accountable for the production of the service design package (SDP). The SDP is a comprehensive description of how a new or changed service is to be designed, built, tested, deployed, and operated. The SDP is the handoff from the Service Design phase to the Service Transition phase.
Design coordination handles managing resources needed by the Service Design phase of the lifecycle. This includes:

planning to ensure that adequate resources are available
scheduling access to resources among the many projects that may be in this phase at any one time

It is accountable for the performance and improvement of the Service Design phase of the lifecycle.

Design coordination covers two types of activities:

Activities that relate to the overall service design lifecycle stage – such activities include overall service design practices as well as design activities across projects. Companies try to standardize design activities to minimize risks, improve their own capabilities and stay on “safe ground.”
Activities relating to each individual design – such activities consider individual design efforts and encompass planning, coordination, monitoring and review of individual designs.

Design coordination involves coordination and communication with various (usually) highly skilled groups and individuals. Therefore, the role of a design coordinator requires high organizational and managerial skills.

While developing common design practice, it is important to implement just enough regulation and control mechanisms. Otherwise, processes will get bureaucratized. But, on the other side, what happens more often is that organizations implement too little control, which results in poor results of design activities. It is quite common practice that organizations usually assign design coordination activities to project managers.