Passing Your ITIL Foundation Exam - CHROM

Updated to the 2011 Foundation syllabus, this study aid from
the Official Publisher of ITIL offers an invaluable overview of the

ITIL framework.
An engaging fictional case study runs throughout the

publication to help bring service management to life, and mind
maps at the end of Chapters 2 to 9 provide a useful revision
tool. You can test your understanding with sample questions,
which appear throughout, and a mock exam at the end.
All answers are thoroughly explained to aid understanding
Passing your ITIL® Foundation Exam

and make sure that you are as prepared as possible for your
Foundation exam.
Passing your ITIL Foundation Exam is an essential aid for all those
preparing for their Foundation exam.
d by APM
se
Gr
r
Endo
oup
compatible
tor
ITIL
product
O
di
ff i
cia l A c cr e
ANAGE
TM
ME
BES
Updated to the 2011 syllabus
NT PRAC
www.best-management-practice.com
T
UC
TIC
E PROD
7495 ITIL Foundation Cover V1_0.indd 1-3 22/02/2012 15:27

Passing your ITIL Foundation Exam ®
London: TSO
7522 Passing your ITIL exam v0_5.indd 1 17/02/2012 11:58

Published by TSO (The Stationery Office) and available from:
Online
www.tsoshop.co.uk
Mail, Telephone, Fax & E-mail

TSO
PO Box 29, Norwich, NR3 1GN
Telephone orders/General enquiries: 0870 600 5522
Fax orders: 0870 600 5533
E-mail: customer.services@tso.co.uk
Textphone: 0870 240 3701
TSO@Blackwell and other Accredited Agents
© Crown Copyright 2012

This is a Crown copyright value added product, reuse of which requires a Licence from the Cabinet Office
Applications to reuse, reproduce or republish material in this publication should be sent to
The Efficiency & Reform Group Service Desk, Cabinet Office, Rosebery Court, St Andrews Business Park, Norwich, Norfolk NR7 0HS
Tel No: (+44) (0)845 000 4999,
E-mail: servicedesk@cabinet-office.gsi.gov.uk or complete the application form on the Cabinet Office website, Licensing section.
Copyright in the typographical arrangement and design is vested in The Stationery Office Limited. Applications for reproduction should be
made in writing to The Stationery Office Limited, St Crispins, Duke Street, Norwich, NR3 1PD.
The Swirl logo™ is a trade mark of the Cabinet Office
ITIL® is a registered trade mark of the Cabinet Office
M_o_R® is a registered trade mark of the Cabinet Office
IT Infrastructure Library® is a registered trade mark of the Cabinet Office
The Best Management Practice Official Publisher logo is a trade mark of the Cabinet Office
The ITIL endorsement logo™ is a trade mark of the Cabinet Office
OGC (former owner of Best Management Practice) and its functions have moved into the Cabinet Office, part of HM Government
– www.cabinetoffice.gov.uk
First edition Crown Copyright 2007
Second edition Crown Copyright 2009
Third edition Crown Copyright 2012
First published 2012
ISBN 9780113313556
Printed in the United Kingdom for The Stationery Office
Material is FSC certified.
Sourced from fully sustainable forests.
P002473272 c20 02/12

Contents
List of figures and tables v 4.3 Business value 42

4.4 Key principles 42
Cabinet Office foreword vii
4.5 Processes 52
Chief Examiner’s foreword viii 4.6 Sample questions 56
The Official ITIL Accreditor’s foreword ix 5 Service design 59

5.1 Purpose and objectives 61
Acknowledgements x
5.2 Scope 61
1 The ITIL qualification scheme 1 5.3 Business value 62
1.1 Levels of qualification 3
5.5 Processes 63
1.2 Qualifications bodies 5
5.6 Sample questions 86
1.3 The ITIL Foundation certificate in IT
service management 7 6 Service transition 87
1.4 About this publication 8 6.1 Purpose and objectives 89
2 Introduction to service management 9 6.2 Scope 89
2.1 Services and service management 11 6.3 Business value 91
2.2 Processes, functions and roles 22 6.4 Key principles 91
2.3 Best practice 28 6.5 Processes 91
2.4 Sample questions 30 6.6 Sample questions 108
3 ITIL and the service lifecycle 31 7 Service operation 111
3.1 The ITIL service management practices 33 7.1 Purpose and objectives 113
3.2 Why ITIL? 33 7.2 Scope 113
3.3 The service lifecycle 33 7.3 Business value 114
4 Service strategy 39
7.5 Processes 115
4.1 Purpose and objectives 41 7.6 Functions 129
4.2 Scope 42 7.7 Sample questions 138

iv | Contents
8 Continual service improvement 139 11 The examination and
exam preparation 167
8.1 Purpose and objectives 142
8.2 Scope 142 11.1 The examination 169
8.3 Business value 142 11.2 Exam preparation 169
8.4 Key principles 143 12 Sample ITIL Foundation examination 171
8.5 Processes 147
12.1 Instructions 173
12.2 Questions 173
9 Service management technology 153 13 Answers 181
9.1 Use of technology 155
Further information 191
9.2 Service automation 156
9.3 Service analytics 157 Index 195
10 How it all fits together 159

10.1 Integration across the service lifecycle 161
10.2 Specialization and coordination 161
10.3 Monitoring and control 161
10.4 Continual service improvement 164

List of figures and tables
Figures Figure 5.3 Service level agreement monitoring

(SLAM) chart 69
Figure 1.1 The ITIL qualification scheme 3
Figure 5.4 The service level management process 70
Figure 2.1 Internal, external and
supporting services 13 Figure 5.5 Supplier categorization 74
Figure 2.2 Service packages can contain other Figure 5.6 Overview of Chapter 5 84
service packages 15 Figure 6.1 The scope of service transition 90
Figure 2.3 Value is created from service utilities Figure 6.2 Architectural layers of the
and warranties 16 configuration management system 94
Figure 2.4 Service composition 19 Figure 6.3 The relationship between the
Figure 2.5 Service management is the act of definitive media library and the CMS 97
transforming resources into Figure 6.4 Example of a process flow for a
valuable services 20 normal change 101
Figure 2.6 Process model 23 Figure 6.5 Phases of release and
Figure 2.7 Overview of Chapter 2 29 deployment management 105
Figure 3.1 The ITIL service lifecycle 34 Figure 6.6 The flow from data to wisdom 107
Figure 3.2 Overview of Chapter 3 37 Figure 6.7 Relationship of the CMDB, the CMS
and the SKMS 108
Figure 4.1 Components of value 43
Figure 6.8 Overview of Chapter 6 109
Figure 4.2 How customers perceive value 44
Figure 7.1 Example of calculation of priority
Figure 4.3 The service portfolio 46
based on impact and urgency 118
Figure 4.4 A two-view service catalogue 48
Figure 7.2 Incident management process flow 120
Figure 4.5 A three-view service catalogue 49
Figure 7.3 Multi-level incident categorization 121
Figure 4.6 Risk assessment and management 51
Figure 7.4 Problem management process flow 126
Figure 7.5 Local service desk 131
Figure 5.1 The four Ps 62
Figure 7.6 Centralized service desk 132
Figure 5.2 Multi-level SLAs 68
Figure 7.7 Virtual service desk 133

vi | List of figures and tables
Figure 7.8 Overview of Chapter 7 137 Tables
Figure 8.1 Plan-Do-Check-Act cycle 143 Table 2.1 Examples of core, enabling and
Figure 8.2 Continual service enhancing services 14
improvement approach 144 Table 2.2 Examples of capabilities
Figure 8.3 From vision to measurements 146 and resources 17
Figure 8.4 The seven-step improvement process 149 Table 2.3 An example of a simple RACI matrix 26
Figure 8.5 Overview of Chapter 8 151 Table 4.1 Example of a business case structure 50
Figure 9.1 Five modes of interaction using Table 4.2 Differences between business
service technology 156 relationship management and
service level management 55
Table 7.1 Application development versus
Figure 10.1 Integration across the service lifecycle 162 application management 135
Figure 10.2 Monitoring and control across the
service lifecycle 163
Figure 10.3 Continual service improvement
and the service lifecycle 164

Cabinet Office foreword
Congratulations – you have embarked on the The content has been updated to bring it into
start of your ITIL® journey. It will be interesting line with the revised syllabus and to ensure that it
and rewarding if you use the knowledge you gain reflects the current approach to exam questions.
and apply it in the real world. Now the first step
The next step, of course, is to pass the examination.
is to take your Foundation exam. Examinations
But, hopefully, the exam won’t seem too
are never easy; they are designed to test your
daunting once you’ve studied this publication.
knowledge of the subject and to enable you to
prove this knowledge to yourself and others. What you do after passing is down to you, but
you have started the journey and the world of
To help you in this, being well prepared is vital.
IT service management is open before you.
Study aids are an essential element, and attending
an accredited training course will also provide Best of luck!
learning support, often with case studies and
examples that can bring the ITIL framework to life.
Philip Hearsum
This guide has been written for this very purpose,
and over the years the content has been developed ITSM Portfolio Manager
and expanded to incorporate the latest identified Cabinet Office
best practices. This publication will present the
Foundation content in a simplified structure,
ideal for learning and developing knowledge.

Chief Examiner’s foreword
‘The whole purpose of education is to turn mirrors The mind maps at the end of each chapter
into windows.’ Sydney J. Harris crystallize the content in a way that will help
you to retain what you’ve read and make it
The IT service management industry relies on ITIL
useful as an examination preparation tool.
as the wheel that turns service practices into service
excellence. ITIL qualifications are the means to The sample examination questions are based
achieve knowledge of theory and how to apply ITIL on realistic examples that you will encounter
within everyday contexts. Each ITIL qualification has at Foundation level and provide essential
become a sought-after credential to demonstrate value for examination preparation.
the possession of the required skills and knowledge.
This publication takes readers through the
The ITIL Foundation qualification is where this window of the ITIL Foundation curriculum and
educational journey begins, and it sets the offers an interesting and lasting experience.
foundation for understanding service management
with basic concepts, principles and terminology.
Sharon Taylor
No matter where you live and work, what language
you speak or whether you choose to educate yourself ITIL Chief Examiner
or take an ITIL Foundation course, this publication
should be considered an important tool to assist
you in achieving the ITIL Foundation certification.
It nicely organizes the relevant ITIL Foundation
topics in a logical and easy-to-absorb structure and
sets them within the context of an unfolding story
about Brigitte, a customer who takes a journey
into the experience of service management.

The Official ITIL Accreditor’s foreword
Best practice evolves and improves on a companies and is an extremely useful tool for
continual basis to benefit the thousands of candidates who choose to study independently
organizations and practitioners implementing at their own pace for their qualifications.
its principles across the world every day.
Whether this is the start of your service
Changes in service management best practice management career or a gateway to
over the past five years were consolidated in the further your knowledge in more detailed,
publication of the latest edition of ITIL in July specialist areas, I wish you every success with
2011; ITIL service management practices have your studies and examinations and, more
become more streamlined, practical and usable importantly, your ongoing ITIL journey.
for today’s service managers and practitioners.
Most significantly, the key improvements made
to ITIL Service Strategy – the starting block Richard Pharro
at the very core of ITIL – mean that ITIL has CEO, Official ITIL Accreditor
become more approachable than ever before. (part of the APM Group Ltd)
As a result, those organizations and individuals
setting out on their ITIL journey will have a
smoother start and a clearer path ahead.
As the reader of this Foundation study aid, you
have also taken the important first step on your
ITIL journey and are giving yourself a fantastic
starting point to generate and solidify a stable
ITIL knowledge base. This guide is an excellent
companion to other publications, course notes
and materials provided by accredited training

Acknowledgements
Author Thanks are still due to those who reviewed and

contributed to previous editions of this title:
Christian F. Nissen (CFN People)
Gary Case (Pink Elephant); Lise Dall Eriksen
All sample questions and answers were (CFN People); Thomas Fejfer (CFN People);
created by Michelle Hales (ConnectSphere) Signe-Marie Hernes Bjerke (DNV); Majid Iqbal
(design#code LLC); Shirley Lacy, (ConnectSphere);
Ivor Macfarlane (IBM); Lars Zobbe Mortensen
Reviewers
(Zobbe Consult & Zoftware); Bente Skøtt (OK
Best Management Practice and The Stationery Gasoline); Katsushi Yaginuma (ITpreneurs).
Office (TSO) would like to thank those who
participated in the quality assurance of
this publication, generously donating their
time to reviewing this title, including:
Rosemary Gurney (Global Knowledge)
Lou Hunnebeck (Third Sky Inc.)
Michael Imhoff (Nielsen, IBM)
Stuart Rance (HP)

7522 Passing your ITIL exam v0_5.indd 11

scheme 1
The ITIL qualification
17/02/2012 11:58
| 3
1 The ITIL qualification scheme
ITIL (formerly known as the IT Infrastructure Library)

is best practice for IT service management, which is
used by many organizations around the world. A ITIL
whole ITIL philosophy has grown up around the Master
advice contained within the ITIL publications and the
supporting certification and qualification scheme.
The purpose of the ITIL qualification scheme is ITIL Expert
to ensure that relevant and timely certifications
are available to support the formalized learning
requirements of individuals and organizations
Managing Across the Lifecycle
related to the ITIL service management practices.
The official ITIL qualification scheme is the only
training and qualification scheme leading to official
ITIL qualifications in IT service management. SS SD ST SO CSI OSA PPO RCV SOA
1.1 Levels of qualification Intermediate lifecycle Intermediate capability
The ITIL qualificat ion scheme introduces a learning

system that enables an individual to gain credits for
all ITIL courses that can be applied towards a ITIL Foundation
recognized professional achievement (see Figure 1.1).
Once candidates have accumulated a sufficient Figure 1.1 The ITIL qualification scheme
number of credits, they can be awarded the ITIL
Expert in IT service management certification. Candidates can choose modules from the Service
To achieve ITIL Expert certification, candidates Capability (4 credits per module) or Service Lifecycle
must obtain a minimum of 22 credits, 2 of which (3 credits per module) streams to gain the other 15
must be from the Foundation module, which credits, but are expected to choose a balanced
is a mandatory first step, and 5 of which must programme overall.
be from the ‘Managing Across the Lifecycle’
module, which is the mandatory final step.

4 | The ITIL qualification scheme
1.1.1 ITIL Foundation certificate in IT service lifecycle is illustrated as part of the
service management curriculum; however, the primary focus is on
the process activities, execution and use
The Foundation level is the entry-level qualification,
throughout the service lifecycle. An
which offers candidates a general awareness of
examination is taken for each module.
the key elements, concepts and terminology used
in the ITIL service lifecycle, including the linkages Both Intermediate streams assess an individual’s
between lifecycle stages, the processes used and comprehension and application of the concepts
their contribution to service management practices. of ITIL. Candidates are able to take units from
either of the Intermediate streams or may combine
More details of the ITIL Foundation certificate in IT
units from both streams. These units give them
service management can be found in section 1.3.
credits towards an ITIL Expert certificate.
1.1.2 ITIL Intermediate qualification
1.1.2.1 Service Lifecycle
certificates in IT service management
The Intermediate Service Lifecycle Stream is
ITIL Intermediate level has a modular structure, built around the five ITIL core publications:
with each module holding a different focus.
Candidates can take as few or as many ■■ ITIL Service Strategy (SS)
Intermediate qualifications as they require, and ■■ ITIL Service Design (SD)
to suit their needs. The Intermediate modules ■■ ITIL Service Transition (ST)
go into more detail than the Foundation level. ■■ ITIL Service Operation (SO)
The Intermediate qualifications are grouped in ■■ ITIL Continual Service Improvement (CSI).
two sets:
1.1.2.2 Service Capability
■■ The Service Lifecycle Stream, which will be of The Intermediate Service Capability Stream is built
interest to candidates seeking a management/ around four clusters:
team leader role that requires a broad
management focus of ITIL practice areas and ■■ Operational support and analysis (OSA)
work across teams or multiple-capability areas. ■■ Service offerings and agreements (SOA)
The prime focus is the lifecycle itself, the use of ■■ Planning, protection and optimization (PPO)
process and practice elements within it, and the ■■ Release, control and validation (RCV).
management capabilities needed to deliver
quality service management practices in an 1.1.3 Managing Across the Lifecycle (MALC)
organization. An examination is taken for The ITIL Managing Across the Lifecycle (MALC)
each module. qualification is a capstone qualification, focusing on
■■ The Service Capability Stream, which will be of the knowledge required to implement and manage
interest to candidates who wish to gain intense, the necessary skills associated with use of the
specialized, process-level knowledge in one or lifecycle practices. It is the final required module
more processes, with focus on the day-to-day which a candidate must take prior to achieving
execution of ITIL practices. Attention to the ITIL Expert level.

The ITIL qualification scheme | 5
1.1.4 ITIL Expert in IT service Details of the various learning options, certifications
management certificate and combinations can be found on the ITIL
qualification scheme website: www.itil-officialsite.
The ITIL Expert level of qualification is aimed at those
com/Qualifications/ITILQualificationScheme.aspx
individuals who are interested in demonstrating a
superior level of knowledge of the ITIL scheme in
its entirety. 1.2 Qualifications bodies
Once a candidate has successfully completed This section outlines the roles of the organizations
all requisite ITIL modules and has earned within the official ITIL qualification scheme.
sufficient credits, they will be awarded the ITIL Candidates should ensure that when buying
Expert in IT service management certificate. ITIL training, it is acquired from an ITIL-accredited
No further examination or course is required organization.
to gain the ITIL Expert certificate.
1.2.1 Cabinet Office
1.1.5 ITIL Master in IT service ITIL was originally developed by the UK
management certificate government organization Central Computer
The ITIL Master in IT service management certificate and Telecommunications Agency (CCTA),
validates the capability of the candidate to apply which in 2000 was merged into the Office of
the principles, methods and techniques of ITIL in Government Commerce (OGC), an office of
the workplace. HM Treasury. In 2010 OGC was moved into the
Cabinet Office, which is now the owner of ITIL
To achieve the ITIL Master qualification the and several other best-practice products.
candidate must be able to explain and justify
how they selected and individually applied a The Cabinet Office has established collaborative
range of knowledge, principles, methods and partnerships with two organizations to provide
techniques from ITIL and supporting management support for its ITIL portfolio. As the official
techniques, to achieve desired business outcomes accreditor, the APM Group provides accreditation
in one or more practical assignments. services related to examination institutes and
training providers, and is responsible for the
To be eligible for the ITIL Master qualification, qualification scheme. The Stationery Office
candidates must meet or fulfil the following (TSO) is the official publisher of all official ITIL
entry criteria: library publications, including this one.
■■ Have reached the ITIL Expert level The Cabinet Office retains the rights to all
■■ Have worked in IT service management for at intellectual property, copyright and trademarks
least five years in leadership, managerial or relating to ITIL. Its predominant role in the official
higher management advisory levels. scheme is one of ownership and stewardship of
the ITIL library content and qualifications. The
APM Group chairs the qualifications board (the
steering committee made up of representatives

from the community who make decisions about The list of the current examination institutes
qualifications policy) and ensures that decisions can be found at www.itil-officialsite.com/
made are to the benefit of ITIL and users alike. ExaminationInstitutes/ExamInstitutes.aspx
1.2.2 APM Group 1.2.4 Accredited training organizations

The APM Group is an international professional Accredited training organizations (ATOs),
accreditation and certification body, which is sometimes known as accredited course providers
accredited to international standards by the United (ACPs), are companies that have been assessed
Kingdom Accreditation Service (UKAS), which and approved by an examination institute
ensures the effectiveness, impartiality and quality to run officially accredited training courses
of APM Group scheme administration services. In and administer examinations in ITIL.
2006, the APM Group became the Cabinet Office’s
These accredited organizations must submit:
official accreditor for ITIL and is now responsible
for the monitoring and promotion of the official ■■ Their quality management systems, detailing
scheme for training, consulting and qualifications. their processes for administration of the
training courses and examinations
Within its role as the official ITIL accreditor, the
■■ The course material they use to train ITIL
APM Group is responsible for setting the standards
candidates for the examinations
and syllabuses throughout the market, which any
delivering examination institute must adhere to, as ■■ Their trainers for assessment by an
well as creating, maintaining and delivering the ITIL examination institute.
qualification scheme itself. Following approval by an examination institute,
The APM Group is also responsible for the ATOs are granted a licence by the APM Group
accreditation and monitoring of any examination as the official accreditor to use the relevant
institute applying to the official scheme to run ITIL Cabinet Office-owned intellectual property
qualifications and accredit training organizations. rights and trademarks relating to ITIL. A list
of current accredited training organizations
1.2.3 Examination institutes can be found at www.itil-officialsite.com/
TrainingOrganisations/ATOListing.aspx
The APM Group as the official accreditor is
authorized to license other examination institutes
1.2.5 itSMF International
to administer ITIL qualifications and accreditation
activities. Under the contracts signed with The IT Service Management Forum (itSMF) is
the APM Group, examination institutes are the not-for-profit international community
allowed to conduct the following activities: for IT service management professionals,
with more than 50 chapters worldwide
■■ Approve training organizations and a coordinating organization – itSMF
■■ Administer examinations via those International (www.itsmfi.org). The chapters
organizations that they have approved. provide local support to those individuals and
organizations using and implementing ITIL.

The ITIL qualification scheme | 7
itSMF is recognized as an integral part of 1.3.3 Prerequisites
the ITIL community. It is a collaborative There are no formal criteria or prerequisites for
partner to the ITIL official scheme and candidates wishing to attend an accredited ITIL
participates on the qualifications board. Foundation course, though some familiarity
with IT terminology and an appreciation of their
1.3 The ITIL Foundation certificate own business environment is recommended.
in IT service management Accredited ITIL Foundation training is strongly
recommended but is not a prerequisite.
1.3.1 Purpose
The purpose of the ITIL Foundation certificate in 1.3.4 Learning objectives
IT service management is to certify that the The learning objectives of the ITIL Foundation
candidate has gained knowledge of the ITIL certification in IT service management are to enable
terminology, structure and basic concepts and has the candidate to:
comprehended the core principles of ITIL practices
■■ Define the concept of a service and to
for service management.
comprehend and explain the concept of service
The ITIL Foundation certificate in IT service management as a practice.
management is not intended to enable the holders ■■ Understand the value of the ITIL service
of the certificate to apply the ITIL practices for lifecycle, how the processes integrate with each
service management without further guidance. other throughout the lifecycle, and explain the
objectives, scope and business value for each
1.3.2 Target group phase in the lifecycle.
The target group of the ITIL Foundation certificate ■■ Define some of the key terminology and
in IT service management is drawn from: explain the key concepts of service
■■ Individuals who require a basic understanding management.
of the ITIL framework and how it may be used ■■ Comprehend and account for the key principles
to enhance the quality of IT service and models of service management, and
management within an organization balance some of the opposing forces within
■■ IT professionals who are working within an service management.
organization that has adopted and adapted ■■ Understand how the service management
ITIL, who need to be informed about and processes contribute to the ITIL service lifecycle,
thereafter contribute to an ongoing service to explain the purpose, objectives, scope, basic
improvement programme. concepts, activities and interfaces for four
of the core processes, and state the purpose,
objectives and scope for 18 of the remaining
processes.

■■ Explain the role, objectives and organizational access the official ITIL glossary of terms and
structures of the service desk function, and definitions (see www.best-management-practice.
state the role and objectives of three other com and navigate to ‘Glossaries and Acronyms’).
functions.
The structure of this publication does not strictly
■■ Account for and be aware of the responsibilities follow the order of the syllabus. Instead it is
of some of the key roles in service structured with ease of learning in mind. Basic
management. concepts are introduced in Chapters 2 and 3
■■ Understand how service automation assists (‘Introduction to service management’ and ‘ITIL and
with expediting service management processes. the service lifecycle’) to provide the basis for the
■■ Be aware of the role of competence and concepts, principles and practices that are introduced
training for service management and explain in the subsequent five chapters, each representing a
the ITIL qualification scheme. core publication. Each of the five core chapters is
identically structured to help the acquisition of the
1.3.5 Reference covered concepts, principles and practices. The two
The full syllabus with detailed descriptions subsequent chapters (‘Service management
of each of the learning objectives can technology’ and ‘How it all fits together’) contain
be downloaded from the ITIL website: topics that span the five core publications.
www.itil-officialsite.com/Qualifications/ At the end of Chapters 2 to 9, a mind map and a
ITILQualificationLevels/ITILFoundation.aspx number of sample test questions are presented
to enable the reader to rehearse and practise
1.4 About this publication the content of the chapter. The number of
questions in each chapter corresponds to the
This publication is based on the syllabus for the ITIL
typical distribution of questions in an exam.
Foundation certificate in IT service management.
It is therefore neither an introduction to ITIL nor It is hoped that you will find service management
a brief summary of the ITIL core publications. enjoyable and you will acquire the new knowledge
Rather, it is a study aid to support the adoption of and skills necessary for achieving the ITIL
knowledge and skills required to achieve the ITIL Foundation certificate in IT service management.
Foundation certificate in IT service management.
One of the Foundation learning objectives is
to understand the common terminology used
within ITIL, and readers may find it useful to

Introduction to
service management
2
17/02/2012 11:58
| 11

2 Introduction to service management
‘People do not want quarter-inch drills. They want The outcomes that customers want to achieve are the
quarter-inch holes.’ Professor Emeritus Theodore reason why they purchase or use a service. The value
Levitt, Harvard Business School of the service to the customer is directly dependent
on how well a service facilitates these outcomes.
2.1 Services and service
management Definitions
A service is a means of delivering value to
2.1.1 Services customers by facilitating the outcomes customers
want to achieve without the ownership of specific
Case study: service management in practice costs and risks.
(Brigitte’s experience)
An IT service is a service provided by an IT service
Brigitte enters an alpine hotel in a medium-sized
provider. An IT service is made up of a
town in Switzerland. She is on a short business
combination of information technology, people
trip and needs to stay over for the next two nights.
and processes.
She has just got out of the taxi and approaches
the hotel reception to ask for a service from the If you buy an apartment, the ownership of the
hotel: accommodation. specific costs and risks are transferred to you as
part of the deal. But if you stay at a hotel, the
To understand what service management is,
ownership of the specific costs and risks remains
we need first to understand what services
with the service provider. The same is the case if
are, and how service management can help
you take a taxi instead of driving your own car.
service providers to deliver and manage these
services. First of all, services are a means of Case study: service management in practice
delivering value to customers by facilitating (Brigitte’s experience)
the outcomes customers want to achieve.
Brigitte has never thought of it in that way. She is
Definition going to inspect the production of a medical
company tomorrow; the overnight accommodation
Outcome is the result of carrying out an activity,
enables her to start work very early in the
following a process, delivering an IT service etc.
morning and it reduces the geographical
The term is used to refer to the intended results,
constraints put on her by living in Denmark.
as well as to actual results.
Brigitte gets a room that satisfies her need to
stay overnight without having to undertake the
cost and risk of owning her own apartment
in Switzerland.

12 | Introduction to service management
2.1.2 Service types Definitions

IT services that are seen by the customer are called An internal customer-facing service is an IT
customer-facing services. These are typically services service that directly supports a business process
that support the customer’s business processes, managed by another business unit – for example,
directly facilitating some outcomes desired by a sales-reporting service or enterprise resource
the customer. management.
Just as there are internal and external customers, An external customer-facing service is an IT
there are internal and external customer-facing service that is directly provided to an external
services. Internal customer-facing services are customer – for example, internet access at
delivered between departments or business units an airport.
in the same organization. External customer-facing
services are delivered to external customers. A supporting service is an IT service that is not
directly used by the business but is required by
The reason for differentiating between internal and the IT service provider to deliver customer-facing
external customer-facing services is to distinguish services (for example, a directory service or a backup
between services that support an internal business service). Supporting services may also include
activity and those that actually achieve business IT services only used by the IT service provider.
outcomes. The difference may not appear to be
significant at first, since the activity to deliver the Figure 2.1 shows the difference between internal
services is often similar. However, it is important to and external customer-facing services and
recognize that internal services have to be linked to supporting services for an IT service provider.
external services before their contribution to business
outcomes can be understood and measured. 2.1.3 Core, enabling and enhancing services
Customer-facing services are normally enabled All services, whether internal, external or supporting,
by supporting services that are required by can be further classified in terms of how they
the service provider to underpin the customer- relate to one another and their customers:
facing services. These are typically invisible to
■■ Core services deliver the basic outcomes
the customer, but essential to the delivery of
desired by the customer. They represent the
customer-facing services. Supporting services may
value that the customer wants and for which
be of many different types or go by a variety of
they are willing to pay.
names, such as infrastructure services, network
services, application services or technical services. ■■ Enabling services are services that are needed
in order to deliver a core service. Enabling
services may or may not be visible to the
customer, but they are not offered to
customers in their own right.

Introduction to service management | 13
External External External External External External
customer customer customer customer customer customer
The business
Business unit Business unit

(internal customer) (internal customer)
IT
IT department IT department IT department
External customer-facing services
IT services Internal customer-facing services
Supporting services (internal)
Business services and products provided by other business units
Figure 2.1 Internal, external and supporting services
■■ Enhancing services are services that are added 2.1.4 Service packaging
to a core service to make it more attractive to Most service providers will follow a strategy
the customer. Enhancing services are not of delivering a set of more generic services to
essential to the delivery of a core service but a broad range of customers, thus achieving
are used to encourage customers to use the economies of scale. One way of achieving
core services or to differentiate the service this flexibility is by using service packages.
provider from its competitors.
Examples of the service types are provided
in Table 2.1.

Table 2.1 Examples of core, enabling and enhancing services

Core service Enabling service Enhancing service
IT services (office automation) Word processing Download and installation Document publication to
of updates professional printer for high-
quality brochure
IT services (benefits tracking) Employees of a company A portal that provides a Customers can create and
can monitor the status of user-friendly front-end manage a fitness or weight-
their benefits (such as access to the benefits- loss programme. Customers
health insurance and tracking service. who show progress in their
retirement accounts). programme are awarded a
discount on their premiums.
Definition Case study: service management in practice

A service package is a collection of two or more (Brigitte’s experience)
services that have been combined to offer a Brigitte realizes that she is part of a very specific
solution to a specific type of customer need or to customer segment. She is not travelling with her
underpin specific business outcomes. A service family as a tourist but is recognized by the hotel
package can consist of a combination of core as a business customer. On the other hand she is
services, enabling services, enhancing services probably not considered a VIP by the hotel. The
and other service packages. hotel has carefully designed a service package for
her segment with room, breakfast, wireless
Where a service or service package needs to be broadband connection, parking and internet
differentiated for various types of customer, booking. It offers different service options for her
one or more components of the package can be segment as well.
changed, or offered at different service levels,
When she booked the hotel, Brigitte had the
to create service options. These different service
opportunity to select an ordinary room instead
options can then be offered to customers and
of the suite she chose. The hotel even offered an
are sometimes called service level packages.
add-on service option with the possibility of
Some supporting services such as service desk, cancellation until the day of arrival.
typically bundled with most service packages, can
also be offered on their own (see Figure 2.2).
2.1.5 Service value: utility and warranty
The value of a service can be considered to be the
level to which that service meets a customer’s
expectations. Unlike products, services do not have
much intrinsic value. The value of a service comes

Service package
Core service
Service package Enhancing service
Service package
Core service
Enabling service Enhancing service
Figure 2.2 Service packages can contain other service packages
from what it enables someone to do. A service ■■ Utility What the customer gets – or fitness
contributes value to an organization only when its for purpose
value is perceived to be higher than the cost of ■■ Warranty How it is delivered – or fitness for use.
obtaining the service.
Definition
From the customer’s perspective, value consists of
achieving business objectives. The value of a service Utility is the functionality offered by a product or
is created by combining two primary elements service to meet a particular need.
(see Figure 2.3):
Utility can be summarized as ‘what the service does’,
and can be used to determine whether a service is
able to meet its required outcomes, or is ‘fit for

UTILITY
Performance supported? T/F

OR
Constraints removed? Fit for
purpose?
AND Value created

Available enough? T/F
Fit for use?
Capacity enough?
AND
Continuous enough? T/F
T: True
Secure enough? F: False
WARRANTY
Figure 2.3 Value is created from service utilities and warranties
purpose’. Utility increases the average performance It should be noted that the elements of warranty
of customers’ assets by improving customers’ in Figure 2.3 (availability, capacity, continuity and
productivity or outcomes or by removing constraints security) are not exclusive. It is possible to define
on their performance. other components of warranty, such as usability
or compliance.
Definition
Warranty is the assurance that a product or Case study: service management in practice
service will meet its agreed requirements. This (Brigitte’s experience)
may be a formal agreement such as a service level It is the first time Brigitte has been confronted
agreement or contract, or it may be a marketing with the concept of utility and warranty, but
message or brand image. when she thinks about it, it makes perfect sense.
She looks around. The bed, table and bathroom
Warranty refers to the ability of a service to be
are good examples of utility in that they fulfil her
available when needed, to provide the required
need for sleep, the ability to work in her room
capacity, and to provide the required reliability in
and to have a bath before she leaves for her
terms of continuity and security. Warranty can be
appointment tomorrow.
summarized as ‘how the service is delivered’, and can
be used to determine whether a service is ‘fit for use’. But to create value, the room must be available
on the night she needs it, there must be internet
Warranty decreases the possible losses for the
bandwidth enough for her to prepare for the
customer from variation in performance. Customers
next day’s work on her laptop, and she must feel
feel more certain that their demand for service will
secure in her room. These conditions are
be fulfilled with the same level of utility with
examples of warranty.
little variation.

Customers cannot benefit from something that is fit Capabilities on the other hand represent an
for purpose but not fit for use, and vice versa. The organization’s ability to coordinate, control and
value of a service is therefore only delivered when deploy resources to produce value. Capabilities such
both utility and warranty are designed and delivered. as management, organization, people and
knowledge are used to transform resources into
2.1.6 Service assets: resources valuable services.
and capabilities
Definition
To create value in the form of goods and services,
an organization needs assets. A service asset is any Capability is the ability of a service organization,
resource or capability used by a service provider to person, process, application, IT service or other
deliver services to a customer (see Table 2.2 configuration item to carry out an activity.
for examples). Capabilities are intangible assets of an organization.
Definition Capabilities are typically experience-driven,

knowledge-intensive, information-based and firmly
Resource is a generic term, which includes IT
embedded within an organization’s people,
infrastructure, people, money or anything else
systems, processes and technologies.
that might help to deliver an IT service. Resources
are considered to be assets of an organization. It is relatively easy to acquire resources in comparison
with capabilities. Typically, distinctive capabilities
Case study: service management in practice can only be developed over time and are hard for
(Brigitte’s experience) competitors to duplicate.
Brigitte takes a quick walk around the hotel. The distinctive capabilities of a service provider set
Despite its small size, the hotel possesses quite a it apart from its competitors and enable it to
lot of resources. These include a well-equipped attract and retain customers by offering unique
and cosy dining room, a wine cellar, hotel staff, value propositions.
bathrooms, information brochures and place to
park her car. Table 2.2 Examples of capabilities and resources
However, Brigitte can’t help thinking that the
Capabilities Resources
resources would be of no use if it were not for
capabilities such as the attitude, skills, knowledge Management Financial capital
and experience of the staff, their way of organizing Organization Infrastructure
the hotel, and a number of well-practised
processes that cannot be taken for granted. Processes Applications
Knowledge Information
Resources are direct inputs for production.
People (experience, skills People (number
and relationships) of employees)

2.1.7 Service composition ■■ Service The service itself that is being delivered
to customers and business by the service
Case study: service management in practice provider, e.g. email and billing
(Brigitte’s experience) ■■ Service design package (SDP) Document(s)
A service such as accommodation for one night, defining all aspects of a service and its
which at a first glance looks very simple, seems to requirements through each stage of its lifecycle
be much more complicated behind the scenes. ■■ Business case Justification for service
The hotel needs to know Brigitte’s ‘business investments and expenditure
process’. Staff need to catalogue their services to ■■ Service level agreements (SLAs)/service level
help Brigitte select the right service for her requirements (SLRs) Documents agreed with
needs; they need to sign an agreement with the customer that specify the level, scope and
Brigitte to establish and maintain the appropriate quality of service to be provided
infrastructure at the hotel, to secure and operate
■■ Infrastructure All of the IT equipment necessary
the environment, and to gather and maintain
to deliver the service to customers and users,
data not only about Brigitte but also on all other
including servers, network circuits, switches,
aspects of the service such as money, food,
personal computers (PCs) and telephones
facilities and so on.
■■ Environment The environment required to
The hotel needs to provide an internet application secure and operate the infrastructure, e.g. data
and to acquire supporting services such as centres, power and air conditioning
wireless access, laundry, newspapers and so on. ■■ Data The data necessary to support the service
The hotel also needs to set up agreements and provide the information required by the
internally with its staff and externally with its business processes, e.g. customer records and
suppliers to clarify responsibilities and levels of accounts ledger
quality, and continually train and measure all ■■ Applications All of the software applications
parties to ensure a high and consistent standard. required to manipulate the data and provide
the functional requirements of the business
In summary, the composition of a service and its processes, e.g. enterprise resource management
constituent parts can now be defined as illustrated (ERM), financial and customer relationship
in Figure 2.4. management (CRM)
All the components of the service and their ■■ Integration Solutions to combine applications
interrelationships have to be considered, ensuring or data from different sources and providing a
that the services delivered meet new and evolving user or an application with a unified view of
business needs. The various components are: these applications and data
■■ Operational level agreements (OLAs) and
■■ Business process The process that defines the contracts Any underpinning agreements
functional needs of the service being provided, necessary to deliver the quality of service
e.g. telesales, invoicing, orders, credit checking agreed within a service level agreement (SLA)

Business service
Business process Business process Business process
IT service
Utility
Service design Service Business case
Name, description, purpose,
package
impact, contacts
Warranty
Service levels, targets, service hours, SLA/SLRs
assurance, responsibilities
Assets/resources
Systems, assets, components Infrastructure/ Applications/
Data
environment integration
Assets/capabilities
Processes, supporting targets OLAs Supporting
IT processes
Contracts services
Assets/capabilities
Resources, people, skills, suppliers Functions Roles Suppliers
Figure 2.4 Service composition
■■ Supporting services Any services that are ■■ Suppliers External third parties necessary to
necessary to support the operation of the provide support for any of the components
delivered service, e.g. a shared service or a required to provide the service, e.g. networks,
managed network service hardware, software.
■■ IT processes The processes needed by the
service provider to ensure successful provision 2.1.8 Service management
of the service, e.g. request fulfilment, incident Service management is what enables a service
management, change management and provider to understand the services they are
availability management providing; to ensure that the services really do
■■ Functions Any internal teams providing facilitate the outcomes their customers want to
support for any of the components required to achieve; to understand the value of the services to
provide the service, e.g. the service desk their customers; and to understand and manage all
■■ Roles Responsibilities, activities and authorities the costs and risks associated with those services.
granted to a person or team that control and
deploy the resources engaged in the service,
e.g. problem manager, release manager,
capacity manager and service owner

Definitions Business
outcome
Service management is a set of specialized Value
organizational capabilities for providing value to Customer
customers in the form of services. assets
Performance
IT service management (ITSM) is the
Services
implementation and management of quality IT Service
services that meet the needs of the business. IT
Service
service management is performed by IT service Capabilities assets
providers through an appropriate mix of people, and resources
process and information technology. Service
management
These capabilities include the management

Figure 2.5 Service management is the act of
practices, processes, functions, roles, knowledge
transforming resources into valuable services
and skills that a service provider uses to enable
them to deliver services that create value to
their customers. The capabilities represent their Case study: service management in practice
capacity, competency and confidence for action. (Brigitte’s experience)
The more mature a service provider’s capabilities
As a service provider the hotel needs to establish
are, the greater is their ability to consistently
functions such as a concierge, reception, kitchen
produce quality services that meet the needs of the
and facilities management as well as processes
customer in a timely and cost-effective manner.
such as booking, request fulfilment, capacity
The act of transforming resources (Figure 2.5) into management and cooking. They are all examples
valuable services by exploiting the organization’s of capabilities that help the hotel to transform
capabilities is at the core of service management. resources in the form of staff, food and buildings
Without the capabilities, a service organization into valuable hotel services.
is merely a bundle of useless resources.
But the hotel must also ensure that it hires
However, service management is more than just a people who have acquired the appropriate level
set of capabilities. It is also a professional practice of knowledge and skills through education and
supported by an extensive body of knowledge, experience within the profession.
experience and skills. A global community of
individuals and organizations fosters its growth
and maturity.

2.1.9 Stakeholders in service management 2.1.9.2 Customers
Stakeholders have an interest in an organization, Definition
project, service etc. and may be interested in
A customer is someone who buys goods or
the activities, targets, resources or deliverables
services. The customer of an IT service provider is
from service management. Examples of
the person or group who defines and agrees the
stakeholders include organizations, service
service level targets.
providers, customers, consumers, users, partners,
employees, shareholders, owners and suppliers.
There is a difference between customers who
work in the same organization as the IT service
2.1.9.1 Service providers
provider and customers who work for other
Every IT organization should act as a service provider, organizations. They are distinguished as follows:
using the principles of service management to
ensure that they deliver the outcomes required by ■■ Internal customers These are customers who
their customers. work for the same business as the IT service
provider. For example, the marketing
Definition department is an internal customer of the IT
A service provider is an organization supplying organization because it uses IT services.
services to one or more internal customers or The head of marketing and the chief
external customers. information officer both report to the chief
executive officer. If IT charges for its services,
It is necessary to distinguish between different types the money paid is an internal transaction in
of service provider. There are three main types of the organization’s accounting system, not
service provider: real revenue.
■■ External customers These are customers who
■■ Type I – internal service provider An internal work for a different business from the IT
service provider that is embedded within a service provider. External customers typically
business unit. There may be several Type I purchase services from the service provider
service providers within an organization. by means of a legally binding contract
■■ Type II – shared services unit An internal or agreement.
service provider that provides shared IT services
to more than one business unit. It is important to note that both internal and
external customers must be provided with the
■■ Type III – external service provider A service
agreed level of service. The way in which services
provider that provides IT services to external
are designed, transitioned, delivered and improved,
customers.
however, is often quite different. Examples are
In reality most organizations have a combination funding, links to business strategy and objectives,
of the three types of IT service providers. accounting, involvement in service design, transition
and operation as well as drivers for improvement.

2.1.9.3 Users Processes define actions, dependencies and

While customers actually pay for and negotiate sequence. Well-defined processes can improve
the level of services with the service provider, they productivity within and across organizations
usually do so on behalf of a number of users and functions. It may include any of the roles,
or consumers. responsibilities, tools and management controls
required to reliably deliver the outputs. A process
Definition may define policies, standards, guidelines, activities
A user is a person who uses the service on a day- and work instructions if they are needed.
to-day basis. Users are distinct from customers, as
Case study: service management in practice
some customers do not use the IT service directly.
It is critical for the service provider to actively Brigitte has been at this hotel on a number of
engage with these users to ensure that the services occasions, so she recognizes the various processes,
meet the needs of both customers and users. which include booking, check-in, cleaning,
fulfilling reasonable needs of the guests,
2.1.9.4 Suppliers managing errors and complaints, ensuring
adequate capacity, managing finances, issuing
Definition invoices, providing meals and other refreshments,
A supplier is a third party responsible for dealing with changes or new demands, maintaining
supplying goods or services that are required buildings and equipment, and checkout.
to deliver services.
2.2.1.1 Process model
Examples of suppliers include commodity hardware
and software vendors, network and telecom Processes, once defined, should be documented
providers, and outsourcing organizations. and controlled. Once under control, they can be
repeated and managed. Process measurement and
metrics can be built into the process to control and
2.2 Processes, functions and roles improve the process, as illustrated in Figure 2.6.
Processes, functions and roles are key service The process model shows that data enters the
management capabilities of an organization. process, is processed, is output, and the outcome is
measured and reviewed.
2.2.1 Processes
A process is organized around a set of objectives.
Definition The main outputs from the process should be
A process is a structured set of activities designed driven by the objectives and should include
to accomplish a specific objective. A process takes process measurements (metrics), reports and
one or more defined inputs and turns them into process improvement. A process should be owned
defined outputs.

Process control
Process policy
Process owner Process objectives
Triggers Process
documentation Process feedback
Process
Process metrics
Process activities Process roles
Process Process Process Process

inputs procedures improvements outputs
Process Including process

work instructions reports and reviews
Process enablers
Process
Process resources capabilities
Figure 2.6 Process model
by a process owner, who should be accountable A process, or an activity within a process, is initiated
for the process and its improvement and for by a trigger. A trigger may be the arrival of an
ensuring that the process meets its objectives. input or other event. For example, the failure
of a server may trigger the event management
The output produced by a process has to conform to
and incident management processes.
operational norms that are derived from business
objectives. If products conform to the set norm, the A process may include any of the roles,
process can be considered effective (because it can be responsibilities, tools and management controls
repeated, measured and managed). If the activities required to reliably deliver the outputs. A process
are carried out with a minimum use of resources, may define policies, standards, guidelines, activities
the process can also be considered efficient. and work instructions if they are needed.
Inputs are data or information used by the process Process analysis, results and metrics should be
and may be the output from another process. incorporated in regular management reports and
process improvements.

Documentation standards, processes and templates

Definition
should be used to ensure that the processes are
easily adopted throughout an organization. A function is a team or group of people and the
tools or other resources they use to carry out one
2.2.1.2 Process characteristics or more processes or activities – for example, the
service desk.
Process characteristics include:
■■ Measurability Ability to measure the process in In larger organizations, a function may be broken
a relevant manner. This is performance-driven. out and performed by several departments, teams
Managers want to measure cost, quality and and groups, or it may be embodied within a single
other variables while practitioners are organizational unit. In smaller organizations, one
concerned with duration and productivity. person or group can perform multiple functions.
■■ Specific results The reason a process exists is to Functions tend to optimize work methods locally
deliver a specific result. This result must be to focus on assigned outcomes. Poor coordination
individually identifiable and countable. between functions combined with an inward
■■ Customers Every process delivers its primary focus leads to functional silos that hinder
results to a customer or stakeholder. Customers cross-organizational cooperation. Appropriate
may be internal or external to the organization, organizational structure of teams, groups or
but the process must meet their expectations. functions therefore needs to be established
■■ Responsiveness to specific triggers While a and managed.
process may be ongoing or iterative, it should
be traceable to a specific trigger. 2.2.3 Roles
Delivering service successfully depends on personnel
2.2.2 Functions involved in service management having the
appropriate education, training, skills and experience.
People need to understand their role and how they
contribute to the overall organization, services and
Brigitte sits down at the desk in order to go over processes to be effective and motivated. As changes
a few things before the meeting next day, only to are made, job requirements, roles, responsibilities
realize that the bulb in the lamp on the table has and competencies should be updated if necessary.
failed. Brigitte calls the reception. The issue is easily
solved because the reception acts as a single point Definition
of contact to the other functions at the hotel.
A role is a set of responsibilities, activities and
Soon a staff member from the facilities function
authorities assigned to a person or team. A role is
knocks on her door and exchanges the bulb.
defined in a process or function.
The specific roles within service management all

require specific skills, attributes and competences
from the people involved to enable them to work

effectively and efficiently. However, whatever For service management to be successful, an
the role, it is imperative that the person carrying organization will need to clearly define the specific
out that role has the following attributes: roles and responsibilities required to undertake the
processes and activities involved in each lifecycle
■■ Awareness of the business priorities, business
stage. These roles will need to be assigned to
objectives and business drivers
individuals.
■■ Awareness of the role IT plays in enabling the
business objectives to be met Case study: service management in practice
■■ Customer service skills (Brigitte’s experience)
■■ Awareness of what IT can deliver to the At the small hotel where Brigitte is staying, only a
business, including capabilities few roles are necessary to manage the delivery of
■■ The competence, knowledge and information services. In a larger hotel or a hotel chain, a
necessary to complete the role greater number of other roles might be needed,
■■ The ability to use, understand and interpret such as:
the best practice, policies and procedures to
■■ Account manager
ensure adherence.
■■ Contract manager
The following are examples of attributes ■■ Security manager
required in many of the roles, dependent on the
■■ Purchasing manager
organization and the specific roles assigned:
■■ Project director
■■ Management skills – both from a people ■■ Reception manager.
management perspective and from the overall
control of process. One person or team may have multiple roles, for
■■ Ability to handle meetings – organizing, example the roles of configuration manager and
chairing, and documenting meetings and change manager may be carried out by a single
ensuring that actions are followed up. person. On the other hand, one role is often carried
■■ Communication skills – an important element out by multiple people: the problem analyst role
of all roles is raising awareness of the processes may for example be assigned to more than one
in place to ensure buy-in and conformance. An person. In a hotel scenario, a waiter might work as a
ability to communicate at all levels within the dishwasher when the guests have left the restaurant.
organization will be imperative. A small hotel might have just one employee
■■ Articulateness – both written (e.g. for reports) undertaking the two roles, whereas a large hotel is
and oral. more likely to have only one role per employee.
■■ Negotiation skills for several aspects, such as Roles fall into two main categories – generic roles
procurement and contracts. such as process manager and process owner,
■■ An analytical mind – to analyse metrics and specific roles that are involved within a
produced from the activity. particular lifecycle stage or process such as an
incident manager or IT designer/architect.

2.2.3.1 RACI ITIL defines numerous roles. Four of the generic

When designing a service or a process, it is roles are outlined below.
imperative that all the roles are clearly defined.
Since services, processes and their activities run 2.2.3.2 Service owner
through an entire organization, the individual The service owner is accountable for a specific
activities should be clearly mapped to well-defined service within an organization, regardless of
roles. A RACI authority matrix (see Table 2.3) is where the underpinning technology components,
often used within organizations to define the roles processes or professional capabilities reside.
and responsibilities in relation to processes and
Service ownership is as critical to service management
activities. RACI is an acronym for the four main roles
as establishing ownership for processes, which
of being:
crosses multiple vertical silos or departments.
■■ Responsible The person or people responsible
The service owner’s accountabilities include:
for getting the job done.
■■ Accountable The person who has ownership of ■■ Representing the service across the organization
quality and the end result. Only one person can ■■ Understanding the service
be accountable for each task. ■■ Working with business relationship
■■ Consulted The people who are consulted and management to understand and translate
whose opinions are sought. customer requirements into activities, measures
■■ Informed The people who are kept up to date or service components that will ensure that the
on progress. service provider can meet those requirements
■■ Ensuring consistent and appropriate
The RACI chart shows the structure of RACI
communication with customers for service-
modelling. The rows represent a number
related enquiries and issues
of required activities and the columns
■■ Ensuring that the ongoing service delivery and
identify the people who make the decisions,
support meet agreed customer requirements
carry out activities or provide input.
Table 2.3 An example of a simple RACI matrix

Director of service Service level Problem Security Procurement
management manager manager manager manager
Activity 1 AR C I I C
Activity 2 AR R C C C
Activity 3 I A R I C
Activity 4 I A R I
Activity 5 I R A C I

■■ Participating in negotiating service level ■■ Communicating process information or changes
agreements (SLAs) and operating level as appropriate to ensure awareness
agreements (OLAs) ■■ Providing process resources to support activities
■■ Representing the service in change advisory required throughout the service lifecycle
board (CAB) meetings ■■ Ensuring that process technicians have the
■■ Liaising with the appropriate process owners required knowledge and the required technical
throughout the service lifecycle and business understanding to deliver the
■■ Participating in internal service review meetings process, and understand their role in the process
within IT and external service review meetings ■■ Addressing issues with the running of the process
with the business ■■ Identifying process improvement opportunities
■■ Identifying and making improvements to ■■ Making improvements to the process.
the service
■■ Being accountable for the delivery of the service. 2.2.3.4 Process manager
The process manager role is accountable for
2.2.3.3 Process owner operational management of a process. There may
The process owner role is accountable for ensuring be several process managers for one process, for
that a process is fit for purpose. This role is often example regional change managers or IT service
assigned to the same person who carries out the continuity managers for each data centre. The
process manager role, but the two roles may be process manager role is often assigned to the
separate in larger organizations. The process owner person who carries out the process owner role, but
role is accountable for ensuring that their process is the two roles may be separate in larger
performed according to the agreed and documented organizations.
standard and meets the aims of the process definition.
The process manager’s accountabilities include:
The process owner’s accountabilities include:
■■ Working with the process owner to plan and
■■ Sponsoring, designing and change managing coordinate all process activities
the process and its metrics ■■ Ensuring that all activities are carried out as
■■ Defining, evaluating and maintaining the required throughout the service lifecycle
process strategy ■■ Appointing people to the required roles
■■ Assisting with process design ■■ Managing resources assigned to the process
■■ Ensuring that appropriate process ■■ Working with service owners and other process
documentation is available and current managers to ensure the smooth running
■■ Defining appropriate policies and standards to of services
be employed throughout the process ■■ Monitoring and reporting on process
■■ Periodically auditing the process to ensure performance
compliance with policy and standards ■■ Identifying improvement opportunities
■■ Making improvements to the process
implementation.

2.2.3.5 Process practitioner which tasks can be performed, with the associated
A process practitioner is responsible for carrying out professional skills required for each level. A second
one or more process activities. In some organizations, dimension defines core competencies that can be
and for some processes, the process practitioner role combined with the professional skills. SFIA is used
may be combined with the process manager role; in by many IT service providers to identify career
others there may be large numbers of practitioners development opportunities.
carrying out different parts of the process. More information on SFIA can be found at
The process practitioner’s responsibilities www.sfia.org.uk
typically include:
■■ Carrying out one or more activities of a process 2.3 Best practice
■■ Understanding how their role contributes to Organizations often benchmark themselves against
the overall delivery of service and creation of peers and seek to close gaps in capabilities. One
value for the business way to close such gaps is by adopting best practices.
■■ Working with other stakeholders, such as their
Practice is a way of working, or a way in which
manager, co-workers, users and customers, to
work must be done. Practices can include activities,
ensure that their contributions are effective
processes, functions, standards and guidelines.
■■ Ensuring that inputs, outputs and interfaces for
their activities are correct By best practice we mean proven practices that have
■■ Creating or updating records to show that been successfully used by multiple organizations.
activities have been carried out correctly. There are several sources for best practices, including:
2.2.4 Competence and skills framework ■■ Standards

Standardizing job titles, functions, roles and ■■ Public frameworks
responsibilities can simplify service management ■■ Industry practices
and human resource management. Many ■■ Academic research
service providers use a common framework of ■■ Training and education
reference for competence and skills to support ■■ Internal experience.
activities such as skill audits, planning future
ITIL is the most widely recognized and trusted
skill requirements, organizational development
source of best-practice guidance in the area of IT
programmes and resource allocation. For
service management.
example, resource and cost models are simpler
and easier to use if jobs and roles are standard. ISO/IEC 20000 provides a formal and international
standard for organizations seeking to have their
The Skills Framework for the Information Age (SFIA)
service management capabilities audited and
is an example of a common reference model for the
certified. While ISO/IEC 20000 is a standard to be
identification of the skills needed to develop
achieved and maintained, ITIL offers a body of
effective IT services, information systems and
knowledge useful for achieving the standard.
technology. SFIA defines seven generic levels at

Type III External
Service providers Type II Shared services
Service Suppliers Type I Internal

management
stakeholders External
Customers
Internal
Users People (number)
Infrastructure
Resources -
Decrease variation in performance ‘tangible’ Information
Security Applications
Warranty –
Continuity ‘fitness’ Financial capital
for use
Capacity Experience
Skills Framework
Availability People Skills Competence and for the
Service skills framework Information Age
value
Relationships
Knowledge
Increase average performance Utility – Have customers
‘fitness’
Removal of constraints for purpose Define specific results
Process
characteristics Measurable
Responds to specific events
Service Policy
packaging Triggers
Objectives
Processes Input
Outcome Service Process model Owner
Output
Documentation
Service Process controls
Community assets Feedback
Skills Activities
Process
Experience Procedures
Capabilities –
Knowledge ‘intangible’
Work instructions
Professional Service Metrics

Internal experience practice management
Roles
Training and education
Improvements
Academic research
Best
practice Resources
Industry practice Process enablers
Standards Capabilities
ISO/IEC 20000 Process practitioner
Enhancing
ITIL Process manager
services
Roles
Organization Process owner
Enabling
services
Service owner
Core
Activities
services
Service
types Authorities Responsible
Internal Accountable
Customer-
Responsibilities RACI
facing
Consulted
services
External
Functions Informed
Supporting
services Management
Figure 2.7 Overview of Chapter 2

2.4 Sample questions a 1 and 3 only
1 Which of the following is the BEST definition of b 2 and 3 only

a function? c 2, 3 and 4 only
a It is specialized to perform only one task as a d All of the above
separate entity
4 Which of the following is a service owner
b It is self-contained with capabilities and accountable for?
resources necessary for its performance
a Carrying out the operational activities to
c It is repeatable and becomes manageable support the service
d It is performance driven and must be able to b Ownership of a service regardless of its
be measured underpinning components
2 A support analyst has a ‘C’ and ‘R’ against their c Ownership of a service for all the internally
name in the RACI matrix for the process of managed components of that service
incident management. What does this mean?
d Ensuring that the targets contained within a
a They are the customer contact and service level agreement are met
are responsible
5 Which of the following is the BEST definition of
b They will need to be consulted and a supporting service?
are responsible
a A service that is delivered between
c They will need to be consulted and departments or business units in the
are retained same organization
d They will need to be communicated to, and b A service that is delivered to external
are registered customers
3 Which of the following activities is a process c A service that is not directly used by the
practitioner responsible for? business, but is required to provide the
1 Documenting and publicizing the process overall service
2 Carrying out the process activities d A service that is provided by an internal

service provider
3 Meeting the required key performance
indicators (KPIs)
4 Creating or updating records to show that
activities have been carried out correctly


ITIL and the
service lifecycle 3
17/02/2012 11:58
| 33

3 ITIL and the service lifecycle
ITIL is a set of best-practice publications for IT In addition to the core publications, there is also
service management. Owned by the Cabinet a complementary set of ITIL publications
Office (part of HM Government in the United providing guidance specific to industry sectors,
Kingdom), ITIL gives guidance to all types of organizations types, operating models and
service providers on the provision of quality technology architectures.
IT services and the processes, functions and
other capabilities needed to support them.
3.2 Why ITIL?
ITIL embraces a practical approach to service
3.1 The ITIL service management – do what works. It describes practices
management practices that enable organizations to deliver benefits, return
ITIL is the most widely recognized framework for on investment and sustained success. That is the
IT service management in the world. In the 25 main reason for the global success of ITIL; other
years since it was commenced, ITIL has evolved and reasons are that ITIL is:
changed its breadth and depth from a specialized ■■ Vendor-neutral ITIL service management
set of service management topics with a focus practices are applicable in any IT organization
on functions, to a process-based framework, because they are not based on any particular
and now to a broader set of capability-based technology platform or industry type.
practices providing a holistic service lifecycle.
■■ Non-prescriptive ITIL offers practices that are
ITIL is not a standard that has to be followed. It is applicable to all types and sizes of service
guidance that should be read and understood, and provider. Organizations can adopt ITIL and
used to create value for the service provider and its adapt it to meet the needs of the IT
customers. In other words it should be adopted organization and their customers.
and adapted to work in the specific environments of ■■ Best practice ITIL represents the learning
the service provider in ways that meet the needs experiences and thought leadership of the
of the service provider. world’s best-in-class service providers.
The ITIL framework is based on a service lifecycle
and consists of five lifecycle stages, with a core 3.3 The service lifecycle
publication providing best-practice guidance
The ITIL framework is based on the five stages
for each stage. This guidance includes key
of the service lifecycle as shown in Figure 3.1:
principles, required processes and activities,
organization and roles, technology, associated ■■ Service strategy
challenges, critical success factors and risks. ■■ Service design

34 | ITIL and the service lifecycle
■■ Service transition 3.3.1 Service strategy

■■ Service operation ITIL Service Strategy provides guidance on how
■■ Continual service improvement. to view service management not only as an
Each stage addresses capabilities having direct organizational capability but as a strategic asset. It
impact on a service provider’s performance. describes the principles underpinning the practice
of service management which are useful for
The service lifecycle uses a hub-and-spoke design, developing service management policies, guidelines
with service strategy at the hub, and service design, and processes across the ITIL service lifecycle.
transition and operation as the revolving lifecycle
stages or ‘spokes’. Continual service improvement Topics covered in ITIL Service Strategy include the
surrounds and supports all stages of the service development of market spaces, characteristics of
lifecycle. Each stage of the lifecycle exerts influence internal and external provider types, service assets,
on the others and relies on them for inputs and the service portfolio and implementation of strategy
feedback. In this way, a constant set of checks and through the service lifecycle. Business relationship
balances throughout the service lifecycle ensures management, demand management, financial
that as business demand changes with business management, organizational development and
need, the services can adapt and respond effectively. strategic risks are among the other major topics.
3.3.2 Service design

ITIL Service Design provides guidance for the
Continual design and development of services and service
service management capabilities and practices. It covers
improvement
Service design principles and methods for converting
transition
strategic objectives into portfolios of services and
service assets. The scope of ITIL Service Design
includes the changes and improvements necessary
to increase or maintain value to customers, the
Service
strategy
continuity of services, achievement of service levels,
and conformance to standards and regulations.
Service
design Service Topics covered in ITIL Service Design include design
operation
coordination, service catalogue management,
service level management, availability
management, capacity management, IT service
continuity management, information security
management and supplier management.
Figure 3.1 The ITIL service lifecycle

ITIL and the service lifecycle | 35
3.3.3 Service transition Topics covered in ITIL Service Operation include
ITIL Service Transition provides guidance for the event management, incident management, request
development and improvement of capabilities fulfilment, problem management and access
for introducing new and changed services into management processes, as well as the service desk,
supported environments. It describes how to technical management, IT operations management
transition an organization from one state to and application management functions.
another while controlling risk and supporting
organizational knowledge for decision support. 3.3.5 Continual service improvement
It ensures that the value(s) identified in ITIL Continual Service Improvement provides
the service strategy, and encoded in service guidance on achieving incremental and
design, are effectively transitioned so that large-scale improvements in service quality,
they can be realized in service operation. operational efficiency and business continuity,
and best practices for ensuring that the service
Topics covered in ITIL Service Transition include
portfolio continues to be aligned to business
transition planning and support, change management,
needs. It combines principles, practices and
service asset and configuration management,
methods from quality management, change
release and deployment management, service
management and capability improvement.
validation and testing, change evaluation and
knowledge management. Guidance is provided for linking improvement
efforts and outcomes with service strategy,
3.3.4 Service operation design, transition and operation. A closed-loop
ITIL Service Operation provides guidance on how feedback system, based on the Plan-Do-Check-
to maintain stability in service operation, allowing Act (PDCA) cycle, is established. Feedback
for changes in design, scale, scope and service from any stage of the service lifecycle can be
levels. Organizations are provided with detailed used to identify improvement opportunities
process guidelines, methods and tools for use for any other stage of the lifecycle.
in two major control perspectives: reactive and Topics covered in ITIL Continual Service
proactive. Managers and practitioners are provided Improvement include a seven-step improvement
with knowledge allowing them to make better process, service measurement, use of metrics,
decisions in areas such as managing the availability baselining and maturity assessments.
of services, controlling demand, optimizing capacity
utilization, scheduling operations, and avoiding or
resolving service incidents and managing problems.

36 | ITIL and the service lifecycle
Case study: service management in practice Since then the hotel has been kept operational –
(Brigitte’s experience) through maintenance (plumbers, electricians etc.)
Last time Brigitte stayed at the hotel, she had a and operational services such as waste collection,
conversation with the hotel manager. He happily cleaning of laundry and a number of other services.
told her the history of the hotel. It all began 10 From the very beginning the hotel has continually
years ago, when a number of industries moved to improved its services. Small operational changes
the area. A local family saw the opportunities for have frequently been implemented, training
a ‘bed-and-breakfast’ service, but very soon the programmes have been improved year after year,
need for a hotel arose. and new services such as wireless internet access
The family took their time in developing their have been introduced to fulfil the changing
strategy, including identifying the market requirements of the guests.
requirements, defining what services they would Recently the hotel decided to change its service
deliver, creating a business case, funding, analysing strategy to become more than just a hotel; it will
the risks, getting building approval and so on. house a conference centre in the future. From her
When the strategy was clearly defined and the conversation with the manager, Brigitte realized
services described, the actual design of the hotel that it is impossible to talk about one service
and its services began. This phase involved lifecycle. In reality there are many intertwined
architects, designers, planners and so on. service lifecycles with different extents and
cycle frequencies.
After a year the family was ready for transition
from the bed-and-breakfast facilities to the new
hotel. The hotel was built and inspectors tested
that the hotel fulfilled the acceptance criteria and
legal regulations, personnel were hired and
trained and the hotel opened.

ITIL and the service lifecycle | 37
Service strategy
Service design
Best practice
Vendor-neutral Why ITIL? Service

ITIL Service transition
lifecycle
Non-prescriptive
Service operation
Continual service
improvement



Service strategy 4
17/02/2012 11:58
| 41
4 Service strategy
Service strategy establishes an overall strategy for 4.1 Purpose and objectives
services and service management – not only as an
The purpose of the service strategy stage is to
organizational capability but as a strategic asset.
define the perspective, position, plans and patterns
Case study: service management in practice that a service provider needs to execute in order
(Brigitte’s experience) to meet an organization’s business outcomes.
When the hotel management recently evaluated The main objectives of service strategy are to provide:
the strategy of the hotel, including the future ■■ An understanding of what strategy is
portfolio of services, a number of alternatives
■■ A clear identification of the definition of
were analysed:
services and the customers who use them
■■ Building of a new wing with extra rooms ■■ The ability to define how value is created
■■ Transformation of the hotel into a and delivered
conference centre ■■ A means of identifying opportunities to provide
■■ Expanding of the pool area to a small water services and how to exploit them
world open to the public. ■■ A clear service provision model that articulates
An analysis of the competitive position of the how services will be delivered and funded, and
hotel showed that the nearest conference centre to whom they will be delivered and for
was situated about 50 kilometres away. There what purpose
was a public swimming pool in the town but it ■■ The means of understanding the organizational
had neither a slide nor a Jacuzzi. capability required to deliver the strategy
■■ Documentation and coordination of how
To support the decision, management needed to
service assets are used to deliver services, and
identify the option that would provide the
how to optimize their performance
highest return on investment with the lowest
■■ Processes that define the strategy of the
risk. The first move was to prepare a business case
organization, which services will achieve the
on each of the three options.
strategy, what level of investment will be
It turned out that the most profitable investment required, at what levels of demand and the
was the conference option. The hotel management means to ensure that a working relationship
therefore crafted a plan for transforming the exists between the customer and service provider.
hotel into a conference centre to differentiate
the hotel from the other alternatives in the area.

42 | Service strategy
4.2 Scope ■■ Enable the service provider to have a clear

understanding of what types and levels of
Service strategy covers generic principles and
service will make its customers successful, and
processes of service management and how these
then organize itself optimally to deliver and
generic principles are applied consistently to the
support those services.
management of IT services.
■■ Enable the service provider to respond quickly
The guidance is intended for use by both internal and effectively to changes in the business
and external service providers, and includes environment, ensuring increased competitive
practices for organizations which are required to advantage over time.
offer IT services as a profitable business, as well as ■■ Support the creation and maintenance of a
those required to offer IT services to other business portfolio of services that will enable the
units within the same organization – at no profit. business to achieve positive return on its
Two aspects of strategy are covered in ITIL investment in services.
Service Strategy: ■■ Facilitate functional and transparent
communication between the customer and
■■ Defining a strategy whereby a service provider
the service provider.
will deliver services to meet a customer’s
business outcomes
■■ Defining a strategy for how to manage 4.4 Key principles
those services.
4.4.1 Value
The following processes are within the scope of
service strategy: The value of a service is the level to which that
service meets a customer’s expectations. Unlike
■■ Strategy management for IT services products, services do not have much intrinsic value.
■■ Service portfolio management The value of a service comes from what it enables
■■ Financial management for IT services someone to do. Based on this insight, some of
■■ Demand management the main characteristics of service value are:
■■ Business relationship management. ■■ Value is defined by the customer
■■ Customers select the services that represent the
4.3 Business value best mix of features at the price they are
willing to pay
Adopting and implementing consistent
■■ Customers measure service value in terms
approaches for service strategy will:
of how the service helps them to achieve
■■ Enable the service provider to link its activities their objectives
to outcomes that are critical to the customers. ■■ Value changes over time and according
As a result, the service provider will be seen to to circumstances.
be contributing to the value (and not just the
costs) of the organization.

Service strategy | 43
Therefore, understanding the value of IT requires
three pieces of information:
Business
■■ What services does IT provide?
outcomes
■■ What do the services achieve?
■■ How much do the services cost?

Brigitte notices the information pamphlet that Value
the hotel has left on the table in her room. It
contains a number of services such as a wake-up
call, parking, laundry service, dining and childcare Preferences Perceptions
as well as descriptive attributes of the services
such as the number of television channels,
cleaning of the room and breakfast times.
Brigitte finds most of the services valuable, even Figure 4.1 Components of value
though she doesn’t need the childcare service on
this occasion. But to Brigitte the described
Although a service provider is not able to decide
services are only a part of what she appreciates as
the value of a service, it is able to influence how the
a hotel guest. For her it is as important that the
value of the service is perceived by the customers.
hotel is situated close to her temporary
Figure 4.2 illustrates how customers perceive value.
workplace, that the staff are kind and obliging,
that her balcony has a beautiful view over the The starting point for customer perception is the
Alps and that the hotel respects her preference reference value. This could be based on what the
for vegetarian food. customer has heard about the service, or the fact
that the customer is currently doing the activity
Customers do not buy services. They buy the themselves, or some previous experience of that or
fulfilment of particular needs. What counts is a similar service. An example of reference value is
quality as this is perceived by customers. The value the baseline that customers maintain on the cost of
of a service is therefore determined by what the in-house services, i.e. the do-it-yourself (DIY) strategy.
customer prefers (preferences), what the customer
The positive difference of the service is based
perceives (perceptions) and what the customer
on the perceived additional benefits and gains
actually gets (business outcomes) (see Figure 4.1).
provided by the service provider. These differences
Consequently, service providers have to demonstrate are based on the additional warranty and utility
business outcomes, influence perceptions and that the service provider is able to deliver.
respond to preferences.

Positive Negative
difference difference
4.4.2 Patterns of business activity
Every time a business activity is performed, it
Losses from generates demand for services. However, services
– utilizing the cannot be produced in advance of when they are
service
Net consumed. Therefore it is essential to synchronize
difference
Gains from supply and demand.
utilizing the +
service
Brigitte takes a closer look at the flyer next to the
telephone. She notices that the hotel offers a
special family discount in August. She can’t help
Based on DIY strategy or
but wonder why the hotel reduces its prices
existing arrangements during the holiday season, a time when the hotel
should appeal to tourists in the area.
Reference Economic value
value of service
Next time she passes the reception she decides to
ask the receptionist why the hotel offers a family
Figure 4.2 How customers perceive value discount in August. He answers that very few
tourists have chosen to stay at the hotel in
The negative difference of the service is the August in the last two years. The hotel
perception of what the customer would lose by management therefore discussed the situation
investing in the service. For example, they might based on that pattern and identified three
perceive some quality issues or hidden costs. possible solutions:
The net difference is the actual perception that the ■■ Lowering the prices for families to attract
customer has of how much better (or worse) the tourists
service is than the reference value after discounting the ■■ Introducing new services to attract tourists
negative difference. This is the area that will drive (e.g. expanding the pool area to create a small
the customer’s decision to invest in the service or not. water world)
The economic value is the total value that the ■■ Closing the hotel for one month.
customer perceives the service to deliver. It
includes the reference value plus (or minus) the Customer assets such as people, processes and
net difference of the service they receive, and applications all perform business activities, and this
is measured by the customer in the ability of activity will tend to be performed in patterns.
the service to meet their desired outcomes. For example a consulting company relies on a
However, what the customer values is frequently timesheet service to bill consultants’ time. Since
different from what the IT organization believes most consultants complete their timesheets for
it provides. the entire week at the end of the week, the later
it is in the week, the more critical the service,

and the more it is utilized. Consultants may need 4.4.3 Service portfolio
to be encouraged to log their time at the end
of each day, or the beginning of the next day. Case study: service management in practice
Since services often directly support one or more
The delivery of the hotel services requires extensive
patterns of business activity (PBA) it is important
knowledge about customers and contracts, as
that the patterns are properly understood and
well as supporting services and assets such as
aligned to services.
furniture and equipment, staff members, suppliers
Definition and processes. To manage this knowledge, the
hotel established a number of supporting systems
Pattern of business activity (PBA) is a workload
some years ago, including:
profile of one or more business activities. Patterns
of business activity are used to help the IT service ■■ A register of services and their
provider understand and plan for different levels interdependencies
of business activity. ■■ A customer catalogue presenting the services
provided by the hotel
Once a pattern of business activity has been ■■ Service level agreements with travel agencies
identified, a PBA profile should be drawn up and and larger companies
details about the PBA documented. The following ■■ A configuration database containing data for
items need to be documented: all relevant equipment, people, suppliers and
■■ Classification This indicates the type of PBA, processes that underpin the provided services.
and could refer to where it originates (user or The register of services has since supported the
automated), the type and impact of outcomes management in deciding which services to offer or
supported, and the type of workload supported. invest in, e.g. overnight stay, dining or conference
■■ Attributes Such as frequency, volume, location services. The register contains all the services
and duration. provided to the customers and suggestions for
■■ Requirements Such as performance, security, new or changed services as well as supporting
availability, privacy, latency or tolerance services such as laundry cleaning, internet access,
for delays. pool cleaning and waste collection.
■■ Service asset requirements Design teams will
The customer catalogue is aimed at the customers
draft a utilization profile for each PBA in terms
and guests. When Brigitte planned her trip to
of what resources it uses, and when and how
Switzerland, she looked up the hotel on the
much of each resource is utilized. If the
internet. On the hotel’s homepage she found
quantity of resources is known and the pattern
information on the services provided:
of utilization is known, the capacity management
process will be able to ensure that resources are ■■ Overnight stay
available to meet the demand – provided this ●● Single guest room, €100 per night
stays within the forecast range. ●● Double guest room, €150 per night

●● Suite (with table and free internet Definition

connection), €170 per night The service portfolio is the complete set of
●● Executive room (with separate bedroom services that are managed by a service provider.
and living room), €200 per night
■■ Dinner at the restaurant The service portfolio represents the commitments
●● Two courses (€30 per person) and investments made by a service provider across all
●● Three courses (€40 per person) customers, market spaces and stages of the service
■■ Swimming pool (€5 per hour – free for guests lifecycle. The portfolio management approach helps
at the hotel). managers to prioritize investments and improve
the allocation of resources (see Figure 4.3).
As Brigitte was pleased with the hotel services,
she ordered a suite. The service portfolio is used to manage the entire
lifecycle of all services, including:
A service portfolio (i.e. the register in the hotel
■■ Service pipeline (proposed or in development)
case) describes a provider’s services in terms
of business value. It articulates business needs ■■ Service catalogue (live or available for
and the provider’s response to those needs. deployment)
■■ Retired services.
Service portfolio
Service Retired
Service catalogue
pipeline services
Configuration management system
Supplier and contract Customer

Customer Application Project
management information agreement CMDB
portfolio portfolio portfolio
system portfolio
Figure 4.3 The service portfolio

The portfolio also includes third-party services,
Not only does the hotel maintain a register of all
which are an integral part of service offerings to
its services, including the services that are
customers. Some third-party services are visible
provided to the guests as well as underpinning
to the customers whereas others are not.
services such as cleaning and cooking. It also
By acting as the basis of a decision framework, identifies and maintains the relationships
a service portfolio either clarifies or helps to between the services. To provide an overnight
clarify the following strategic questions: stay, for example, the hotel needs to provide
cleaning and (if a guest requests it) wireless
■■ Why should a customer buy these services?
internet as well.
■■ Why should they buy these services from us?
■■ What are the pricing or chargeback models?
■■ What are our strengths and weaknesses, 4.4.4 Service catalogue
priorities and risks? The service catalogue (i.e. the customer catalogue
■■ How should our resources and capabilities in the hotel case) is the only part of the service
be allocated? portfolio published to customers, and it is used to
support the sale and delivery of IT services. The
Case study: service management in practice service catalogue includes information about
(Brigitte’s experience) deliverables, prices, contact points, ordering and
The register of services was supposed to support request processes.
the management of the hotel in answering
questions such as: Definition
A service catalogue is a database or structured
■■ What value does an overnight stay at our
document with information about all live IT
hotel provide to the guests compared with
services, including those available for deployment.
similar rival hotels?
■■ Which supporting services, resources and The service catalogue is part of the service
capabilities are needed to provide the portfolio and contains information about two
conference service? types of IT service: customer-facing services that
■■ What risks are associated with dining services? are visible to the business; and supporting
services required by the service provider to
As the register became more and more complete deliver customer-facing services.
and reliable over time, it also became more and
more critical as a means to support the hotel When service providers have many customers or
management in making the right decisions on serve many businesses, there may be multiple service
the optimal use of the available resources catalogue views projected from the service portfolio.
and capabilities.
It is recommended that a service provider, at the
minimum, defines two different views, each one
focusing on one type of service: a view for

The service catalogue
Business Business Business

Business/customer
process 1 process 2 process 3 service catalogue view
Service A Service B Service C Service D Service E
Service 1 Service 2 Service 3 Service 4 Service 5 Service 6
Technical/supporting service catalogue view
Links to related
information
Service assets/configuration records
Key = Customer-facing services = Supporting services
Figure 4.4 A two-view service catalogue
customers that shows the customer-facing services, ■■ Wholesale customer view This contains details
and a second view for the IT service provider of all the IT services delivered to wholesale
showing all the supporting services. Figure 4.4 customers (customer-facing services), together
shows a service catalogue with two views. with relationships to the customers they support.
Some organizations project more than two views. ■■ Retail customer view This contains details of all
There is no correct or suggested number of views an the IT services delivered to retail customers
organization should project. The number of views (customer-facing services), together with
projected will depend upon the audiences to be relationships to the customers they support.
addressed and the uses to which the catalogue will
be put. Figure 4.5 shows a service catalogue with
three views:

The service catalogue

Wholesale service catalogue view Retail service catalogue view
Wholesale Wholesale Retail Retail

customer 1 customer 2 customer 1 customer 2
Service A Service B Service C Service D Service E
Service 1 Service 2 Service 3 Service 4 Service 5 Service 6
Supporting service catalogue view
Links to related
information
Service assets/configuration records
Key = Customer-facing services = Supporting services
Figure 4.5 A three-view service catalogue
■■ Supporting services view This contains details 4.4.5 Business case

of all the supporting IT services, together with A service provider will need to make decisions on
relationships to the customer-facing services they what service management initiatives it wishes to
underpin and the components, configuration invest in. The business case for these investments
items (CIs) and other supporting services is key to this decision-making process.
necessary to support the provision of the
service to the customers. A business case is a decision support and planning
tool. It describes the objectives and the likely
outcomes of a business decision. The outcomes can
take on qualitative and quantitative dimensions.

Many IT service management strategies fail

Definition
because they try to build structures or processes
A business case is a justification for a significant according to how they would like the organization
item of expenditure. It includes information to work instead of working within the existing
about costs, benefits, options, issues, risks and governance structures.
possible problems.
Definition
The business case articulates the objectives of
Governance ensures that policies and strategy
the initiative and the specific business impacts
are actually implemented, and that required
(costs, risks and benefits) that the initiative
processes are correctly followed. Governance
is expected to generate (see Table 4.1).
includes defining roles and responsibilities,
The financial consequence of a decision, typically measuring and reporting, and taking actions to
in the form of return on investment (ROI), is resolve any issues identified.
often a core component of a business case.
Governance works to apply a consistently managed
A well-rounded business case also covers an analysis
approach at all levels of the organization – first by
of the desired non-financial business impacts
ensuring a clear strategy is set, then by defining
associated with the initiative, forming clear
the policies whereby the strategy will be achieved.
linkages between these non-financial impacts and
The policies also define boundaries, or what the
a recognized business objective. This analysis may
organization may not do as part of its operations.
use the value on investment (VOI) technique.
According to the standard for corporate governance
4.4.6 Governance of IT, ISO/IEC 38500, governance needs to be able to
Governance is the single overarching area that ties evaluate, direct and monitor the strategy, policies
IT and the business together, and services are one and plans.
way of ensuring that the organization is able to
execute that governance. Governance is what
defines the common directions, policies and rules that
both the business and IT use to conduct business.
Table 4.1 Example of a business case structure

A. Introduction Presents the business objectives addressed by the service.
B. Methods and assumptions Defines the boundaries of the business case, such as time period, whose costs
and whose benefits.
C. Business impacts The financial and non-financial business case results.
D. Risks and contingencies The probability that alternative results will emerge.
E. Recommendations Specific actions recommended.

4.4.7 Management of risk 4.4.7.2 Risk assessment
Risk assessment and risk management should be Risk assessment is concerned with gathering
applied to identify and mitigate risks within all parts information about exposure to risk so that the
of the service lifecycle. organization carrying out the risk assessment can
make appropriate decisions and manage risk
4.4.7.1 Risk appropriately. Risk assessment is concerned with
analysing the value of assets to the business,
Definition identifying threats to those assets, and evaluating
Risk is a possible event that could cause harm or how vulnerable each asset is to those threats. Risk
loss, or affect the ability to achieve objectives. assessment can be quantitative (based on numerical
data) or qualitative.
A risk is measured by the probability of a threat,
the vulnerability of the asset to that threat, and the 4.4.7.3 Risk management
impact it would have if it occurred (see Figure 4.6). Risk management involves having processes in place
Risk can also be defined as uncertainty of outcome, to monitor risks, access to reliable and up-to-date
and can be used in the context of measuring the information about risks, the right balance of control
probability of positive outcomes as well as in place to deal with those risks, and decision-making
negative outcomes. processes supported by a framework of risk analysis
and evaluation.
Assets Threats Vulnerabilities
Risk
assessment
Risks
Countermeasures
Risk
management
Figure 4.6 Risk assessment and management

Risk management also involves the identification, The objectives of service portfolio management are to:
selection and adoption of countermeasures
■■ Provide a process and mechanisms to enable an
justified by the identified risks.
organization to investigate and decide on which
services to provide, based on an analysis of the
4.5 Processes potential return and acceptable level of risk.
The ITIL Foundation syllabus covers the following ■■ Maintain the definitive portfolio of services
service strategy processes: provided, articulating the business needs each
service meets and the business outcomes
■■ Service portfolio management it supports.
■■ Financial management for IT services ■■ Provide a mechanism for the organization to
■■ Business relationship management. evaluate how services enable it to achieve its
strategy, and to respond to changes in its
4.5.1 Service portfolio management internal or external environments.
Service portfolio management is the process ■■ Control which services are offered, under what
responsible for managing the service portfolio. conditions and at what level of investment.
Service portfolio management ensures that ■■ Track the investment in services throughout
the service provider has the right mix of their lifecycle, thus enabling the organization
services to meet required business outcomes to evaluate its strategy, as well as its ability to
at an appropriate level of investment. Service execute against that strategy.
portfolio management considers services in ■■ Analyse which services are no longer viable and
terms of the business value that they provide. when they should be retired.
4.5.1.1 Purpose and objectives 4.5.1.2 Scope

The purpose of service portfolio management is The scope of service portfolio management is all
to ensure that the service provider has the right services a service provider plans to deliver, those
mix of services to balance the investment in IT currently delivered and those that have been
with the ability to meet business outcomes. It withdrawn from service.
tracks the investment in services throughout their Internal service providers will need to work with
lifecycle and works with other service management the business units in the organization to link each
processes to ensure that the appropriate returns service to the business outcomes before they can
are being achieved. In addition, it ensures that compare investment with returns. External service
services are clearly defined and linked to the providers tend to assess value more directly, as
achievement of business outcomes, thus ensuring each service needs to be able to generate revenue
that all design, transition and operation activities directly, or support revenue-generating services.
are aligned to the value of the services.

Service portfolio management evaluates the value for IT services identifies the balance between the
of services throughout their lifecycles, and must cost and quality of service and maintains the balance
be able to appraise what newer services have of supply and demand between the service provider
offered in comparison with the retired services and its customers.
they have replaced.
The objectives of financial management for IT
services include:
4.5.2 Financial management for IT services
Financial management for IT services is the process ■■ Defining and maintaining a framework to
responsible for managing an IT service provider’s identify, manage and communicate the cost of
budgeting, accounting and charging requirements. providing services.
■■ Evaluating the financial impact of new or
Case study: service management in practice changed strategies on the service provider.
(Brigitte’s experience) ■■ Securing funding to manage the provision
Next door to the hotel a new restaurant opened of services.
a couple of months ago. As a consequence the ■■ Facilitating good stewardship of service and
hotel restaurant has more than halved its number customer assets to ensure that the organization
of guests. The staff level in the restaurant has meets its objectives.
been adapted accordingly. At the weekly ■■ Understanding the relationship between
management team meeting the situation is being expenses and income and ensuring that the
discussed. It is a very emotional discussion – two are balanced according to the
should the restaurant be closed or not? The organization’s financial policies.
financial manager is asked to prepare a financial ■■ Managing and reporting expenditure on service
assessment of the restaurant. provision on behalf of the organization’s
At the next meeting the financial manager stakeholders.
presents his analysis: the restaurant is only just ■■ Executing the financial policies and practices in
profitable. But the hotel management decides to the provision of services.
keep it, as it provides a more seamless service ■■ Accounting for money spent on the creation,
provision to the guests if the hotel runs its own delivery and support of services.
restaurant. Further, the hotel is expected to ■■ Forecasting the financial requirements for the
expand during the coming years: more rooms are organization to be able to meet its service
planned and a conference centre will generate commitments to its customers, and compliance
extra custom for the restaurant. with regulatory and legislative requirements.
■■ Where appropriate, defining a framework to
recover the costs of service provision from
4.5.2.1 Purpose and objectives
the customer.
The purpose of financial management for IT services
is to secure the appropriate level of funding to
design, develop and deliver services that meet the
strategy of the organization. Financial management

4.5.2.2 Scope 4.5.3.1 Purpose and objectives

Financial management is normally a well-established The purpose of the business relationship management
and well-understood part of any organization. process is two-fold:
Professional accountants set financial policies,
■■ To establish and maintain a business
budgeting procedures, financial reporting standards,
relationship between the service provider and
accounting practices and revenue generation or
the customer based on understanding the
cost recovery rules. However, financial management
customer and their business needs.
for IT services is a specialized area that requires
■■ To identify customer needs and ensure that the
an understanding of the world of finance and
service provider is able to meet these needs as
business as well as the world of technology.
business needs change over time and between
Financial management for IT services consists of circumstances. Business relationship
three main processes: management ensures that customer
■■ Budgeting This is the process of predicting and expectations do not exceed what they are
controlling the income and expenditure of willing to pay for, and that the service provider
money within the organization. Budgeting is able to meet the customer’s expectations
consists of a periodic negotiation cycle to set before agreeing to deliver the service.
budgets (usually annual) and monthly The objectives of business relationship
monitoring of the current budgets. management include:
■■ Accounting This is the process that enables the
■■ Ensure that the service provider understands
IT organization to account fully for the way its
the customer’s perspective of service, and is
money is spent (particularly the ability to
therefore able to prioritize its services and
identify costs by customer, by service and by
service assets appropriately.
activity). It usually involves accounting systems
■■ Ensure high levels of customer satisfaction,
including ledgers, charts of accounts, journals
indicating that the service provider is meeting
etc. and should be overseen by someone
the customer’s requirements.
trained in accountancy.
■■ Establish and maintain a constructive
■■ Charging This is the process required to bill
relationship between the service provider and
customers for the services supplied to them.
the customer, based on understanding the
This requires sound IT accounting practices
customer and their business drivers.
and systems.
■■ Identify changes to the customer environment
4.5.3 Business relationship management that could potentially impact the type, level or
utilization of services provided.
Business relationship management is the process
■■ Identify technology trends that could
responsible for maintaining a positive relationship
potentially impact the type, level or utilization
with customers. Business relationship management
of services provided.
identifies customer needs and ensures that the
service provider is able to meet these needs ■■ Establish and articulate business requirements
with an appropriate catalogue of services. for new services or changes to existing services.

■■ Work with customers to ensure that services In external service providers, business relationship
and service levels are able to deliver value. management is often executed by a separate
■■ Mediate in cases where there are conflicting and dedicated function of business relationship
requirements for services from different managers or account managers – each one
business units. dedicated to a customer or group of smaller
■■ Establish formal complaint and escalation customers. The emphasis here is on maximizing
processes for the customer. contract value through customer satisfaction.
The relationships between business relationship
4.5.3.2 Scope
management and other service management
For internal service providers, business processes must be clearly defined. The main
relationship management is typically executed criterion for setting these boundaries is that
between a senior representative from IT (larger business relationship management focuses on the
organizations may have dedicated business actual relationship between the service provider
relationship managers) and senior managers and its customers and the levels of customer
(customers) from the business units. Here the satisfaction, whereas the other processes focus
emphasis is on aligning the objectives of the on the services themselves and the extent to
business with the activity of the service provider. which they meet the stated requirements.
Table 4.2 Differences between business relationship management and service level management
Business relationship management Service level management
Purpose To establish and maintain a business To negotiate service level agreements (warranty
relationship between the service provider and terms) with customers and ensure that all
the customer based on understanding the service management processes, operational level
customer and their business needs. agreements and underpinning contracts are
appropriate for the agreed service level targets.
To identify customer needs (utility and
warranty) and ensure that the service provider
is able to meet these needs.
Focus Strategic and tactical – the focus is on the Tactical and operational – the focus is on
overall relationship between the service reaching agreement on the level of service that
provider and its customer, and which services will be delivered for new and existing services,
the service provider will deliver to meet and whether the service provider will be able to
customer needs. meet those agreements.
Primary measure Customer satisfaction, also an improvement in Achieving agreed levels of service (which leads
the customer’s intention to better use and pay to customer satisfaction).
for the service. Another metric is whether
customers are willing to recommend the
service to other (potential) customers.

A good example of the differences between 3 When a service is in its requirements stage,
business relationship management and other where should it be placed in the service
service management processes is that of service portfolio?
level management. These distinctions are
a In the service catalogue
summarized in Table 4.2.
b As a retired service
4.6 Sample questions c In the pipeline
1 Which of the following activities is NOT a key d It should not go in the service portfolio at
part of the service strategy lifecycle stage? this stage
a Establishing the service design package 4 Which of the following should be included in
(SDP) the business case?
b Setting policies and objectives 1 Business impact
c Agreements on resource allocation 2 Risks and contingencies
d Establishing the service portfolio 3 Costs and benefits
2 Which of the following are valid components 4 Solution specification

of value? a 1, 2 and 4 only
1 Whether the service achieves its agreed b 3 and 4 only
outcomes
c 1, 2 and 3 only
2 Customer perceptions of the delivered
service d All of the above
3 Customer preferences of the service

4 Understanding the risk of the service
a 1 only
b 1 and 4 only
c 1, 2 and 3 only
d All of the above

Evaluate
Direct Governance
Monitor
Customer-facing services views

Service
Supporting services views catalogue
Purpose
Customer expectations
Service portfolio management Objectives Pipeline
Preferences
Value
Scope Live services
Perceptions
Retired services
Business outcome
Patterns of
business
activity
Purpose
Risk management
Processes Financial management for IT services Objectives Budgeting
Risk assessment Risk
management Scope Accounting
Impact Key
principles Charging
Vulnerability Risk
Threat Purpose
Business relationship management Objectives Business relationship

Value on investment
Business
case Scope Customer needs
Return on investment
Customer satisfaction
Retired services
Service catalogue Service

portfolio Service
strategy
Service pipeline
Internal service providers
External service providers
Service provider strategy

Scope
Service strategy
Link to customer outcome
Principles
Understand services
Processes Business value
Respond to change
Service portfolio
Identify customers and services
Identify opportunities
Meet business
Value creation Objectives Purpose
objectives
Service provision model
Service assets

8


Service design 5
17/02/2012 11:58
| 61
5 Service design
The service design stage takes business requirements ■■ Design IT services, together with the governing
and creates services, their supporting practices and IT practices, processes and policies, to realize
management tools which meet business demands the service provider’s strategy
for quality, reliability and flexibility. ■■ Facilitate the introduction of these services into
supported environments ensuring quality
Case study: service management in practice service delivery, customer satisfaction and cost-
(Brigitte’s experience) effective service provision.
Later that afternoon Brigitte notices a group of
The main objective of service design is to design IT
local people in the hotel lobby. She can’t help
services so effectively that minimal improvement
being curious and asks the first one she meets
during their lifecycle will be required.
what is going on. It turns out that the hotel has
arranged a meeting for businesses in the area to
discuss their requirements for local conference 5.2 Scope
services and facilities. Service design covers:
The hotel manager later explains that a local ■■ Alignment of IT services and solutions with
architect has been selected to design the facilities business requirements
based on input from the meeting as well as
■■ Principles of service design
requirements collected through a guest survey
■■ The concept of a service design package
carried out in past months.
■■ Methods, practices and tools to achieve
But he also stresses that the conference building excellence in service design.
and facilities are probably the smallest challenges
when designing the new conference service. A The following processes are within the scope of
project manager has therefore temporarily been service design:
hired to redesign processes, employ people, ■■ Design coordination
assign responsibilities, develop sales material ■■ Service catalogue management
and so on. ■■ Service level management
■■ Availability management
■■ Capacity management
5.1 Purpose and objectives
■■ IT service continuity management
The purpose of the service design stage of the ■■ Information security management
lifecycle is to:
■■ Supplier management.

62 | Service design
5.3 Business value When designing a new or changed service, service

design focuses on ensuring that the four Ps are
With good service design it will be possible to deliver
taken into account at every stage throughout the
quality and cost-effective services, and ensure that the
service lifecycle. This is achieved through the five
business requirements are being met consistently.
major design aspects described in the next section.
Adopting and implementing consistent approaches
for service design will: Case study: service management in practice
■■ Reduce total cost of ownership Cost of
ownership can be minimized if all aspects of Looking out of the window, Brigitte notices a
services, processes and technology are designed service technician entering the hotel from the back
properly and implemented against the design. entrance. On the car it says ‘Electrician – call Jacob
at (4) 270435’. Brigitte wonders whether Jacob is
■■ Improve quality and consistency of service
a regular supplier to the hotel or just an
Both service and operational quality will be
electrician called in to solve a specific issue.
enhanced and services will be designed within the
corporate strategy, architectures and constraints. She realizes that management has to decide
■■ Ease the implementation of new or changed whether they want to hire people (employees) to get
services Integrated and full service designs and a job done or to contract with partners like Jacob.
the production of comprehensive service design Irrespective of whether they hire their own
packages will support effective and efficient people or use external partners, management
transitions. has to decide how the business should be run and
■■ Improve effectiveness of service management describe the related processes.
and IT processes Processes will be designed
with optimal quality and cost effectiveness. Processes
■■ Improve service alignment Involvement from • How
• Where
the conception of the service ensures that new • When
or changed services match business needs, with
services designed to meet service level
requirements.
People Partners
5.4 Key principles • Culture • Suppliers
• Organization • Manufacturers
• Skills • Vendors
5.4.1 People, processes, products and
partners – the four Ps
Many designs, plans and projects fail through a
lack of preparation and management. Good service Products
• Services
design is dependent on preparing and planning the • Technology
effective and efficient use of the ‘four Ps’: people, • Tools
processes, products and partners (see Figure 5.1). Figure 5.1 The four Ps

Service design | 63
5.4.2 The five aspects of service design ■■ Business requirements
An overall, integrated approach should be ■■ Service functional requirements
adopted for the design activities, covering ■■ Service level requirements
a holistic, result-driven design of: ■■ Service and operational management
requirements
■■ The service solutions for new or changed
services, including all of the functional ■■ Service design and topology
requirements, resources and capabilities ■■ Organizational readiness assessment
needed and agreed ■■ Service transition plan
■■ Management information systems and tools, ■■ Service operational acceptance plan
especially the service portfolio for the ■■ Service acceptance criteria.
management of services through their lifecycle
The service design package is then passed from
■■ Technology architectures and management service design to service transition and details all
architectures aspects of the service and its requirements through
■■ The processes required to identify, design, all of the subsequent stages of its lifecycle.
transition, operate, support, maintain and
improve new or changed services
■■ The measurement methods and metrics for the
5.5 Processes
services, architectures and their constituent The ITIL Foundation syllabus covers the following
components, and the processes. service design processes:
■■ Design coordination
5.4.3 Service design package
■■ Service catalogue management
A service design package (SDP) should be produced
■■ Service level management
during the design stage for each new service,
■■ Supplier management
major change to a service or removal of a service,
or changes to the ‘service design package’ itself. ■■ Availability management
■■ Capacity management
Definition ■■ IT service continuity management
A service design package is a document or ■■ Information security management.
documents defining all aspects of an IT service
and its requirements through each stage of 5.5.1 Design coordination
its lifecycle. Design coordination is the process responsible
for coordinating all service design activities,
A service design package is produced for each processes and resources. Design coordination
new IT service, major change or IT service ensures the consistent and effective design of
retirement. It must contain everything necessary new or changed IT services, service management
for the subsequent testing, introduction information systems, architectures, technology,
and operation of the solution or service. The processes, information and metrics.
contents may include elements such as:

64 | Service design
5.5.1.1 Purpose and objectives ■■ Monitor and improve the performance of the
The purpose of the design coordination process is to service design lifecycle stage.
ensure the goals and objectives of the service design
stage are met by providing and maintaining a single 5.5.1.2 Scope
point of coordination and control for all activities The scope of the design coordination process
and processes within this stage of the service lifecycle. includes all design activity, particularly all new or
changed service solutions that are being designed
The objectives of the design coordination process
for transition into (or out of, in the case of a
are to:
service retirement) the live environment. Some
■■ Ensure the consistent design of appropriate design efforts will be part of a project, whereas
services, service management information others will be managed through the change
systems, architectures, technology, processes, process alone without a formally defined project.
information and metrics to meet current and
The design coordination process includes:
evolving business outcomes and requirements
■■ Coordinate all design activities across projects, ■■ Assisting and supporting each project or other
changes, suppliers and support teams, and change through all the service design activities
manage schedules, resources and conflicts and processes
where required ■■ Maintaining policies, guidelines, standards,
■■ Plan and coordinate the resources and capabilities budgets, models, resources and capabilities for
required to design new or changed services service design activities and processes
■■ Produce service design packages (SDPs) based ■■ Coordinating, prioritizing and scheduling all
on service charters and change requests service design resources to satisfy conflicting
■■ Ensure that appropriate service designs and/or demands from all projects and changes
SDPs are produced and that they are handed ■■ Planning and forecasting the resources needed for
over to service transition as agreed the future demand for service design activities
■■ Manage the quality criteria, requirements and ■■ Reviewing, measuring and improving the
handover points between the service design performance of all service design activities
stage and service strategy and service transition and processes
■■ Ensure that all service models and service ■■ Ensuring that all requirements are
solution designs conform to strategic, architectural, appropriately addressed in service designs,
governance and other corporate requirements particularly utility and warranty requirements
■■ Improve the effectiveness and efficiency of ■■ Ensuring the production of service designs and/
service design activities and processes or service design packages and their handover
■■ Ensure that all parties adopt a common to service transition.
framework of standard, reusable design
practices in the form of activities, processes and
supporting systems, whenever appropriate

Service design | 65
5.5.2 Service catalogue management service catalogue may be listed individually or,
Service catalogue management is the process more typically, some or all of the services may
responsible for providing and maintaining the service be presented in the form of service packages.
catalogue and for ensuring that it is available to The service catalogue management process covers:
those who are authorized to access it.
■■ Contribution to the definition of services and
service packages
■■ Development and maintenance of service and
The purpose of the service catalogue management
service package descriptions appropriate for
process is to provide and maintain a single source of
the service catalogue
consistent information on all operational services
■■ Production and maintenance of an accurate
and those being prepared to be run operationally,
service catalogue
and to ensure that it is widely available to those
who are authorized to access it. ■■ Interfaces, dependencies and consistency
between the service catalogue and the overall
The objectives of the service catalogue management service portfolio
process are to: ■■ Interfaces and dependencies between all services
■■ Manage the information contained within the and supporting services within the service
service catalogue catalogue and the configuration management
■■ Ensure that the service catalogue is accurate system (CMS)
and reflects the current details, status, interfaces ■■ Interfaces and dependencies between all services,
and dependencies of all services that are being and supporting components and configuration
run, or being prepared to run, in the live items (CIs) within the service catalogue and the
environment, according to the defined policies configuration management system.
■■ Ensure that the service catalogue is made
5.5.3 Service level management
available to those approved to access it in a
manner that supports their effective and Service level management (SLM) is the process
efficient use of service catalogue information responsible for negotiating service level agreements
and ensuring that these are met. It is responsible
■■ Ensure that the service catalogue supports the
for ensuring that all IT service management
evolving needs of all other service management
processes, operational level agreements and
processes for service catalogue information.
underpinning contracts are appropriate for
5.5.2.2 Scope the agreed service level targets. Service level
The scope of the service catalogue management management monitors and reports on service
process is to provide and maintain accurate levels, holds regular service reviews with customers,
information on all services that are being and identifies required improvements.
transitioned or have been transitioned to the
live environment. The services presented in the

66 | Service design
reporting on and reviewing IT service targets and

achievements, and through instigation of actions
to correct or improve the level of service delivered.
Last time Brigitte checked out of the hotel the
receptionist had asked: ‘Did your stay meet The objectives of service level management are to:
your expectations?’ ■■ Define, document, agree, monitor, measure,
Brigitte realized that she had not been aware of report and review the level of IT services
what she actually expected from the stay. She provided and instigate corrective measures
had ordered a suite for one night. Of course she whenever appropriate
had expected the room to be clean, to smell ■■ Provide and improve the relationship and
good, and the bed to be neither too soft nor too communication with the business and
hard. She had furthermore expected hot milk for customers in conjunction with business
her morning coffee and fresh fruit as well as relationship management
cheese and bread for breakfast. From the hotel ■■ Ensure that specific and measurable targets are
homepage she had received the impression that developed for all IT services
the staff had a warm and friendly attitude ■■ Monitor and improve customer satisfaction
towards guests. Fortunately, most of her with the quality of service delivered
expectations were met – except for the hot milk. ■■ Ensure that IT and the customers have clear and
‘Yes, my stay did live up to my expectations.’ unambiguous expectations of the level of
Brigitte noticed that the receptionist typed her service to be delivered
answer into the computer. ■■ Ensure that even when all agreed targets are
met, the levels of service delivered are subject to
Brigitte may have looked puzzled, because the
proactive, cost-effective continual improvement.
receptionist had continued: ‘We normally don’t
sign agreements with our guests documenting 5.5.3.2 Scope
mutual expectations. But we often do it with the Service level management should provide a point of
travel agencies. I am currently negotiating an regular contact and communication to the customers
agreement with a travel agency, where we and business managers of an organization in relation
discuss service levels such as restaurant opening to service levels. This activity should encompass
hours and room service.’ both the use of existing services and the potential
future requirements for new or changed services.
5.5.3.1 Purpose and objectives Service level management needs to manage the
The purpose of the service level management (SLM) expectations and perceptions of the business,
process is to ensure that all current and planned customers and users and ensure that the quality
IT services are delivered to agreed achievable (warranty) of service delivered by the service
targets. This is accomplished through a constant provider is matched to those expectations and
cycle of negotiating, agreeing, monitoring, needs. In order to do this effectively, service level
management should establish and maintain service

Service design | 67
level agreements (SLAs) for all current live services
Definition
and manage the level of service provided to meet
the targets and quality measurements contained A service level requirement (SLR) is a customer
within the SLAs. Service level management should requirement for an aspect of a service. Service
also produce and agree service level requirements level requirements are based on business
(SLRs) for all planned new or changed services objectives and are used to negotiate agreed
that document warranty requirements. service level targets.
The service level requirements should be an integral

5.5.3.3 Basic concepts
part of the overall service design criteria, which also
Service level agreement include functional specifications. Service level
Service level agreements provide the basis for requirements should, from the very start, form part
managing the relationship between the service of the testing criteria as the service progresses
provider and the customer. through the stages of design and development
or procurement.
Definition
This service level requirement will gradually be
A service level agreement (SLA) is an agreement refined as the service moves through its lifecycle,
between an IT service provider and a customer. until it eventually becomes a pilot SLA during the
An SLA describes the IT service, documents service early-life support period.
level targets and specifies the responsibilities of
the IT service provider and the customer. A single SLA framework
agreement may cover multiple IT services or Using the service catalogue as an aid, service level
multiple customers. management must design the most appropriate
SLA structure to ensure that all services and all
Service level requirement customers are covered in a manner best suited
Service level agreements are based on requirements to the organization’s needs. There are a number
from the customers. It is advisable to involve customers of potential options, including the following.
from the outset; but rather than approaching Service-based SLA
customers with a ‘blank page’, it may be better to
This is where an SLA covers one service, for all the
produce an outline draft with potential performance
customers of that service – for example, an SLA
targets and the management and operational
may be established for an organization’s email
requirements as a starting point for more detailed
service, covering all the customers of that service.
and in-depth discussion.
Customer-based SLA
This is an agreement with an individual customer
group, covering all the services they use. For example,
agreements may be reached with an organization’s
finance department covering, say, the finance
system, the accounting system, the payroll system,

68 | Service design
the billing system, the procurement system and any ■■ Service level Covering all service level
other IT systems that they use. Customers often management issues relevant to the specific
prefer such an agreement, as all of their requirements service, in relation to a specific customer group
are covered in a single document. Only one signatory (one for each service covered by the SLA).
is normally required, which simplifies this issue.
Operational level agreements and
Multi-level SLAs underpinning contracts
Some organizations have chosen to adopt a The service level agreements are underpinned by
multi‑level SLA structure as shown in Figure 5.2. operational level agreements (OLAs) and
For example, a three-layer structure might be underpinning contracts.
arranged as follows:
■■ Corporate level Covering all the generic service Definitions
level management issues appropriate to every An operational level agreement (OLA) is an
customer throughout the organization. These agreement between an IT service provider and
issues are likely to be less volatile, so updates another part of the same organization. It supports
are less frequently required. the IT service provider’s delivery of IT services to
■■ Customer level Covering all service level customers and defines the goods or services to be
management issues relevant to the particular provided and the responsibilities of both parties.
customer group or business unit, regardless of For example, there could be an operational level
the service being used. agreement between:
Service level SLA

■■ The IT service provider and a procurement
department to obtain hardware at
agreed times
■■ The service desk and a support group to provide
Customer level SLA or
incident resolution within agreed times.
business unit level SLA
An underpinning contract (UC) is a contract (i.e.
legally binding agreement) between an IT service
provider and a third party, called the supplier.
Corporate level SLA
The third party provides goods or services that
support delivery of an IT service to a customer.
The underpinning contract defines targets and
responsibilities that are required to meet agreed
service level targets in one or more service
level agreements.
Figure 5.2 Multi-level SLAs

Service design | 69
The contents of a basic underpinning contract are: A useful technique is to include an SLA monitoring
(SLAM) chart at the beginning of a service report to
■■ Basic terms and conditions
give an ‘at-a-glance’ overview of how achievements
■■ Service description and scope
have measured up against targets (see Figure 5.3).
■■ Service standards, i.e. service measures and
minimum levels that constitute acceptable Definition
performance and quality
A service level agreement monitoring (SLAM)
■■ Workload ranges chart is used to help monitor and report
■■ Management information achievements against service level targets. SLAM
■■ Responsibilities and dependencies. charts are typically colour coded (red, amber and
green, and sometimes referred to as RAG charts
Service reports
as a result) to show whether each agreed service
Periodic service level reports must be produced and level target has been met, missed or nearly
circulated to customers and appropriate IT managers. missed during each of the previous 12 months.
The periodic reports should incorporate details of
performance against all SLA targets, together with
details of any trends or specific actions being
undertaken to improve service quality.
Period
January February March April May June July August
Target
Target Target Target

met breached threatened
Figure 5.3 Service level agreement monitoring (SLAM) chart

70 | Service design
Business unit A Business unit B The business
Business Business
Business
process 2 3 Business
process 6
Business
process 2 Business
process 5
process 1 process 4
SLM
E F
SLA(s) D
B C
Service A
SLR(s)
Service
catalogue Assist with the
service catalogue and
maintain document
templates
Determine, document Monitor service Conduct service
and agree requirements performance against reviews and instigate
for new services SLRs SLA and produce improvements within
and make SLAs service reports overall SIP Design SLA
frameworks and
document procedures
and standards
Develop contacts and Collate, measure and
relationships, record improve customer
and manage complaints satisfaction Provide
and compliments Service
reports management
information
Review and revise SLAs,

service scope and Underpinning
OLAs underpinning contracts
agreements
Business Teams Suppliers

relationship
management
(ii) (ii)
Support team (i) Supplier (i)
Supplier management
Figure 5.4 The service level management process

Service design | 71
Service improvement plan and service review 5.5.3.4 Process activities
Review meetings must be held on a regular Service level management includes the process
basis with customers (or their representatives) of planning, coordinating, drafting, agreeing,
to review the service achievement in the last monitoring and reporting of SLAs and the
period and to preview any issues for the coming ongoing review of service achievements to ensure
period. It is normal to hold such meetings that the required and cost-justifiable service
monthly or, as a minimum, quarterly. quality is maintained and gradually improved.
Actions must be placed on the customer and The key activities within the service level
provider as appropriate to improve weak areas management process (see Figure 5.4) include:
where targets are not being met. All actions must
■■ Determine, negotiate, document and agree
be minuted, and progress should be reviewed at
requirements for new or changed services in
the next meeting to ensure that action items are
service level requirements, and manage and
being followed up and properly implemented.
review them through the service lifecycle into
This is valuable input to the service improvement SLAs for operational services
plan (SIP) for the management, planning and ■■ Monitor and measure service performance
implementation of all service and process achievements against targets within SLAs
improvements. ■■ Produce service reports
■■ Conduct service reviews, identifying
Definition
improvement opportunities for inclusion in the
A service improvement plan (SIP) is a formal plan to continual service improvement (CSI) register,
implement improvements to a process or service. and managing appropriate service
improvement plans (SIPs)
All agreements and underpinning agreements,
■■ Collate, measure and improve customer
including SLAs, underpinning contracts and
satisfaction, in cooperation with business
operational level agreements (OLAs), must
relationship management
be kept up to date. They should be reviewed
■■ Review and revise SLAs, service scope and OLAs
periodically, at least annually, to ensure that
they are still current and comprehensive, and are ■■ Assist supplier management to review and
still aligned to business needs and strategy. revise underpinning contracts or agreements
■■ Develop and document contacts and
These reviews should ensure that the services relationships with the business, customers and
covered and the targets for each are still relevant other stakeholders in cooperation with business
– and that nothing significant has changed relationship management
that invalidates the agreement in any way.
■■ Log and manage complaints and compliments,
in cooperation with business relationship
management

72 | Service design
■■ Provide appropriate management information service with suppliers to support agreed

to aid performance management and service levels.
demonstrate service achievement. ■■ Availability, capacity, IT service continuity and
These other activities within the service level information security management Helps to
management process support the execution of define realistic service level targets and to
the key activities: ensure that achievements match targets.
■■ Incident management The ability to resolve
■■ Design SLA frameworks incidents in a specified time is a key part of
■■ Develop, maintain and operate service level delivering and reporting on an agreed level
management procedures of service.
■■ Make available and maintain up-to-date service ■■ Problem management The occurrence of
level management document templates problems affects the level of service delivery
and standards measured by service level management.
■■ Assist with design and maintenance of the
Special attention should be paid to the relationship
service catalogue views.
between service level management and business
relationship management. While the service level
5.5.3.5 Interfaces
management process exists to ensure that agreed
The most critical interfaces for the service level achievable levels of service are provided to the
management process include: customer and users, the business relationship
■■ Financial management for IT services Supports management process is focused on a more strategic
service level management in validating the perspective. Business relationship management
predicted cost of delivering the required service takes as its mission the identification of customer
levels and managing the cost effectiveness of needs and ensuring that the service provider is
the service. able to meet the customers’ needs. It focuses
■■ Business relationship management Ensures on the overall relationship between the service
that needs and priorities of the business are provider and the customer, working to determine
fully understood and that customers are which services the service provider will deliver.
involved or represented in the work of service
level management. 5.5.4 Supplier management
■■ Design coordination Ensures that overall service Supplier management is the process responsible for
design activities are completed successfully. obtaining value for money from suppliers, ensuring
■■ Service catalogue management Provides that all contracts and agreements with suppliers
information about services and their interfaces support the needs of the business, and that all
and dependencies to determine the SLA suppliers meet their contractual commitments.
framework.
■■ Supplier management Works collaboratively
with service level management to define,
negotiate, document and agree terms of

Service design | 73
The main objectives of the supplier management
process are to:
Brigitte steps out into the corridor from her room ■■ Obtain value for money from suppliers
and bumps into the electrician, Jacob, who is and contracts
preparing to install electronic card key locks on ■■ Ensure that contracts with suppliers are aligned
all the guest room doors. The hotel manager to business needs, and support and align with
comes by to give some last-minute instructions agreed targets in SLAs, in conjunction with
and when he starts to leave again Brigitte asks service level management
him: ‘Why don’t you install the card system ■■ Manage relationships with suppliers
yourself?’ The manager answers: ‘This hotel is ■■ Manage supplier performance
much too small to employ an electrician of its ■■ Negotiate and agree contracts with suppliers
own. In this town there are only four independent and manage them through their lifecycle
electricians. Of these, one has a very bad ■■ Maintain a supplier policy and a supporting
reputation; we have also tried the other three supplier and contract management information
and had the best results from Jacob. What we like system (SCMIS).
best about Jacob is that he always keeps us
informed about the progress of his work as well 5.5.4.2 Scope
as any risks for delays. He takes responsibility for
The supplier management process should include
the job and strives to obtain the best result for
the management of all suppliers and contracts
the hotel.’
needed to support the provision of IT services to
As a result of the evaluation of his work, the the business.
hotel has established a three-year contract with
The supplier management process should include:
Jacob. The contract allows the hotel to call Jacob
at all hours whenever a problem has to be resolved. ■■ Implementation and enforcement of the
On the other hand, Jacob knows that he is the supplier policy
hotel’s first choice whenever an electrician ■■ Maintenance of a supplier and contract
is needed. management information system (SCMIS)
■■ Supplier and contract categorization and risk
5.5.4.1 Purpose and objectives assessment
■■ Supplier and contract evaluation and selection
The purpose of the supplier management process
is to obtain value for money from suppliers and to ■■ Development, negotiation and agreement
provide seamless quality of IT service to the business of contracts
by ensuring that all contracts and agreements with ■■ Contract review, renewal and termination
suppliers support the needs of the business and that ■■ Management of suppliers and supplier
all suppliers meet their contractual commitments. performance

74 | Service design
■■ Identification of improvement opportunities for The amount of time and effort spent managing
inclusion in the continual service improvement the supplier and the relationship can then
(CSI) register, and the implementation of be appropriate to its categorization.
service and supplier improvement plans
■■ Maintenance of standard contracts, terms 5.5.5 Availability management
and conditions Availability management is the process responsible
■■ Management of contractual dispute resolution for ensuring that IT services meet the current and
■■ Management of sub-contracted suppliers. future availability needs of the business. Availability
management defines, analyses, plans, measures
5.5.4.3 Basic concepts and improves all aspects of the availability of IT
services, and ensures that all IT infrastructures,
Supplier categories
processes, tools, roles etc. are appropriate for
The supplier management process should provide the agreed service level targets for availability.
a categorization scheme to categorize the suppliers
and their importance to the service provider and 5.5.5.1 Purpose and objectives
the services provided to the business. One way to
The purpose of the availability management process
categorize the suppliers is to assess the risk and
is to ensure that the level of availability delivered in
impact associated with using the supplier, and
all IT services meets the agreed availability needs
the value and importance of the supplier and its
and/or service level targets in a cost-effective and
services to the business, as illustrated in Figure 5.5.
timely manner. Availability management is concerned
with meeting both the current and future
availability needs of the business.
Strategic The objectives of availability management are to:
High suppliers
■■ Produce and maintain an appropriate and
Operational
Value and importance
up-to-date availability plan that reflects the

suppliers
current and future needs of the business
Medium
Tactical ■■ Provide advice and guidance to all other areas
suppliers
of the business and IT on all availability-
related issues
■■ Ensure that service availability achievements
Commodity Operational
meet all their agreed targets by managing
Low
suppliers suppliers services and resources-related availability
performance
■■ Assist with the diagnosis and resolution of
Low Medium High availability-related incidents and problems
Risk and impact ■■ Assess the impact of all changes on the
availability plan and the availability of all
Figure 5.5 Supplier categorization services and resources

Service design | 75
■■ Ensure that proactive measures to improve the ■■ Collecting measurements and the analysis and
availability of services are implemented production of regular and ad hoc reports on
wherever it is cost-justifiable to do so. service and component availability
■■ Understanding the agreed current and future
5.5.5.2 Scope demands of the business for IT services and
The scope of the availability management process their availability
covers the design, implementation, measurement, ■■ Influencing the design of services and components
management and improvement of IT service and to align with business availability needs
component availability. Availability management ■■ Producing an availability plan that enables the
commences as soon as the availability requirements service provider to continue to provide and
for an IT service are clear enough to be articulated. improve services in line with availability targets
It is an ongoing process, finishing only when defined in service level agreements, and to
the IT service is decommissioned or retired. plan and forecast future availability levels
The availability management process includes two required, as specified in service level requirements
key elements: ■■ Maintaining a schedule of tests for all resilience
and fail-over components and mechanisms
■■ Reactive activities These involve the monitoring,
■■ Assisting with the identification and resolution
measuring, analysis and management of all
of any incidents and problems associated with
events, incidents and problems involving
service or component unavailability
unavailability. These activities are principally
■■ Proactively improving service or component
performed as part of the operational roles.
availability wherever it is cost-justifiable and
■■ Proactive activities These involve the proactive
meets the needs of the business.
planning, design and improvement of availability.
These activities are principally performed as 5.5.5.3 Basic concepts
part of the design and planning roles.
Service and component availability
The availability management process should include: Availability management is completed at two
■■ Monitoring of all aspects of availability, inter-connected levels:
reliability and maintainability of IT services and ■■ Service availability This involves all aspects of
the supporting components, including availability and unavailability of the service and
appropriate events, alarms and escalation, with the impact of component availability on
automated scripts for recovery availability of the service.
■■ Maintaining a set of methods, techniques and ■■ Component availability This involves all aspects
calculations for all availability measurements, of availability and unavailability of components.
metrics and reporting
■■ Actively participating in risk assessment and
management activities

76 | Service design
Availability Maintainability is measured and reported as mean

time to restore service (MTRS).
Definition
Availability is the ability of an IT service or other Serviceability
configuration item (CI) to perform its agreed Definition
function when required. Availability is determined
Serviceability is the ability of a third-party supplier
by reliability, maintainability, serviceability,
to meet the terms of its contract. Often this
performance and security.
contract will include agreed levels of availability,
reliability and/or maintainability for a supporting
Availability is usually calculated as a percentage.
service or other configuration item (CI).
This calculation is often based on agreed service
time and downtime. It is best practice to calculate
availability of an IT service using measurements of Vital business function
the business output. Definition
Reliability A vital business function (VBF) is a part of a
business process that is critical to the success of
Definition the business. Vital business functions are an
Reliability is a measure of how long an IT service important consideration of business continuity
or other configuration item (CI) can perform its management, IT service continuity management
agreed function without interruption. and availability management.
The reliability of the service can be improved by The more vital the business function generally,
increasing the reliability of individual components the greater the level of resilience and availability
or by increasing the resilience of the service to that needs to be incorporated into the design
individual component failure (increasing the required in the supporting IT services.
component redundancy, e.g. by using load-
Certain vital business functions may need special
balancing techniques).
designs, which are now being used as a matter of
It is often measured and reported as mean course within service design plans, incorporating:
time between service incidents (MTBSI) or mean time
■■ High availability A characteristic of the IT
between failures (MTBF).
service that minimizes or masks the effects of IT
Maintainability component failure to the users of a service.
■■ Fault tolerance The ability of an IT service,
Definition
component or configuration item (CI) to
Maintainability is a measure of how quickly and continue to operate correctly after failure of a
effectively an IT service or other configuration component part.
item (CI) can be restored to normal working after
a failure.

Service design | 77
■■ Continuous operation An approach or design
‘Because the occupancy until now hasn’t been
to eliminate planned downtime of an IT service.
high enough to justify the investment. But based
Note that individual components or
on the trend over the last five years and the town
configuration items may be down even though
plans for expanding the nearby industrial area,
the IT service remains available.
the hotel has now planned for a new wing with
■■ Continuous availability An approach or design rooms to be ready in two years from now. The
to achieve 100% availability. A continuously construction will start in a few months’ time.’
available IT service has no planned or
unplanned downtime.
5.5.6 Capacity management The purpose of the capacity management process is
Capacity management is the process responsible for to ensure that the capacity of IT services and the IT
ensuring that the capacity of IT services and the IT infrastructure meets the agreed capacity- and
infrastructure is able to meet agreed capacity- and performance-related requirements in a cost-effective
performance-related requirements. Capacity and timely manner. Capacity management is
management includes three sub-processes: business concerned with meeting both the current and future
capacity management, service capacity management, capacity and performance needs of the business.
and component capacity management. The objectives of capacity management are to:
Case study: service management in practice ■■ Produce and maintain an appropriate and
(Brigitte’s experience) up-to-date capacity plan, which reflects the
Brigitte decides to take a walk and approaches current and future needs of the business
the reception desk to leave her key. In front of ■■ Provide advice and guidance to all other areas
her a man is asking for a room for one night but of the business and IT on all capacity- and
he does not have a reservation. Regrettably the performance-related issues
receptionist can’t offer any vacant rooms. ■■ Ensure that service performance achievements
meet all of their agreed targets by managing
As Brigitte plans to come back to Switzerland
the performance and capacity of both services
next month she wants to ensure that she will be
and resources
able to stay at the hotel. Consequently, she asks
■■ Assist with the diagnosis and resolution of
the receptionist if there is cause for concern.
performance- and capacity-related incidents
The receptionist replies: ‘If you make a and problems
reservation a few days ahead there’s usually no ■■ Assess the impact of all changes on the capacity
problem. It is only a few weeks a year where we plan, and on the performance and capacity of
have to turn customers away from the hotel.’ all services and resources
‘Why don’t you expand the hotel then?’ ■■ Ensure that proactive measures to improve the
performance of services are implemented
wherever it is cost-justifiable to do so.

78 | Service design
5.5.6.2 Scope ■■ Assisting with the identification and resolution

Capacity management considers all resources of any incidents and problems associated with
required to deliver the IT service, and plans for service or component capacity or performance
short-, medium- and long-term business ■■ Improving proactively service or component
requirements. The process should encompass all performance, wherever it is cost-justifiable and
areas of technology, both hardware and software, meets the needs of the business.
for all IT technology components and environments.
Capacity management should also consider space 5.5.6.3 Basic concepts
planning and environmental systems capacity. Business, service and component
The capacity management process should include: capacity management
■■ Monitoring patterns of business activity Capacity management is a technical complex
through performance, utilization and and demanding process, and in order to achieve
throughput of IT services and the supporting results, it requires three supporting sub-processes:
infrastructure, environmental, data and ■■ The business capacity management sub-process
applications components and the production of translates business needs and plans into
regular and ad hoc reports on service and requirements for service and IT infrastructure.
component capacity and performance ■■ The service capacity management sub-process
■■ Undertaking tuning activities to make the most focuses on the management, control and
efficient use of existing IT resources prediction of the end-to-end performance and
■■ Understanding the agreed current and future capacity of the operational IT services and
demands being made by the customer for their workloads.
IT resources, and producing forecasts for ■■ The component capacity management
future requirements sub‑process focuses on the management,
■■ Influencing demand in conjunction with the control and prediction of the performance,
financial management for IT services and utilization and capacity of individual IT
demand management processes technology components.
■■ Producing a capacity plan that enables the
Capacity plan
service provider to continue to provide services
of the quality defined in SLAs, and ensuring One of the key activities of capacity management is
that the plan covers a sufficient planning to produce a plan that documents the current levels
timeframe to meet future service levels of resource utilization and service performance and
required as defined in the service portfolio and forecasts the future requirements for new resources
service level requirements to support the IT services that underpin the
business activities.

Service design | 79
Definition For example, there hadn’t been any plan for

A capacity plan is used to manage the resources re-housing the guests. As a result the customers
required to deliver IT services. The plan contains had lost confidence in the hotel and after a short
details of current and historic usage of IT services while the hotel went bankrupt, even though the
and components, and any issues that need to be insurance had covered the reconstruction of
addressed (including related improvement the hotel.
activities). The plan also contains scenarios for
different predictions of business demand, and 5.5.7.1 Purpose and objectives
costed options to deliver the agreed service
The purpose of the IT service continuity
level targets.
management process is to support the overall
business continuity management (BCM) process by
The production and maintenance of a capacity
ensuring that, by managing the risks that could
plan should occur at predefined intervals. It
seriously affect IT services, the IT service provider
is, essentially, an investment plan and should
can always provide minimum agreed business
therefore be published annually, in line with the
continuity-related service levels.
business or budget lifecycle, and completed before
the start of negotiations on future budgets. The objectives of IT service continuity management
are to:
5.5.7 IT service continuity management ■■ Produce and maintain a set of IT service
IT service continuity management is the process continuity plans that support the overall
responsible for managing risks that could seriously business continuity plans of the organization
affect IT services. IT service continuity management ■■ Complete regular business impact assessment
ensures that the IT service provider can always provide exercises to ensure that all continuity plans are
minimum agreed service levels, by reducing the risk maintained in line with changing business
to an acceptable level and planning for the recovery impacts and requirements
of IT services. IT service continuity management
■■ Conduct regular risk assessment and
supports business continuity management.
management exercises to manage IT services
within an agreed level of business risk, in
conjunction with the business and the
availability management and information
Brigitte notices that the receptionist seems sad security management processes
and asks him if he is all right. He hesitates before
■■ Provide advice and guidance to all other
he answers. He tells her that one of his good
areas of the business and IT on all continuity-
friends, a waiter at another hotel, has just lost his
related issues
job. The hotel was struck by a disaster – an
■■ Ensure that appropriate continuity mechanisms
avalanche destroyed most of the hotel. The
are put in place to meet or exceed the agreed
disaster was managed very badly and no one
business continuity targets
seemed to be prepared for a situation like this.

80 | Service design
■■ Assess the impact of all changes on the IT ■■ Production of an IT service continuity

service continuity plans and supporting management plan, which again must be
methods and procedures integrated with the overall business continuity
■■ Ensure that proactive measures to improve the management plans
availability of services are implemented ■■ Testing of the plans
wherever it is cost-justifiable to do so ■■ Ongoing operation and maintenance of the plans.
■■ Negotiate and agree contracts with suppliers for
the provision of the necessary recovery capability 5.5.7.3 Basic concepts
to support all continuity plans in conjunction
Business impact analysis
with the supplier management process.
The purpose of a business impact analysis (BIA) is
5.5.7.2 Scope to quantify the impact to the business that loss of
IT service continuity management focuses on those service would have. This impact could be a ‘hard’
events that the business considers significant impact that can be precisely identified – such as
enough to be treated as a ‘disaster’. Less significant financial loss – or a ‘soft’ impact – such as public
events will be dealt with as part of the incident relations, morale, health and safety or loss of
management process. competitive advantage. The BIA will identify the
most important services to the organization and
IT service continuity management primarily will therefore be a key input to the strategy.
considers the IT assets and configurations that
support the business processes, not items such as Definition
office and personal accommodation. Furthermore, Business impact analysis (BIA) is the activity in
IT service continuity management does not usually business continuity management that identifies
directly cover longer-term risks such as those from vital business functions and their dependencies.
changes in business direction, diversification, These dependencies may include suppliers,
restructuring, major competitor failure and so on. people, other business processes, IT services etc.
The IT service continuity management process includes:
Business impact analysis defines the recovery
■■ The agreement of the scope of the IT service
requirements for IT services. These requirements
continuity management process and the
include recovery time objectives (RTOs), recovery
policies adopted
point objectives (RPOs) and minimum service level
■■ Business impact analysis (BIA) to quantify the targets for each IT service.
impact that loss of the IT service would have on
the business Risk assessment
■■ Risk assessment and management The second driver in determining IT service
■■ Production of an overall IT service continuity continuity management requirements is the
management strategy, which must be likelihood that a disaster or other serious service
integrated into the business continuity disruption will actually occur. This is an assessment
management strategy of the level of threat and the extent to which an
organization is vulnerable to that threat. Risk

Service design | 81
assessment can also be used in assessing and
reducing the chance of normal operational incidents
and is a technique used by availability management
to ensure that the required availability and Brigitte meets the hotel manager in the lobby
reliability levels can be maintained. and they continue their little chat on the
installation of the electronic card key system. She
Definition wonders why a peaceful little hotel in the Alps is
installing a card key system.
Risk assessment covers the initial steps of risk
management: analysing the value of assets to the He takes a deep breath before he answers, but as
business, identifying threats to those assets, and she promises not to tell anyone he continues:
evaluating how vulnerable each asset is to those ‘There have been a number of thefts from the
threats. Risk assessment can be quantitative hotel, mainly cigarettes from the restaurant but
(based on numerical data) or qualitative. also other objects. As a result the management
evaluated the overall hotel security and made a
Risk management is concerned with identifying plan for improvements. Based on the plan, a
appropriate risk responses or cost-justifiable security policy was developed and the management
countermeasures to combat the risks identified by team have committed to ensure that it is
risk assessment. A standard methodology, such as implemented within a reasonable timeframe.
Management of Risk (M_o_R®), should be used to A part of the implementation is to restrict the
assess and manage risks within an organization. physical access to the hotel.’
The manager expresses his hope that the
5.5.8 Information security management
increased physical security together with some of
Information security management is the process the other measures in the security policy will
responsible for ensuring that the confidentiality, eliminate the thefts. He therefore looks forward
integrity and availability of an organization’s to evaluating the results of the initiatives in
assets, information, data and IT services match the six months.
agreed needs of the business. Information security
management supports business security and has
a wider scope than that of the IT service provider, 5.5.8.1 Purpose and objectives
and includes handling of paper, building access, The purpose of the information security
phone calls etc. for the entire organization. management process is to align IT security with
business security and ensure that the confidentiality,
integrity and availability of the organization’s
assets, information, data and IT services always
match the agreed needs of the business.

82 | Service design
The objective of information security management ■■ Legislative and regulatory requirements

is to protect the interests of those relying on ■■ Obligations and responsibilities with regard to
information, and the systems and communications security contained within SLAs
that deliver the information, from harm resulting ■■ The business and IT risks and their management.
from failures of confidentiality, integrity and
availability. The information security management process
should include:
For most organizations, the security objective is
met when: ■■ The production, maintenance, distribution and
enforcement of an information security policy
■■ Information is observed by or disclosed to only and supporting security policies
those who have a right to know ■■ Understanding the agreed current and future
(confidentiality). security requirements of the business and the
■■ Information is complete, accurate and existing business security policy and plans
protected against unauthorized modification ■■ Implementation of a set of security controls
(integrity). that support the information security policy
■■ Information is available and usable when and manage risks associated with access to
required, and the systems that provide it can services, information and systems
appropriately resist attacks and recover from or ■■ Documentation of all security controls,
prevent failures (availability). together with the operation and maintenance
■■ Business transactions, as well as information of the controls and their associated risks
exchanges between enterprises, or with ■■ Management of suppliers and contracts
partners, can be trusted (authenticity and regarding access to systems and services, in
non‑repudiation). conjunction with supplier management
■■ Management of all security breaches, incidents
5.5.8.2 Scope and problems associated with all systems and
The information security management process services
should be the focal point for all IT security issues, ■■ The proactive improvement of security controls
and must ensure that an information security policy and security risk management, and the
is produced, maintained and enforced that covers reduction of security risks
the use and misuse of all IT systems and services.
■■ Integration of security aspects within all other
Information security management needs to IT service management processes.
understand the total IT and business security
environment, including the: 5.5.8.3 Basic concepts
■■ Business security policy and plans Information security policy
■■ Current business operation and its security Information security management activities should
requirements be focused on and driven by an overall information
■■ Future business plans and requirements security policy and a set of underpinning specific

Service design | 83
policies. The policy should cover all areas of security, ■■ A copyright infringement policy for
be appropriate and meet the needs of the business electronic material
and should include: ■■ An asset disposal policy
■■ An overall information security policy ■■ A records retention policy.
■■ A policy on the use and misuse of IT assets In most cases, the security policies should be
■■ An access control policy widely available to all customers and users, and
■■ A password control policy their compliance should be referred to in all
■■ An email policy service level requirements, SLAs, contracts and
■■ An internet policy agreements. The policies should be authorized by
top executive management within the business and
■■ An antivirus policy
IT, and compliance with them should be endorsed
■■ An information classification policy
regularly. All security policies should be reviewed –
■■ A document classification policy and, where necessary, revised – at least annually.
■■ A remote access policy
■■ A policy with regard to supplier access to IT
service, information and components

84 | Service design
5 Measurement methods and metrics
4 Service management processes

Five aspects of
3 Technology and management architectures
design
2 Service management systems and tools Key
principles
Service design package 1 Service solution
Partners
Products
Four Ps
Processes
People
Improved service alignment
More effective processes
Improved consistency of service Business

value
Improved quality
Reduced cost
Easier service implementation Service

Processes
design
IT services and solutions
Design principles
Service design packages

Scope
Service design methods
Service design practices
Service design tools
Minimal improvement required

Objectives
in later service lifecycle stages
Design of services
Purpose
Facilitate service introduction

Service design | 85
Purpose
Security requirements
Information Objectives
security Security policy and plans
Purpose management
IT assets and Cls
Scope Risk management
Objectives Disaster
Security controls
IT service Continuity strategy
continuity Security incidents
Scope
management Continuity plan
Basic concepts Information security policy
Continuity test
Maintenance
Risk assessment Purpose

Basic concepts Recovery time objectives
Business impact analysis Objectives
Recovery point objectives Proactive activities
Availability
Scope
management Reactive activities
Purpose
Demand Service versus component availability
Objectives
Patterns of business activity Vital business functions
Performance Serviceability
Capacity
Scope Basic concepts
management
Utilization Maintainability
Capacity planning Reliability
Tuning Component capacity management Availability

Purpose
Service capacity management
Objectives
Business capacity management Suppliers
Process activities
Capacity plan Contracts
Supplier
Scope
management
Relationships
Purpose
Service improvement plan Supplier and contract management information system

Objectives
SLA monitoring chart Strategic
Scope Service reports
Tactical
Service level Basic concepts Multi-level SLAs
management Basic concepts Supplier categories
Operational
SLA framework Customer-based SLAs
Commodity
Service-based SLAs
Underpinning contract
Operational level agreement
Service level requirements

Process activities
Service level agreement
Purpose Services
Interfaces Service
catalogue Objectives Service packages
management
Purpose Assist Scope Service catalogues and views
Design
Objectives Plan Relations to service portfolio
coordination
Scope Coordinate Relations to configuration management system
Review and improve
Handover

86 | Service design
5.6 Sample questions 3 Which of the following is NOT one of the

aspects of service design?
1 Which of the following is NOT an objective of
service design? a The partners responsible for the
service design
a To design services to realize the service
provider’s strategy b The technology and management
architecture
b To design the organizational structure for
the operation of a high-quality service c The measurement methods and metrics
c To design the measurement methods and d The processes required

metrics in order to assess the effectiveness 4 Which process controls all activities and
of service design processes during service design?
d To design efficient and effective processes a Transition planning
for the design, transition, operation and
improvement of high-quality IT services b Service level management
2 Which of the following is the BEST description c Risk management

of a service level agreement? d Design coordination
a The organization supplying services to one 5 Which of the following terms is often used to
or more internal customers or external describe reliability?
customers
a Mean time between service incidents
b An agreement between a service provider (MTBSI)
and the customers of the service which
details the services, their targets and the b Mean time to restore service (MTRS)
responsibilities of both parties c Downtime
c An underpinning agreement between an IT d Serviceability
service provider and another part of the
same organization that assists with the
provision of services
d An agreement between a service provider
and project teams which details the
intended delivery of projects into service


Service transition 6
17/02/2012 11:58
| 89

6 Service transition
Service transition packages, builds, tests, evaluates, The main objectives of service transition are to:
deploys, transfers or retires new or changed
■■ Plan and manage service changes efficiently
services or service components. In addition, service
and effectively
transition manages knowledge, information
■■ Manage risks relating to new, changed or
and data required by the service provider, and
retired services
it manages risks relating to service transition.
■■ Successfully deploy service releases into
Case study: Service management in practice supported environments
(Brigitte’s experience) ■■ Set correct expectations on the performance
As the planning and design of the new conference and use of new or changed services
services progress, the project manager has started ■■ Ensure that service changes create the expected
thinking about the implementation phase. He has business value
already drafted some activities that he expects to ■■ Provide good-quality knowledge and
include in the transition phase: information about services and service assets.
■■ Plan the implementation in detail

6.2 Scope
■■ Assemble and build the designed facilities
■■ Train the staff in the facilities and processes Service transition covers transition of new and
■■ Test that the conference facilities function as changed services into supported environments,
they are intended to including release, planning, building, testing,
evaluation and deployment. Service transition also
■■ Inspect that the facilities conform to the
covers retirement and transfer of services between
requirements of local businesses as well as
service providers.
regulations put forward by the local
authorities. The following processes are within the scope of
service transition:
6.1 Purpose and objectives ■■ Transition planning and support
The purpose of the service transition stage is to ■■ Change management
ensure that new, modified or retired services meet ■■ Service asset and configuration management
the expectations of the business as documented ■■ Release and deployment management
in the service strategy and service design stages of ■■ Service validation and testing
the lifecycle. ■■ Change evaluation
■■ Knowledge management.

90 | Service transition
Continual service improvement
Change management
Auth Auth Auth Auth Auth Auth Auth Auth
Service asset and configuration management
BL BL BL BL BL BL BL BL
Transition planning and support
Managing people through service transitions
Change evaluation
Service Service Release Release build Release Review and Service

strategy design planning and test deployment close operation
Release
deployment
Release
deployment
Release and deployment management
Service validation and testing
Knowledge management
Focus of activity ITIL process in service Change authorization

Auth
related to Other ITIL core transition that supports
service publications the whole service lifecycle
transition
Point to capture baseline
BL
Figure 6.1 The scope of service transition
Figure 6.1 shows all the processes within the scope The following lifecycle processes described in the
of the service transition stage. Processes that service transition stage support all lifecycle stages:
are largely within the service transition stage of
■■ Change management
the service lifecycle are shown within the central
■■ Service asset and configuration
rectangle; the other stages of the service lifecycle
management (SACM)
that come before and after these processes
are shown in the smaller darker rectangles. ■■ Knowledge management.

Service transition | 91
6.3 Business value ■■ The approach for accepting and grouping
changes into a release, e.g. how enhancements
Adopting and implementing consistent approaches
are prioritized for inclusion
for service transition will:
■■ The mechanism to automate the build,
■■ Enable projects to estimate the cost, timing, installation and release distribution processes
resource requirement and risks associated with to improve re-use, repeatability and efficiency
the service transition stage more accurately ■■ Details of how the configuration baseline for
■■ Result in higher volumes of successful change the release is captured and verified against the
■■ Enable service transition assets to be shared actual release contents
and re-used across projects and services ■■ Exit and entry criteria and authority for
■■ Reduce delays from unexpected clashes and acceptance of the release into each service
dependencies – for example, if multiple transition stage and into the controlled test,
projects need to use the same test environment training, disaster recovery and production
at the same time environments
■■ Increase confidence that the new or changed ■■ Criteria and authorization to exit early-life
service can be delivered to specification support and handover to the service
without unexpectedly affecting other services operation functions.
or stakeholders.
6.5 Processes
6.4 Key principles The ITIL Foundation syllabus covers the following
service transition processes:
6.4.1 Release policy
Formal policies for service transition should be defined, ■■ Transition planning and support
documented and approved, including a release ■■ Service asset and configuration
policy. The release policy should be defined for one management (SACM)
or more services and (among other things) include: ■■ Change management
■■ Release and deployment management
■■ The unique identification, numbering and
naming conventions for different types of ■■ Knowledge management.
release, together with a description
■■ The roles and responsibilities at each stage in the
6.5.1 Transition planning and support
release and deployment management process Transition planning and support is the process
■■ The requirement to only use software assets responsible for planning all service transition
from the definitive media library (see processes and coordinating the required resources.
section 6.5.2.3)
■■ The expected frequency for each type of release

6.5.1.1 Purpose and objectives 6.5.1.2 Scope

The purpose of the transition planning and support The scope of transition planning and support includes:
process is to provide overall planning for service
■■ Maintaining policies, standards and models for
transitions and to coordinate the resources that
service transition activities and processes
they require.
■■ Guiding each major change or new service
The objectives of transition planning and support through all the service transition processes
are to: ■■ Coordinating the efforts needed to enable
■■ Plan and coordinate the resources to ensure multiple transitions to be managed at the
that the requirements of service strategy same time
encoded in service design are effectively ■■ Prioritizing conflicting requirements for service
realized in service operation. transition resources
■■ Coordinate activities across projects, suppliers ■■ Planning the budget and resources needed to
and service teams where required. fulfil future requirements for service transition
■■ Establish new or changed services into ■■ Reviewing and improving the performance of
supported environments within the predicted transition planning and support activities
cost, quality and time estimates. ■■ Ensuring that service transition is coordinated
■■ Establish new or modified management with programme and project management,
information systems and tools, technology and service design and service development activities.
management architectures, service Transition planning and support is not responsible for
management processes, and measurement detailed planning of the build, test and deployment
methods and metrics to meet requirements of individual changes or releases; these activities
established during the service design stage of are carried out as part of change management
the lifecycle. and release and deployment management.
■■ Ensure that all parties adopt the common
framework of standard processes and 6.5.2 Service asset and configuration
supporting systems.
management
■■ Provide clear and comprehensive plans that
Service asset and configuration management
enable customer and business change projects
(SACM) is the process responsible for managing
to align their activities with the service
assets vital to running the customer’s or
transition plans.
organization’s business.
■■ Identify, manage and control risks, to minimize
the chance of failure and disruption across
transition activities.
The purpose of the service asset and configuration
■■ Monitor and improve the performance of the
management process is to ensure that the assets
service transition lifecycle stage.
required to deliver services are properly controlled,
and that accurate and reliable information about
those assets is available when and where it is

needed. This information includes details of how 6.5.2.3 Basic concepts
the assets have been configured and the
Configuration item
relationships between assets.
Service assets that need to be managed in order to
The objectives of service asset and configuration deliver services are known as configuration items
management are to: (CIs). Other service assets may be required to deliver
■■ Ensure that assets under the control of the IT the service, but if they cannot be individually
organization are identified, controlled and managed then they are not configuration items.
properly cared for throughout their lifecycle. Every CI is a service asset, but many service assets
■■ Identify, control, record, report, audit and are not CIs.
verify services and other configuration items
Definition
(CIs) including versions, baselines, constituent
components, their attributes and relationships. A configuration item (CI) is any component or
■■ Account for, manage and protect the integrity other service asset that needs to be managed in
of CIs through the service lifecycle by working order to deliver an IT service.
with change management to ensure that only
Information about each configuration item is
authorized components are used and only
recorded in a configuration record within the
authorized changes are made.
configuration management system (CMS) and is
■■ Ensure the integrity of CIs and configurations
maintained throughout its lifecycle by service asset
required to control the services by establishing
and configuration management.
and maintaining an accurate and complete
configuration management system (CMS). Configuration items are under the control of change
■■ Maintain accurate configuration information on management. They typically include IT services,
the historical, planned and current state of hardware, software, buildings, people and formal
services and other CIs. documentation such as process documentation and
■■ Support efficient and effective service service level agreements.
management processes by providing accurate There will be a variety of CIs. The following example
configuration information to enable people to categories may help to identify them:
make decisions at the right time.
■■ Service lifecycle CIs The business case, service
6.5.2.2 Scope management plans, service lifecycle plans,
The scope of service asset and configuration service design package, release and change
management (SACM) includes management of the plans and test plans
complete lifecycle of every configuration item (CI), ■■ Service CIs Service capability assets
including interfaces to internal and external service (management, organization, processes,
providers where there are assets and configuration knowledge, people), service resource assets
items that need to be controlled, e.g. shared assets. (financial capital, systems, applications,
information, data, infrastructure and facilities,
financial capital, people), service model, service

package, release package and service ■■ External CIs External customer requirements
acceptance criteria and agreements, releases from suppliers or sub-
■■ Organization CIs An organization’s business contractors, and external services
strategy or other policies ■■ Interface CIs Escalation documents and
■■ Internal CIs Those delivered by individual interface agreements.
projects, including assets such as hardware and
software that are required to deliver and
maintain the service and infrastructure
Service knowledge management system (SKMS)
Configuration management system (CMS)
Presentation layer
Knowledge processing layer
Information
integration
layer
Integrated CMDB
Schema mapping, metadata management,

reconciliation, extract, transform, mining
Data layer
Incident records HR database
Service request records Customer database
Problem records Financial database
Known error records External databases

CMDB with
(examples)
configuration records Change records
Release records
CMDB with
configuration records Records in CMS or other
parts of the SKMS
CMDB with
configuration records
Discovery, collection, audit

Other items in the SKMS
Figure 6.2 Architectural layers of the configuration management system

Configuration management system At the data level, the CMS may include data
from configuration records stored in several
Definition physical configuration management databases
A configuration management system (CMS) is a (CMDBs), which come together at the information
set of tools, data and information that is used integration layer to form an integrated CMDB.
to support service asset and configuration The integrated CMDB may also incorporate
management. information from external data sources such
as an HR database or financial database. The
The CMS includes tools for collecting, storing, CMS will provide access to this external data
managing, updating, analysing and presenting data wherever possible rather than duplicating data.
about all configuration items and their relationships.
The CMS may also include information about Case study: service management in practice
incidents, problems, known errors, changes (Brigitte’s experience)
and releases. Later that evening in the restaurant, Brigitte
The CMS is maintained by service asset and overhears a conversation between the hotel
configuration management and is used by all IT manager and the chef. The manager is
service management processes. dissatisfied with the fact that the chef doesn’t
take his administrative duties seriously enough.
The CMS maintains the relationships between all The chef has just introduced a new menu card
service components and any related incidents and without recording it. It turns out that the hotel
problems, known errors, and change and releases. maintains a database of all relevant equipment,
The CMS may also link to corporate data about people, suppliers and processes that are used to
employees, suppliers, locations and business units, provide the services. The staff are supposed to
customers and users. register selected assets such as rooms, beds and
The CMS is part of a service knowledge management restaurant tables and the impact of these items
system (SKMS) that includes data, information on the services and the guests in the database
integration, knowledge processing and presentation every time they make a change to an item.
layers. Figure 6.2 shows the architectural layers Over the years, the hotel has gained much
of the configuration management system. experience in which data (such as equipment,
The presentation layer of the CMS will contain people, suppliers and processes) it is important to
views and dashboards that are required by people register and maintain. Currently the configuration
who need access to configuration information. database includes information about:
The CMS typically contains configuration data and ■■ Guests
information that combines into an integrated set ■■ Staff members
of views for different stakeholders through the ■■ Guest rooms
service lifecycle ■■ Beds
■■ Meeting rooms

■■ Conference equipment Definition

■■ Restaurant tables A definitive media library (DML) is one or more
■■ Menu cards locations in which the definitive and authorized
■■ Suppliers versions of all software configuration items (CIs)
■■ IT applications are securely stored. The definitive media library
■■ Processes may also contain associated configuration items
■■ Functions (reception, kitchen etc.) such as licences and documentation.
■■ Reservations of rooms (relations between
The definitive media library is a single logical
rooms and guests) – it is possible to identify
storage area even if there are multiple locations.
the vacant and reserved rooms and to see
which rooms a guest stayed in during All software in the definitive media library is under
previous visits the control of change management and is recorded
■■ Reservation of tables (relations between in the CMS (see Figure 6.3), strictly controlled by
tables and guests) service asset and configuration management (SACM).
■■ Ownership and responsibility (relations
between staff members and other items) 6.5.3 Change management
■■ Allocation of staff (relations between staff Change management is the process responsible for
members and functions or roles). controlling changes to deliver early realization of
benefits with minimum risk and adverse impact.
This information makes it possible to manage the
provided services and analyse the impact of faults
or changes to underpinning items.
The very first time Brigitte stayed at the hotel no
Definitive media library
internet connection was available for the guests.
The definitive media library (DML) should include Brigitte had been quite surprised as the majority
definitive copies of purchased software (along with of the hotel guests were business people like
licence documents or information) as well as software herself. Upon her departure she had told the
developed on site. Master copies of controlled receptionist that she had missed that service and
documentation for a system are also stored in the the receptionist had made a note of her request
definitive media library in electronic form. and told her that she had just received the same
The definitive media library will also include a physical request from one of their travel agency customers.
store to hold master copies, e.g. a fireproof safe. To Brigitte’s surprise she got a call from the hotel
when she came home; the person who called told
her that he was assessing and evaluating her
suggestion for an internet connection.

DML CMS
CMDB
Information
about the CIs
Physical CIs
Release
record
Build new release
Electronic CIs
Test new release
Deploy new release
Figure 6.3 The relationship between the definitive media library and the configuration management system
He had been talking to a number of people, When she came back to the hotel a year later
including technicians to assess the possible there was a wireless internet connection in her
technical solutions and the financial manager to room. She only had to buy an access code at
raise funding. Now he wanted to listen to a the reception.
potential customer’s viewpoint. He asked her
And once more she received – again to her
some questions on the reason for her request and
surprise – a call from the hotel when she came
whether she as a guest would be willing to pay
home; this time they wanted to know whether
for the service.
the internet connection met her expectations or
whether anything needed to be changed from
Brigitte’s perspective.

6.5.3.1 Purpose and objectives ■■ Management information systems and tools

The purpose of the change management process is ■■ Technology architectures and management
to control the lifecycle of all changes, enabling architectures required to provide the services
beneficial changes to be made with minimum ■■ Processes needed to design, transition, operate
disruption to IT services. and improve the services
■■ Measurement systems, methods and metrics for
The objectives of change management are to:
the services, the architectures, their constituent
■■ Respond to the customer’s changing business components and the processes.
requirements while maximizing value and
reducing incidents, disruption and re-work. 6.5.3.3 Basic concepts
■■ Respond to the business and IT requests for
Change, request for change and change record
change that will align the services with the
business needs. The terms ‘change’, ‘change record’ and ‘request for
change’ (RFC) are often used inconsistently, leading
■■ Ensure that changes are recorded and evaluated,
to confusion.
and that authorized changes are prioritized,
planned, tested, implemented, documented
Definitions
and reviewed in a controlled manner.
A change is the addition, modification or removal of
■■ Ensure that all changes to configuration
anything that could have an effect on IT services.
items are recorded in the configuration
management system. A request for change (RFC) is a formal proposal
■■ Optimize overall business risk – it is often for a change to be made. It includes details of the
correct to minimize business risk, but proposed change, and may be recorded on paper
sometimes it is appropriate to knowingly accept or electronically. The term RFC is often misused to
a risk because of the potential benefit. mean a change record, or the change itself.
A change record contains the details of a change.
6.5.3.2 Scope Each change record documents the lifecycle of a
The scope of service transition covers any addition, single change. A change record is created for
modification or removal of anything that could every request for change that is received, even
have an effect on IT services. The scope should those that are subsequently rejected. Change
include changes to all architectures, processes, tools, records should reference the configuration items
metrics and documentation, as well as changes that are affected by the change. Change records
to IT services and other configuration items. may be stored in the configuration management
The scope also covers all changes to any of the five system or elsewhere in the service knowledge
aspects of service design: management system.
■■ Service solutions for new or changed services, RFCs are only used to submit requests; they are not
including all of the functional requirements, used to communicate the decisions of change
resources and capabilities needed and agreed management or to document the details of the

change. A change record contains all the required ■■ Emergency change Emergency change is
information about a change, including information reserved only for highly critical changes that
from the RFC, and is used to manage the lifecycle of must be implemented as soon as possible, for
that change. example to resolve a major incident or
implement a security patch.
Change types Emergency changes are sometimes required
For different change types there are often and should be designed carefully and tested as
specific procedures, e.g. for impact assessment much as possible before use, otherwise the
and change authorization. There are three impact of the emergency change may be
different types of service change: greater than the original incident. Details of
■■ Normal change Normal changes go through emergency changes may be documented
the full assessment, authorization and retrospectively.
implementation stages. Normal changes are In an emergency situation it may not be
typically categorized as major, significant possible to convene a full change advisory
or minor. board (CAB) meeting. Where CAB approval is
■■ Standard change A standard change is a pre- required, this will be provided by the
approved change that is low risk, relatively emergency CAB (ECAB).
common and follows a procedure or work Change proposals
instruction – for example, a password reset or
Major changes that involve significant cost, risk or
provision of standard equipment to a new
organizational impact will usually be initiated
employee. Every standard change should have a
through the service portfolio management process.
change model that defines the steps to follow,
Before the new or changed service is chartered, it is
including how the change should be logged
important that the change is reviewed for its
and managed as well as how it should be
potential impact on other services, on shared
implemented. The crucial elements of a
resources and on the change schedule.
standard change are as follows:
●● There is a defined trigger to initiate the Change proposals are submitted to change
change, for example a service request or an management before chartering new or changed
exception generated by event management. services in order to ensure that potential conflicts
●● The tasks are well known, documented for resources or other issues are identified.
and proven. Authorization of the change proposal does not
●● Authority is effectively given in advance. authorize implementation of the change but
●● Budgetary approval will typically be simply allows the service to be chartered so
preordained or within the control of the that service design activity can commence.
change requester. The change proposal is normally created by the
●● The risk is usually low and always service portfolio management process and is passed
well-understood. to change management for authorization. In some

organizations, change proposals may be created by Remediation planning

a programme management office or by individual No change should be approved without having
projects. The change proposal should include: explicitly addressed the question of what to do
■■ A high-level description of the new, changed if it is not successful. Ideally, there will be a back-
or retired service, including business outcomes out plan, which will restore the organization to
to be supported, and utility and warranty to its initial situation, often through the reloading
be provided of a baselined set of configuration items (CIs)
■■ A full business case including risks, issues and – especially software and data. However, not
alternatives, as well as budget and financial all changes are reversible, in which case an
expectations alternative approach to remediation is required.
■■ An outline schedule for design and Change advisory board
implementation of the change.
The change advisory board (CAB) is a body that
After the new or changed service is chartered, RFCs exists to support the authorization of changes and
will be used in the normal way to request to assist change management in the assessment,
authorization for specific changes. These RFCs will be prioritization and scheduling of changes.
associated with the change proposal so that change
As and when a CAB is convened, members should be
management has a view of the overall strategic intent
chosen who are capable of ensuring that all changes
and can prioritize and review these RFCs appropriately.
within the scope of the CAB are adequately assessed
Change models from both a business and a technical viewpoint.
Organizations will find it helpful to predefine change To achieve this, the CAB needs to include people
models – and apply them to appropriate changes with a clear understanding across the whole range of
when they occur. A change model is a way of stakeholder needs. The change manager will normally
predefining the steps that should be taken to handle chair the CAB, and potential members include:
a particular type of change in an agreed way.
■■ Customer(s)
The change model includes: ■■ User manager(s)
■■ The steps that should be taken to handle the ■■ User group representative(s)
change, including handling issues and ■■ Business relationship managers
unexpected events ■■ Service owners
■■ The chronological order these steps should be ■■ Applications developers/maintainers
taken in, with any dependences or ■■ Specialists/technical consultants
co-processing defined ■■ Services and operations staff
■■ Responsibilities: who should do what ■■ Facilities/office services staff (where changes may
■■ Timescales and thresholds for completion of affect moves/accommodation and vice versa)
the actions ■■ Contractors’ or third parties’ representatives,
■■ Escalation procedures: who should be e.g. in outsourcing situations
contacted and when. ■■ Other parties as applicable to specific circumstances.

Role
Create RFC
Change
initiator
Record RFC
Change
Change management
proposal
Requested
(optional)
Review RFC
Change
Activities assigned to the management
role ‘change management’ Ready for evaluation
may be carried out by a
change practitioner, a Assess and
change authority or the evaluate change
change management process Change
owner, depending on management
Ready for decision Work flows
organizational design
Rejected
Update information in CMS

Authorize change
build and test
Change
authority
Authorized
Rejected Coordinate change
build and test*
Change
*Activities to plan, create management
and deploy releases are
Created Work flows
part of the release and
deployment management Authorize change
process Change deployment
authority
Scheduled
Coordinate change
deployment*
Change
management Implemented Work flows
Review and close

change record
Change Closed
management,
change authority,
change initiator
Figure 6.4 Example of a process flow for a normal change

In an emergency situation it may not be possible to ■■ Authorize the change:

convene a full CAB meeting. Where CAB ●● Obtain authorization/rejection
authorization is required, this will be provided by ●● Communicate the decision with all stakeholders,
the emergency change advisory board (ECAB). in particular the initiator of the RFC
Change procedures should specify how the ■■ Plan updates
composition of the CAB and ECAB will be ■■ Coordinate change implementation
determined in each instance. ■■ Review and close the change.
6.5.3.4 Process activities 6.5.3.5 Interfaces

Overall change management activities include: In order to be able to define clear boundaries,
■■ Planning and controlling changes dependencies and rules, change management
■■ Change and release scheduling and release and deployment management
■■ Communications should be integrated with processes used for
organizational programmes or projects, supplier
■■ Change decision-making and change
management and also suppliers’ processes and
authorization
procedures. There will be occasions when a
■■ Ensuring that there are remediation plans
proposed change will potentially have a wider
■■ Measurement and control impact on other parts of the organization (e.g.
■■ Management reporting facilities or business operations), or vice versa,
■■ Understanding the impact of change and the service change process must interface
■■ Continual improvement. appropriately with other processes involved:
Typical activities in managing individual ■■ Programme and project management
changes (see Figure 6.4) are to: Programme and project management must
work in partnership with change management
■■ Create and record the RFC
to align all the processes and people involved
■■ Review RFCs and filter changes
in service change initiatives.
■■ Assess and evaluate the change:
■■ Organizational and stakeholder change
●● Establish the appropriate level of management It is essential that organizational
change authority aspects of change management are properly
●● Establish relevant areas of interest (who considered and that the change management
should be involved in the CAB) process has appropriate interfaces with the
●● Evaluate the business justification, people carrying out this work.
impact, cost, benefits, risks and predicted
■■ Sourcing and partnering Effective change
performance of the change
management practices and principles should
●● Request formal evaluation of the change
manage relationships with internal and
from the change evaluation process if this
external vendors and suppliers effectively.
is required

■■ Service portfolio management Service

portfolio management prioritizes and charters
strategic changes, and some change requests
require analysis by the service portfolio Brigitte was glad to find the new wireless internet
management process. connection service available the second time she
visited the hotel. But she also wondered why she
■■ Capacity management and demand
had to order a room with internet in advance and
management Capacity management should
why the hotel hadn’t just implemented the
assess every change for its impact on capacity,
service in all rooms.
and changes arising from capacity management
should be implemented through the change Jacob, who was assigned to implement the
management process. internet services, explained that the hotel had
■■ IT service continuity management Every wanted to keep control of the deployment so
change should be assessed for its impact on IT they had chosen a phased approach, to ensure
service continuity and continuity plans, and that one phase was a success before moving on
procedures should be kept under change to the next.
management control. Actually the hotel started with an installation in
■■ Information security management Security the reception area. In the second phase the
changes are implemented through the change service had been available in a limited number of
management process, and every change should rooms to guests who specifically asked for it. Now
be assessed for its potential impact on in the third phase they advertised the service and
information security. they were planning to roll out the service to all
■■ Service asset and configuration management remaining rooms.
The configuration management system (CMS)
provides access to configuration information to
enable impact assessment of changes and 6.5.4.1 Purpose and objectives
change tracking. The purpose of the release and deployment
■■ Problem management Problem management management process is to plan, schedule and control
ensures that all resolutions or workarounds the build, test and deployment of releases, and to
that require a change to a configuration item deliver new functionality required by the business
(CI) are submitted through change while protecting the integrity of existing services.
management. The objectives of release and deployment
management are to:
6.5.4 Release and deployment
management ■■ Define and agree release and deployment
management plans with customers and
Release and deployment management is the process
stakeholders
responsible for delivering new functionality required
while protecting the integrity of existing services. ■■ Create and test release packages that consist of
related configuration items that are compatible
with each other

■■ Ensure that the integrity of a release package ■■ Training for users and IT staff
and its constituent components is maintained ■■ Services, including all related contracts
throughout the transition activities, and that all and agreements.
release packages are stored in a definitive
Although release and deployment management is
media library (DML) and recorded accurately in
responsible for ensuring that appropriate testing
the configuration management system (CMS)
takes place, the actual testing is carried out as
■■ Deploy release packages from the DML to the
part of the service validation and testing process.
live environment following an agreed plan
and schedule
6.5.4.3 Basic concept
■■ Ensure that all release packages can be tracked,
installed, tested, verified and/or uninstalled or Release
backed out if appropriate Definition
■■ Ensure that organization and stakeholder
A release is a collection of one or more changes
change is managed during release and
to an IT service that are built, tested and
deployment activities
deployed together. A single release may include
■■ Ensure that a new or changed service and its changes to hardware, software, documentation,
enabling systems, technology and organization processes and other components.
are capable of delivering the agreed utility
and warranty
■■ Record and manage deviations, risks and issues 6.5.4.4 Process activities
related to the new or changed service and take There are four phases to release and deployment
necessary corrective action management (see Figure 6.5):
■■ Ensure that skills and knowledge are transferred to ■■ Release and deployment planning Plans for
customers, users and service operation functions. creating and deploying the release are created.
This phase starts with change management
6.5.4.2 Scope authorization to plan a release and ends with
The scope of release and deployment management change management authorization to create
includes the processes, systems and functions to the release.
package, build, test and deploy a release into live ■■ Release build and test The release package is
use and formally hand the service over to the built, tested and checked into the definitive
service operation functions. The scope includes all media library (DML). This phase starts with
configuration items required to implement a change management authorization to build the
release, for example: release and ends with change management
■■ Physical assets such as a server or network authorization for the baselined release package
■■ Virtual assets such as a virtual server or to be checked into the DML by service asset
virtual storage and configuration management. This phase
only happens once for each release.
■■ Applications and software

■■ Deployment The release package in the DML is separate request for change (RFC) at each stage.
deployed to the live environment. This phase Some organizations manage a whole release with a
starts with change management authorization single change request and separate authorization at
to deploy the release package to one or more each stage for activities to continue, while other
target environments and ends with handover organizations require a separate RFC for each stage.
to the service operation functions and early-life Both of these approaches are acceptable; what is
support. There may be many separate important is that change management authorization
deployment phases for each release, depending is received before commencing each stage.
on the planned deployment options.
■■ Review and close Experience and feedback are 6.5.5 Knowledge management
captured, performance targets and achievements Knowledge management is the process responsible
are reviewed and lessons are learned. for sharing service perspectives, ideas, experience
Figure 6.5 shows multiple points where an and information to improve service efficiency and
authorized change triggers release and deployment enable informed decisions.
management activity. This does not require a
Change management
Auth Auth Auth Auth

Auth
Auth
Auth
Authorize Authorize Authorize Authorize Post-
release planning build and test check-in to DML deployment/ implementation
transfer/retirement review
Release and Release

Review and
deployment build and Deployment
close
planning test
Deployment
Transfer
Change management authorization Retirement

Auth
Figure 6.5 Phases of release and deployment management

■■ Maintain a service knowledge management

system (SKMS) that provides controlled access
to knowledge, information and data that is
Brigitte sits on her balcony enjoying the beautiful appropriate for each audience
sunset over the mountains and it reminds her of
■■ Gather, analyse, store, share, use and maintain
the first time she stayed in this suite. She was
knowledge, information and data throughout
asked to visit the factory at short notice, but she
the service provider organization.
hoped that the hotel still had rooms available
when she called the hotel. The receptionist could 6.5.5.2 Scope
see from the register that Brigitte often stayed at Knowledge management is a whole lifecycle-wide
the hotel and that all the rooms of her choice process in that it is relevant to all lifecycle stages
were booked, so he offered her a discount. At and hence is referenced throughout ITIL from the
the same time he made a reservation in the perspective of each publication. Knowledge
restaurant for her on the first night. She ended management includes oversight of the management
up with the suite, and since then she has always of knowledge, the information and data from
ordered it if available. which that knowledge derives.
6.5.5.1 Purpose and objectives 6.5.5.3 Basic concepts

The purpose of the knowledge management Data to information to knowledge to wisdom
process is to share perspectives, ideas, experience Knowledge management is typically displayed
and information, and to ensure that these are within the data-to-information-to-knowledge-to-
available in the right place and at the right time. wisdom (DIKW) structure (see Figure 6.6). The use
The knowledge management process enables of these terms is set out below:
informed decisions and improves efficiency by
reducing the need to rediscover knowledge. ■■ Data is a set of discrete facts about events.
Most organizations capture significant amounts
The objectives of knowledge management are to: of data in highly structured databases such as
■■ Improve the quality of management decision- service management and service asset and
making by ensuring that reliable and secure configuration management tools/systems
knowledge, information and data is available and databases.
throughout the service lifecycle ■■ Information comes from providing context to
■■ Enable the service provider to be more efficient data. Information is typically stored in semi-
and improve quality of service, increase structured content such as documents, email
satisfaction and reduce the cost of service by and multimedia.
reducing the need to rediscover knowledge ■■ Knowledge is composed of the tacit
■■ Ensure that staff have a clear and common experiences, ideas, insights, values and
understanding of the value that their services judgements of individuals. People gain
provide to customers and the ways in which knowledge both from their own and from their
benefits are realized from the use of those services peers’ expertise, as well as from the analysis of

Context
Wisdom
Why?
Knowledge
How?
Information
Who, what,
when, where?
Data
Understanding
Figure 6.6 The flow from data to wisdom
information (and data). Through the synthesis The service knowledge management system includes
of these elements, new knowledge is created. the configuration management system (CMS), as
■■ Wisdom makes use of knowledge to create well as other databases and information systems.
value through correct and well-informed However, clearly the service knowledge management
decisions. Wisdom involves having the system is a broader concept that covers a much
application and contextual awareness to wider base of knowledge, for example:
provide strong common-sense judgement.
■■ The service portfolio
The service knowledge management system ■■ The definitive media library (DML)
Definition ■■ Service level agreements (SLAs), contracts and
operation level agreements (OLAs)
The service knowledge management system
(SKMS) is a set of tools and databases that is used ■■ The information security policy
to manage knowledge, information and data. ■■ The supplier and contract management
The service knowledge management system information system (SCMIS)
includes tools for collecting, storing, managing, ■■ Budgets and cost models
updating, analysing and presenting all the ■■ Business plans
knowledge, information and data that an IT ■■ Continual service improvement (CSI) register
service provider will need to manage the full and service improvement plans (SIPs)
lifecycle of IT services.

■■ Capacity plan and capacity management 6.6 Sample questions

information system (CMIS)
1 Which of the following are the main objectives
■■ Availability plan and availability management
of the service transition phase of the lifecycle?
system (AMIS)
■■ Service continuity invocation procedures 1 To ensure the service changes create the
■■ Service reports expected business value
■■ Discussion forum for practitioners 2 To manage the risks related to the new
■■ Project plans services as they transition into production
■■ Known error database (KEDB) 3 To ensure that the services can be used in
■■ Skills register accordance with the requirements stated
■■ Diagnostic scripts. within the original service requirements
Figure 6.7 illustrates the relationship of the three 4 To provide the business with the details of
levels, with configuration data being recorded the changing business processes, and carry
within the configuration management database out subsequent training of these business
(CMDB), and feeding through the configuration operational changes
management system (CMS) into the service
a 1 and 4 only
knowledge management system (SKMS) and
supporting delivery of the services and informed b 2 and 3 only
decision-making. c 1, 2 and 3 only
d All of the above
Service knowledge management system 2 Which of the following are valid items that
Knowledge
could be stored in the SKMS?
Decisions
Wisdom 1 The configuration management system
2 The service portfolio
Configuration management system

3 Service level agreements
Information
4 The definitive media library
a All of the above
Configuration management database
Data b None of the above
c 1, and 4 only
Figure 6.7 Relationship of the CMDB, the CMS and
the SKMS d 1, 3 and 4 only

Purpose Service transition policies, standards and models

Transition
planning and Objectives Guide major change
Entry and exit criteria support
Scope Coordinate efforts
Configuration baseline
Plan budget and resources
Build, installation and
release distribution Coordinate with programme and
Change grouping Purpose project management
Release policy Key
and acceptance principles
Frequency Objectives Data
Roles and responsibilities Information

Knowledge
Scope
management
Identification and naming Knowledge
Service knowledge management system

Basic concepts
Data-to-information-to-knowledge-to-wisdom
Reduce delays
Purpose
Re-use of transition assets
Objectives Services
Estimate cost, timing and resources more accurately
Business Physical assets
Increased understanding of risk value Release and
deployment Scope Virtual assets
Higher volume of change management
Applications and software
Training
Basic concepts Release

Service Processes
New and changed services transition Planning
Build and test

Release
Process activities
Deployment
Planning
Review and close
Building Purpose
Scope
Testing Objectives Addition
Evaluation Modification
Change
Scope
Deployment management
Removal
Retirement Five aspects of service design
Change advisory board Emergency CAB
Realize business value Remediation planning
Plan and manage changes Change model
Manage change risk Basic concepts Change proposal
Change record
Successfully deploy releases Objectives
Request for change
Manage expectations
Defined trigger
Emergency change
Manage service knowledge
Process activities Well-known and proven tasks
Change Standard change
Interfaces Pre-approved
Normal change
New, modified or retired services meet business expectations Purpose Well-understood (low) risk
Purpose
Objectives
Service asset Scope Complete lifecycle of CIs

and
configuration Configuration Configuration
management management management
system database
External CIs
Internal CIs
Basic concepts Configuration
item Organization CIs
Service CIs
Service lifecycle CIs

Definitive media library

3 Which of the following is the BEST description 5 Which of the following is NOT a valid
of the configuration management system? change type?
a A set of tools, data and information that is a Emergency
used to support service asset and
b Standard
configuration management
c Normal
b A component that needs to be managed in
order to deliver an IT service d Change proposal
c The tools and databases that are used to 6 Which of the following is the appropriate
manage the organization’s knowledge and sequence for the phases of release and
information throughout the whole of the deployment?
service lifecycle a Plan, do, check, act
d A single repository holding details of the b Release and deployment planning, release
service model and the relationships build and test, deployment, review
between the different components of and close
that service
c Release build and test, deployment, release
4 Which of the following describes remediation and deployment planning, review and close
for a change or release?
d Review and close, release and deployment
a Invocation of the ITSC plan planning, release build and test, deployment
b Taking appropriate recovery action
following failure of the change or release
c Assurance that an emergency change
is approved
d Predefining steps that should be taken to
handle this type of change


Service operation 7
17/02/2012 11:58
| 113

7 Service operation
Strategic objectives are ultimately realized through 7.1 Purpose and objectives
service operation, requiring effective and efficient
The purpose of the service operation stage
delivery and support of services to ensure value
is to coordinate and carry out the activities
for the customer and the service provider.
and processes required to deliver and manage
Case study: service management in practice services at agreed levels to business users and
(Brigitte’s experience) customers. Service operation is also responsible
for the ongoing management of the technology
Time has passed and Brigitte is back at the alpine
that is used to deliver and support services.
hotel again. Even though she thinks she travels
too much, she likes to be back in the beautiful The main objectives of service operation are to:
surroundings. She takes a quick walk around the ■■ Maintain business satisfaction and confidence
hotel and notices that an expansion with a small in IT through effective and efficient delivery
water world is almost complete and that the and support of agreed IT services
construction of the conference facilities is
■■ Minimize the impact of service outages on day-
progressing. She is amazed that the hotel staff
to-day business activities
are capable of managing two major projects
■■ Ensure that access to agreed IT services is
while still running the hotel. After all, it is still the
only provided to those authorized to receive
operation of the original part of the hotel that
those services.
earns the money.
When the new conference services have been
implemented, they will have to be operated 7.2 Scope
according to the agreed service levels. Brigitte Service operation covers:
doesn’t know much about hotel operation, but
■■ All aspects of the end-to-end service agreed
she imagines that it may include activities such as:
with the business, including activities performed
■■ Hosting and facilitation of conferences by the service provider, external suppliers, the
■■ Monitoring and management of the air customer or the user of that service
conditioning in the conference facilities ■■ Service management processes that support
■■ Cleaning and maintenance of the conference the services
facilities ■■ Organizational functions required to deliver
■■ Measurement and reporting of the and support services
satisfaction of the conference delegates
■■ Training of new staff members.

114 | Service operation
■■ Technology and infrastructure needed to 7.4 Key principles

deliver the services
■■ People who manage the technology, processes 7.4.1 Communication
and services. Effective communication in service operation
The following processes are within ensures that all teams and departments are
the scope of service operation: able to execute the standard activities involved
in delivering services and managing the
■■ Event management infrastructure. Issues can often be prevented or
■■ Incident management mitigated with appropriate communication.
■■ Request fulfilment
An important principle is that all communication
■■ Problem management
must have an intended purpose or a resultant
■■ Access management. action. In addition, that the audience should have
been actively involved in determining the need for
7.3 Business value that communication and what they will do with
the information.
Adopting and implementing consistent
approaches for service operation will: Types of communication include:
■■ Reduce unplanned labour and costs for both ■■ Routine operational communication
the business and IT. ■■ Communication between shifts
■■ Reduce the duration and frequency of ■■ Performance reporting
service outages. ■■ Communication in projects
■■ Provide operational results and data that can ■■ Communication related to changes
be used by other ITIL processes to improve ■■ Communication related to exceptions
services continually. and emergencies
■■ Meet the goals and objectives of the ■■ Training of new or customized processes and
organization’s security policy by ensuring that service designs
IT services will be accessed only by those ■■ Communication of strategy, design and
authorized to use them. transition to service operation teams.
■■ Provide quick and effective access to standard
services which business staff can use to improve There is no definitive medium for communication,
their productivity or the quality of business nor is there a fixed location or frequency. In some
services and products. organizations communication has to take place in
meetings. Other organizations prefer to use email
■■ Provide a basis for automated operations.
or the communication inherent in their service
management tools.

Service operation | 115
7.5 Processes To come to this conclusion, the system had

The ITIL Foundation syllabus covers the following collected data from temperature sensors both
service operation processes: inside the room and outside the building, as well
as data from the heating equipment. The system
■■ Event management
had then correlated all the information, compared
■■ Incident management the result with the defined thresholds and issued
■■ Request fulfilment an alert.
■■ Problem management
■■ Access management.
7.5.1 Event management The purpose of event management is to manage
events throughout their lifecycle. This lifecycle of
Event management is the process responsible
activities to detect events, make sense of them
for managing events throughout their lifecycle.
and determine the appropriate control action is
Event management is one of the main activities
coordinated by the event management process.
of IT operations.
The objectives of the event management process
Case study: service management in practice are to:
■■ Detect all changes of state that have
During the next few years Brigitte regularly significance for the management of a
returns to the hotel. Actually, she went to the configuration item (CI) or IT service.
grand opening of the new conference centre. The
■■ Determine the appropriate control action for
event started in the old reception area where the
events and ensure that these are communicated
hotel management proudly presented the control
to the appropriate functions.
panel for the heating, sun panels and lights in the
■■ Provide the trigger, or entry point, for the
new conference centre.
execution of many service operation processes
Suddenly a beep sounded and a light on the and operations management activities.
control panel turned red. The face of the man ■■ Provide the means to compare actual operating
who did the presentation briefly turned pale – he performance and behaviour against design
obviously didn’t expect an alarm to go off in the standards and service level agreements (SLAs).
middle of his presentation; but, on the other ■■ Provide a basis for service assurance and
hand, it left him with the opportunity to show reporting, and for service improvement.
how advanced the system was. The beep, he
explained, was an announcement from the
system that a human intervention was required.
In this case the temperature in the auditorium
was suddenly unexpectedly low.

7.5.1.2 Scope 7.5.2 Incident management

Event management can be applied to any aspect Incident management is the process responsible
of service management that needs to be controlled for managing the lifecycle of all incidents.
and which can be automated. This includes:
■■ Configuration items (CIs)
■■ Environmental conditions (e.g. fire and
On one of her recent trips, Brigitte one night
smoke detection)
returned to her room at the hotel to sleep. While
■■ Software licence monitoring for usage to
brushing her teeth she noticed that the shower
ensure optimum/legal licence utilization
head had fallen to the ground and was broken.
and allocation
■■ Security (e.g. intrusion detection) After finishing her tooth brushing she dialled the
■■ Normal activity (e.g. tracking the use of an reception. The folder next to the telephone
application or the performance of a server). guided her on how to report an incident: ‘If you
need any kind of assistance or want to report a
7.5.1.3 Basic concepts problem, please call the reception by dialling 1.’
The receptionist asked questions such as: ‘What is
Event your problem?’, ‘Is the shower completely useless
Definition or can you use it anyway?’, ‘Is it important to fix
it now or can it wait till tomorrow?’ and ‘When
An event is a change of state that has significance
do you plan to take a shower?’
for the management of an IT service or other
configuration item (CI). Brigitte didn’t need a shower at that moment –
but she had to take one in the morning before
Events are typically notifications created by a service, going back to the factory at 8 a.m. The receptionist
CI or monitoring tool. Events normally require IT was unable to find someone who could fix the
operations personnel to take actions, and often shower before 6 a.m. so he tried to identify a
lead to incidents being logged. workaround: ‘Brigitte, do you want to have
another room (facing the street so it is a bit
Alert noisier) or to have a key to the pool area and
Definition have your morning shower there?’
An alert is a notification that a threshold has
been reached, something has changed or a 7.5.2.1 Purpose and objectives
failure has occurred. The purpose of incident management is to restore
normal service operation as quickly as possible and
Alerts are often created and managed by minimize the adverse impact on business operations,
system management tools and are managed thus ensuring that agreed levels of service quality
by the event management process. are maintained. ‘Normal service operation’ is

defined as an operational state where services and 7.5.2.3 Basic concepts

configuration items (CIs) are performing within
Incident and workaround
their agreed service and operational levels.
The objectives of the incident management process Definition
are to: An incident is an unplanned interruption to an IT
service or reduction in the quality of an IT service.
■■ Ensure that standardized methods and
Failure of a configuration item that has not yet
procedures are used for efficient and prompt
affected service is also an incident – for example,
response, analysis, documentation, ongoing
failure of one disk from a mirror set.
management and reporting of incidents
■■ Increase visibility and communication of In some cases it may be possible to find a workaround
incidents to business and IT support staff to an incident – a temporary way of overcoming the
■■ Align incident management activities and difficulties. But it is important that work on a
priorities with those of the business permanent resolution continues where this is justified.
■■ Maintain user satisfaction with the quality of
IT services. Definition
A workaround is a way of reducing or eliminating
7.5.2.2 Scope the impact of an incident or problem for which a
Incident management includes any event which full resolution is not yet available.
disrupts, or which could disrupt, a service.
This includes events which are communicated Examples would be restarting a failed configuration
directly by users, either through the service item (CI) or by making a manual amendment to
desk or through an interface from event an input file to allow a program to complete its
management to incident management tools. run successfully.
Incidents can also be reported and/or logged by Workarounds for problems (see section 7.5.4) are
technical staff. This does not mean, however, that documented in known error records. Workarounds
all events are incidents. Many classes of events are for incidents that do not have associated problem
not related to disruptions at all, but are indicators records are documented in the incident record.
of normal operation or are simply informational.
Prioritization
Although both incidents and service requests An important aspect of logging every incident is
are reported to the service desk, this does not to agree and allocate an appropriate priority – as
mean that they are the same. Service requests this will determine how the incident is handled
do not represent a disruption to agreed service, both by support tools and support staff.
but are a way of meeting the customer’s needs
and may be addressing an agreed target in a
service level agreement (SLA). Service requests
are dealt with by the request fulfilment process.

business impact, so numbers alone are not enough

Definition
to evaluate overall priority. Other factors that can
A priority is a category used to identify the also contribute to impact levels are:
relative importance of an incident.
■■ Risk to life or limb
The priority is based on the urgency of the incident
■■ The number of services affected – may be
(how quickly the business needs a resolution) and
multiple services
the level of impact it is causing to identify
■■ The level of financial losses
required times for actions to be taken.
■■ Effect on business reputation
An effective way of calculating these elements and ■■ Regulatory or legislative breaches.
deriving an overall priority level for each incident is Timescales must be agreed for all incident-handling
shown in Figure 7.1. stages, depending on the priority of the incident –
An indication of impact is often the number of based on the overall incident response and resolution
users being affected. However, in some cases the targets within service level agreements (SLAs) – and
loss of service to a single user can have a major captured as targets within operational level
Impact
Priority Target resolution time
Urgency
Impact
Priority
High Medium Low
Resolution time
1 2 3
High
< 1 hour < 8 hours < 24 hours
Urgency
2 3 4
Medium
< 8 hours < 24 hours < 48 hours
3 4 5
Low
< 24 hours < 48 hours planned
Figure 7.1 Example of calculation of priority based on impact and urgency

agreements (OLAs) and underpinning contracts. ■■ Precautions to be taken before resolving the
All support groups should be made fully aware of incident, such as backing up data and
these timescales. configuration files, or taking steps to comply
with health- and safety-related guidelines
Major incident
■■ Timescales and thresholds for completion of
A separate procedure, with shorter timescales and the actions
greater urgency, must be used for major incidents.
■■ Escalation procedures: who should be
A definition of what constitutes a major incident
contacted and when
must be agreed and ideally mapped onto the
■■ Any necessary evidence-preservation activities.
overall incident prioritization system – such that it
will be dealt with through this separate procedure.
7.5.2.4 Process activities
Where necessary, the major incident procedure The key activities within the incident management
should include the establishment of a separate process include (as shown in Figure 7.2):
major incident team under the direct leadership of
the incident manager, formulated to concentrate ■■ Incident identification Incidents may be
on this incident alone to ensure that adequate detected by event management, by calls to the
resources and focus are provided to finding a service desk, from web or other self-help
swift resolution. interfaces, or directly by technical staff. Service
requests or change requests incorrectly logged
Incident model as incidents are identified so that they can be
Many incidents are not new. They involve dealing passed to the request fulfilment or change
with something that has happened before and may management processes respectively.
well happen again. For this reason, some organizations ■■ Incident logging All incidents must be logged
find it helpful to predefine incident models. and time-stamped, regardless of whether they
are received through a service desk telephone
Definition call or whether automatically detected via an
An incident model is a way of predefining the event alert. The log must include sufficient
steps that should be taken to handle a process for data to enable the incident to be managed.
dealing with a particular type of incident in an ■■ Incident categorization Categories are used to
agreed way. identify the type of incident and assist with
trending analysis. Multi-level categorization can
The incident model should include: be used to identify multiple levels of categories
■■ The steps that should be taken to handle that can be associated with an incident, as
the incident shown in Figure 7.3.
■■ The chronological order these steps should
be taken in, with any dependences or
co-processing defined
■■ Responsibilities: who should do what

Event
management Web interface Phone call Email
Incident
identification
To request fulfilment
(if this is a service
request) or change
Is this really No management (if this
an incident? is a change
proposal)
Yes
Incident logging
Incident
categorization
Incident
prioritization
Major incident
Yes Major incident?
procedure
No
Initial diagnosis
Functional Functional Escalation

Yes Yes
escalation escalation? needed?
No
No
No
Management Hierarchic Investigation
Yes No
escalation escalation? and diagnosis
Resolution
identified?
Yes
Resolution and
recovery
Incident closure
End
Figure 7.2 Incident management process flow

Location Application
impacted impacted
Service Database
impacted impacted
System Server
impacted impacted
Application Disk drive

impacted impacted
Figure 7.3 Multi-level incident categorization
■■ Incident prioritization A priority is assigned ■■ Resolution and recovery When a potential

based on impact and urgency. Priorities are resolution has been identified, this should be
dynamic and may be changed during the life of tested, applied and documented.
the incident. ■■ Incident closure The service desk should check
■■ Initial diagnosis If possible, the incident should that the incident is fully resolved and that the
be resolved while the user is still on the phone. users are satisfied and willing to agree that the
Sometimes the service desk analyst will continue incident can be closed.
work on the incident and contact the user
when it has been resolved. An incident-matching 7.5.2.5 Interfaces
procedure can be developed to help service The interfaces with incident management include:
desk and other support staff match incidents
with known errors, problems or other incidents ■■ Service level management The ability to
to find resolutions quickly where possible. resolve incidents in a specified time is a key
part of delivering an agreed level of service.
■■ Incident escalation
■■ Availability management Availability
●● Functional escalation The incident is
management will use incident management
transferred to a technical team with a higher
data to determine the availability of IT services
level of expertise.
and look at where the incident lifecycle can
●● Hierarchic escalation If incidents are of a
be improved.
serious nature, the appropriate managers
must be notified – for informational ■■ Capacity management Incident management
purposes at least. provides a trigger for performance monitoring
■■ Investigation and diagnosis Each of the where there appears to be a performance
support groups involved with the incident problem.
handling will investigate and diagnose what ■■ Information security management Incident
has gone wrong. management provides security-related incident
information for security management.

■■ Service asset and configuration management 7.5.3.1 Purpose and objectives

This provides the data used to identify and The purpose of request fulfilment is to manage
progress incidents. the lifecycle of all service requests from the users.
■■ Change management Where a change is
The objectives of the request fulfilment process are to:
required to implement a workaround or
resolution, this will need to be logged as ■■ Maintain user and customer satisfaction
an RFC and progressed through change through efficient and professional handling of
management. all service requests
■■ Problem management Incident management ■■ Provide a channel for users to request and
forms part of the overall process of dealing receive standard services for which a
with problems in the organization. Incidents predefined authorization and qualification
are often caused by underlying problems, process exists
which must be solved to prevent the incident ■■ Provide information to users and customers
from recurring. Incident management provides about the availability of services and the
a point where these are reported. procedure for obtaining them
■■ Source and deliver the components of
7.5.3 Request fulfilment requested standard services (e.g. licences and
Request fulfilment is the process responsible for software media)
managing the lifecycle of all service requests. ■■ Assist with general information, complaints
or comments.
(Brigitte’s experience) 7.5.3.2 Scope
On another trip, Brigitte had forgotten her alarm The process needed to fulfil a request will vary
clock so she needed to find another way to get a depending upon exactly what is being requested
wake-up call. The hotel room contained an but can usually be broken down into a set of
interactive television with a multitude of service activities that have to be performed. For each
menus. She turned on the television and went to request, these activities should be documented into
the self-service menu (1. Wake-up service, 2. a request model.
Restaurant menu, 3. Reservation of restaurant
tables, 4. Room service, 5. Opening hours in pool Ultimately it is up to each organization to decide
area etc.). She pressed ‘1’ and ‘0630’ to set the and document which service requests it will handle
alarm for 6.30 a.m. through the request fulfilment process and which
will have to go through other processes such as
Brigitte reflected on the service system. It was business relationship management for dealing
quite smart – the guests were able to see most of with requests for new or changed services.
the services provided and the system even handled
a lot of them without human intervention.

7.5.3.3 Basic concepts Brigitte had not been the only one with a shower
Service request head problem; a number of incidents had been
reported, and an analysis was performed to
Definition identify the root causes of the problem. It turned
A service request is a formal request from a user out that the root causes were weaknesses in the
for something to be provided – for example, a shower heads combined with human behaviour.
request for information, or advice; to reset a A number of solutions were examined before the
password; or to install a workstation for a new problem was fixed, including replacement of all
user. Service requests may be linked to a request shower heads and mounting of a strap that
for change as part of fulfilling the request. prevents the shower heads from falling.
Service requests are managed by the request

fulfilment process, usually in conjunction with the 7.5.4.1 Purpose and objectives
service desk. The term ‘service request’ is used as a The purpose of problem management is to
generic description for the many different types of manage the lifecycle of all problems, from first
demand that are placed on the IT organization by identification through further investigation and
users. Many of these are typically requests for small documentation to eventual removal. Problem
changes that are low risk, frequently performed, management seeks to minimize the adverse
low cost etc. (e.g. a request to change a password, impact of incidents and problems on the business
a request to install an additional software that are caused by underlying errors within the
application onto a particular workstation, a request IT infrastructure, and to proactively prevent any
to relocate some items of desktop equipment) recurrence of incidents related to these errors. In
or may be just a request for information. order to achieve this, problem management seeks
to get to the root cause of incidents, document
7.5.4 Problem management and communicate known errors, and initiate
Problem management is the process responsible for actions to improve or correct the situation.
managing the lifecycle of the underlying causes of The objectives of the problem management process
one or more incidents. are to:
Case study: service management in practice ■■ Prevent problems and resulting incidents
(Brigitte’s experience) from happening
■■ Eliminate recurring incidents
One time when Brigitte visited the hotel, the shower
head had been broken; as a result she had had to ■■ Minimize the impact of incidents that cannot
go to the pool area to have her morning shower. be prevented.
Because of this, the first thing Brigitte did when
she arrived at the hotel room next time was to
check if the shower was OK. Not only was it OK
but also a strap had been mounted on the shower
head to prevent it from falling to the floor if dropped.

7.5.4.2 Scope Problem, known error and resolution

Problem management includes the activities
Definition
required to diagnose the root cause of incidents
and to determine the resolution of those problems. A problem is a cause of one or more incidents.
It is also responsible for ensuring that the resolution
The cause is not usually known at the time when a
is implemented through the appropriate control
problem record is created, and the problem
procedures, especially change management
management process is responsible for further
and release and deployment management.
investigation.
Problem management will maintain information
about problems and the appropriate workarounds Definition
and resolutions, so that the organization is able A known error is a problem that has a
to reduce the number and impact of incidents documented root cause and a workaround.
over time.
Although incident and problem management are Known errors are created and managed throughout
separate processes, they are closely related, will their lifecycle by problem management. Known errors
typically use the same tools and may use similar may also be identified by development staff
categorization, impact and priority coding systems. or suppliers.
This will ensure effective communication when As soon as the diagnosis is complete, and
dealing with related incidents and problems. particularly where a workaround has been found,
The problem management process has both reactive a known error record must be raised and placed
and proactive aspects. in the known error database (KEDB) so that if
further incidents or problems arise they can be
7.5.4.3 Basic concepts identified and the service restored more quickly.
Incidents versus problems However, in some cases it may be advantageous to

raise a known error record even earlier in the overall
An incident is an unplanned interruption to an IT
process, for example just for information purposes,
service or reduction in the quality of an IT service. A
even though the diagnosis may not be complete or
problem presents a different view of an incident by
a workaround found. So it is inadvisable to set a
understanding its underlying cause, which may also
concrete procedural point specifying exactly when a
be the cause of other incidents. Incidents do not
known error record must be raised. It should be
‘become’ problems. While incident management
done as soon as it becomes useful to do so.
activities are focused on restoring services to
normal-state operations, problem management
Definition
activities are focused on finding ways to prevent
incidents from happening in the first place. A resolution is an action taken to repair the root
cause of an incident or problem, or to implement
a workaround.

Once a root cause has been found and a solution to As well as creating a known error record in the
remove it has been developed, this should be known error database (KEDB) to ensure quicker
applied to resolve the problem. In reality, safeguards diagnosis, the creation of a model for handling
may be needed to ensure that the resolution does such problems in the future may be helpful.
not cause further difficulties.
If a workaround is found, it is important that
the problem record remains open and details Problem management consists of two major processes:
of the workaround are documented within the ■■ Reactive problem management is concerned
problem record. with solving problems in response to one or
If any change to a configuration item (CI) is required, more incidents. Reactive problem management
this will require a request for change (RFC) to be complements incident management activities
raised and authorized before the resolution can by focusing on the underlying cause of an
be applied. incident to prevent its recurrence and
identifying workarounds when necessary.
Known error database ■■ Proactive problem management is concerned
To allow quicker diagnosis and resolution of with identifying and solving problems and
incidents and problems, previous knowledge of known errors before further related incidents
how they were overcome should be stored in a can occur again. With proactive problem
known error database (KEDB). management, process activities are triggered by
The KEDB should be used during the incident activities seeking to improve services. In that
and problem diagnosis phases to try to speed up way proactive problem management
the resolution process – and new records should complements continual service improvement
be added as quickly as possible when a new (CSI) activities by helping to identify
problem has been identified and diagnosed. workarounds and actions that can improve the
quality of a service.
The known error record should hold exact details
of the fault and the symptoms that occurred, The problem management process is shown in
together with precise details of any workaround Figure 7.4. This is a simplified chart to show the
or resolution action that can be taken to normal process flow, but in reality some of the
restore the service and resolve the problem. states may be iterative or variations may have to be
made in order to handle particular situations.
The KEDB, like the configuration management
system (CMS), forms part of the larger service The key activities within the problem management
knowledge management system (SKMS). process include:
■■ Problem detection There are multiple ways of
Problem model
detecting problems. These can include triggers
Many problems will be unique and will require for reactive and proactive problem
handling in an individual way. However, it is management.
conceivable that some incidents may recur
because of dormant or underlying problems.

Proactive
Service Event Incident problem Supplier or
desk management management management contractor
Problem
detection
Problem
logging
Problem
categorization
Problem
prioritization
Problem
CMS investigation
and diagnosis
Incident Implement Workaround

workaround Yes
management needed?
No
Raise known Known

error record error
if required database
Change RFC Change

Yes
management needed?
No
Problem
resolution
No Resolved?
Yes
• Lessons learned
Problem • Review results
closure Service
knowledge
management
system
Major Major problem

Yes review
problem?
No Continual
service
improvement
End
• Improvement actions
• Communications
Figure 7.4 Problem management process flow

Reactive problem management triggers are: investigation, and the resources invested,
should depend on impact, severity and urgency
●● When an incident is reported to the service
of the problem.
desk and the cause of it is unknown, even
if the incident itself may be resolved by ■■ Workarounds A workaround is a way of
applying a workaround reducing or eliminating the impact of a
●● When a technical support group or a problem, but not fully resolving its cause. If a
supplier or contractor identifies that a workaround has been implemented, the
problem exists problem record should remain open until the
●● When monitoring tools detect an problem has been resolved.
infrastructure failure, which could lead ■■ Raising a known error record When diagnosis
to both an incident and a problem is complete, and particularly when a
being identified workaround has been found, a known error
●● When a problem is discovered as a result of record should be raised and stored in the
proactive problem management. known error database (KEDB) so that further
Proactive problem management triggers are: incidents or problems can be identified and the
●● Analysis of incidents service restored more quickly. Sometimes it may
●● Trending of historical incident records be advantageous to raise a known error record
●● Service improvement activities. earlier in the overall process.
■■ Problem logging All problems must be logged, ■■ Problem resolution Once a root cause has been
and problem records must include all the found and a solution to remove it has been
details needed to manage the problem through developed, the solution should be applied to
its lifecycle, including links to related incidents. resolve the problem. Full resolution of a
■■ Problem categorization Problems are problem usually involves raising a change
categorized to enable analysis and reporting. It request. If the problem is very serious, this may
is advisable to use the same coding system as be an emergency change request. Sometimes it
for incidents. may not be possible to justify the change in a
business case, and a decision may be made to
■■ Problem prioritization Problems should be
leave the problem record open and rely on the
prioritized in the same way and for the same
workaround in the known error record.
reason as incidents. Problem priority should
take into account the frequency and impact of ■■ Problem closure When a final solution has
related incidents. Problem priority is also based been applied, the problem record and related
on the severity of the problem, which is a incident records should be closed. The record
measure of how serious the problem is from an should be checked to ensure that it contains all
infrastructure perspective – e.g. how long it will required information, and the status of related
take to fix or how much it will cost. known error records should be updated.
■■ Problem investigation and diagnosis An ■■ Major problem review A review of every major
investigation diagnoses the root cause of the problem should be conducted to learn lessons
problem. The speed and nature of the for the future. ‘Major problem’ is defined by
the priority system.

7.5.4.5 Interfaces which must be solved to prevent the incident

The interfaces with problem management include: from recurring. Incident management provides
a point where these are reported.
■■ Service level management The occurrence of
■■ The seven-step improvement process The
incidents and problems affects the level of
occurrence of incidents and problems provides
service delivery measured by service level
a basis for identifying opportunities for service
management.
improvement and adding them to the continual
■■ Availability management This is involved with service improvement (CSI) register.
determining how to reduce downtime and
increase uptime. 7.5.5 Access management
■■ Capacity management Some problems will
Access management is the process responsible for
require investigation by capacity management
allowing users to make use of IT services, data or
teams and techniques, e.g. performance issues.
other assets. Access management helps to protect
■■ IT service continuity management Problem the confidentiality, integrity and availability of
management acts as an entry point into IT assets by ensuring that only authorized users are
service continuity management where a able to access or modify the assets. Access
significant problem is not resolved before it management implements the policies of information
starts to have a major impact on the business. security management and is sometimes referred to
■■ Service asset and configuration management as rights management or identity management.
Problem management uses the configuration
management system (CMS) to identify faulty 7.5.5.1 Purpose and objectives
configuration items (CIs) and also to determine
The purpose of access management is to provide
the impact of problems and resolutions.
the right for users to be able to use a service or
■■ Change management Problem management group of services, i.e. the execution of policies and
ensures that all resolutions or workarounds actions defined in information security management.
that require a change to a CI are submitted
through change management. The objectives of the access management process
■■ Release and deployment management This is are to:
responsible for rolling out problem fixes into ■■ Manage access to services based on policies and
the live environment. actions defined in information security
■■ Knowledge management The service management
knowledge management system (SKMS) can ■■ Efficiently respond to requests for granting
be used to form the basis of the known error access to services, changing access rights or
database (KEDB) and hold (or integrate with) restricting access, ensuring that the rights being
the problem records. provided or changed are properly granted
■■ Incident management Incident management ■■ Oversee access to services and ensure that
forms part of the overall process of dealing rights provided are not improperly used.
with problems in the organization. Incidents
are often caused by underlying problems,


7.5.5.3 Basic concepts
(Brigitte’s experience) Access, identity and rights
Brigitte recalls the stay when the shower head Access management is the process that enables
was broken. She was not able to use the shower users to use the services that are documented in
in her room and had to shower in the pool area. the service catalogue. It comprises the following
But the pool area was usually closed at the time basic concepts of access, identity and rights.
when Brigitte needed to shower.
Definitions
Therefore the receptionist helped her with
Access refers to the level and extent of a service’s
getting access to the area:
functionality or data that a user is entitled to use.
■■ She checked the (security) policy to see if she
Identity refers to a unique name that is used to
was allowed to give a guest access to the
identify a user, person or role. The identity is
pool area outside normal openings hours.
used to grant rights to that user, person or role.
■■ Then she identified Brigitte’s card key in the
hotel’s database. Examples of identities might be the username
■■ With that information she used the card key SmithJ or the role ‘change manager’.
system to grant Brigitte the rights to enter
the pool area outside normal opening hours. Definition
■■ And finally she filed a note about what she Rights (also called privileges) are the entitlements,
had done to ensure that Brigitte’s card key or permissions, granted to a user or role – for
rights would be returned to normal when example, the right to modify particular data, or
the shower head was fixed. to authorize a change.
7.5.5.2 Scope Typical rights, or levels of access, are: read, write,

Access management is effectively the execution of execute, change and delete.
the policies in information security management,
in that it enables the organization to manage the 7.6 Functions
confidentiality, availability and integrity of the
organization’s data and intellectual property.
7.6.1 Service desk
Access management ensures that users are given
the right to use a service, but it does not ensure 7.6.1.1 Role
that this access is available at all agreed times – A service desk is a functional unit made up of a
this is provided by availability management. dedicated number of staff responsible for dealing
with a variety of service activities, usually made via
Access management can be initiated by a
telephone calls or web interface, or automatically
service request.
reported infrastructure events.

The service desk is a vitally important part of an ■■ Logging all relevant incident and service
IT organization and should be the single point request details, and allocating categorization
of contact for IT users on a day-by-day basis. It and prioritization codes
not only handles incidents, escalates incidents ■■ Providing first-line investigation and diagnosis
to problem management staff, manages service ■■ Resolving incidents and service requests when
requests and answers questions; it may also provide first contacted whenever possible
an interface for other activities such as customer ■■ Escalating incidents and service requests that
change requests, maintenance contracts, software they cannot resolve within agreed timescales
licences, service level management, service asset
■■ Keeping users informed of progress
and configuration management, availability
■■ Closing all resolved incidents, requests and
management, financial management for IT
other calls
services, and IT service continuity management.
■■ Conducting customer/user satisfaction call-
A good service desk can compensate for backs/surveys
deficiencies elsewhere in the IT organization, but ■■ Communication with users
a poor service desk can give a poor impression
■■ Updating the configuration management
of an otherwise very effective IT organization.
system (CMS) if so agreed.
The exact nature, size, type and location of a
service desk will vary, depending upon the type of 7.6.1.3 Organizational structures
business, number of users, geography, complexity There are many ways of structuring service desks
of calls, scope of services, and many other factors. and locating them. The main options are:
7.6.1.2 Objectives ■■ Local service desk

■■ Centralized service desk
The primary objective of the service desk is to
provide a single point of contact (SPOC) between ■■ Virtual service desk
the services being provided and the users. Service ■■ Follow-the-sun.
desk staff execute the incident management In reality, an organization may have to implement
and request fulfilment processes to restore the a structure that combines a number of these
normal-state service operation to the users as options in order to fully meet the business needs.
quickly as possible. In this context ‘restoration
of service’ is meant in the widest possible sense. Local service desk
While this could be fixing a technical fault, it This is where a service desk is co-located within or
could equally involve fulfilling a service request or physically close to the user community it serves
answering a query – anything that is needed to (see Figure 7.5).
allow users to return to working satisfactorily.
A local service desk often aids communication and
Specific responsibilities of the service desk are: gives a clearly visible presence, and can support
local language, cultural differences, different time
zones or specialized groups or users. However, it
can often be inefficient and expensive to resource,

as local staff are tied up waiting to deal with Centralized service desks can be more efficient
incidents and service requests when the volume and cost-effective, allowing fewer overall
and arrival rate of calls may not justify this. staff to deal with a higher volume of calls. It
might still be necessary to maintain some form
Centralized service desk of local presence to handle physical support
It is possible to reduce the number of service desks requirements, but such staff can be controlled
by merging them into a single location or a smaller and deployed from the central desk.
number of locations by drawing the staff into one or
more centralized service desk structures (Figure 7.6).
User User User User
Customer site
Service desk
Technical Application IT operations Third-party Request

management management management support fulfilment
Figure 7.5 Local service desk

User User User User User User User User User User User User
Customer site 1 Customer site 2 Customer site 3
Service desk
Technical Application IT operations Third-party Request

management management management support fulfilment
Figure 7.6 Centralized service desk
Virtual service desk Follow-the-sun

Through the use of technology, particularly the Some global or international organizations
internet, and the use of corporate support tools, may wish to combine two or more of their
it is possible to give the impression of a single, geographically dispersed service desks to provide
centralized service desk when in fact the personnel a 24-hour follow-the-sun service. For example,
may be spread or located in any number or types of a service desk in the Asia-Pacific region may
geographical or structural locations (see Figure 7.7). deal with calls during its standard office hours,
and at the end of this period it may hand over
Virtual service desks bring in the option of
responsibility for any open incidents to a European-
home working, secondary support groups, off-
based desk. This kind of arrangement can give
shoring or outsourcing, or any combination
24-hour coverage at relatively low cost, as no desk
necessary to meet user demand.
has to work more than a single shift. However,

San Francisco
service desk
Paris Rio de
service desk Janeiro
service desk
Virtual
service desk
Sydney
service desk
Beijing
service desk
Service
knowledge
management
system
London
service desk
Figure 7.7 Virtual service desk
common processes, tools, shared databases of ■■ It is the custodian of technical knowledge and
information and culture must be addressed for expertise related to managing the IT infrastructure.
this approach to succeed – and well-controlled In this role technical management ensures that
escalation and handover procedures are needed. the knowledge required to design, test,
manage and improve IT services is identified,
7.6.2 Technical management developed and refined.
■■ It provides the actual resources to support the
7.6.2.1 Role service lifecycle. In this role technical management
Technical management refers to the groups, ensures that resources are effectively trained
departments or teams that provide technical expertise and deployed to design, build, transition,
and management of the IT infrastructure. Technical operate and improve the technology required
management plays a dual role: to deliver and support IT services.

An additional, but very important role played by ●● Backup and restore

technical management is to provide guidance to ●● Print and output management
IT operations about how best to carry out the ●● Maintenance activities.
ongoing operational management of technology. ■■ Facilities management Manages the physical IT
environment – typically a data centre or
7.6.2.2 Objectives computer rooms and recovery sites together
The objectives of technical management are to help with power and cooling equipment.
plan, implement and maintain a stable technical As with many IT service management processes
infrastructure to support the organization’s business and functions, IT operations management plays a
processes through: dual role:
■■ Well-designed and highly resilient, cost- ■■ It is responsible for executing the activities and
effective technical topology performance standards defined during service
■■ The use of adequate technical skills to maintain design and tested during service transition.
the technical infrastructure in optimum ■■ In addition IT operations is part of the process
condition of adding value to the different lines of
■■ Swift use of technical skills to speedily diagnose business and supporting the value network.
and resolve any technical failures that occur.
7.6.3.2 Objectives
7.6.3 IT operations management The objectives of IT operations management include:
■■ Achieving the stability of an organization’s day-
7.6.3.1 Role
to-day processes and activities
IT operations management is responsible for
■■ Implementing regular improvements to achieve
performing the day-to-day operational activities
better service at reduced costs, while
required to manage and maintain the IT infrastructure
maintaining stability
and deliver the agreed level of IT services to
■■ Swift application of operational skills to diagnose
the business.
and resolve any IT operations failures that occur.
The role of IT operations management is to execute
the ongoing activities and procedures required to 7.6.4 Application management
manage and maintain the IT infrastructure. These
activities include: 7.6.4.1 Role
■■ IT operations control Oversees the execution Application management is responsible for
and monitoring of the operational activities managing applications throughout their lifecycle.
and events in the IT infrastructure. In addition, This differs from application development,
IT operations control also performs the as application management covers the entire
following specific tasks: ongoing lifecycle of an application, including
●● Console management requirements, design, build, deploy, operate and
●● Job scheduling

Table 7.1 Application development versus application management

Application development Application management
Nature of activities One-time set of activities to design and Ongoing set of activities to oversee and
construct application solutions manage applications throughout their
entire lifecycle
Scope of activities Performed mostly for applications Performed for all applications, whether
developed in house purchased from third parties or developed
in house
Primary focus Utility focus Both utility and warranty focus
Building functionality for the customer What the functionality is as well as how to
deliver it
What the application does is more important
than how it is operated Manageability aspects of the application, i.e.
how to ensure stability and performance of
the application
Management mode Most development work is done in projects Most work is done as part of repeatable,
where the focus is on delivering specific units ongoing processes. A relatively small number of
of work to specification, on time and people work in projects
within budget
This means that it is very difficult for
This means that it is often difficult for operational staff to get involved in
developers to understand and build for development projects, as that takes them away
ongoing operations, especially because they from their ongoing operational responsibilities
are not available for support of the
application once they have moved on to the
next project
Measurement Staff are typically rewarded for creativity and Staff are typically rewarded for consistency and
for completing one project so that they can for preventing unexpected events and
move on to the next project unauthorized functionality (e.g. ‘bells and
whistles’ added by developers)
Cost Development projects are relatively easy to Ongoing management costs are often mixed in
quantify because the resources are known with the costs of other IT services because
and it is easy to link their expenses to a resources are often shared across multiple IT
specific application or IT service services and applications
Lifecycles Development staff focus on software Staff involved in ongoing management typically
development lifecycles, which highlight the only control one or two stages of these
dependencies for successful operation, but do lifecycles – operation and improvement
not assign accountability for these

optimize. Application development is mainly ■■ It provides guidance to IT operations about

concerned with the one-time activities for how best to carry out the ongoing operational
requirements, design and build of applications. management of applications.
Application management may be involved ■■ It integrates the application management
in development projects, but application lifecycle into the service lifecycle.
management staff are not usually the same 7.6.4.2 Objectives
as the application development teams. Each
The objectives of application management are to
team manages its own environment in its own
support the organization’s business processes by
way and each has a separate interface to the
helping to identify functional and manageability
business. This is illustrated in Table 7.1.
requirements for application software, and then
Application management has several roles: to assist in the design and deployment of those
■■ It is the custodian of technical knowledge and applications and to provide ongoing support
expertise related to managing applications. In and improvement of those applications.
this role application management, working These objectives are achieved through:
together with technical management, ensures
■■ Applications that are well-designed, resilient
that the knowledge required to design, test,
and cost-effective
manage and improve IT services is identified,
developed and refined. ■■ Ensuring that the required functionality is available
to achieve the required business outcome
■■ It provides the actual resources to support the
service lifecycle. In this role application ■■ Ensuring the organization of adequate
management ensures that resources are technical skills to maintain operational
effectively trained and deployed to design, build, applications in optimum condition
transition, operate and improve the technology ■■ Swift use of technical skills to speedily diagnose
required to deliver and support IT services. and resolve any technical failures that occur.

Swift use of Purpose

application skills
Access Objectives
Adequate skills management
Objectives
Scope As defined by the security policies
Ensure required
functionality
Access
Well-designed
applications Basic concepts Identity
Application development Applications Rights

versus application management management
Purpose
Guidance to
IT operations Role Problem Objectives
Provides resources management
Custodian of Scope Unknown root causes
application
knowledge Problem model
Resolution
Basic concepts
Swift application Known error Known error database
of skills
Problem
Regular Objectives
improvement Reactive problem management
IT operations Process activities
Stability
management Proactive problem management
Facilities management
Interfaces
Role Processes
Operations control Purpose
Adequate technical skills Request Objectives

fulfilment
Well-designed Scope Service request as defined by the organization
Objectives
infrastructure
Functions
Swift use of Basic concepts Service request
technical skills Technical Service
management operation Purpose
Provides resources Incident
Role Objectives
management
Custodian of technical
Scope Disruptive events
knowledge
Logging incidents and Incident model

service requests Target resolution time
First-line investigation Prioritization
Basic concepts Urgency
and diagnosis Priority
Objectives Workaround
Resolving incidents and Impact
service requests
Escalating incidents and Incident Major incident
Process activities
service requests
Service desk
Single point of contact Role Interfaces
Follow-the-sun Purpose
Virtual service desk Reduced unplanned Objectives

Organizational
structures labour and cost Cls
Centralized service Reduced service outages
desk Event Environment
Business management
Local service Improved services
value Scope Licences
desk
Agreed levels of service
Security
Quick access to standard services
Key Communication Normal activity
People principles
Alert
Technology and infrastructure Basic concepts
Scope Event
Processes Business satisfaction
All aspects of the end-to-end service Confidence in IT

Objectives
Deliver agreed service levels Purpose Minimize impact of service outages
Restrict access to IT services


7.7 Sample questions c To restore service as quickly as possible

and minimize the adverse impact on
1 Which of the following is the PRIMARY
business operations
objective of service operation?
d To provide a workaround on all problems
a To ensure that the services are designed to
meet the stated business objectives and 4 In which of the following circumstances should
that the four Ps have been considered an incident be generated following an event
notification?
b To ensure that the service can be used in
accordance with the requirements and a An incident should always be raised
constraints specified within the service following an event
requirements b An incident should never be raised
c To carry out activities and processes following an event
required to deliver and manage services c An incident should be raised following
at agreed levels an alert
d To manage the technology that is used to d An incident should be raised when there
deliver and support the services has been a disruption to service
2 Which roles within the organization will take 5 Which of the following is NOT a valid type
responsibility for carrying out the activities of service desk described within ITIL service
within the incident management process? operation?
1 The incident management process owner a Local service desk
2 The service desk b Centralized service desk
3 Technical management c Technical service desk
4 Application management d Virtual service desk
a 1 only 6 When an incident is logged the service desk
b 2 only should give it a priority rating. What is this
based on?
c 2, 3 and 4 only
a The speed with which it can be resolved
d 1 and 2 only
b Its impact on business operation and
3 Which of the following is the PRIMARY
its urgency
purpose of problem management?
c The customer’s perception of priority
a To understand the root cause of one or
more incidents and identify a fix d Whether there is a problem record related
to it
b To manage major incidents


Continual service
improvement 8
17/02/2012 11:59
| 141
8 Continual service improvement
Continual service improvement is responsible for ■■ To ensure that processes continually reflect
managing improvements to services and service the changing requirements of the guests and
assets to align these with changing business the hotel infrastructure, a quality
needs. The performance of the service provider is management system has been established.
continually measured, and improvements are made This quality management system also aims at
to services, capabilities and resources in order to improving the effectiveness and efficiency of
increase efficiency, effectiveness and the processes.
cost effectiveness.
■■ The form that Brigitte has just filled in is part
of that quality system. The purpose is to
measure and, if needed, adjust the
effectiveness of the processes. For example,
On the desk in Brigitte’s room the hotel staff the cleaning procedures have just been
always leave a guest satisfaction form. The form improved because of general dissatisfaction
contains statements like ‘The room is clean’ and with the cleaning standard. The forms have
she is asked to state to what degree she agrees. been handed out to the guests before and
Brigitte is an auditor in the pharmaceutical after the change, to measure and control
industry, so for professional reasons she is rather that the cleaning quality has improved
curious to get insight into the quality management satisfactorily.
practices of the hotel. Brigitte asks the receptionist ■■ After the forms have been collected they are
at the front desk. Fortunately, as there are no analysed. The results are presented to the
other guests in the reception area there is time management, who decide whether anything
for a deeper conversation and the following has to be changed. The result is presented to
points emerge: the hotel cleaners; it is hoped that the
■■ The hotel is working with formally defined opinion of the guests will convince them that
processes and procedures. The processes the change in the way they are working was
ensure that the hotel meets (or exceeds) the a good idea (there was some resistance when
quality expectations of the guests in an the new process was introduced).
efficient manner.

142 | Continual service improvement
■■ Identify and implement activities to improve IT

The receptionist continues to explain that before
service quality and improve the efficiency and
the hotel launched its conference services she
effectiveness of the enabling processes
attended a meeting where staff discussed
whether the quality management system was to ■■ Improve the cost effectiveness of delivering
be improved to support the new conference IT services without sacrificing customer
services. Among other issues, they evaluated satisfaction
whether the system would be able to identify the ■■ Ensure that applicable quality management
needs for improvement activities such as: methods are used to support continual
improvement activities
■■ Enhancing the booking process ■■ Understand what to measure, why it is being
■■ Developing the training programme for new measured and what the successful outcome
staff members should be.
■■ Renovating conference facilities after a
couple of years.
8.2 Scope
Because it turned out that the system at the time
Continual service improvement covers:
wasn’t able to capture important future quality
issues, the staff agreed to improve the quality ■■ The overall health of IT service management as
management system before launching the a discipline
conference services. ■■ The continual alignment of the service portfolio
with current and future business needs
■■ The maturity and capability of the
8.1 Purpose and objectives organization, management, processes and
The purpose of the continual service improvement people utilized by the services
(CSI) stage is to align IT services with changing ■■ Continual improvement of all aspects of the IT
business needs by identifying and implementing services and the service assets that support them.
improvements to IT services that support business
Only one process is within the scope of
processes. These improvement activities support
continual service improvement: the seven-step
the lifecycle approach through service strategy,
improvement process.
service design, service transition and service
operation. Continual service improvement is always
seeking ways to improve service effectiveness, 8.3 Business value
process effectiveness and cost effectiveness. Adopting and implementing consistent approaches
The main objectives of continual service for continual service improvement will:
improvement are to: ■■ Lead to a gradual and continual improvement
■■ Review, analyse and make recommendations on in service quality, where justified
improvement opportunities in each lifecycle stage ■■ Ensure that IT services remain continuously
■■ Review and analyse service-level aligned to business requirements
achievement results

Continual service improvement | 143
■■ Result in gradual improvements in cost the Deming Cycle is steady, ongoing improvement.
effectiveness through a reduction in costs and/ It is a fundamental tenet of continual service
or the capability to handle more work at the improvement (CSI).
same cost
■■ Use monitoring and reporting to identify 8.4.1.1 Plan
opportunities for improvement in all lifecycle Establish goals for improvement (including gap
stages and in all processes. analysis), define action steps to close the gap, and
establish and implement measures to ensure that
8.4 Key principles the gap has been closed and benefits achieved.
8.4.1 Deming Cycle 8.4.1.2 Do

W. Edwards Deming is best known for proposing Develop and implement a project or initiative to
the Deming Cycle for quality improvement. The four close the gap (e.g. implementation or improvement of
key stages of the cycle are Plan, Do, Check, Act processes and establishing the smooth operation of
(PDCA) as illustrated in Figure 8.1. Our goal in using the process).
Maturity level
Do
Plan
Check
Act nt
veme
impro
ality
Qu
Consolidation of the
level reached
(baseline)
Timescale
Figure 8.1 Plan-Do-Check-Act cycle

8.4.1.3 Check improvement. Project decisions at this stage are

Compare the implemented environment with the input for the next round of the lifecycle,
the measures of success established in the plan closing the loop as input to the plan phase.
phase. The comparison determines if a gap still
exists between the improvement objectives of the 8.4.2 The continual service improvement
process and the operational process state. Gaps approach
don’t necessarily require closure. A gap may be Figure 8.2 shows an overall approach to CSI and
considered tolerable if the actual performance illustrates a continual cycle of improvement based
is within allowable limits of performance. on the Deming Cycle.
This approach to improvement can be summarized
8.4.1.4 Act
as follows:
Determine whether further work is required
to close remaining gaps, and allocate resources ■■ Embrace the vision by understanding the high-
necessary to support another round of level business objectives. The vision should
align the business and IT strategies.
Business vision,
What is the vision? mission, goals and
objectives
Baseline
Where are we now?
assessments
How do we keep the Where do we want Measurable

momentum going? to be? targets
Service and process

How do we get there?
improvement
Measurements and
Did we get there? metrics
Figure 8.2 Continual service improvement approach

■■ Assess the current situation to obtain an 8.4.3 Measurement

accurate, unbiased snapshot of where the
organization is right now. This baseline 8.4.3.1 Vision to measurements
assessment is an analysis of the current position Metrics define what is to be measured. Metrics are
in terms of the business, organization, people, usually specialized by the subject area, in which
process and technology. case they are valid only within a certain domain
■■ Understand and agree on the priorities for and cannot be directly benchmarked or interpreted
improvement based on a deeper development outside it. Generic metrics, however, can be
of the principles defined in the vision. The full aggregated across subject areas or business units
vision may be years away but this step provides of an enterprise. Figure 8.3 shows the full hierarchy
specific goals and a manageable timeframe. from the business vision through to measurements.
■■ Detail the CSI plan to achieve higher-quality A vision is a description of what an organization
service provision by implementing or improving intends to become in the future.
IT service management processes.
■■ Verify that measurements and metrics are in The mission statement of an organization is a short
place and that the milestones were achieved, but complete description of the overall purpose
process compliance is high, and business and intentions of that organization. It states what
objectives and priorities were met by the level is to be achieved, but not how this should be done.
of service. A goal is a means to help us to decide on a course
■■ Finally, the approach should ensure that the of action.
momentum for quality improvement is
The objective is the defined purpose or aim of a
maintained by assuring that changes become
process, an activity or an organization as a whole.
embedded in the organization.
Objectives are usually expressed as measurable targets.
The business needs to be involved with continual
A critical success factor (CSF) is something that must
service improvement in decision-making on what
happen if a process, project, plan or service is to
improvement initiatives make sense and add the
succeed. It is recommended that a service or process
greatest value back to the business. There are some
has no more than two to five CSFs associated with it
key questions that will assist the business in making
at any given time.
decisions about whether a CSI initiative is warranted
or not: A key performance indicator (KPI) is a metric
that is used to help manage a process, service or
■■ What is the vision?
activity. Many metrics may be measured, but only
■■ Where are we now? the most important of these are defined as KPIs
■■ Where do we want to be? and used actively to manage and report on the
■■ How do we get there? process, service or activity. KPIs are used to measure
■■ Did we get there? the achievement of each CSF. For example, a CSF
of ‘protect IT services when making changes’

Vision
Mission
Goals
Objectives
CSF
KPI
Metrics
Measurements
Figure 8.3 From vision to measurements
could be measured by KPIs such as ‘percentage

reduction of unsuccessful changes’, ‘percentage
reduction in changes causing incidents’ etc.
When the hotel grew from a small family-run
It is recommended that no more than two to five hotel to a larger hotel, the owner realized that he
KPIs are defined per CSF at any given time. Based on was losing his close relationship with all the hotel
what is important to the business and IT management, guests and employees, and he no longer knew
the KPIs may change over a period of time. enough about their needs and opinions to make
A metric is something that is measured and reported the right decisions.
to help manage a process, service or activity. In As a result the owner started to ask for information
general, a metric is a scale of measurement defined such as: ‘I want a weekly report on the number of
in terms of a standard, i.e. in terms of a well- guests we have had and how many nights they
defined unit. stayed.’ More and more reports were made until
one day he realized that the hotel was spending a
considerable amount of time making reports that
were seldom or never used.

He decided to take a more structured approach

8.4.3.3 Types of metrics
to reporting: It is important to remember that there are three
types of metrics that an organization will need to
■■ First he identified the ideal subjects to measure collect to support CSI activities.
and report on. The list was quite long.
■■ Then he identified subjects to be measured Technology metrics
from a practical point of view: what could be These metrics are often associated with component-
measured without too much work. Not all based and application-based metrics, such as
measurements were equally important. Some performance, availability etc.
subjects required constant measuring, e.g.
the number of guests/nights. Other subjects Process metrics
would be measured from time to time, for These metrics are captured in the form of critical
example the guest satisfaction with cleaning success factors (CSFs), key performance indicators
– this was measured before and after (KPIs) and activity metrics for the service
changes in the cleaning standard and in one management processes. These metrics can help to
week every year (chosen randomly). determine the overall health of a process. Four key
■■ Then it was just hard work, collecting the questions that KPIs can help to answer concern
data, analysing it and acting on the outcome quality, performance, value and compliance in
of the analysis. following the process. Continual service improvement
■■ Once every six months the owner evaluates uses these metrics as input in identifying
whether the most beneficial subjects are improvement opportunities for each process.
measured; if they are not, he sets up a new Service metrics
report and measurement requirement.
These metrics are the results of the end-to-end
service. Component metrics can be used to compute
8.4.3.2 Baselines
the service metrics.
An important starting point for highlighting
improvement is to establish baselines as markers or
starting points for later comparison. Baselines are 8.5 Processes
also used to establish an initial data point to determine The ITIL Foundation syllabus covers one continual
whether a service or process needs to be improved. service improvement process: the seven-step
If a baseline is not initially established, the first improvement process.
measurement efforts will become the baseline. This
is why it is essential to collect data at the outset, 8.5.1 The seven-step improvement process
even if the integrity of the data is in question. It is This process is responsible for defining and
better to have data to question than to have no managing the steps needed to identify, define,
data at all. gather, process, analyse, present and implement
improvements. The performance of the IT
service provider is continually measured by

this process, and improvements are made to It also includes making best use of the technology
processes, IT services and IT infrastructure in that the organization has and looks to exploit
order to increase efficiency and effectiveness. new technology as it becomes available where
there is a business case for doing so.
8.5.1.1 Purpose and objectives Also within the scope are the organizational structure,
The purpose of the seven-step improvement process the capabilities of the personnel, and asking whether
is to define and manage the steps needed to people are working in appropriate functions and
identify, define, gather, process, analyse, present roles, and if they have the required skills.
and implement improvements.
The objectives of the seven-step improvement 8.5.1.3 Basic concepts
process are to: The CSI register
■■ Identify opportunities for improving services, It is likely that several initiatives or possibilities for
processes, tools etc. improvement will be identified. It is recommended
■■ Reduce the cost of providing services and that a continual service improvement (CSI) register
ensure that IT services enable the required is kept to record all the improvement opportunities.
business outcomes to be achieved. The CSI register provides a coordinated, consistent
■■ Identify what needs to be measured, analysed view of the potentially numerous improvement
and reported to establish improvement activities. Each activity should be categorized into
opportunities. small, medium or large undertakings as well as
initiatives that can be achieved quickly, or in the
■■ Continually review service achievements to
medium term or longer term.
ensure that they remain matched to business
requirements, and continually align and
Definition
re-align service provision with outcome
requirements. A continual service improvement (CSI) register is
a database or structured document used to
■■ Understand what to measure, why it is
record and manage improvement opportunities
being measured and carefully define the
throughout their lifecycle.
successful outcome.
8.5.1.2 Scope It is important to define the interface from the

CSI register of initiatives to strategic initiatives
The seven-step improvement process includes
and to processes such as problem management,
analysis of the performance and capabilities of
capacity management and change management.
services, processes throughout the lifecycle,
partners and technology.
It includes the continual alignment of the portfolio
The key activities within the seven-step improvement
of IT services with the current and future business
process (as illustrated in Figure 8.4) are:
needs as well as the maturity of the enabling IT
processes for each service.

■■ Identify the strategy for improvement Identify CSI can conduct a gap analysis to identify the
the overall vision, business need, the strategy opportunities for improvement as well as
and the tactical and operational goals. answering the question ‘How do we get there?’
■■ Define what you will measure Service strategy ■■ Gather the data In order to properly answer
and service design should have identified this the question ‘Did we get there?’, data must
information early in the lifecycle. Continual first be gathered. Data can be gathered from
service improvement (CSI) can then start its many different sources based on goals and
cycle all over again at ‘Where are we now?’ objectives identified. At this point the data is
and ‘Where do we want to be?’ This identifies raw and no conclusions are drawn.
the ideal situation for both the business and IT.
Wisdom 1. Identify the strategy for 2. Define what you will Data
improvement measure
• Vision
• Business need
• Strategy
• Tactical goals Apply
• Operational goals
PLAN
7. Implement improvement 3. Gather the data
• Who? How? When?
• Criteria to evaluate
integrity of data
• Operational goals
• Service measurement
ACT DO
6. Present and use the

information
• Assessment summary
• Action plans
• Etc.
CHECK
5. Analyse the information 4. Process the data

and data • Frequency?
• Trends? • Format?
• Targets? • Tools and systems?
• Improvements required? • Accuracy?
Knowledge Information
Figure 8.4 The seven-step improvement process

■■ Process the data Here the data is processed in Figure 8.4 also shows how the cycle fits into the
alignment with the critical success factors (CSFs) Data-to-Information-to-Knowledge-to-Wisdom
and key performance indicators (KPIs) specified. (DIKW) structure of knowledge management. The
This means that timeframes are coordinated, integration of the Plan-Do-Check-Act (PDCA) cycle
unaligned data is rationalized and made and the seven-step improvement process is
consistent, and gaps in the data are identified. as follows:
Once we have rationalized the data we can
■■ Plan
begin analysis.
●● Identify the strategy for improvement
■■ Analyse the information and data As we bring
●● Define what you will measure
the data more and more into context, it evolves
■■ Do
from raw data into information with which we
●● Gather the data
can start to answer questions about who, what,
●● Process the data
when, where and how as well as trends and the
■■ Check
impact on the business.
●● Analyse the information and data
■■ Present and use the information Here the
●● Present and use the information
answer to ‘Did we get there?’ is formatted and
■■ Act
communicated in whatever way necessary to
present to the various stakeholders an accurate ●● Implement improvement.
picture of the results of the improvement While these seven steps appear to form a circular
efforts. Knowledge is presented to the business set of activities, in fact they constitute a knowledge
in a form and manner that reflects their needs spiral. In practice, knowledge gathered and wisdom
and assists them in determining the next steps. derived from the knowledge at one level of the
■■ Implement improvement The knowledge organization becomes a data input to the next.
gained is used to optimize, improve and correct
services and processes. Issues have been
identified and now solutions are implemented
– wisdom is applied to the knowledge.
Following this step, the organization establishes
a new baseline and the cycle begins anew.

Purpose
Objectives
Portfolio of services
Scope
Processes, partners,
people, products The seven-step
Processes
improvement process
CSI register Service metrics
Basic concepts
Types of metrics Process metrics
Process activities
Measurement Technology metrics
Baselines
Cost effectiveness
Measurements
Business
Services aligned with
value Metrics
business requirements
Improved service quality Key performance indicators
Critical success factors

Service management as a discipline Vision to
measurements Objectives
The portfolio of services Scope
Goals
Enabling service assets
Mission
Understand what to measure Vision
Ensure use of quality Continual service Key

management methods improvement principles How do we keep the momentum going?
Improve cost effectiveness Did we get there?
Continual How do we get there?

Implement improvement activities Objectives service
improvement Where do we want to be?
Review and analyse service approach
level achievements Where are we now?
Review, analyse and
What is the vision?
recommend improvements
Act
Check
Align and realign services to business needs Purpose Deming
Cycle
Do
Plan

8.6 Sample questions 3 In the continual service improvement

approach, once all the measurements and
1 What is contained within the ‘Do’ stage of the
metrics have been collated to confirm that the
Deming Cycle?
desired end result has been achieved, what
a A gap analysis is performed and the steps activity should then take place?
for closing the gaps defined
a In order to close off the improvement
b The actual implementation of the activity a confirmation of achievement of
improvement initiative, and establishment the business case should follow
of the smooth operation of the process
b Capture the baseline assessments so that
c Implementing the service or process they can be used for later comparison
improvements and establishing whether
c Agree what needs to occur to ensure that
further work is necessary to close any
the momentum for quality improvement is
remaining gaps
maintained
d Monitoring, measuring and reviewing the
d Understand the high-level business
services and service management processes
objectives to ensure that the vision has
that were targeted for improvement
been captured
2 When using the seven-step improvement
4 Which of the following is NOT a type of metric
process, which of the following pieces of
which can be used to support continual service
information is useful when determining the
improvement activities?
strategy for improvement?
a Service metrics
1 Organizational vision
b Technology metrics
2 Incident management data
c Process metrics
3 Problem management data
d Critical success factor (CSF) metrics
4 Strategy of the organization
5 What is the MAIN purpose of the CSI register?
a 1 and 4 only
a To capture a baseline for future
b 2 and 3 only
opportunities
c None of the above
b To record all key performance indicators for
d All of the above each process
c To give visibility to, and to record all
improvement opportunities
d To log all changes resulting from service
improvement initiatives

Service management

technology 9
17/02/2012 11:59
| 155
9 Service management technology
Technology plays a major role in service management,

To support the development and management of
and mechanisms for maintaining and maximizing
new or changed services, the hotel has a tool for
benefit from that technology must be in place.
release management of the restaurant menu and
a tool for release management of new work
instructions. To make sure that changes actually
work, the hotel also has a tool for managing
Over time the hotel has acquired and developed requirements and testing new equipment.
a number of tools and technologies to support its Especially in the new conference centre, video
daily service processes: equipment, wireless internet connection, pens
■■ The bell and coffee machines have to be tested often.
■■ Internet booking
■■ An asset register
9.1 Use of technology
■■ An invoicing system.
Service management technology enables
In addition, it has systems that help staff to monitor
communication between service providers and
and report on the performance of the hotel:
customers. There are five modes in which
■■ A monthly report on occupancy rates technology interacts with a service provider’s
■■ A customer satisfaction survey system. customers (see Figure 9.1):
For the more physical management and control, ■■ Technology-free Technology is not involved in
the hotel has established monitoring and the service provision.
automation systems such as: ■■ Technology-assisted Only the service provider
has access to the technology.
■■ A heat-monitoring system
■■ Technology-facilitated Both the service
■■ Automated control of curtains to protect the
provider and the customer have access to the
rooms from sunshine
same technology.
■■ An inter-TV system
■■ Technology-mediated The service provider and
■■ Video-monitoring of the luggage room
the customer are not in physical proximity.
■■ A security log.
■■ Technology-generated The service provider is
represented entirely by technology, commonly
known as self-service.

156 | Service management technology
Technology Technology Technology
Service Service Service

Customer Customer provider Customer provider
provider
Technology-free Technology-assisted Technology-facilitated
Technology Technology
Service Service
Customer provider Customer
provider
Technology-generated
Technology-mediated
(self-service)
Figure 9.1 Five modes of interaction using service technology
9.2 Service automation require computing power that is beyond the

capacity of human agents.
Automation should be considered to improve
■■ Automation is a means of capturing the
the utility and warranty of services.
knowledge required for a service process.
9.2.1 Reasons for automation The following are some of the areas where service
Automation may offer advantages in many management can benefit from automation:
areas of opportunity, including the following: ■■ Design and modelling
■■ The capacity of automated resources can be ■■ Service catalogue
more easily adjusted in response to variations in ■■ Pattern recognition and analysis
demand volumes. ■■ Classification, prioritization and routing
■■ Automated resources can handle capacity with ■■ Detection and monitoring
fewer restrictions on time of access. ■■ Optimization.
■■ Automated systems present a good basis for
measuring and improving service processes by 9.2.2 Preparing for automation
holding constant the factor of human resources. Applying automation randomly can create more
■■ Many optimization problems, such as problems or worsen existing ones. The following
scheduling, routing and allocation of resources, guidelines should be applied:

Service management technology | 157
■■ Simplify the service processes before With service analytics, not only can an operations
automating them. group do a better job of identifying and correcting
■■ Clarify the flow of activities, allocation of tasks, problems from the user’s standpoint, but it can also
need for information, and interactions. predict the impact of changes to the environment.
■■ In self-service situations, reduce the amount of This same model can be turned around to show
contact that users have with the underlying business demand for IT services. This is a high
systems and processes. leverage point when building a dynamic
■■ Do not be in a hurry to automate tasks and provisioning or on-demand environment.
interactions that are neither simple nor routine
in terms of inputs, resources and outcomes. 9.4 Sample questions
1 Which of the following are advantages
9.3 Service analytics of automation?
Information is static. It only becomes knowledge 1 The capacity of automated resources can
when placed in the context of patterns and their be more easily adjusted
implications. Those patterns give a high level of
2 Automation presents a good basis for
predictability and reliability on how the data will
measuring and improving service processes
change over time. By understanding patterns of
information, we can answer ‘How?’ questions such as: 3 Many activities require computing power
that is beyond the power of human agents
■■ How does this incident affect the service?
■■ How is the business impacted? 4 Automation can be a means for capturing
■■ How do we respond? the knowledge required for a service process
This is service analytics. a 1 and 2 only
Service analytics is useful for modelling existing b 1, 2 and 3 only

infrastructure components and support services to c 3 and 4 only
the higher-level business services. Infrastructure
events are then tied to corresponding business d All of the above
processes. The component-to-system-to-process 2 When the customer is supported by technology
linkage – also known as the service model – allows alone from its service provider, this is known
us to clearly identify the business impact of an event. as what?
Instead of responding to discrete events, managers a Discovery technology
can characterize the behaviour of a service. This
b Remote support
behaviour is then compared with a baseline of
the normal behaviour for that time of day or c Self-service
business cycle. d Diagnostic utilities

158 | Service management technology
Service analytics Take time
Reduce the contact from end-users

Preparing to underlying systems
Technology-free
Clarify the flow of activities
Technology-assisted
Simplify service processes
Service
Technology-facilitated Use management Automation
technology
Technology-mediated
Means for capturing knowledge
Technology-generated
Computer power
Reasons Good basis for measuring and improving
Fewer restrictions on time and access
Easier to respond to variations in demand
Design and modelling
Service catalogue
Pattern recognition and analysis

Benefit
areas
Classification, prioritization and routeing
Detection and monitoring
Figure 9.2 Overview of Chapter 9 Optimization

together 10
How it all fits
17/02/2012 11:59
| 161
10 How it all fits together
Each lifecycle stage is dependent on input from and who is not a player, position themselves to support
provides output to the other stages in the lifecycle. the goal of the team. Each player and team member
has a different specialization that contributes to the
whole. The team matures over time, taking into
10.1 Integration across the
account feedback from experience, best practice,
service lifecycle current process and procedures to become an agile
Stages of the lifecycle work together as an integrated high-performing team.
system to support the ultimate objective of service Specialization and coordination are necessary in
management for business value realization. Every the lifecycle approach. Specialization allows for
stage is interdependent as shown in Figure 10.1. expert focus on components of the service, but
The service knowledge management system (SKMS) components of the service also need to work
enables integration across the service lifecycle together for value. Specialization combined with
stages. It provides secure and controlled access to coordination helps to manage expertise, improve
the knowledge, information and data that are focus and reduce overlaps and gaps in processes.
needed to manage and deliver services. The service Specialization and coordination together help to
portfolio represents all the assets presently engaged create a collaborative and agile organizational
or being released in various stages of the lifecycle. architecture that maximizes utilization of assets.
Figure 10.1 gives a good overview of the links, Coordination across the lifecycle creates an
inputs and outputs involved at each stage of the environment focused on business and customer
service lifecycle. It illustrates the key outputs outcomes instead of just IT objectives and projects.
produced by each stage, which are used as inputs Coordination is also essential between functional
by the subsequent stages. groups, across the value network, and between
processes and technology.
10.2 Specialization and
coordination 10.3 Monitoring and control
Organizations need a collaborative approach Each activity in a service management process
for the management of assets which are used to should be monitored. The role of operational
deliver and support services for their customers. monitoring and control is to ensure that the
process or service performs exactly as specified,
Organizations should function in the same manner which is why monitoring and control are primarily
as a high-performing sports team. Each player in a concerned with maintaining the status quo.
team, and each member of the team’s organization

162 | How it all fits together
Requirements The business/customers
Service Change proposals

strategy and service
management system
Resources and
Service knowledge
constraints charters
Policies
Strategies
Service Service design

design packages
Standards
Solution Architectures
designs
Service Implementation
transition of transition plans
Tested SKMS updates
New/changed/ solutions
retired services
Business
Service Operational/live value
portfolio Service Achievements services
operation against targets
Service
catalogue
Continual
service
improvement CSI register, improvement
actions and plans
Figure 10.1 Integration across the service lifecycle
Figure 10.2 illustrates the monitoring and control of a ■■ Arrow 1 In this case CSI has recognized that the
process or of the components used to deliver a service. service will be improved by making a change to
the service strategy. This could be a result of
The norms and monitoring and control mechanisms
the business needing a change to the service
are defined in service design, but they are based on
portfolio, or the realization that the architecture
the standards and architectures defined during
does not deliver what was expected.
service strategy.
■■ Arrow 2 In this case the service level
Notice that the second level of monitoring in this requirements need to be adjusted. It could be
monitor-and-control loop is performed by the CSI that the service is too expensive or that
processes through service strategy and service operations management is unable to maintain
design. These relationships are represented by service quality in the current architecture.
the numbered arrows on the figure as follows:

How it all fits together | 163
Business executives and business unit managers
Service strategy
1
2 Continual service
3 improvement
Service design
IT management and vendor account management
Portfolios,
standards and policies
Technical architectures
Service transition
and performance
standards
Users
Norm Norm Norm
Control Compare Control Compare Control Compare
Monitor Monitor Monitor
Input Activity Output Input Activity Output Input Activity Output
Internal and external technical staff and experts
Figure 10.2 Monitoring and control across the service lifecycle
■■ Arrow 3 In this case the norms specified in Service transition provides a major set of checks and
service design are not being adhered to. This balances in these processes. It does so as follows:
could be because they are not appropriate or
■■ For new services, service transition will ensure
executable, or because of a lack of education
that the technical architectures are appropriate
or communication. The norms and the lack of
and that the operational performance
compliance need to be investigated and action
standards can be executed.
taken to rectify the situation.

164 | How it all fits together
Service strategy
Strategies, policies,
standards Feedback
Lessons learned Feedback
for improvement Lessons learned
for improvement
Service design
Plans to create and modify

Output
services and service
management processes Feedback
Lessons learned Feedback
for improvement Lessons learned
for improvement
Service transition
Manage the transition of a

Output
new or changed service
and/or service management Feedback
process into production Lessons learned
for improvement
Service operation
Day-to-day operation of
Output services and service
management processes
Continual service improvement

Activities are embedded in the service lifecycle
Figure 10.3 Continual service improvement and the service lifecycle
■■ For existing services, change management will 10.4 Continual service improvement
manage any of the changes that are required
The strength of the service lifecycle rests upon
as part of a control (e.g. tuning), as well as any
continual feedback throughout each stage of
changes represented by the arrows labelled 1, 2
the lifecycle. This feedback ensures that service
and 3. Although service transition does not
improvement is managed from a business
define strategy and design services per se, it
perspective and is measured in terms of the value
provides coordination and assurance that the
the business derives from services at any point
services are working, and will continue to work,
in time during the service lifecycle. The service
as planned.

How it all fits together | 165
lifecycle is non-linear in design. At every point in An IT service provider does not need to wait
the service lifecycle, the process of monitoring, until a service or service management process is
assessment and feedback between each stage transitioned into the operations area to begin
drives decisions about the need for minor course identifying improvement opportunities.
corrections or major service improvement initiatives.
Figure 10.3 illustrates some examples of the continual
feedback system built into the service lifecycle.


The examination

and exam
preparation 11
17/02/2012 11:59
| 169

11 The examination and exam preparation
11.1 The examination You should start preparing for the examination
from the first day of the course. Use an effective
The examination is a closed-book paper consisting
note-taking system, and review the course material
of 40 multiple-choice questions. All 40 questions
regularly. Transfer information to be learned
should be attempted. Each question has four choices,
onto note cards and review them every day.
and the candidate must select one of these to answer
a question. Only one of the choices is correct. Homework and self-study will be expected. Make
appointments with yourself (and your surroundings)
The examination can be taken either on paper
for study time.
or online.
Practise taking the examination to help familiarize
A maximum of 60 minutes is allowed to answer the
yourself with it. You can use the sample tests
paper. Candidates completing an exam in a language
in this publication, and your training provider
that is not their mother tongue and where the
will also provide you with recent sample papers.
language of the exam is not their primary business
Because the examination is a timed test, you should
language have a maximum of 75 minutes to complete
prepare for your upcoming exam under similar
the exam and are allowed the use of a dictionary.
conditions. Make sure that whenever you take
Candidates must answer 26 or more questions practice tests, you time yourself using the same
correctly to pass the examination, corresponding to amount of allotted time that will be allowed on the
a pass score of 65%. real test. Know in advance how many minutes you
can spend per question, and every few questions
Candidates who fail may retake the examination.
check against the clock to see how you are doing.
There is no limit to the number of times a candidate
may re-sit the examination. Prepare far enough in advance so that you can
actually relax the night before the exam.
11.2 Exam preparation During the examination:
Attending an accredited Foundation training course ■■ Read each question carefully to make sure you
is strongly recommended but is not a prerequisite understand the type of answer required.
to sitting the examination. Candidates should ■■ Come up with the answer in your head before
note that the overall public examination pass rates looking at the possible answers.
are notably lower than the rates for candidates ■■ Read and consider all of the answer choices
who have attended an accredited training course. before you choose the option that best
Candidates are recommended to study for a responds to the question.
total of at least three days prior to the exam.

170 | The examination and exam preparation
■■ Make sure you answer the question that is ■■ Check that you have answered every question.
being asked. Your scores on the multiple-choice tests are
■■ There will be no trick questions so do not waste based on the number of questions you answer
time and energy looking for catch questions. correctly. There is no penalty for guessing.
■■ Answer the easy questions first, then go back ■■ Review your work. If you finish a test before
and answer the more difficult ones. time is up, go back and check your work.
■■ When attempting difficult questions, eliminate ■■ Do not keep on changing an answer – usually
as many incorrect answers as you can, then your first choice is the right one, unless you
make an educated guess from among misread the question.
those remaining.
■■ Do not spend too much time on any
one question.


examination12
Sample ITIL
Foundation
17/02/2012 11:59
| 173
12 Sample ITIL Foundation examination
12.1 Instructions 3 Which of the following would be an

appropriate type of service level agreement?
All 40 questions should be attempted.
a Contract level
There are no trick questions.
b Technology level
You have 60 minutes to complete this paper.
Candidates completing an exam in a language that c Corporate level
is not their mother tongue and where the language d Operational level
of the exam is not their primary business language
have a maximum of 75 minutes and are allowed the 4 Which of the following roles would be
use of a dictionary. valid members of a change advisory board
(CAB) meeting?
You must get 26 or more answers correct to pass.
1 Suppliers
12.2 Questions 2 Change manager
1 Which process has PRIMARY responsibility for 3 Service owner

establishing and maintaining the relationship 4 Release manager
between the service provider and its customer?
a 1, 2 and 3 only
a Problem management
b 2, 3 and 4 only
b Change management
c 2 and 4 only
c Business relationship management
d All of the above
d Service portfolio management
5 What is the main activity used to help the IT
2 Which of the following is NOT within the scope service provider understand and plan for a
of problem management? workload profile?
a To assess the impact and urgency of a Developing the requirements for
incident tickets service utility
b To determine resolution for underlying issues b Providing the appropriate value from the
c Implementation of resolution through the service level package
correct control procedures c Understanding the value that IT needs to
d Pro-active identification of recurring incidents give to the business
d Understanding patterns of business activity

174 | Sample ITIL Foundation examination
6 Which of the following are the main objectives 9 Which of the following statements BEST
for the service desk? describes the difference between an
operational level agreement (OLA) and an
1 To provide management information
underpinning contract (UC)?
2 To restore normal service to the users as
a The OLA is an underpinning agreement
quickly as possible
with legally binding terms whereas the UC
3 To manage the incident through its lifecycle supports the SLA, and is therefore not
4 To prevent problems and resulting formal
incidents from happening b The OLA is an internal document that
a 1, 2 and 4 only defines the working relationship between
different groups within the service provider
b 3 and 4 only organization whereas the UC is a legally
c 1, 2 and 3 only binding document for a supplier in support
of the SLA
d All of the above
c The UC defines targets and responsibilities
7 Who is accountable for ensuring that a process that are required to meet agreed service
is performing to the agreed standards? level targets in a service level agreement,
a The process manager whereas the OLA describes best
endeavours for a service
b The process owner
d There are no differences between a UC and
c The service owner
an OLA as they both support the SLA
d The process practitioner
10 There are five aspects of a successful service
8 Which of the following is the BEST description design stage. Which aspect is missing from the
of an internal service? list below?
a A service providing a value but taking away 1 The design of the management
the ownership of risk and cost for the information systems and tools
customer
2 The design of the technology and
b A service delivered between departments management architectures
in the same organization
3 The design of the processes
c A service delivered to customers who are
4 The design of the measurement methods
not directly part of the organization
and metrics
d A service not directly used by the business
a The design of the service design
but required to provide the overall service
package (SDP)
b The design of the documentation

Sample ITIL Foundation examination | 175
c The design of the service solution 14 Which of the following are valid service
provider types?
d The design of the business processes
1 A centralized services unit
11 Which of the following is the CORRECT
definition of a business case? 2 An internal service provider
a The decision support and planning tool to 3 An external service provider
predict the costs associated with the
4 A shared services unit
implementation of a new service
a 1 and 4 only
b A justification for a significant item of
expenditure, which will include information b 2 and 3 only
about costs, benefits, options, risks and c 2, 3 and 4 only
possible problems
d All of the above
c The quantification of the costs of each
service and how each service is consumed 15 Which of the following is NOT within the scope
of the design coordination process?
d The documentation which demonstrates
the visibility and accountability of each a Maintenance of policies and standards for
business unit the service design activities
12 The release package is an output from which b Assistance and support of projects through
phase of the service lifecycle? the service design stage
a Service strategy c Management of any conflict for resources
b Service design d Assurance that both utility and warranty

are tested
c Service transition
16 In order to optimize the efficiency of the
d Service operation change process, many low-risk routine changes
13 Which of the following functions has a key may be categorized as pre-authorized by
objective to provide the technical expertise change management. What type of change is
and specialized resources for the overall IT this known as?
infrastructure, throughout the service lifecycle? a A service request
a Technical management b A change request
b IT operations c A normal change
c Incident management d A standard change
d Applications management

17 What is contained within the definitive d ITIL is recognized as a worldwide standard

media library? of conformance to best practice that
ensures that everyone in the organization
a Secure definitive authorized versions of
uses the same terms and standards
both software and media CIs that have
passed quality assurance checks 20 Which of the following is the first stage of the
seven-step improvement process?
b The relationship model of all service assets,
infrastructure and individual components a Define what you will measure
that make up a service
b Identify the strategy for improvement
c Secure definitive authorized versions of
c Check the integrity of the data to be used
both software and media CIs that are
for analysis
waiting to pass quality assurance checks
d Determine the baseline
d Secure backup tapes
21 Which of the following are key elements that
18 In which information source would you find a
need to be defined as part of a process?
complete list of current improvement
opportunities and their benefits? 1 The activities contained within the process
a The continual service improvement 2 The process policy

(CSI) register 3 Roles within the organization that will
b A service improvement plan need to carry out the process
c The business case 4 Appropriate metrics for the process
d The configuration management system (CMS) a 1, 2 and 3 only
19 Which of the following is the BEST description b 3 and 4 only

of why ITIL is so successful? c 1, 2 and 4 only
a ITIL has now been followed for more than d All of the above
30 years, ensuring that risks are minimized
and value is achieved in organizations 22 Which element of the DIKW model can NOT be
supported by automation?
b ITIL represents a common framework of
practices that unite all areas of IT service a Data
provision to deliver value to the business b Information
c ITIL represents a proven methodology that c Knowledge
provides an end-to-end delivery of quality
services and value to the business d Wisdom

23 What is the MAIN purpose of service transition 26 What type of categorization would be assigned
planning and support? to a supplier if they are providing a service that
has medium risk and impact to the business
a To control the assets required to deliver the
and medium value and importance?
services to the organization, and ensure that
accurate and reliable information is available a Commodity supplier
b To provide overall planning for service b Operational supplier
transition and coordinate the resources
c Tactical supplier
that they require
d Strategic supplier
c To provide overall planning and guidance
for all projects as they transition into 27 Which of the following are appropriate
service operation examples of a service request?
d To identify, manage and control risks to 1 A password change or reset

minimize any adverse impact and 2 A minor code change request from a user
disruption on service operation to modify a particular application
24 Which of the following tasks is IT operations 3 The relocation of some desktop equipment
NOT responsible for?
4 A question requesting information
a Incident resolution
a 1, 2 and 3 only
b Managing applications throughout their
lifecycle b 2, and 4 only
c Managing the facilities environment c 1, 3 and 4 only
d Monitoring events d All of the above
25 During the incident management process the 28 Which of the following is the PRIMARY process
service desk is often unable to resolve the for which a business impact analysis is required?
incident themselves so they would escalate the a Service level management
incident to another specialist team. What type
of escalation is this known as? b Financial management
a Functional c IT service continuity management
b Hierarchic d Request fulfilment
c Problem management
d Call closure

29 Which of the following is a key guideline when 33 Which of the following is the CORRECT
preparing for automation? sequence of activities during the incident
lifecycle after the incident has been identified?
a Amend the processes to reflect the tool
a 1 – Initial diagnosis and possible escalation.
b Evaluate quality tools on the market
2 – Incident categorization. 3 – Incident
c Simplify the service processes logging. 4 – Incident prioritization. 5 –
d Review any complicated tasks first Investigation and diagnosis. 6 – Incident
closure. 7 – Resolution and recovery.
30 In which stage of the service lifecycle is
governance established? b 1 – Incident logging. 2 – Incident
prioritization. 3 – Initial diagnosis and
a Service strategy possible escalation. 4 – Investigation and
b Service design diagnosis. 5 – Resolution and recovery. 6 –
Incident categorization. 7 – Incident closure.
c Service transition
c 1 – Incident categorization. 2 – Incident
d Continual service improvement logging. 3 – Incident prioritization. 4 –
31 Which functional group will normally take Initial diagnosis and possible escalation.
action on events? 5 – Investigation and diagnosis. 6 –
Resolution and recovery. 7 – Incident closure.
a Incident management
d 1 – Incident logging. 2 – Incident
b IT operations
categorization. 3 – Incident prioritization.
c Service desk 4 – Initial diagnosis and possible escalation.
d Problem management 5 – Investigation and diagnosis. 6 –
Resolution and recovery. 7 – Incident closure.
32 Which of the following are key elements that
should be included within the service design 34 Which of the following will give an overall view
package (SDP)? of the periodic reports showing performance
against all SLA targets?
1 Business requirements
a OLA chart
2 Organizational readiness assessment
b SLAM chart
3 Testing plan
c RAG status
4 Service acceptance criteria
d Underpinning contract performance
a 1, 2 and 4 only
b 2 and 4 only
c 1, 2 and 3 only
d All of the above

35 Which of the following is the PRIMARY 38 Which service operation function would
objective of access management? contribute to the decision on whether to buy
off-the-shelf software packages to support the
a To provide the right for users to be able to
business processes?
use a service at all times to support their
business processes a The service desk
b To align IT security with business security b Technical management
and ensure that it is effectively managed
c Application management
c To provide the appropriate right for users to
d IT operations
be able to use a service or group of services
39 Which of the following statements is the
d To ensure that IT services can be resumed in
CORRECT definition for warranty?
the event of a disaster, within required and
agreed business timescales a The delivery of positive attributes of a service
36 To answer the question ‘Where are we now?’ b The service is assured, and no risks will be
in the continual service approach, we need introduced into live services
to know: c The service is fit for purpose
a How we will keep the momentum going d The service will meet its agreed
b The current baseline assessments requirements
c The business vision 40 Which of the following activities would NOT

be completed as part of the change
d The new measurement targets
management process?
37 Which service lifecycle publication provides
a Planning and controlling the change
guidance on testing?
b Management reporting for change
a ITIL Service Operation
c Change decision-making and authorization
b ITIL Service Transition
d Applying a fix for an emergency change
c ITIL Service Design
d ITIL Service Strategy



13
Answers
17/02/2012 11:59
| 183
13 Answers
Chapter 2 Introduction to service 5 c – Option (a) describes an internal service;

management option (b) describes an external service; and
(d) relates to a type of service provider (Type
1 b – Option (c) and option (d) describe a I) (see section 2.1.2).
process characteristic. Option (a) partially
describes a function but it would not just
cover a single task. Definition of a function: a Chapter 4 Service strategy
team or group of people and the tools they 1 a – The service design package is produced
use to carry out one or more processes or and is an output from service design (see
activities (see section 2.2.2). section 4.1).
2 b – RACI is an acronym for ‘Responsible’, 2 c – All elements in (a), (b) and (c) are valid
‘Accountable’, ‘Consulted’ and ‘Informed’ (see elements: ‘Value needs to be defined in terms
section 2.2.3.1). of three areas: the business outcomes
3 c – Except for option (a), which is the achieved, the customer’s preferences and the
responsibility of the process owner, the rest customer’s perception of what was delivered’
of the activities do form part of the (ITIL Service Strategy, 2011, section 3.2.3). In
responsibilities of a process practitioner (see option (d) merely understanding risk would
section 2.2.3.5). not be a value driver (see section 4.4.1).
4 b – Option (a) describes the roles within 3 c – Any service item not yet in operational
service operation; option (c) misses services should be contained in the pipeline;
components related to external suppliers; and option (a), the service catalogue, is for live
option (d) describes a responsibility of the operational services; and option (b) is for
service level manager. Definition of service services that are retiring and will no longer be
owner role: a role which is accountable for a used by customers (see section 4.4.3).
specific service within an organization, 4 c – NOT option 4 – this would be done
regardless of where the underpinning following the business case being approved.
technology components, processes or Definition of business case: Justification for a
professional capabilities reside (see significant item of expenditure (see
section 2.2.3.2). section 4.4.5).

184 | Answers
Chapter 5 Service design Chapter 6 Service transition
1 b – The organizational structure would be 1 c – Option 4 would be carried out by the
decided during the service strategy stage (see business itself, as IT would only be indirectly
sections 4.1 and 5.1). involved with the training activities for the
actual business operational change (see
2 b – Option (a) is incorrect as this describes a
section 6.1).
service provider; option (c) is the definition of
an OLA; and option (d) refers to transitioning 2 a – All items are valid elements that could be
services from project teams. Definition of SLA: contained within the SKMS (see section
an agreement between an IT service provider 6.5.5.3 and Figure 6.7).
and a customer (see section 5.5.3.3).
3 a – Option (b) is describing a configuration
3 a – The partners responsible are not an aspect item; option (c) describes the SKMS; and
of service design. The five service design option (d) is only partially accurate – the CMS
aspects are the service solution; the does not have to be a single repository.
management information systems; the Definition of CMS: a set of tools, data and
technology and management architecture (b); information that is used to support service
the processes required (d); and the asset and configuration management (see
measurement methods and metrics (c) (see section 6.5.2.3).
section 5.4.2).
4 b – Remediation is used to ensure that
4 d – The purpose of design coordination is ‘to appropriate action can be taken to recover
ensure the goals and objectives of the service after a failed change or release; (a) ITSC
design stage are met by providing and invocation is not always necessary following a
maintaining a single point of coordination failed change; (c) an emergency change is not
and control for all activities and processes’. always necessary; (d) describes a change
Option (a) describes the process that provides model (see section 6.5.3.3).
the planning and management of capabilities
5 d – A change proposal is used to communicate
and resources for service transition; options
a high-level description of a major change
(b) SLM and (c) risk management are process
(see section 6.5.3.3).
activities that would be carried out in service
design (see section 5.5.1). 6 b – This is the correct sequence. Option (a)
refers to Deming’s Plan-Do-Check-Act cycle
5 a – Reliability is a measure of how long a
for continuous improvement (see
service component or configuration item can
section 6.5.4.4).
perform to its agreed function without
interruption; (b) describes maintainability; (c)
is when a service is unavailable; and (d) is the
supplier’s ability to restore service (see
section 5.5.5.3).

Answers | 185
Chapter 7 Service operation Chapter 8 Continual service

1 c – Option (a) is an objective of service design; improvement
option (b) is an objective of service transition; 1 b – Option (a) describes the Plan stage; option
and option (d) is a small part of the coverage (c) describes the Act stage; and option (d)
of service operation (see section 7.1). describes the activities in the Check stage (see
2 c – Option (a) the process owner is section 8.4.1).
accountable for the process; option (b) the 2 a – To identify the strategy for improvement,
service desk is responsible for the incident an organization will need its vision and
through its lifecycle, but all teams will have to strategy; incident and problem management
take responsibility for the process if they are data may be useful when data is gathered
dealing with incidents (see section 7.6). (see sections 8.5.1.1 and 8.5.1.4).
3 a – Option (b) problem management may get 3 c – This describes the concept of ‘How to keep
involved in major incidents, but it is the the momentum going’. Option (a) would have
responsibility of incident management to taken place during the ‘Did we get there?’
manage a major incident, (c) is an objective of stage; option (b) describes the data
incident management, and option (d) requirements at the ‘Where are we now?’
although problem management is responsible stage; and option (d) describes the ‘What is
for providing a workaround, it is not a key the vision?’ stage (see section 8.4.2,
purpose and also not always possible to do Figure 8.2).
4 d – A critical success factor is something that
4 d – An incident should only ever be raised must happen if a process, project plan or
when there has been a degradation of service, service is to succeed. Metrics are used to
whether the customer is aware of it or not measure the achievement of each CSF (see
(see section 7.5.1.3). section 8.4.3.3).
5 c – A technical service desk is not a valid 5 c – The CSI register is a database or structured
description for a service desk (see document used to record and manage
section 7.6.1.3). improvement opportunities throughout their
6 b – Priority setting for an incident should be lifecycle. Against each item listed, the benefits
based on the impact it is having on the that each opportunity will bring are shown.
business and its urgency, i.e. how quickly the Each opportunity can be prioritized (see
business needs a resolution (see section 8.5.1.3).
section 7.5.2.3).

186 | Answers
Chapter 9 Service management 6 c – Option 4 is a key objective for problem
technology management (see section 7.6.1.2).
1 d – All elements would be valid advantages of 7 b – The process owner is accountable for
automation (see section 9.2.1). ensuring that the process is performing to the
agreed standards; (a) the process manager is
2 c – Self-service is where the service provider is accountable for the operational management
represented entirely by technology of a process; (c) the service owner is
(technology-generated) (see sections 9.1 accountable for the service across the
and 9.2.2). lifecycle; and (d) the process practitioner is
responsible for carrying out the activities
Chapter 12 Sample ITIL Foundation within the process (see section 2.2.3.3).
examination 8 b – Option (a) describes the definition of a
1 c – Business relationship management has a service; (c) describes and external service; and
primary purpose of establishing and (d) describes a supporting service (see
maintaining a business relationship between section 2.1.2).
the service provider and customer based on 9 b – Option (a) describes the UC and OLA with
an understanding of their changing needs the wrong and opposite meanings to the
(see section 4.5.3.1). correct answer; option (c) is inaccurate, as
2 a – Assessing impact and urgency would be both OLAs and UCs would have
within the scope of the incident management measurements set against them to determine
process and under the control of the service performance in support of the SLA; option (d)
desk (see section 7.5.4.2). suggests both are the same type of
agreements. Definitions: OLA – an agreement
3 c – There are three types of service level between an IT service provider and another
agreement – by service, customer-based and part of the same organization to support the
corporate (see section 5.5.3.3). delivery of the services; UC – a contract
4 d – All roles would be valid members of a CAB between an IT service provider and a third
including suppliers – particularly if they have party (see section 5.5.3.3).
changes that may impact the service (see 10 c – Options (a) and (b) are the outputs of the
section 6.5.3.3). service design stage; option (d) is inaccurate
5 d – Option (a) refers to utility, and options (b) as the solution should be designed to
and (c) refer to other value attributes, but accommodate the business process (see
none of the options is associated with section 5.4.2).
patterns of business activity. Definition: PBA is
a workload profile of one or more business
activities (see section 4.4.2).

Answers | 187
11 b – Option (a) suggests that is it only a DML may also contain associated CIs such as
planning tool; options (c) and (d) refer to licences and documentation (see
financial management objectives. Definition section 6.5.2.3).
of business case: Justification for a significant
18 a – The CSI register holds a record of all
item of expenditure, which includes information
improvement opportunities, giving a structure
about costs, benefits, options, issues, risks and
and visibility of CSI initiatives (see
possible problems (see section 4.4.5).
section 8.5.1.3).
12 c – The release package is an output from the
19 b – Option (a) ITIL is not successful just
service transition phase (see section 6.4.1).
because it has been used for more than 30
13 a – Option (b) IT operations provides the years; option (c) ITIL is not a methodology;
monitoring and control activities; (c) incident and (d) ITIL is not a standard (see section 2.3).
management is a process; and (d) applications
20 b – The first stage of the seven-step
management provides the technical
improvement process is ‘identify the strategy
knowledge and expertise related to the
for improvement’ followed by ‘define what
applications (see section 7.6.2.1).
you will measure’. Option (a) is the second
14 c – Option 1 – a centralized unit is not a valid stage; options (c) and (d) are not steps within
service provider type (see section 2.1.9). the seven-step improvement process (see
section 8.5.1).
15 d – Options (a), (b) and (c) are all within the
scope of the design coordination process; (d) 21 d – All of the stated elements form part of a
testing would be part of the service transition process as well as procedures, work
lifecycle phase under the process of validation instructions, triggers, input, outputs and
and testing (see section 5.5.1.2). capabilities (see section 2.2.1.1).
16 d – Option (a) refers to the request fulfilment 22 d – Wisdom cannot be replicated by automation:
process; option (b) refers to the generic RFC wisdom is the ability to make correct judgements
for all changes; and option (c) refers to and decisions (see section 6.5.5.3).
normal changes that should go through a
23 b – Option (a) describes the purpose of service
formal approval process, usually via the CAB
asset and configuration management; option
(c) relates only to projects; and (d) represents
17 a – Option (b) describes the configuration one objective of minimizing risk but this is a
model; option (c) describes the DML in all but narrow answer (see section 6.5.1).
the fact that it is not a media library that has
24 b – It is the responsibility of application
not passed quality assurance; and option (d)
management to manage applications
backups would not be stored in the DML.
throughout their lifecycle (see section 7.6.3.1).
Definition of DML: one or more locations in
which the definitive and authorized versions
of all software CIs are securely stored. The

188 | Answers
25 a – Option (b) refers to the escalation of an functions. The service desk (c) would not
incident up the management chain if further normally be responsible for events (see
people need to be made aware of the section 7.5.1.3).
incident; option (c) – incidents do not become
32 d – All of the examples would be appropriate
problems just because the service desk cannot
elements contained within the service design
fix them; and option (d) – an incident should
package (see section 5.4.3). Definition of SDP:
not be closed just because it cannot be fixed
a document defining all aspects of an IT
by the service desk – it would revert to a
service and its requirements through each
functional escalation. Definition of functional
stage of its lifecycle.
escalation: transferring an incident, problem
or change to a technical team with a higher 33 d – This is the correct sequence for the
level of expertise to assist (see section 7.5.2.4). incident management process flow (see
section 7.5.2.4).
26 c – Option (a), commodity supplier, is assigned
when there is low risk and impact, and low 34 b – A service level agreement monitoring
value and importance; (b) operational (SLAM) chart gives an at-a-glance view of the
supplier is the category assigned when there periodic reports showing performance against
is either a low risk and impact or a low value all SLA targets (see section 5.5.3.3).
and importance; and (d) strategic supplier is 35 c – Option (a) access management would not
the category for when there is both high risk grant access at all times but would very much
and impact and high value and importance be determined on the availability requirements
(see section 5.5.4.3, Figure 5.5). that have been agreed with the business;
27 c – Option 2 would fall under the change option (b) describes the objective of information
management process and should be raised via security; and option (d) describes the objective
an RFC (see section 7.5.3.3). of IT service continuity (see section 7.5.5.1).
28 c – IT service continuity requires a BIA (see 36 b – The answer to the question ‘Where are we
section 5.5.7.1). now?’ involves ensuring that we have an
understanding of the current performance
29 c – Processes should be simplified first before
status, which is achieved through the use of
automation (see section 9.2.2).
baseline assessments when we use the CSI
30 a – Governance is established in service approach (see section 8.4.2, Figure 8.2).
strategy to ensure transparency and fairness
37 b – ITIL Service Transition provides guidance
on behalf of the organization (see
on testing (see section 6.2).
section 4.4.6).
31 b – IT operations would normally take action
on an event; (a) incident management and (d)
problem management are processes not

Answers | 189
38 c – The application management function 40 d – Change management would not

needs to understand the business process in implement the fix for an emergency change
order to help identify functional and – fixes are part of the incident process. It is
manageability requirements for application the process of change management that
software (see section 7.6.4.1). would authorize the emergency change (see
section 6.5.3.4).
39 d – Options (a) and (c) describe utility; option
(b) covers only risk (see section 2.1.5).

Further information
| 193
Further information
The official ITIL service management Useful websites

practices framework
ITIL
ITIL Service Strategy (ISBN: 9780113313044)
ITIL Service Design (ISBN: 9780113313051)
www.itil-officialsite.com
ITIL Service Transition (ISBN: 9780113313068)
Certification
ITIL Service Operation (ISBN: 9780113313075)
www.apmgroup.co.uk
ITIL Continual Service Improvement
(ISBN: 9780113313082) itSMF International
Introduction to the ITIL Service Lifecycle www.itsmfi.org
(ISBN: 9780113313099)


Index
| 197
Index
Page numbers for definitions are shown in bold. Page numbers for figures and tables are shown in italic.
access 129 change models 100

access management 128–9 change proposals 99–100
accounting 54 change records 98
accredited training organizations (ATOs) 6 charging 54
alerts 116 communication 114
APM Group 6 communication skills 25
application development 134–6, 135 competence and skills framework 28
application management 134–6, 135 component availability 75
applications 18 component capacity management 78
automation 156–7 configuration items (CIs) 93, 93–4, 125
availability 76 configuration management database (CMDB) 95,
availability management 74–7, 121, 128 108, 108
configuration management system (CMS) 94, 95,
baselines 147 95–6, 97, 108, 108
best practice 28 continual service improvement 35, 141, 144
budgeting 54 business value 141–3
business activity, patterns of 44–5 key principles 143–7
business capacity management 78 overview 151
business cases 18, 49–50, 50, 50 processes 147–50
business impact analysis (BIA) 80 scope 141
business processes 18 and the service lifecycle 164–5, 164
business relationship management 54–6, 55, 72 continual service improvement (CSI) register
business value 62 147–50, 148
continuous availability 77
Cabinet Office 5–6 continuous operation 77
capabilities 17, 17 coordination 161
capacity management 72, 77–9, 103, 121, 128 core services 12, 14
capacity plans 78–9, 79 corporate level SLAs 68
centralized service desk 131, 132 critical success factors (CSFs) 145, 147
change 98 customer-based SLAs 67–8
change advisory board (CAB) 99, 100–2 customer-facing services 12
change management 96–103, 122, 128 customer level SLAs 68

198 | Index
customers 21, 24 functional escalation 121
relationship with 54–6 functions 19, 24
technology interaction with 155, 156
goals 145
data 18, 106 governance 50
data-to-information-to-knowledge-to-wisdom
(DIKW) structures 106–7, 107, 149, 150 hierarchic escalation 121
definitive media library (DML) 96, 97 high availability 76
demand management 103
Deming Cycle 143–4, 143, 149 identity 129
deployment 105 incident categorization 119, 121
design coordination 63–4, 72 incident closure 121
DIKW (data-to-information-to-knowledge-to- incident diagnosis 121
wisdom) structures 106–7, 107, 149, 150 incident escalation 121
disasters 80 incident identification 119
incident logging 119
economic value 44 incident management 72, 116–22, 120, 128
emergency change advisory board (ECAB) 102 incident model 119
emergency changes 99 incident prioritization 121
enabling services 12, 14 incidents 117
enhancing services 13, 14 versus problems 124
environment 18 information 106
event management 115–16 information security management 81–3, 103, 121
events 116 information security policies 82–3
exam preparation 169–70 infrastructure 18
Expert in IT service management certificate 3, 5 integration 18, 161–5, 162
external configuration items 94 interface configuration items 94
external customer-facing services 12 Intermediate-level certificates 4
external customers 21 internal configuration items 94
external service providers 21 internal customer-facing services 12
internal customers 21
facilities management 134 internal service providers 21
fault tolerance 76 investigation and diagnosis 121
financial management for IT services 53–4, 72 IT operations control 134
follow-the-sun service desk 132–3 IT operations management 134
Foundation certificate in IT service management IT processes 19
4, 7–8 IT service continuity management 79–81, 103, 128
examination 169, 173–9 IT service management (ITSM) 20
‘four Ps’ 62, 62 IT Service Management Forum (itSMF) 6–7

Index | 199
IT services 11 monitoring and control 161–4, 163

ITIL Continual Service Improvement 35 multi-level incident categorization 119, 121
ITIL Expert in IT service management certificate 3, 5 multi-level SLAs 68, 68
ITIL Foundation certificate in IT service
management 4, 7–8 negative difference 44
examination 169, 173–9 net difference 44
ITIL Intermediate-level certificates 4 normal changes 99, 101
ITIL Managing Across the Lifecycle (MALC)
qualification 4 operational level agreements (OLAs) 18, 68
ITIL Master in IT service management certificate 5 organization configuration items 94
ITIL publications 33–5 organizational change management 102
ITIL qualifications 3, 3–8 outcomes 11
ITIL Service Design 34
ITIL Service Operation 35 patterns of business activity (PBA) 44–5, 45
ITIL Service Strategy 34 people, processes, products and partners
ITIL Service Transition 35 (‘four Ps’) 62, 62
itSMF International 6–7 Plan-Do-Check-Act (PDCA) cycle 143, 143–4, 149
positive difference 43–4
key performance indicators (KPIs) 145, 147 priorities 118, 118
knowledge 106–7 prioritization 117–19
knowledge management 105–8, 128 privileges (rights) 129
known error databases (KEDBs) 125, 127 proactive activities 75
known errors 124 proactive problem management 125
problem categorization 127
local service desk 130–1, 131 problem closure 127
problem detection 125–7
maintainability 76 problem investigation and diagnosis 127
major incidents 119 problem logging 127
major problem reviews 127 problem management 72, 103, 122, 123–8, 126
management skills 25 problem prioritization 127
Managing Across the Lifecycle (MALC) problem resolution 127
qualification 4 problems 124
Master in IT service management certificate 5 process managers 27
measurability 24 process metrics 147
measurement 145–7 process owners 27
meetings, skills in handling 25 process practitioners 28
metrics 145–7 processes 22
mind maps viii, 29, 37, 57, 84–5, 109, 137, 151, 158 characteristics 24
mission statements 145 models 22–4, 23

200 | Index
programme and project management 102 t wo-view service catalogue 48
wholesale customer view 48
RACI authority matrices 26, 26 service catalogue management 65, 72
reactive activities 75 service design 34, 61
reactive problem management 125 business value 62
reference value 43 key principles 62–3
release 104 overview 84–5
release and deployment management 103–5, 105, 128 processes 63–83
release and deployment planning 104 scope 61
release build and test 104 service design package (SDP) 18, 63
release policy 91 service desk 129–33
reliability 76 service improvement plan (SIP) 71
remediation planning 100 service knowledge management system
reports, service level 69 (SKMS) 95, 106, 107, 107–8, 108, 161
request fulfilment 122 service level agreement monitoring (SLAM)
requests for change (RFCs) 98, 105 chart 69, 69
resolution 121, 124, 124–5 service level agreements (SLAs) 18, 67, 67–8
resources 17, 17 service level management (SLM) 65–72, 70, 121, 128
retail customer view of service catalogue 48 and business relationship management 55, 55–6
review and close 105 service level reports 69
rights (privileges) 129 service level requirements (SLRs) 18, 67
risk 51 service level SLAs 68
risk assessment 51, 51, 80–1, 81 service lifecycle 4, 33–5, 34, 161–5, 162, 163, 164
risk management 51, 51–2, 81 overview 37
roles 19, 24, 24–8 service lifecycle configuration items 93
service management 20, 20
security of information 81–3 overview 29
service analytics 157 service management technology 155–7, 156
service asset and configuration management overview 158
(SACM) 92–6, 103, 122, 128 service metrics 147
service assets 16–18 service operation 35, 113
service availability 75 business value 114
service-based SLAs 67 functions 129
service capability 4 key principles 114
service capacity management 78 overview 137
service catalogue 47, 47–9, 48, 49 processes 114–29
retail customer view 48 scope 113–14
supporting services view 49 service owners 26–7
three-view service catalogue 49 service packages 14, 15

Index | 201
service portfolio management 52–3, 103 suppliers 19, 22

service portfolios 45–7, 46, 46 categories 74
service providers 21 supply and demand, synchronization of 44–5
service requests 123 supporting services 12, 19
service strategy 34, 41 supporting services view of service catalogue 49
business value 42
key principles 42–52 technical management 133–4
overview 57 technology, interaction with customers 155, 156
processes 52–6 technology-assisted interaction 155
scope 42 technology-facilitated interaction 155
service transition 35, 89, 163–4 technology-free interaction 155
business value 91 technology-generated interaction 155
key principles 91 technology-mediated interaction 155
overview 109 technology metrics 147
process 91–108 transition planning and support 91–2
scope 89–91, 90 triggers 23, 24
service value 14–16
serviceability 76 underpinning contracts (UCs) 68, 69
services 11 users 22
assets 17 utility 15, 15–16
composition 18–19, 19
management 19–22 value 15, 16, 42–4, 43, 44
packaging 13–14 virtual service desk 132, 133
types 12–13, 13, 14 vision to measurements 145–7, 146
value 14–17 vision 145
seven-step improvement process 128, 147–50, 149 vital business functions (VBFs) 76
shared service providers 21
single point of contact (SPOC) 130 warranty 16
skills, and roles 25 wholesale customer view of service catalogue 48
Skills Framework for the Information Age (SFIA) 28 wisdom 107
software applications 18 workarounds 117, 125, 127
specialization 161
stakeholders 21–2
standard changes 99
supplier management 72–4

Updated to the 2011 Foundation syllabus, this study aid from
the Official Publisher of ITIL offers an invaluable overview of the
ITIL framework.
An engaging fictional case study runs throughout the

publication to help bring service management to life, and mind
maps at the end of Chapters 2 to 9 provide a useful revision
tool. You can test your understanding with sample questions,
which appear throughout, and a mock exam at the end.
All answers are thoroughly explained to aid understanding

and make sure that you are as prepared as possible for your
Foundation exam.
Passing your ITIL Foundation Exam is an essential aid for all those
preparing for their Foundation exam.
d by APM
se
Gr
r
Endo
oup
compatible
tor
ITIL
product
O
di
ff i
cia l A c cr e
ANAGE
TM
ME
BES
Updated to the 2011 syllabus
NT PRAC
T
UC
TIC
E PROD
7495 ITIL Foundation Cover V1_0.indd 1-3 22/02/2012 15:27

Passing Your ITIL Foundation Exam - CHROM

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Passing Your ITIL Foundation Exam - CHROM

Загружено:

Авторское право:

Доступные форматы

Updated to the 2011 Foundation syllabus, this study aid from

the Official Publisher of ITIL offers an invaluable overview of the

An engaging fictional case study runs throughout the

Passing your ITIL® Foundation Exam

7495 ITIL Foundation Cover V1_0.indd 1-3 22/02/2012 15:27

7522 Passing your ITIL exam v0_5.indd 1 17/02/2012 11:58

Mail, Telephone, Fax & E-mail

TSO@Blackwell and other Accredited Agents

© Crown Copyright 2012

7522 Passing your ITIL exam v0_5.indd 2 17/02/2012 11:58

List of figures and tables v 4.3 Business value 42

The Official ITIL Accreditor’s foreword ix 5 Service design 59

3 ITIL and the service lifecycle 31 7 Service operation 111

7522 Passing your ITIL exam v0_5.indd 3 17/02/2012 11:58

10 How it all fits together 159

7522 Passing your ITIL exam v0_5.indd 4 17/02/2012 11:58

List of figures and tables

Figures Figure 5.3 Service level agreement monitoring

7522 Passing your ITIL exam v0_5.indd 5 17/02/2012 11:58

7522 Passing your ITIL exam v0_5.indd 6 17/02/2012 11:58

Cabinet Office foreword

7522 Passing your ITIL exam v0_5.indd 7 17/02/2012 11:58

Chief Examiner’s foreword

7522 Passing your ITIL exam v0_5.indd 8 17/02/2012 11:58

The Official ITIL Accreditor’s foreword

7522 Passing your ITIL exam v0_5.indd 9 17/02/2012 11:58

Author Thanks are still due to those who reviewed and

7522 Passing your ITIL exam v0_5.indd 10 17/02/2012 11:58

7522 Passing your ITIL exam v0_5.indd 11

1 The ITIL qualification scheme

ITIL (formerly known as the IT Infrastructure Library)

1.1 Levels of qualification Intermediate lifecycle Intermediate capability

The ITIL qualificat ion scheme introduces a learning

7522 Passing your ITIL exam v0_5.indd 13 17/02/2012 11:58

7522 Passing your ITIL exam v0_5.indd 14 17/02/2012 11:58

7522 Passing your ITIL exam v0_5.indd 15 17/02/2012 11:58

1.2.2 APM Group 1.2.4 Accredited training organizations

7522 Passing your ITIL exam v0_5.indd 16 17/02/2012 11:58

7522 Passing your ITIL exam v0_5.indd 17 17/02/2012 11:58

7522 Passing your ITIL exam v0_5.indd 18 17/02/2012 11:58

2 Introduction to service management

7522 Passing your ITIL exam v0_5.indd 21 17/02/2012 11:58

2.1.2 Service types Definitions

7522 Passing your ITIL exam v0_5.indd 22 17/02/2012 11:58

Business unit Business unit

IT department IT department IT department

External customer-facing services

IT services Internal customer-facing services

Supporting services (internal)

Business services and products provided by other business units

Figure 2.1 Internal, external and supporting services

7522 Passing your ITIL exam v0_5.indd 23 17/02/2012 11:58

Table 2.1 Examples of core, enabling and enhancing services

Definition Case study: service management in practice

7522 Passing your ITIL exam v0_5.indd 24 17/02/2012 11:58

Service package Enhancing service

Enabling service Enhancing service

Figure 2.2 Service packages can contain other service packages

7522 Passing your ITIL exam v0_5.indd 25 17/02/2012 11:58

Performance supported? T/F

AND Value created

Figure 2.3 Value is created from service utilities and warranties

7522 Passing your ITIL exam v0_5.indd 26 17/02/2012 11:58