Chapter 1 – Information Technology Service Management Concepts.

What is Service?
Service is α meαns of delivering value to customers by achieving customer's desired results while working within
given constraints.

What is the difference between service and products?

Services Products
Services αre not tangible. Products αre tangible.
Services αre produced and consumed at the same Products are not produced and consumes at the
time. same time.
Services are inconsistent. Products are consistent.
The user participates in the production of services. The user doesn’t participate in the production of
services.

What is service management?

Service Management refers to all aspects of the management of IT service provision. according to ITIL, Service
management contains all organizational capabilities for generation of added value to the customers as service.

Here are the main goals of Service management:

 Make IT services adaptable towards the present and future requirements of an organization and its
customers.
 Develop and maintain good & responsive relationship with the business.
 Make effective and efficient use of all IT resources.
 Optimizing the quality of delivered services.
 Reduction of long term cost of service delivery.

What is Computer Services Management?

Computer Services Management formerly known as “ITSM” (IT Services Management) is the subject focusing on
delivering IT services aligning to the customer-needs, continuously under a “Service Level Agreement (SLA)“.
CSM or ITSM is mainly focusing on the customers’ or clients’ needs and wants. Herein it’s essential to understand
who the customers are.

Customers basically can be classified in 2 categories, “Internal customers” and “External customers”. For the IT
department of a company, all the employees of the other departments are “internal customers” while the
persons who pay money to have services provided by the above mentioned company (for outside business
organisations), are called “external customers”.

Departments under Computer Services Department:

There are 5 departments ruled under the IT Services Department of any company. Let’s have a look at them and
their roles.

Help Desk or Service Desk Department:

 Acting as a single point of contact instead of the first point of contact
 Directly dealing with customers by providing basic instructions up to a certain extent or level when they
request help
 Recording issues arisen with the products or services provided
 Transferring customer requests to the relevant department.
 Warning to the top-level management based on the recorded facts (for making decisions in future)

Software used: The Help Desk employees normally have the ability to work with some sort of software systems
such as “HelpSpot, JIRA, Client Engage” and so on. JIRA and Client Engage are considered as “Project
Management Software as well (Based on their functions)”. ACD (Automatic Call Distributor) systems are also
found here in.
Development Department:
The employees in the department develop the software systems to be sold. There are programmers, software
engineers, architects, QA engineers and testers, analysts, designers and so on. They work with the “Application
Code”. They are involved in developing and testing the systems as well as documenting all the necessary
portions/ sub-systems of the system. They use different IDE’s and frameworks with different languages as
appropriate to develop the systems.

Technical Department:
They work with “Non-application Code” which means setting up the database connectivity and providing the
environment to run the systems smoothly. There are database engineers, technical assistants as well. They have
to deal with DBMS’s and Operating Systems.

Operations Department:
Software installation and some kind of amendments of the application code also are done as required by the
employees of the department. The employees work under the “Operations manager”.

Network Department:
Network department is responsible to provide all the necessary infrastructures to install the systems and
ensuring the 3rd party services gained from the outside environment including the Internet Connection,
telephone system and VPN’s etc.

Roles and Responsibilities of IT Professionals like an IT Services Manager

The following are the roles of an IT Services Manager.
01. Operation of all systems:
 Central computing system.
 Networked systems.
 Telephone switchboards.
 Systems operated by 3rd parties.
 Systems on end user computing facilities.
 Scheduling of work.
 Helpdesk for users.
 Provision of testing services.

02. Maintenance of all systems:

 Software and services.
 Error corrections.
 Essential business changes.

03. Supplier and Custodian (Caretaker or Guardian) of all IT assets for the business – hardware, building
infrastructure, support arrangements, software, licenses, data security, disaster planning.

04. Administration:
 Staff Management.
 Reporting.
 Budgets.
 Legal.
 Training.
 Project Management.

05. Contribution to an organisation’s IT strategy.

 Chapter 2 – Standards, Frameworks and Processes

Integrating Standards, Frameworks and Processes – Why use frameworks and standards?
 Adopt best practices.
 Adopt a common Vocabulary.
 Implement new processes.
 Formalize, improve and benchmark existing processes.
 Easy to explain process governance.
 Obtain a competitive advantage.

Understanding Frameworks, Standards and Processes

A process framework describes best practices (most probably good practices) that can be used to define and
continually improve a given set of processes.
A standard is a document that contains an agreed-upon and approved set of requirements that an organization
must satisfy to be certified.
A procedure is a series of well-organized processes followed to achieve a defined goal within a certain domain.
A process is the series of steps have to be followed in order to accomplish a certain task.

What is “The Best Practice”? and why do we need “Good Practices”?

The term “Best Practice” is also obsolete due to some practical reasons. Actually it’s very hard to define which
practice is the best for a specific company without considering the relevant context in each and every aspect
including finance, HR and all. Now a days, project management specialists always talk about “Good Practices”
instead of so-called best practices.

Are best practices based on the standards?

Really it’s not always based on standards like ISO. Because doing something with standards mean that it’s done
according to a set of organized common processes introduced by a third party instead of coming to know what
is the best way of practicing it within your real business environment or in the specific domain in order to save
money, time and effort.

Importing Best Practices from other organisations?

It’s not always truly practical. In some cases, there may be some other organisations who has achieved their
final goals as they expected. But keep in mind that it was right for them, not for your organisation. Perhaps as
you think it’s easier to copy best practices from another organisation because it would save time, cost and effort
to be spent on finding the solution. But remember it’s not a good practice. There might be some sort of processes
to be copied and implemented well in your company. It doesn’t matter at all. But you also have to take the
responsibility to research for finding the ways can be set as best practices for your business because the business
is yours. That will be the best solution for your business organisation.

What are the factors considering when finding the best practices?
1. The availability and capacity of current staff/ internal expertise in management.
2. The financial background of the company to spend money for the research-works.
3. Competitors’ approaches if their processes are successful.
4. Suggestions from Standards-bodies like ISO.
5. The historical issues and given solutions for them in the business’s life time.

Life cycle of implementation of best practices:-

Analysis:
 Checking the ability to fit “new practice” (best practice) in to your environment.
 Budgeting approximately for finding the best practices.
 What are the benefits that can be achieved via the implementation of new practice.
 What risks are involving and what methods for monitoring and measuring success.
 How the new process will affect current processes. This is achieved by considering each and every relevant
process one by one.

Planning:
Your plan really does need to have some go/no-go decision points along the way to stop you from spending
more money than you should. Having a plan is no good unless you work the plan properly.

Training:
Training the current staffers consumes both money and time. The substitute staffers may may be required to be
employed when the current staffers are trained to new practices. It would be an additional cost. On the other
hand the trainers are also paid by the company.

Change Management:
It includes both the IT Technical Change Management and The Enterprise Change Management. Perhaps the PM
(Project Manager) might have the capacity to implement the change. Then it will be an advantage to save money.

IT Technical Change Management (also known as “change management” in the ITIL framework) is the process
responsible for controlling the lifecycle of all changes with minimum disruption to IT services.

Enterprise Change Management is the systematic deployment of change management skills, tools and processes
throughout an organization. The following are the goals of ECM:
 Instil organizational agility.
 The ability to respond to increasing amounts of change.
 Create competitive advantage.

Implementation:
This may include the following:
 Cost for time, design, development and documentation of new processes.
 Configuration or customization of existing systems.
 Purchase of new systems.

When to get benefits from new practices?

It’s easy when you are buying hardware or software to see what you are getting for your money. It’s a completely
different thing to justify the costs involved in changing the way that things are done – there may be no new
hardware or software – just a new practice which may take some time for the benefits to become apparent.

Turning best practice into good practice?

Each of the following factors required a certain level of change effort to accommodate good practice based upon
“best practice”:
 Skill levels of staff.
 Corporate culture in the company/business.
 Ability to focus on projects as opposed to day to day operations.
 Management practices and levels of support.
 Internal reporting requirements business, legal, accounting etc.
 Reward and Remuneration structures.

Conclusion:
There are no short cuts to turning “best practice” into good practice for your organisation. You have to do what
we call the “S3 analysis” (analysing Strategy, Structure and Systems) to determine what’s missing in your current
operation, what could help and, just as important – what you don’t need.

“The good practices for your own company are the best practices for your company”.
 Chapter 3 – Cloud Computing Concepts
Introduction – What is Cloud Computing?
The jargon term “Cloud Computing” is used to introduce any way of delivering hosted services over a real time
communication network, typically the Internet. But keep in mind that it differs from traditional hosting. The
historical background for the arisen of the concept “Cloud Computing” runs down to 1950’s, at the time people
used “Mainframe Computers” which were accessed by “Dumb Terminals”. Dumb Terminals had no a much
processing power or internal storage but they were able to communicate with mainframes which had a
comparatively high processing capability. The “Goal of Cloud Computing” is providing easy and scalable access
to computing resources and IT services.

“Moving to cloud” refers to an organization moving away from a traditional Capital Expenditure Model (CAPEX
– purchasing the dedicated hardware and depreciate them over a period of time) to the Operating Expense
Model (OPEX – using a shared cloud infrastructure and paying for the amount of your usage of it).

To be precise, cloud computing is the delivery of computing services like servers, storages and more over the
Internet. The companies that offer these computing services are called cloud providers. They charge for cloud
computing services based on usage. Cloud computing is usually classified on the basis of location, or on the
service that the cloud is offering. Based on a cloud location, we can classify cloud as the following deployment
models:
01. Private Cloud: Hosting all your computing infrastructure yourself and is not shared. The security and control
level is highest while using a private network or cloud.
02. Community Cloud: A community cloud is shared between organisations with a common goal or that fits into
a specific community.
03. Public Cloud: The whole computing infrastructure is located on the premises of a cloud computing company
that offers the cloud service.
04. Hybrid Cloud: Using both private and public clouds, depending on their purpose. You host your most
important applications on your own servers to keep them more secure.

Cloud Computing Vs Traditional Hosting:

In the past, web servers ran on a single computer or a group of privately owned computers called a server. In
this circumstance, if a website, hosted in the computer suddenly becomes more popular, the number of service
requests to this system increases due to which there may be chance that the response time increases. Also the
in worst case scenario the server will fail to serve all incoming requests as it did earlier due to heavy traffic. This
type of failure is called “Overloading”. On the other hand, in times of low load, there may be a much unused
capacity.

If the website is hosted in a cloud, an additional computing and processing power can be granted from the cloud
service provider. If the website suddenly becomes more popular, the cloud can automatically direct more
individual computers to work, to serve more users and more money will be generated by the service provider
for the extra usage. If it becomes unpopular, however, the amount of money due will be less. Cloud computing
is popular for its “Pay-as-you-go Pricing Model”.

Cloud Computing Vs Client-Server

In a client-server environment, the client machines must run client versions of the software capable to work
with a server/network. This type of software must be purchased and they are allowed to be installed on a certain
number of computers only. These client software’s utilize the client system’s memory and CPU power.

In a cloud environment, no need to install so-called client versions of software which consumes client machine’s
memory and CPU power. The software is run on the cloud servers which provide the environment to run them.
The only thing is to be done by the end user is managing and execution of those software with the use of an
interface which connects the end user to the cloud.

Before going further on cloud computing, we will need to know a few technical terms.
Firewall:
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based
on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network
and untrusted external network, such as the Internet.

Load Balancer:
A load balancer is a device that distributes network or application traffic across a cluster of servers. A load
balancer sits between the client and the server farm accepting incoming network and application traffic and
distributing the traffic across multiple backend servers using various methods.

Virtual Machine:
A virtual machine is a computer file, typically called an image, which behaves like an actual computer. In other
words, creating a computer within a computer. It runs in a window, much like any other programme, giving the
end user the same experience on a virtual machine as they would have on the host operating system itself. The
virtual machine is sandboxed from the rest of the system, meaning that the software inside a virtual machine
cannot escape or tamper with the computer itself. This produces an ideal environment for testing other
operating systems including beta releases, accessing virus-infected data, creating operating system backups and
running software or applications on operating systems for which they were not originally intended.

Multiple virtual machines can run simultaneously on the same physical computer. For servers, the multiple
operating systems run side-by-side with a piece of software called a hypervisor to manage them, while desktop
computers typically employ one operating system to run the other operating systems within its programme
windows. Each virtual machine provides its own virtual hardware, including CPUs, memory, hard drives, network
interfaces and other devices. The virtual hardware is then mapped to the real hardware on the physical machine
which saves costs by reducing the need for physical hardware systems along with the associated maintenance
costs that go with it, plus reduces power and cooling demand.

Virtual Machine Automation (VM Automation)

VM automation is the ability for a virtual machine (VM) to perform basic functions and optimize performance
on its own or with minimal manual input. An important goal of VM automation is to minimize human errors and
reduce the amount of time it takes for information technology administrators to manage a large, logical
infrastructure.

VM automation tools can help with the completion of routine tasks, as well as the placement and migration of
VMs. Placement is the process of determining where each virtual machine will operate and who will be its host.
Migration involves balancing data and processing loads by moving VMs to optimize the use of host memory and
processing power. VM automation has many benefits but it's not suited to every workload or environment.
While it works well for the creation and management of large numbers of VMs but for smaller organizations,
the work and cost of tools required to implement VM automation can be detrimental to the cost-efficiency of
the VMs themselves in a small environment. Tools built specifically for the automating virtual machine
management at the enterprise level include VMWare vSphere PowerCLI and the VMWare vRealize Suite.

VM automation levels
The automation level for a virtual machine can be changed in the settings of software such as vSphere and levels
of automation can be customized within different VMs. Possible levels include the following:
01. Manual: The system makes recommendations but does not implement them until the user manually makes
the changes.
02. Fully Automated: The system immediately implements changes.
03. Partially Automated: The system makes some changes such as placement, or which host a virtual machine
is nested within, but only suggests others, such as migration, or how various VMs are moved around in order
to load balance a larger network.
04. Disabled: The system does not suggest or change anything.
 Chapter 4 – Cloud Computing Service Models
Cloud models come in the following five models:

Infrastructure-as-a-Service:
Infrastructure-as-a-Service provides access to fundamental resources such as physical machines, virtual
machines, virtual storage, etc. Apart from these resources, the IaaS also offers:
 Virtual machine disk storage.
 Virtual local area network (VLANs).
 Load balancers.
 IP addresses.
 Software bundles.
All of the above resources are made available to end user via server virtualization. Moreover, these resources
are accessed by the customers as if they own them.

Figure 1: Infrastructure-as-a-Service
Benefits
IaaS allows the cloud provider to freely locate the infrastructure over the Internet in a cost-effective manner.
Some of the key benefits of IaaS are listed below:
a. Full control over computing resources through administrative access to VMs: IaaS allows the customer to
access computing resources through administrative access to virtual machines in the following manner:
i. Customer issues administrative command to cloud provider to run the virtual machine or to save data on
cloud server.
ii. Customer issues administrative command to virtual machines they owned to start web server or to install
new applications.
b. Flexible and efficient renting of computer hardware: IaaS resources such as virtual machines, storage devices,
bandwidth, IP addresses, monitoring services, firewalls, etc. are made available to the customers on rent.
The payment is based upon the amount of time the customer retains a resource. Also with administrative
access to virtual machines, the customer can run any software, even a custom operating system.
c. Portability, interoperability with legacy applications: It is possible to maintain legacy between applications
and workloads between IaaS clouds. For example, network applications such as web server or e-mail server
that normally runs on customer-owned server hardware can also run from VMs in IaaS cloud.

Issues
IaaS shares issues with PaaS and SaaS, such as Network dependence and browser based risks. It also has some
specific issues, which are mentioned in the following diagram:
a. Compatibility with legacy security vulnerabilities: Because IaaS offers the customer to run legacy software in
provider's infrastructure, it exposes customers to all of the security vulnerabilities of such legacy software.
b. Virtual Machine sprawl: The VM can become out-of-date with respect to security updates because IaaS
allows the customer to operate the virtual machines in running, suspended and off state. However, the
provider can automatically update such VMs, but this mechanism is hard and complex.
c. Robustness of VM-level isolation: IaaS offers an isolated environment to individual customers through
hypervisor. Hypervisor is a software layer that includes hardware support for virtualization to split a physical
computer into multiple virtual machines.
d. Data erase practices: The customer uses virtual machines that in turn use the common disk resources
provided by the cloud provider. When the customer releases the resource, the cloud provider must ensure
that next customer to rent the resource does not observe data residue from previous customer.

Characteristics
Here are the characteristics of IaaS service model:
a. Virtual machines with pre-installed software.
b. Virtual machines with pre-installed operating systems such as Windows, Linux, and Solaris.
c. On-demand availability of resources.
d. Allows to store copies of particular data at different locations.
e. The computing resources can be easily scaled up and down.

Platform-as-a-Service:
Platform-as-a-Service offers the runtime environment for applications. It also offers development and
deployment tools required to develop applications. PaaS has a feature of point-and-click tools that enables non-
developers to create web applications. App Engine of Google and Force.com are examples of PaaS offering
vendors. Developer may log on to these websites and use the built-in API to create web-based applications. But
the disadvantage of using PaaS is that, the developer locks-in with a particular vendor. For example, an
application written in Python against API of Google, and using App Engine of Google is likely to work only in that
environment. Figure 2 shows how PaaS offers an API and development tools to the developers and how it helps
the end user to access business applications.

Figure 2
Benefits
Following are the benefits of PaaS model:
a. Lower administrative overhead: Customer need not bother about the administration because it is the
responsibility of cloud provider.
b. Lower total cost of ownership: Customer need not purchase expensive hardware, servers, power, and data
storage.
c. Scalable solutions: It is very easy to scale the resources up or down automatically, based on their demand.
d. More current system software: It is the responsibility of the cloud provider to maintain software versions
and patch installations.

Issues
Like SaaS, PaaS also places significant burdens on customer's browsers to maintain reliable and secure
connections to the provider’s systems. Therefore, PaaS shares many of the issues of SaaS. However, there are
some specific issues associated with PaaS as given below:
a. Lack of portability between PaaS clouds: Although standard languages are used, yet the implementations of
platform services may vary. For example, file, queue, or hash table interfaces of one platform may differ
from another, making it difficult to transfer the workloads from one platform to another.
b. Event based processor scheduling: The PaaS applications are event-oriented which poses resource
constraints on applications, i.e., they have to answer a request in a given interval of time.
c. Security engineering of PaaS applications: Since PaaS applications are dependent on network, they must
explicitly use cryptography and manage security exposures.

Characteristics
Here are the characteristics of PaaS service model:
a. PaaS offers browser based development environment. It allows the developer to create database and edit
the application code either via Application Programming Interface or point-and-click tools.
b. PaaS provides built-in security, scalability, and web service interfaces.
c. PaaS provides built-in tools for defining workflow, approval processes, and business rules.
d. It is easy to integrate PaaS with other applications on the same platform.
e. PaaS also provides web services interfaces that allow us to connect the applications outside the platform.

PaaS Types
Based on the functions, PaaS can be classified into four types as shown in the following diagram:
a. Stand-alone development environments: The stand-alone PaaS works as an independent entity for a specific
function. It does not include licensing or technical dependencies on specific SaaS applications.
b. Application delivery-only environments: The application delivery PaaS includes on-demand scaling and
application security.
c. Open platform as a service: Open PaaS offers an open source software that helps a PaaS provider to run
applications.
d. Add-on development facilities: The add-on PaaS allows to customize the existing SaaS platform.

Software-as-a-Service:
Software-as–a-Service (SaaS) model allows to provide software application as a service to the end users. It refers
to a software that is deployed on a host service and is accessible via Internet. There are several SaaS applications
listed below:
 Billing and invoicing system
 Customer Relationship Management (CRM) applications
 Help desk applications
 Human Resource (HR) solutions
Some of the SaaS applications are not customizable such as Microsoft Office Suite. But SaaS provides us
Application Programming Interface (API), which allows the developer to develop a customized application.

Characteristics:
Here are the characteristics of SaaS service model:
 SaaS makes the software available over the Internet.
 The software applications are maintained by the vendor.
 The license to the software may be subscription based or usage based. It is billed on recurring basis.
 SaaS applications are cost-effective since they do not require any maintenance at end user side.
 They are available on demand and can be scaled up or down on demand.
 They are automatically upgraded and updated.
 SaaS offers shared data model. Therefore, multiple users can share single instance of infrastructure. It is not
required to hard code the functionality for individual users. All users run the same version of the software.
Benefits:
Using SaaS has proved to be beneficial in terms of scalability, efficiency and performance. Some of the benefits
are listed below:
 Modest software tools: The SaaS application deployment requires a little or no client side software
installation, which results in the following benefits:
o No requirement for complex software packages at client side.
o Little or no risk of configuration at client side.
o Low distribution cost.
 Efficient use of software licenses: The customer can have single license for multiple computers running at
different locations which reduces the licensing cost. Also, there is no requirement for license servers because
the software runs in the provider's infrastructure.
 Centralized management and data: The cloud provider stores data centrally. However, the cloud providers
may store data in a decentralized manner for the sake of redundancy and reliability.
 Platform responsibilities managed by providers: All platform responsibilities such as backups, system
maintenance, security, hardware refresh, power management, etc. are performed by the cloud provider.
The customer does not need to bother about them.
 Multi-tenant solutions: These allow multiple users to share single instance of different resources in virtual
isolation. Customers can customize their application without affecting the core functionality.

Issues
There are several issues associated with SaaS, some of them are listed below:
 Browser based risks: If the customer visits malicious website and browser becomes infected, the subsequent
access to SaaS application might compromise the customer's data. To avoid such risks, the customer can use
multiple browsers and dedicate a specific browser to access SaaS applications or can use virtual desktop
while accessing the SaaS applications.
 Network dependence: The SaaS application can be delivered only when network is continuously available.
Also network should be reliable but the network reliability cannot be guaranteed either by cloud provider or
the customer.
 Lack of portability between SaaS clouds: Transferring workloads from one SaaS cloud to another is not so
easy because work flow, business logics, user interfaces, support scripts can be provider specific.

Open SaaS and Service Oriented Architecture:

Open SaaS uses those SaaS applications, which are developed using open source programming language. These
SaaS applications can run on any open source operating system and database. Open SaaS has several benefits
such as Low Deployment Cost, Less Vendor Lock-in, More portable applications and Robust solutions and also
there is no requirement of licenses. The figure 3 shows the SaaS implementation based on SOA:

Figure 3