ITIL
STRATEGY DESIGN
ITIL Basics: Strategy, Design, Transition, Operations, and Improvement
There are 5 ITIL Lifecycle Phases as prescribed in ITIL.
Service Strategy, Service Design, Service Transition, Service Operations, and
Continual Service Improvement. These life cycles define what IT has to do to
deliver value to the business and/or customers. ITIL advises you to change your IT organizational
functions and processes in this manner to deliver IT services and value to your
customers. If your company makes the decision to launch an ITIL initiative, you
have decided to introduce the necessary change to your current organizational
structure and processes to align with ITIL advised structure and processes.
What is the ITIL structure? ITIL defines 5
IT Lifecycle Phases with the following Goals
1)Service Strategy: build a cost effective IT
strategy. Find the right balance between performance and cost. Defines what to
build and why it is needed. Its output is a business approved, business funded
IT strategy.
2)Service Design: design IT services in
alignment with Service Strategy. Defines how IT services will be built. Its
output is a Service Design Package.
3)Service Transition: build and deploy IT
services as specified by Service Design. Build and deploy services with minimal
impact to the Production environment. Its output is a Live Application/Service
that functions as expected.
4)Service Operations: Deliver and manage
services at the agreed levels to business users/customers. Its expected output
is managed services with happy customers.
5)Continual Service Improvement:
Continual improvement of IT processes and metrics. Prioritize and initiate
improvement projects. Its expected output is better metrics of all IT processes
- cheaper, faster, better IT services.
STRATEGY - DESIGN
1)Supplier Management
The purpose
of supplier management is to obtain value for money from suppliers and
contracts. It ensures that underpinning contracts and agreements align with
business needs, Service Level
Agreements and Service Level
Requirements. Supplier Management oversees process of identification
of business needs, evaluation of suppliers, establishing contracts, their
categorization, management and termination.
2)Service Catalog Management
The CA Service Catalog Management process
map provides IT with control over internal initiatives to develop, deliver and
support the required services while establishing a partnership with its
consumers who will receive the agreed services at the expected level and price.
Benefits
include:
• Creating
a service driven culture elevating the perception of the IT organization to a
Service Provider
• Providing
a source of reliable information to manage investments
• Increasing
customer satisfaction and allowing them to choose the correct level of IT
service for their needs
• Setting
the stage for a formal Service Level Management process
• Building
the foundation to manage Service Requests
3)Information Security Management
Companies will be sensitive to the taste because of
security reasons. This sensitivity can be moved to the physical size of the
media data that can be carried on smaller and older is increasing with
increasing size.
Information Security Management (Information Security
Management) The main purpose of the company IT security policies and security;
digital data is managed in a secure and convenient way to ensure that is to
match the case. This security, availability (accessibility), confidentiality
(privacy), Integrity (integrity) and Authenticity (the authorization) are
possible.
Availability
(accessibility) accessibility of data; protected against any attacks and
are provided with the system to be available when needed by convertibility of
possible errors.
Confidentiality
(Privacy) Data is only accessible by persons with access.
Integrity
(Integrity) is provided with the protection of data against unauthorized
intervention.
Authenticity
(Empowerment): exchange of data held by companies inside or outside is
provided with unreliable.
Information Security Structure
Information security management level of security in the
entire life cycle of the services offered by creating a security framework is
to ensure that enough.
Basically security framework consists of
the following components:
•
Security strategy, the creation of security
policies that meet the control and regulation
•
Establishment of control elements to support the
policy
•
Enterprise task, the creation of a security
policy and strategy consistent with the request.
•
Establishment of an effective security
organization structure.
This foundation is supported by the following components:
•
Managing the security risks
•
To follow the process to ensure compatibility
• Monitoring
of the IT Service Management process to control security needs are satisfied or
no
•
Establishing communication in order to
understand clearly the security principles and policies.
The standards established under information security,
information management, procedures, guidelines, and it all data related to
safety, such as Information Security Management System - Information Security
Management System is located in.
Policies:
Information Security management improves overall
information security policy. This policy created with other binding security
policies. Allow creation of information security policies imposed on employees
must receive the support of senior management in information security policies
which will be expected to take place the following topics:
•
Access management policies
•
e-mail policies
•
Internet access policy
•
Anti-Virus policies
•
Data classification policies
•
Document classification policies
•
Remote access policies
•
Hardware destruction policies
•
Supplier access policies
ACTIVITIES:
Security framework consists of five main
activities:
Controller
(Control): is provided by the development of security control policies and
procedures. Understanding the business needs of security and the implementation
of policies that will meet these needs will rationalize and security
management.
Plan
(Planning): Planning the security needs of Service Level Agreement (SLA) is
guided by the requirements set by the security department. higher-level
security needs of the enterprise security standards in SL are listed.
Implement
(Implementation): Located in creating awareness about application security
activities. Furthermore, the system and the creation of a classification system
for data, computers, applications, to secure the network still can be examined
in this context. It also created the physical security outside are discussed in
this phase. Security management is also emerging issues relating to safety
(Security Incidents) it allows to solve these problems by studying.
Evaluate
(Evaluation): internal and external inspections in conformity assessment
activities for information security management is situated. Internal audit in
an IT security specialist group or organization is defined as the study of
internal security inspectors would be considered to control the security
organization of the external audit inspectors or auditors from outside the
organization. problems with security (security Incidents) is provided in the
same way the assessment of security issues evaluated in this section.
Maintain
(Maintenance): improving safety and eliminating deficiencies in the
evaluation process in order to improve the organizational structure are the
maintenance activities.
ROLES:
Located under the security manager is responsible for all
information security management activities. the difficulty of creating and
managing user policies and security policies can be addressed in this
context.
Comprise, in addition, the security
manager's tasks:
• Establishment
of information security policies and managing
• The
enforcement of information security policies
• Classification
of IT asset information
• Availability
management and IT Service Continuity Management with
implementing security risk analysis
• Safety
and security testing to respond to light.
• Reducing
the number of safety-related problems.
• Measuring
the impact on the safety of the amendments
• Examining
the security policy
4)Capacity Management
Capacity Management is one of five
components in the ITIL Service Delivery area. Capacity
management is a process
used to manage information technology (IT). Its
primary goal is to ensure that IT resources are right-sized to meet
current and future business requirements in a cost-effective manner. One common
interpretation of capacity management is described in the ITIL framework.
Capacity
Management activities include:
Monitoring, analyzing, tuning, and implementing necessary
changes in resource utilization. Managing demand for computing resources, which
requires an understanding of business priorities. Modelling to simulate
infrastructure performance and understand future resource needs.Application
sizing to ensure required service levels can be met.
Storing capacity management data. Producing a capacity plan
that documents current utilisation and forecasted requirements, as well as
support costs for new applications or releases.Building the annual
infrastructure growth plan with input from other teams.
Capacity Management components
There are many
parameters that need to be considered when designing a
service (or
architecture). One to be considered right at the beginning is to satisfy
demand for the service by providing enough capacity. Easier said than done.
The task of Capacity Management is to provide enough
capacity to satisfy capacity and performance requirements. It should be timely
and cost-effective. You noticed that performance is mentioned here Capacity
Management is often connected with performance.
Capacity Management is a quite complex process. It includes
proactive (e.g. forestall capacity issues) and reactive measures (e.g.
responding to capacity events) and it is highly technical. To make it easier,
ITIL suggests three subprocesses:
• Business
Capacity Management-
• Service
Capacity Management
• Component
Capacity Management.
Business Capacity Management
Business Capacity Management translates business plans and
needs into requirements for IT services and architecture. As customers’
business changes, so are service requirements changing. Change in service
requirements usually has an impact on demand
for capacity. Service Level
Requirements and Service Level
Agreement targets must be
met.
Service Capacity Management
Service Capacity Management focuses on management, control
and prediction of end-to-end performance of live IT services usage and
workloads. It’s about measuring performance and comparing it to requirements
that are set in Service Level Agreements (SLAs) or Service Level Requirements
(SLRs).
Component Capacity Management
Component capacity is what most of us are familiar with.
Open your computer properties and check hard disc storage capacity. Or, ask
your ISP what your internet link throughput is. We speak about component
capacity. Component Capacity Management focuses on management, control,
performance prediction, utilization and capacity of technology components (e.g.
a hard disc, network interface, processor, etc.).
5)Availability Management
Availability Management is one of five
components in the ITIL Service Delivery area. It is responsible for ensuring
application systems are up and available for use according to the conditions of
the Service Level Agreements (SLAs).
The Availability Management team reviews business process
availability requirements and ensures the most cost effective contingency plans
are put in place and tested on a regular basis to ensure business needs are
met. For example, Internet applications supporting online ordering systems may
have 30minute or less recovery requirements, so they may be provisioned with
infrastructure components providing several levels of redundancy. Less
critical, non-customer-facing applications used by a few users in small offices
with a 5-day recovery period may be provisioned on less expensive
infrastructure with limited redundancy capabilities.
Availability Management is also the lead in Component
Failure Impact Analysis and Service Outage Analysis initiatives, determining
cause, analyzing trends and taking any appropriate actions to ensure service
availability meets SLAs.
Availability Management activities include:
• Ensuring
service availability meets SLAs
• Determining
the cause of availability failures
• Reviewing
business requirements for availability of business systems
• Cataloging
business requirements
• Ensuring
proper contingency plans are in place and tested
• Establishing
high-availability, redundant systems to support mission-critical applications.
The fundamental objective of Availability Management is to
ensure that all the IT services are available and are functioning correctly
whenever customers and users want to make use of them in the framework of the SLAs
in force.
The responsibilities of Availability
Management include:
• Determining
availability requirements in close collaboration with customers.
• Guaranteeing
the level of availability established for the IT services.
• Monitoring
the availability of the IT services.
• Proposing
improvements in the IT infrastructure and services with a view to increasing
levels of availability.
• Supervising
compliance with the OLAs and UCs agreed with internal and external service
providers.
The availability depends on the correct design of the IT
services, the reliability of the Cıs involved, their proper maintenance and the
quality of the internal and external services agreed.
The main benefits of correct Availability
Management are:
• Fulfilment
of the agreed service levels.
• Reduction
in the costs associated with a given level of availability.
• The
customer perceives a better quality of service.
• The
levels of availability progressively increase.
• The
number of incidents is reduced.
The
main difficulties in Availability Management are:
• The
real availability of the service is not monitored correctly.
• There
is no commitment to the process in the IT organisation.
• The
appropriate software tools and personnel are not available.
• The
availability objectives do not match the customer's needs.
• There
is a lack of coordination with other processes.
• Internal
and external service providers do not recognise the authority of
theAvailability Manager as a result of a lack of support from management.
6)Service Level Management
If IT strategy is to be seamlessly aligned to the
organization’s strategy, IT must manage the ongoing delivery and enhancement of
its services—this is the goal of Service Level Management. Service Level
Management ensures that ongoing requirements, communications, and expectations
between business and IT are proactively managed. Service Level Management is
also responsible for ensuring that internal IT expectations are being met.
The service catalog sets the standards against which
expectations, improvements, and performance metrics are measured. SLAs and
operating level agreements (OLAs) ensure that agreements are in place to
support the offerings within the service catalog.
STRATEGY - TRANSITION
This
is phase of a service that has been designed as a guideline to ensure
activation of the service. All elements are required for a service, technical
and non-technical, located at Service Transition . The most important phase of
Service Lifecycle. In this phase, Service Design Packages are developed and
loaded into the system after testing. Service Transition Phase aims to keep
risks at minimum level. Also demands of changing are responsed.
There are some key processes and activities:
Service Asset and Configuration
Management: Records in service management are kept. System integrity is
monitored by performing logical modeling of IT components. Up-to-date and
verified information on the status of the service assets and IT infrastructure
is also made available to other service management processes. The CMS contains
one or more physical configuration management databases.
Change Management: Respond to customer changing business
requirements
and business/IT requests for change that will align the services with the
business needs. There are three types of change ; Normal, Standard,
Emergency.
Release and Deployment Management: To
build, test and deliver the
capabilities (or skills) in accordance with the service
design specification in such a way that the service meets the requirements
demanded by the stakeholders.
Knowledge Management: The aim is to make
this technical know-how accessible to all participating service employees with
the help of a service knowledge management system (SKMS). Knowledge management
system consists four layers; Data, Information integration, Knowledge
Processing, Presentation.
Transition Planning and Support : The
service transition planning and support process ensures the orderly transition
of a new or modified service into production, together with the necessary
adaptations to the service management processes. This process must incorporate
the service design and operational requirements within the transition planning.
This essentially involves the management and control of the transition plan.
Effective Transition Planning and Support can significantly improve a service
provider’s ability to handle high volumes of change and releases across its
customer base.
Service
Validation and Testing:Successful testing depends on understanding the
service holistically. The key purpose of service validation and testing is to
provide objective evidence that the new/changed service supports the business
requirements. The service is tested explicitly against the utilities and
warranties set out in the service design package, including business
functionality, availability, continuity, security, usability and regression
testing.
Evaluation:Evaluation
is a generic process designed to verify whether or not a specific service is
acceptable. Evaluation considers the input to Service Transition, addressing
the relevance of the service design, the transition approach itself, and the
suitability of the new or changed service for the actual operational and business
environments encountered and expected.
ITIL
service transition helps plan and manage the change of state of a service in
its lifecycle. Managing risk for new, changed and retired services protects the
product environment. This helps the business deliver value to itself and its
customers.
Curating
service knowledge helps all stakeholders make informed, reliable decisions and
support challenges with service delivery. Both managing service risk and
curating service knowledge are integral to service transition. During service
transition, the following organizational elements need support:
• Service
Strategy
• People
• Process
• Technology
• Suppliers
of the service
• Organizational
culture
• Governance
• Risk
No
change is without risk. In fact, change can create extra risk. When
transitioning services, focus on communication planning for awareness and
compliance. One of the biggest challenges in service transition is changing
people’s behavior to accommodate a new or different service. People have a psychological
need to
feel safe and comfortable with changes to them and around
them.
STRATEGY - OPERATION
Strategy and Operations area focuses primarily on improved
alignment between business strategy and operations management, thus enabling
significant improvements in both business performance of our customers, whether
the perceived quality of services/products to their end customers, including
development of business and marketing strategies, strategies of governance and
management organizational and process models and information systems, among
others.
IT Strategy &
Operations Service Offerings
• Business/Technology
Strategy
• IT
Service Delivery Model
• Application
Strategy & Deployment
• Information
Management
• Infrastructure
Optimization
• IT
Outsourcing, Sourcing, & Supplier Relationship Management
• IT
Benchmarking & Performance Improvement
REFERENCES
http://www.teamquest.com/en/resources/resource_center/articles/itil-information/
version2/service-delivery/capacity-management/
http://itil.osiatis.es/ITIL_course/it_service_management/availability_management/
i n t r o d u c t i o n _ a n d _ o b j e c t i v e s _ a v a i l a b i l i t y
_ m a n a g e m e n t /
http://www.teamquest.com/en/resources/resource_center/articles/itil-information/
version2/service-delivery/availability-management/ http://www.pointguardsolutions.com/blog/?p=3
http://www.isaca.org/Groups/Professional-English/information-secuirty-management/
Pages/Overview.aspx
http://atilgurcan.com.tr/information-security-management-bilgi-guvenligi-yonetimi-nedir/
Hiç yorum yok:
Yorum Gönder