Management Foundation From Best Practice to Implementation 2008 IBM Corporation
Agenda Management Foundation: - Fundamental building blocks for successful Management - ITIL v3: What s new in Operations and Transition From Best Practice to Implementation - Planning a successful Management roadmap - Overcoming organizational challenges: - Using a Process Reference Model to accelerate process design - Building a Management Technology Architecture - Case study: successful Management implementations
Management Foundation 2008 IBM Corporation
The current situation at a bank in the ASEAN region There is no integrated process framework Different tools are used for different processes: - Monitoring is done at the platform level, with no overall monitoring capability. There is no event management function, and event information is not passed to the Desk - Desk is currently using a CA product for Incident and Requests, but they are considering changing to a BMC product - 2 nd and 3 rd level support staff use PVCS Tracker for Problem Management - Change Requests are managed on spreadsheets - There is no formal Release Management process - Configuration management is done in an unstructured manner by each of the support teams in a silo and hero-based manner. Spreadsheets are used by some of the teams. Consequences: - The standard method of finding out about an availability problem is via a call to the Desk (users know before the IT team does) - There are significant availability issues, and there was recently a significant downtime of core banking services - Data is manually entered from one ITSM tool to the next - It is difficult to produce KPI reports, or understand the health of the IT services - Users are highly dissatisfied with IT services
Weak/missing processes continue to be the top ten biggest challenges faced by IT Organizations 2002 2002 2003 2003 (identified by the Tivoli Assessment Program) 2004 2004 1. Resource issues: including quantity, skill 1. Too few trained and dedicated 1. Resources: no formal Tivoli 1. Resource issues: including quantity, skill 1. Too few trained and dedicated 1. Resources: no formal Tivoli levels. resources. training, cross training and levels. resources. training, cross training and 2.Weak, 2. Weak, missing missing processes. processes. 2. 2. Lack Lack of of basic basic IT quantity of resources. IT quantity of resources. 3. User buy-in, communication issues with 2. No Project Management. 3. User buy-in, communication issues with processes. 2. No Project Management. user community, getting proper user processes. 3. user community, getting proper user 3. No Project Management. 3. Lack Lack of of basic basic IT IT requirements. 3. No Project Management. requirements. 4. Deployed product is obsolete or processes. 4. Failure of strategy and lack of planning as 4. Deployed product is obsolete or processes. 4. Failure of strategy and lack of planning as at end-of-life. 4. Weak or undocumented applies to entire ESM as well as Tivoli. at end-of-life. 4. Weak or undocumented applies to entire ESM as well as Tivoli. 5. Weak or obsolete architecture. architecture. 5. Total cost 2005 of solution concerns/budget (due 5. Weak or obsolete architecture. architecture. 5. Total cost 2005 of solution concerns/budget (due 6. No internal communication 2006 and 5. Failure to upgrade product in a to global 1. economy) Inadequate creates staffing uneasiness & lack of formal Tivoli 6. training No internal communication 2006 and 5. Failure to upgrade product in a to global 1. economy) Inadequate creates staffing uneasiness & lack of formal Tivoli training little to no organizational timely manner. about ESM solution. and basic skills. (DB, UNIX, WinTel, Scripting) little to no organizational 1. timely manner. about ESM solution. and basic skills. (DB, UNIX, WinTel, Scripting) commitment. 1. Poor Poor management management of 6. of expectations No expectations in product level standardization in 6. Project management. commitment. 6. Project 2. 6. No product level standardization management. 7. Failure to maintain Tivoli 7. Low exploitation 2. Weak Weak management/enforcement of solution/competitive management/enforcement of lack 7. of lack of of SLAs. SLAs. Failure to maintain 2. Tivoli Lack of formal Tivoli training, across across environment environment training & (mainly TSM). (mainly TSM). 7. Low exploitation expectations of solution/competitive solution. 7. Unclear mission regarding Tivoli product issues. expectations through through SLAs. 2. Lack of formal Tivoli training, cross training & SLAs. solution. recommended number 7. of resources. Unclear mission regarding Tivoli product 3. issues. 8. Lack of focus and planning for due to lack of communication. 8. Environmental 3. Inconsistent Inconsistent incident maintenance not incident and done, and problem recommended number of resources. problem 8. Lack of focus 3. and planning Haphazard for product level standardization due to lack of across communication. 8. Environmental maintenance not done, all of ESM including 3. Tivoli. Haphazard product 8. level Inadequate standardization hardware across creates snowballing management. in place for effect of decreased all of ESM including environment Tivoli. & inadequate 8. hardware. Inadequate hardware in place for creates snowballing management. effect of decreased 9. Executives (generally new) environment & inadequate expansion. hardware. confidence 4. and Lack success. of overall ESM strategy with no Executive 9. Executives (generally 4. Underutilization new) of product functionality. expansion. confidence 4. and Lack success. of overall ESM strategy with no Executive realizing little value 4. in Tivoli/no Underutilization of product 9. Little functionality. to no testing before going to 9. Failure to completely support/direction. deploy. realizing little value in Tivoli/no 9. Little to no testing before going to 9. Failure to completely support/direction. 5. deploy. identifiable person responsible production. 10.Stresses 5. from Tivoli organization products demanding not included in disaster recovery 5. Inconsistent Inconsistent incident/problem incident/problem identifiable person responsible production. 10.Stresses 5. from Tivoli organization products demanding not included in disaster recovery for success of deployment. management, 10. Code defects (ITM). delivery of more plans/tests. function and reporting in for success of deployment. management, little little use 10. use of Code of metrics defects metrics (ITM). delivery of more plans/tests. function and reporting in 10. Concerns about product quality. less time. 6. Need for proper test environment to manage and 10. Concerns about product quality. less time. 6. Need for proper test environment to manage and trending. trending. change. (related to #4) 6. Failure to upgrade products & properly maintain change. (related to #4) 6. Failure to upgrade products & properly maintain 7. Failure to upgrade products and properly environment. (Endpoints, Tuning) 7. Failure to upgrade products and properly environment. (Endpoints, Tuning) maintain environment. (Endpoints, Tuning) 7. No proper test environment to manage change. maintain environment. (Endpoints, Tuning) 7. No proper test environment to manage change. 8. No Project Management & evangelizing of ESM 8. Weak or undocumented architecture. 8. No Project Management & evangelizing of ESM 8. Weak or undocumented architecture. 9. Tivoli products not included in disaster recovery 9. 9. Immaturity Immaturity of of process 9. Tivoli products not included in disaster recovery process plans/tests. implementation. implementation. (Focus (Focus on on Capacity, plans/tests. Capacity, 10. No Project Management & evangelizing of ESM. 10. No Project Management & evangelizing of ESM. Change, Change, Incident Incident management) management)
With evolution and increasing complexity of the managed environment, there is increasing need for effective IT processes Business Processes Composite Applications and SOA There has been a natural progression from managing infrastructure resources to systems, to IT services and business services. This requires a set of streamlined processes to improve efficiency of service management Business Applications SAP Oracle Legacy Middleware and IT s Managed Elements Mainframe Linux J2EE Appl User Business Transaction Change Management Processes Config Release Availability Level Servers Storage Infrastructure Networks
The ITIL v3 books introduce the concept of a service lifecycle, but do not provide a roadmap for implementing an IT Management program Strategy Converts strategic objectives into portfolios of services and service assets Develops policies, architectures, portfolios a new or changed service for introduction into the live environment Governance Methods Governance Methods Standards Standards Alignment Alignment Continual Improvement Continual Improvement Knowledge & Skills Knowledge & Skills Establishes the overall strategy for providing IT services. It consists of four main activities: - Define the market - Develop the offerings - Develop the strategic assets - Prepare for execution Case Studies Case Studies Strategies Strategies Specialty Topics Specialty Topics Templates Templates ITIL ITIL Operation Operation Transition Transition Transition Continual Improvement Review and analyze Level Achievement results Identify and implement improvement activities to improve IT quality and improve the efficiency and effectiveness of ITSM processes Guidance for the transitioning of new and changed services into the production environment It focuses on the broader, longterm change management role and release practices Objective is to ensure minimal unpredicted impact on production services, operations and support organization Scalability Scalability Improvement Continual Improvement Continual Continual Continual Improvement Improvement Executive Executive Introduction Introduction Quick Wins Quick Wins Qualifications Qualifications Operation Coordinate and carry out the activities and processes required to deliver and manage services at agreed levels to business users and customers Manage the technology that is used to deliver and support services Study Study Aids Aids
ITIL v3 covers a lifecycle of 5 phases and many processes Strategy Transition Operation Continual Improvement Strategy Portfolio Change Monitoring & Event Measurement & Control Market Intelligence Catalog Asset & Configuration Incident Measurement IT Financial Management Portfolio Level Capacity Knowledge & a service knowledge system Release & Deployment Planning Request Fulfillment (standard changes) Problem Assessment & Analysis The question is often Process Assessment & Where Analysis do I begin? Demand Management Availability Performance and Risk Evaluation Access Level Management Risk Management Continuity Testing Desk Improvement Planning Information Security (ISO 27K, ISO 20K) Acquire, Build, Test Release Infrastructure Management Supplier & Contract Release, Acceptance, Test & Pilot IT Operations Processes Functions Organizational Change & Communications Deployment, Decommission and Transfer Facilities Management
Operation and Transition are recognized to be the foundation and pre-requisites for effective Management In ITIL v2 most organizations started with the Support book, implementing the following functions/processes: - Desk - Incident Management - Problem Management - Change Management - Release Management - Configuration Management In ITIL v3 the same processes exist, but the list has been expanded to provide a more complete view of the service lifecycle: Operation: - Desk - Access Management - Request Fulfillment - Event Management - Incident Management - Problem Management Transition - Change Management - Transition Planning and Support - Knowledge Management - Release and Deployment Management - Validation and Testing - Asset and Configuration
The IT Management framework should be developed using an integrated, holistic approach www Desk Event Console Request Fulfillment Incident Problem Change Release Configuration Level
Request Fulfillment Request Fulfillment is the initial support handling of contact with IT users. The purpose of the Request Fulfillment Process is to receive service requests from users and route each request to the appropriate process for handling. Some service requests are handled by the Request Fulfillment Process, whereas many others are routed to other processes for fulfillment. Request Fulfillment can be the contact management process for an implementation of an IT Desk (or equivalent). Sample KPIs - User satisfaction with IT handling of Incidents requests Requests for information - Number of contacts handled Percent handled by the first line of support - Time to completion of service goal Desk Request Fulfillment Incident Configuration Level
Incident Management Incident Management provides rapid response to possible service disruptions. The purpose of the Incident Management process is to focus on the restoration of a service affected by any real or potential interruption which has impact upon the quality of that service. Sample KPIs - Number of incidents opened, closed, and pending (by severity level) - Percent of incidents closed with automated responses against manual responses - Percent of incidents closed using existing documentation (known errors) Desk Event Console Request Fulfillment Incident Problem Change Configuration Level
Problem Management Problem Management identifies and resolves the root causes of service disruptions. The purpose of the Problem Management process is to resolve problems affecting the IT service, both reactively and proactively. Problem Management finds trends in incidents, groups those incidents into problems, identifies the root causes of problems, and initiates change requests (RFCs) against those problems. Sample KPIs - Number of known problems eliminated - Status of change requests created to eliminate known problems - Historical number of incidents eliminated through problem elimination - Number of known errors (with workarounds) added to the known error database - Percent of incidents related to known problems Incident Problem Change Configuration
Change Management The purpose of the Change Management process is to achieve the successful introduction of changes to an IT system or environment. Success is measured as a balance of the timeliness and completeness of change implementation, the cost of implementation, and the minimization of disruption caused in the target system or environment. The process also ensures that appropriate details of changes to IT resources (assets, CIs) are recorded. Sample KPIs - Customer satisfaction with the timeliness and value of the change approval process - Percent of emergency changes - Percent of change requests needing revision - Percent of approved changes completed as planned and scheduled - Number of Incidents due to Approved changes and Non-approved changes Incident Problem Change Release Configuration Level
Release Management Release Management is the controlled deployment of approved changes within the IT infrastructure. The purpose of the Release Management process is to prepare and finalize release packages that are fit for deployment so that optimal business value will be attained when deployment occurs. Sample KPIs - Customer satisfaction with the value and quality of releases - Percent of releases Completed as planned and scheduled Rescheduled or delayed Needing revision - Number of incidents caused by a release Incident Change Release Configuration
Configuration Management Configuration Management identifies, controls, and maintains all elements in the IT infrastructure called Configuration Items. The purpose of the Configuration Management process is to maintain the integrity of the configuration item (CI) employed in, or related to, IT systems and infrastructure, and to provide accurate information about CIs and their relationships. Sample KPIs - Satisfaction of related processes with CMS accuracy, completeness, and usefulness - Percent of IT-controlled CIs represented in the CMS - Number of updates made to the CMS - Number of inaccuracies discovered in CMS data Request Fulfillment Incident Problem Change Release Configuration
From Best Practice to Implementation 2008 IBM Corporation
ITSM Implementation Challenges Once you decide to implement an ITSM solution, the questions are: - Where to begin? - How to determine where you are? - How to determine where you want to be? - How to get to where you want to be? How to determine your ITSM s "pain points" and gaps between theory and current reality? How to translate the ITIL framework and best practices into a design that can be implemented? How to customize ITIL best practices for your IT operational processes and procedures? How to train your staff to internalize ITSM and ITIL best practices? How to learn from other customer successes and failures?..
5 Steps to Plan for ITSM Implementation The first two steps establish a basis for the ITSM design phases. Awareness & Training Strategy & Plan Detailed Implementation Awareness & Training Assessment Process Detailed Tool Implementation Roadmap Planning Organization Architecture High Level Tool A well defined process for ITSM assessment and planning, and lesson son learned from other implementations can save you a lot of time and money.
Step 1: Awareness and Training Awareness & Training Understanding ITSM and ITIL processes is critical to the assessment and planning of IT Management. - ITSM concept, objectives, process definitions, activities, terminologies, relationships, roles, and responsibilities. - Advantages and benefits of using IT Infrastructure Library (ITIL) and IBM Process Reference Model for IT (PRM-IT) process models. - Key success factors and considerations for the implementation of ITSM based processes. The IBM Tivoli Unified Process Composer is a customizable process model that offers detailed content and tooling to enable content customization, extension, and publishing.
In addition to ITIL training, a well planned communications campaign helps instill awareness and cultural change
Step 2: ITSM Assessment Assessment Roadmap Planning The success of every IT Management implementation project is dependent on a combination of people, process, and technology. Understanding the current organizational capabilities, status and issues is critical to identify areas for development. This Assessment workshop draws inputs from executives, managers and IT professionals to baseline the current environment. It establishes the current status, the target and the roadmap. The results of benchmarking and reviews lead to identification of gaps in terms of people, process and technology issues. The ITSM assessment maybe based upon: - ISO/IEC 20000 - COBIT - ITIL Maturity Matrix - ISM Adoption Model
Sample assessment results ISO/IEC 20000 Assessment Result 6.5 Capacity Management Act Plan 100% 80% 60% 40% 20% 0% Do Check COBIT levels of maturity Max Score Assessment Score
Step 3: Process Organization Architecture High Level Tool Key requirements are first captured through collaborative discussions, these include: - Key Business Drivers - IT Management Objectives - IT Management Requirements - Key Value Propositions - Critical - Critical Success Factors - Issues s are then developed for the Process, Organization, and Architecture. At this stage, a high level design of the tool is also defined.
IBM s Management Reference Architecture can be used as a design guide for the development of the ITSM tools architecture Business System Management Modeling & Correlation Decomposition Bus System Rules & Policies Business Health Analysis Monitoring Event Management Realtime Event Data Historical Event Data Resolution Detection & Filtering Correlation Operational Monitoring Infrastructure Monitoring Monitoring Data Operation/App Monitoring Capabiities Alerting Request Management Level Management Level Negotiation Level Attainment Standard Change Request Incident Logging Contracts Project Request SLAs OLAs UCs Request Asset Management Management Foundation Provisioning Entitlement Enrollment & Subscription Asset Management Asset Control Inventory Asset Asset Auditing Reporting Configuration Management CMDB User Contact Management Communication User Contact Data UC Monitoring Fulfillment & & Analysis Routing Change Management RFC RFC Audit & Assessment Review Incident Management Logging & Classification Incident Policies & Records Diagnosis & Resolution Reporting & Dashboards Metrics and Presentation Measurement Financial Management Metering Usage Data Budget & Billing & Planning Invoicing Cost Model & Rates Cost Accounting Management Resource Management Workload Load Management Balancing Workload Monitoring Policies & Profiles Transaction Batch & Job Management Customer Profiles Catalog Offering Catalog Ordering Management Execution & Choreography Configuration Control CI Auditing Discovery Discovery Topology Management Discovery Data CI Status Accounting Data Integration RFC Data Change Change Scheduling Implementation Knowledge Management Submission and Structuring Structured Knowledge Planning & Retrieve and Maintenance Publish Report Creation Templates & Data Data Escalation Transformation Problem Management Root Cause Proactive Analysis Problem Known Errors Definition & Resolution Prioritization Planning Release Management Software Platform Distribution Distributed Distributed Software Library Hardware Store Release Packaging Patch Release Testing Capacity Management Reservation Forecasting Capacity Data Demand Management Business Resource Capacity Capacity Capacity Flow Repository Flow Scheduling Development Flow Execution Fulfillment Tasks n 2 1 \ Flows n 2 1 Quality Management Performance Management Availability Management Continuity Management Levels Capacity Financials Process Performance Analysis Availability Analysis Availability Data BIA Recovery SC Data Performance Data Performance Correlation & Tuning Availability Planning Continuity Planning Process Runtime Environment Process Management Admin Portal Process Management Support Interface Common Process Data Store Process Execution Process Reporting
Sample of Functional Architecture
Sample Process (Workflow) Operational workflow - Making ITIL Actionable Tools Process Owner Incident Analyst Incident Manager Customer Support Rep External Process User
Step 4: Detailed Detailed Tool Detailed tools design will include the configuration of the tool, the design of reports, and construction of interfaces. Detailed tool integrations need to be addressed. This phase will also incorporate system and user acceptance testing. This provides the basis for the next step of implementation.
Example of process integration with tools Problem Notification Shutdown Notification S C DLCI Frame Status Relay Change DTE NetView S NetView Node Down S S S Link Down C C NetView C NetView Node Up Link Up Root Cause Analysis
Step 5: Implementation Implementation Implementation Planning prepares the organization and align resources for the implementation and deployment. Typical activities include: - Mapping the process roles to the functional roles - Training the staff on the new processes - Tools training User Acceptance Testing and sign-off for any new tools Move to production Monitor and report on the process KPIs Management to conduct periodic reviews Develop Improvement Programs for any areas where KPIs / SLAs are not being met
IBM s Accelerator Solutions for Tivoli delivers faster time-tovalue Awareness & Training Strategy & Plan Detailed Implementation Awareness & Training Assessment Process Detailed Tool Implementation Roadmap Planning Organization Architecture High Level Tool Accelerator fast-tracks design and implementation
What does an Accelerator have that is not already included in the software? Base code validation procedure Project plan Maintenance activity review Technical support procedure Organization change management considerations Personalization collection workshop Solution architecture Bill of materials Customized code Personalized code installation Technical support Model organization communication plan Teach the teacher training workshop Completed personalization worksheet Solution documentation Organization considerations planning workshop Model training plan
Putting things together 2008 IBM Corporation
In our experience we see five common phases that many organizations go through in building their ITSM architecture 5 Provide integrated IT & business performance monitoring Implement an integrated IT & business dashboard to support management reporting of business-aligned KPI s and continuous improvement Progressively implement KPIs Level Agreements leading to continuous improvement 2 3 4 Provide enterprise-view of IT capacity and availability against SLAs Implement an integrated IT dashboard for proactive operational monitoring Advanced correlation of events to allow automated diagnosis and recovery Ensure that IT Configuration Items and Assets are managed IT asset management, configuration management, advanced change management & device auto-discovery functions Effectively manage IT services to the users Implement Desk solution with Request Fulfillment, Incident and Knowledge Base with basic Problem, Change, Release and Configuration. 1 Provide essential resource availability monitoring and basic event management Implement system management tools and processes with basic event management Basic Configuration information should exist to support component identification