An Implementation Roadmap

An Implementation Roadmap The 2nd Abu Dhabi IT s Forum P J Corum, CSQA, CSTE, ITSM Managing Director Quality Assurance Institute Middle East and Africa Dubai, UAE Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 1 of 35

Agenda Overview Core Components of Version 3 Examples of New Elements Implementation Drivers Summary Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 2 of 35

The Version 3 Environment Core Books Other Best Practices Certified Training ITIL International Standards ITIL = Information Technology Infrastructure Library Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 3 of 35

ITIL Qualification Scheme The ITIL Qualification Scheme is subject to change Copyright 2007 APM Group. All rights reserved. Advanced SM Professional Diploma Management Lifecycle Focus Lifecycle Stream SS ITIL Diploma Achieved Minimum 22 Credits Needed to Achieve Diploma 5 5 Managing Through the Lifecycle 15 Credits 16 Credits 3 3 3 3 3 4 4 4 4 SD ST SO ITIL Lifecycle Modules CSI P&R O&S M&C D&O ITIL Capability Modules Capability Stream Practical Focus on Process Capabilities 2 Credits ITIL Foundation for Management Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 4 of 35

General Concepts ISO 20000 Capacity Management Continuity and Availability Management Delivery Processes Level Management Reporting Information Security Management Budgeting and Accounting for IT s Control Processes Configuration Management Change Management Release Processes Release Management Resolution Processes Incident Management Relationship Processes Business Relationship Management Problem Management Supplier Management Source: BSI, based on the process diagram in ISO/IEC 20000 Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 5 of 35

General Concepts - Functions "A function is a team or group of people and the tools they use to perform one or more processes or activities." Functions: Provide structure and stability to organizations. Are self-contained units of organizations, with their own capabilities and resources. Rely on processes for cross-functional coordination and control. Have their own knowledge base, built from experience. Can result in functional silos if there is a lack of coordination or an inward focus. Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 6 of 35

General Concepts - Roles A role is the set of responsibilities, activities, and authorities defined in a process and assigned to a person or team. Problem Analyst Role Change Initiator Role Incident Support Level 2 Role Incident Support Level 2 Role LAN Manager Functional Job Title Network Manager Functional Job Title Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 7 of 35

General Concepts - Process A process is a structured set of activities designed to accomplish a specific objective. Processes: Create value for all stakeholders. Are examples of closed-loop systems based on feedback for self-correcting and reinforcing action. Take one or more inputs and turn them into defined outputs. Are organized around a set of objectives. Include all the roles, responsibilities, tools, and management controls (measures and metrics) to deliver the outputs. Once defined and documented, they should be controlled to ensure repeatable results. Suppliers Data, information, and knowledge Trigger Process Activity 1 Activity 2 control and quality Activity 3 Desired outcome Customer Process control is the activity of planning and regulating a process, with the objective of performing the process in an effective, efficient, and consistent manner. Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 8 of 35

General Concepts - RACI RACI is an example of an Authority Matrix, which can be used within organizations to indicate roles and responsibilities in relation to processes and activities. Software Development Operations IT Management Desk R = Responsible A = Accountable C = Consulted I = Informed Desktop Support Incident Management 1.0 Record the RFC Customer Change Sponsor Problem Management Desk Change Manager Change Management R R A Change Manager Role Change Coordinator CAB ECAB Change Builder Change Tester Etc. 2.0 Review the RFC I A R 3.0 Assess and Evaluate Change R/A R R C/I I Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 9 of 35

Strategy Description Strategy provides guidance on how to design, develop, and implement Management not only as an organizational capability, but as a Strategic Asset. Strategy includes the processes of: Strategy Portfolio Management Demand Management Financial Management Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 10 of 35

Strategy Utility and Warranty The concepts of utility and warranty are key to understand the customer s perspective of value: Utility Warranty = = Fit for Purpose functionality offered by a product or service to meet a particular need Fit for Use a promise or guarantee that availability, capacity, continuity, and security are all meeting customer expectations High Warranty Low Low Low impact on business outcomes but with high certainty (unbalanced value) Low value with warranty bias Low value with utility bias Utility High value with warranty bias Zone of balance High value with utility bias High impact on business outcomes but low certainty (unbalanced value) High Utility is what the customer gets and warranty is how it is delivered. Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 11 of 35

Strategy Capabilities and Resources Assets are the capabilities or resources of a service provider. Capabilities = The ability of an organization, person, process, application, Configuration Item, or IT service to carry out an activity. Capabilities are intangible assets and cannot produce value by themselves, without adequate and appropriate resources. Resources = Include IT infrastructure, people, money, or anything else that might help deliver an IT service. Typically, resources are tangible assets and are relatively easier to acquire than capabilities. Capabilities Resources A1 Management Financial Capital A6 A2 Organization Infrastructure A7 A3 Processes Applications A8 A4 Knowledge Information A9 People A5 People Organizations use resource and capability assets to create value in the form of goods and services. Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 12 of 35

Strategy - Portfolio The Portfolio is initially created in Strategy and then moved to Design to architect the service, which eventually becomes part of the Catalogue. Knowledge Management System (SKMS) The Portfolio should contain information relating to every service and its current status within the organization and the Lifecycle. Portfolio Lifecycle Status: Requirements Defined Analyzed Approved Chartered Designed Developed Built Test Released Operational Retired Pipeline Catalogue Retired s Design Focus Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 13 of 35

Design Description Design provides guidance for the design and development of services and Management processes. Design includes the processes of: Level Management Catalogue Management Availability Management Information Security Management Supplier Management Capacity Management IT s Continuity Management Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 14 of 35

Description Transition Transition provides guidance on the development and improvement of capabilities for transitioning new and changed services into operations. This translates into how the requirements of Strategy, designed by Design, are moved into production while controlling the risk of failure and disruption. This includes the management and coordination of the processes, systems, and functions to package, build, test, and deploy a release into production. Transition includes the processes of: Change Management Asset and Configuration Management Release and Deployment Management In the core book, Transition also includes these processes: Transition Planning and Support Validation and Testing Evaluation Knowledge Management Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 15 of 35

Description Operation Operation provides guidance on achieving efficiency and effectiveness in the delivery and support of services to ensure value for the customer and the service provider. Strategic objectives are realized through Operations, making it a critical capability. Its scope includes: s any activity that forms part of a service is included in Operation. Management processes the ongoing management and execution of many Management processes are performed in Operation. Technology all services require some form of technology to be delivered. People it is people that manage the technology, processes, and services. Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 16 of 35

Description Operation - Continued Operation includes the following processes: Event Management Incident Management Request Fulfillment Problem Management Access Management And the following functions: Desk Technical Management IT Operations Management Application Management Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 17 of 35

Continual Improvement (CSI) Description Continual Improvement (CSI) is instrumental guidance in creating and maintaining value for customers through the better design, introduction, and operation of services. CSI is not a phase of the Lifecycle because it has a role throughout the Lifecycle. The primary purpose of CSI is to continually align and realign IT services with changing business needs by identifying and implementing improvements to the IT services that support business processes. There are three main areas that CSI needs to address: The overall health of ITSM as a discipline The continual alignment of the portfolio of IT services with the current and future business needs The maturity of the enabling IT processes for each service in a continual Lifecycle model Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 18 of 35

CSI - Continued Description CSI includes the 7-Step Improvement Model process. CSI also includes these processes: Reporting Measurement Return on Investment for CSI Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 19 of 35

Management Map RFC RFC Improvement RFC Usage guidelines, policies, and incentives to change utilization patterns Transition Guidelines, policies, and information for the Desk to support Incidents RFC Design How service is utilized Possible Incidents How service is supported Operation How service is deployed (Filtering) How service is delivered RFC RFC Design Limitations Compensating resources and RFCs RFC: Request for Change Strategy Objectives, policies, and guidelines Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 20 of 35

Life Cycle Processes V3 Process Covered in Foundation Course Material Strategy Design Transition Operation Continual Improvement Strategy Financial Management Portfolio Management Demand Management Level Management Catalogue Management Availability Management Capacity Management Information Security Management Continuity Management Supplier Management Change Management Asset and Configuration Management Release and Deployment Management Event Management Incident Management Request Fulfillment Problem Management Access Management The 7-Step Improvement Model SS SS SS SS SD SD SD SD SD SD SD ST ST ST SO SO SO SO SO CSI Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 21 of 35

Central Repository Business Unit A Business Unit B Business Unit C Business Process 1 2 3 Business Process 4 5 6 Business Process 7 8 9 The Business A B C D E F G SLAs IT Infrastructure System H/W System S/W DBMS Networks Environment Data Applications OLAs Supporting s Supporting s Contracts The Portfolio Teams Support Team (i) (iii) (ii) Supplier Supplier (iii) (ii) (i) Status Owner.. A B C Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 22 of 35

The V Model Using a model such as the V-Model builds in service validation and testing early in the service Lifecycle. Review Criteria/Plan Level 1 Define Customer/Business Requirements Contract, Package, Level Package, Provider Interface Validate Packages, Offerings, and Contracts Level 2 Level 3 Level 4 1a Define Requirements 2a Design Solution 3a Design Release 4a Acceptance Criteria/Plan Level Requirements Draft Level Agreement Operational Criteria/Plan Design Package including: Model Capacity and Resource Plans Release Test Criteria and Plan Release Design Release Plan Acceptance Test Operational Readiness Test Release Package Test 4b 3b 2b 1b Level 5 Develop Solution Component and Assembly Test 5a Component Build and Test 5b BL Levels of Configuration and Testing Baseline Point Internal and External Suppliers Deliveries from Internal and External Suppliers Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 23 of 35

CIS in the Lifecycle Requirements Business/Customers Strategy Strategies Policies Constraints Requirements Design Solution Designs Architectures Standards SDPs Portfolio Catalogue Transition Operation Transition Plans Operational Plans Tested Solutions Operational s SKMS Continual Improvement Improvement Actions and Plans Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 24 of 35

Transitioning What is the vision? Business Vision, Mission, Goals, and Objectives Where are we now? Baseline Assessment How do we keep the momentum going? Where do we want to be? Measurable Target How do we get there? and Process Improvement Did we get there? Measurements and Metrics Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 25 of 35

The Gap Model The following figure identifies the most obvious potential gaps in the Lifecycle from both a business and an IT perspective: GAP 1 External and Internal Communications, Influences, and Drivers GAP 3 GAP 5 Customer Provider GAP 9 GAP 6 What do we want? What do we need? What will we get? Expected What did we get? Perceived Operation Transition GAP 2 GAP 16 GAP 4 GAP 15 GAP 14 GAP 13 GAP 12 Experiences Communication with Customers GAP 8 GAP 7 Design Strategy GAP 11 GAP 10 Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 26 of 35

Measurements Consider the following saying about measurements and management: You cannot manage what you cannot control. You cannot control what you cannot measure. You cannot measure what you cannot define. Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 27 of 35

The Role of Measurement These four factors monitor and measure business value: Strategy Vision To Validate IT Performance Factual Evidence To Justify Your Measurement Framework Target and Metrics To Direct To Intervene Changes and Corrective Actions Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 28 of 35

Balanced Score Card Financial How do shareholders look at us? (For example, delivery against the budget) Customer How do customers see us? (For example, customer satisfaction, on-time delivery, and service value) Scorecards Internal Process How do we judge ourselves? (For example, process orientation and quality) Learning/Innovation Can we continue to improve and create values? (For example, employee knowledge and technical infrastructure) Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 29 of 35

Why Change? Automation Then And Now Gas Station How has filling up gas at the corner station changed in the past 10 years? ATM How has ATM banking changed in the past 10 years? Airport Check-In How has checking in for your flight at the airport changed in the past 10 years? Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 30 of 35

The Challenges Keeping IT IT Running Value Costs Mastering Complexity Aligning IT IT With Business Regulatory Compliance Security Organization IT Resources and Expenses Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 31 of 35

IT Governance: Focus Areas IT Governance Strategic Alignment $ Value Delivery Risk Management Resource Management Performance Measurement Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 32 of 35

Standards and Frameworks Relevant to IT Holistic General Specific etom ISO/IEC 27001/2 ISO/IEC 20000 CMMI ITIL escm CobiT Six Sigma ISO/IEC 9000 DQA / SKQA Malcolm Baldrige Award EFQM Scorecards Low (Process Improvement) Moderate Improvement Goal High (Business Transformation) Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 33 of 35

Summary Understand where you are today What are the business drivers What are the IT drivers Plan for organizational transformation Plan for people transition Plan to celebrate Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 34 of 35

Questions? Other Best Practices Certified Training ITIL International Standards ITIL = Information Technology Infrastructure Library Quality Assurance Institute Middle East and Africa FZ-LLZ Info@qaimea.com Page 35 of 35