PECB Webinar: How to design IT Services for achieving business objectives?

Webiner: How to design IT services for
achieving business objectives?
Ph.D. Silvana Tomić Rotim, CISA,
PMP, Lead Auditor, Lead Implementer
ITSERVICEDESIGN

1. Aspects of Service Design
• New or changed services
• Service Management systems
and tools (Service Portfolio /
Service Catalogue)
• Technology architecture and
management systems
• The process required
• Measurement methods and
metrics
ITSERVICEDESIGN
Holisticapproachforensuring
consistencyandintegrationwithin
allprocesses

2. Service Design Principles
Guidelines
• Identifying the IT requirements
• Understanding the SD process:
– Service Catalog Management
– Service Level Management
– Capacity Management
– Availability Management
– Information Security Management
– Service Continuity Management
– Supplier Management
• Understanding the SD infrastructure
ITSERVICEDESIGN

Basic tasks
• Identify customer needs and their business
processes for IT services (functionality,
resources and schedule)
• For each IT service specify the necessary IT
infrastructure: HW, SW, databases,
applications, telecommunication, and all other
parts of the IT assets - especially skills
• Identify supporting services
• Transfer identified IT needs to other parts of
ITSM, so they can be realized
ITSERVICEDESIGN

Identification of requirements for IT services
ITSERVICEDESIGN

ITSERVICEDESIGN
ISO 20000-1 requirements
• Define authorities and responsibilities for
service delivery
• Activities to be performed
• New or changed human and financial resources
requirements
• Technology to support service delivery
• Changes to the SMS, SLA...
• Updates to the catalogue of services
• Procedures, measures and information to be
used for the delivery

3. Service Design processes
• Service Catalogue Management
• Service Level Management
• Capacity Management
• Availability Management
• Information Security Management
• Service Continuity Management
• Supplier Management
ITSERVICEDESIGN

3. Service Design processes
3.1.Service Catalog Management (SCM)
The purpose of SCM:
• Made by IT in close cooperation with users
• If an IT service is not in this catalog it may
not be offered or arranged
• If in this catalog is what the user does not
need, it does not make sense
ITSERVICEDESIGN

3.1. Service Catalog Management
The position of the Catalog in SD
ITSERVICEDESIGN

3.1. Service Catalog Management
ITSERVICEDESIGN

3.2. Service Level Management (SLM)
Meaning:
Define, maintain and improve the quality of IT
services through:
• Negotiation towards required service levels
• Arranging User - IT (SLA, OLA, UC)
• Monitoring the performance level of services
in practice
• Reports on their performance
• Checking the agreed levels of IT services
• Initiation of possible improvements
ITSERVICEDESIGN

3.2. Service Level Management
– SLA, OLA i UC
Customer Customer Customer
IT Systems IT Systems
IT Service
Internal External
Customers
IT Service
Department
Supplier &
Maintenance
OLA UC
SLA
ITSERVICEDESIGN

• Service Catalog
• Service Level Requirements (SLR) – The level of
availability, response time ...
• Service Level Agreement (SLA) – Document
Client/Supplier
• Operational Level Agreement (OLA) – An
internal document
• Underpinning Contract (UC) – A document with a
third party
• Service Improvement Programme (SIP) – The
program of improving IT services
ITSERVICEDESIGN

1. Review service
catalog
2. Draft SLAs
3. Review and
negotiate SLAs and
contracts
4. Sign SLAs and
contracts
5. Monitor service
levels and gather
data
6. Produce, review
and distribute the
service reports
Operational activities
7. Review service
performance
Meeting agenda
for annual
Service review
meeting
Service interim
review agenda
Service Catalog
SLAs
Contracts
Service Chain matrix
Release
Management Change
management
Incident
Management
Continual
improvement
- The contracting process example
ITSERVICEDESIGN

3.3. Capacity Management (CM)
Meaning:
• The purpose of the CM is to ensure the necessary
capacity for the entire IT infrastructure
• If they are insufficient, the agreed level of quality IT
services can not be achieved, and if they are too
large / oversized, money is irrationally spent for
something that is not necessary
• Therefore, it is necessary to plan the necessary IT
capacities – in the present and in the future
ITSERVICEDESIGN

3.3. Capacity Management (CM)
The way to achieve it:
• Make monitoring of current performance of
IT services
• Argue that IT resources are used efficiently
• Compile and maintain a capacity plan to
meet the requirements of the SLA
• Assess the future needs for IT services from
the perspective of new capacity
• Do tuning
ITSERVICEDESIGN

3.3. Capacity Management (CM) –
Discs capacity example
TIME
Disk Space
(in TB)
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov
1
2
3
Used
disk
space
A moment
for action
Disk
space
required
ITSERVICEDESIGN

3.4. Availability Management (AM)
Meaning:
• Availability is a condition in which IT
services are available when the user needs
them
• There are different levels of availability, as
this level is higher, its price is higher also
• The level of availability comes from the
demand of a business process
• The user and the provider of IT services
should agree / align the level of availability
for each IT service and each business
process
ITSERVICEDESIGN

• Purpose of AM is to ensure that the level of service
availability delivered in all services is matched to or
exceeds the current and future agreed needs of the
business, in a cost-effective manner
• How:
– Produce and maintain the Availability Plan
– Provide advice to other areas on all availability-related issues
– Ensure that service availability achievements meet all their
agreed targets
– Assist with the diagnosis and resolution of availability-related
incidents
– Asses the impact of all changes on the Availability Plan
– Provide the proactive measures to improve the availability
ITSERVICEDESIGN

3.4. Availability Management (AM) -
example
AST Agreed Service Time - Downtime
• Availability = ----------------------------- x100 %
AST
AST in hours
• Reliability = ------------------------------
Number of breaks
ITSERVICEDESIGN

Example of measurement
ApplicationX
Web Server
Citrix Server
Databases
LAN
J2EE Server
Availability
- what the
user sees
99.5%
99.5%
99.5%
99.5%
99.5%
99.5%
< 97%
Availability (%)
ITSERVICEDESIGN

3.5. Information Security Management
• Information is a crucial business resource and
because of that it has to be protected
• We protect the confidentiality, availability and
integrity of information
• There are numerous threats to breach the
information security, so that is why security
controls are set up
• The lack of a security control is vulnerability of IS
• Information security system is based on connecting
IT asset, threat, vulnerability, risk assessment and
the necessary security controls
ITSERVICEDESIGN

ITSERVICEDESIGN

Security Management Process
Security Monitoring
Determination of
indicators and
trend analysis
Indicators
Security controlsOverview of
Security and
Control
IT Security
Analysis
Identification and
classification of
information assets
Risk Management
Security policy
Service level
management
Release
management
Change
management
Incident
management
Incident
management
Service level
management
Continual
improvement
Problem
management
Change
management
ITSERVICEDESIGN

3.6. IT Service Continuity Management
(CM)
Meaning:
• For many reasons the business processes supported
by IT may be interrupted and for such situations
one should be prepared
• This is done through the development of IT Service
Continuity Management system (ITSCM))
• Its basis is the consideration of threats,
vulnerabilities, risk levels and controls that are
implemented in ITSCM
• Price of ITSCM grows with its level
ITSERVICEDESIGN

3.6. Continuity Management (CM)
• There are a lot of threats that can cause disruption
of IT support and as a consequence disruption of
business process
• ITSCM is a way of ensuring the recovery of business
/ IT activities
• The purpose of the ITSCM is to reduce the risk of
disruption of the IT support with the elaboration of
continuity and recovery plans
• The starting-points of the ITSCM are RTO and
RPO
ITSERVICEDESIGN

3.6. Continuity Management
RTO – Recovery Time Objective
Data recovery
INCIDENT
Time
The recovery of
critical processes
RTO
Renewal of IT infrastructure
Renewal of operating
resources
ITSERVICEDESIGN

RPO – Recovery Point Objective
INCIDENT
Time
Regul
ar
back-
up
Therecoveryof
criticalprocesses
RPO RTO
Regul
ar
back-
up
Regul
ar
back-
up
Data recovery
ITSERVICEDESIGN

Levels of response to deadlock
Recovery Time Objective (RTO)
15 Min. 1-4 H.. 4 -8 H.. 8-12 Hr.. 12-16 Hr.. 24 Hr.. Dani
Level 4
Level 3
Level 2
Level 7
Level 6
Level 5
Level 1
Costs
ITSERVICEDESIGN

3.7. Supplier Management
• Goal – manage suppliers and the services they
supply, to provide seamless quality of IT service to
the business, ensuring value for money is obtained
• How:
– Ensure that underpinning contracts are aligned to
business needs and support agreed targets in SLAs
– Manage supplier performance
– Manage relationships with suppliers
– Negotiate and agree contracts and manage them through
their lifecycle
– Manage a supplier policy and database
ITSERVICEDESIGN

4. A FRAMEWORK FOR SD
REALIZATION
Other important factors
• In a similar way other factors that influence
the successful implementation of SD are
considered:
– An organization that does support to SD
– The technology to support SD
– Possible risks
– Impact on the key success factors
ITSERVICEDESIGN

PECB Webinar: How to design IT Services for achieving business objectives?

Recommandé

Recommandé

Contenu connexe

En vedette

En vedette (14)

Similaire à PECB Webinar: How to design IT Services for achieving business objectives?

Similaire à PECB Webinar: How to design IT Services for achieving business objectives? (20)

Plus de PECB

Plus de PECB (20)

Dernier

Dernier (20)

PECB Webinar: How to design IT Services for achieving business objectives?