THE FOLLOWING ITIL INTERMEDIATE EXAM OBJECTIVES ARE DISCUSSED IN THIS CHAPTER:
✓ Use of the RACI matrix
✓ Generic process roles
✓ Specific service design lifecycle roles
✓ Service design process roles and responsibilities for:
Design coordination
Service catalog management
Service level management
Availability management
Capacity management
IT service continuity management
Information security management
Supplier management
In this chapter, we explore organizing for service design and the process roles. It is important that you are able to explain and demonstrate understanding of the concepts covered in this chapter. You should be able to explain and describe the roles and responsibilities relating to the processes in the service design lifecycle stage.
The RACI Matrix
The RACI model, or authority matrix, is often used by organizations to define roles and responsibilities in relation to processes and activities. You should remember this from your Foundation studies, but here is a reminder. RACI is an acronym for the following four categories:
Responsible Applied to the person or people responsible for correct execution—for getting the job done.
Accountable Applied to the person who has ownership of quality and the end result. Only one person can be accountable for each task.
Consulted Refers to the people who are consulted and whose opinions are sought. They have involvement through input of knowledge and information.
Informed Refers to the people who are kept up-to-date on progress. They receive information about process execution and quality.
Occasionally an expanded version of RACI is used, called RACI-VS, with two further roles as follows:
Verifies Refers to the person or group that checks whether the acceptance criteria have been met.
Signs Off Refers to the person who approves the decision made by the person who verifies that the criteria have been met (V) and authorizes the product handover. This could be the person held accountable (A).
A third variation of the RACI model is RASCI, where the S represents supportive. This role provides additional resources to conduct the work or plays a supportive role in implementation of the work, for example. This could be beneficial for IT service implementation. It also allows for clear identification of lead responsibility when a number of roles are responsible for an activity, such as where accountability rests with a process owner and responsibility with a number of roles.
Table 17.1 shows the structure and power of RACI modeling. The rows represent a number of required activities, and the columns identify the people who make the decisions, carry out the activities, or provide input.
For example, the first activity shows the director of service management both accountable and responsible for the activity, with both the service level manager and procurement manager being consulted on the activity. This may be where a policy or principle is being prepared and agreed.
To build a RACI chart, the following steps are required:
Identify the processes/activities
Identify and define the roles
Conduct meetings and assign the RACI codes
Identify any gaps or overlaps—for example, where there are multiple Rs or no Rs
Distribute the chart and incorporate feedback
Ensure that the allocations are being followed.
Analysis of a RACI chart to identify weaknesses or areas for improvement should include considering both the role and activity perspectives.
Functional Roles in Service Design
For service design to be successful, it is important to clearly define the roles and responsibilities required to undertake the processes. These roles will need to be assigned to individuals, and an appropriate organizational structure of teams, groups, or functions should be established and managed.
The ITIL framework does not define functions for each lifecycle stage, but service design does rely on the technical and application management functions described in the service operation lifecycle stage. These functional areas are where the expertise for technical and application management are provided. They are used to manage the whole service lifecycle, and practitioner roles within service design may be performed by members of these functions.
There are other areas that act as functions and are commonly referred to in most organizations, but that are not covered as part of the ITIL framework. These are application development and project management.
Application Development While it is possible for an IT service provider to design, deploy, deliver, and improve IT services without developing any applications in-house, many organizations perform some of their own software development.
Project Management Another functional unit that may exist within the IT service provider organization is project management, often referred to as the project management office (PMO).
Organizational Structures in Service Design
The ITIL framework provides some suggestions for organizational structures that might be adopted to enable the successful management of service design.
Figure 17.1 shows an example for a small organization.
The functional capability is maintained within the infrastructure teams, with service management and project management support.
Figure 17.2 shows an example for a large organization.
In a larger organization, there is more flexibility in the approach, and the functions may be spread across a number of regional or locational divisions or departments. The challenge then becomes one of coordination to ensure that the service design approach is maintained consistently across the whole organization.
Generic Roles
Throughout the ITIL framework, there is consistent use of some generic roles across all lifecycle stages. The first of these is the service owner.
Service Owner
Large organizations will have many specialist areas, each concerned with its own processes and capabilities. Providing a service to a customer requires many of these specialist silos to contribute part of that service. The service owner provides an end-to-end view, which ensures consistency across the service.
The service owner understands what the service needs to deliver and how it has been built to satisfy these requirements. As the representative of the service, they are involved in assessment of the impact of changes affecting the service and are involved when it suffers a major incident, as an escalation and communication point.
By attending internal and external reviews, the service owner ensures that the service is delivered according to the customer requirements. This allows the role to identify the requirements for improvement and will provide input to continual service improvement to work with IT to address any deficiencies.
The service catalog process provides the business with information regarding the service, and maintaining this information with the service catalog process owner is another responsibility for the service owner.
The service owner interfaces with the underlying IT processes. It will have close associations with many of the processes:
Incident Management Involved in or perhaps chairs the crisis management team for high-priority incidents impacting the service owned
Problem Management Plays a major role in establishing the root cause and proposed permanent fix for the service being evaluated
Release and Deployment Management Is a key stakeholder in determining whether a new release affecting a service in production is ready for promotion
Change Management Participates in change advisory board decisions, authorizing changes to the services they own
Service Asset and Configuration Management Ensures that all groups that maintain the data and relationships for the service architecture they are responsible for have done so with the level of integrity required
Service Level Management Acts as the single point of contact for a specific service and ensures that the service portfolio and service catalog are accurate in relationship to their service
Availability and Capacity Management Reviews technical monitoring data from a domain perspective to ensure that the needs of the overall service are being met
IT Service Continuity Management Understands and is responsible for ensuring that all elements required to restore their service are known and in place in the event of a crisis
IT Financial Management Assists in defining and tracking the cost models in relationship to how their service is costed and recovered
Process Owner
The next generic role we look at is that of process owner. The process owner role is accountable for ensuring that a process is fit for purpose. This role is often assigned to the same person who carries out the process manager role, but the two roles may be separate in larger organizations. The process owner role is accountable for ensuring that the process is performed according to the agreed and documented standard and meets the aims of the process definition.
The process owner has the following accountabilities:
Sponsoring, designing, and change managing the process and its metrics
Defining the process strategy
Assisting with process design
Defining appropriate policies and standards to be employed throughout the process
Periodically reviewing the process strategy to ensure that it is still appropriate and change as required
Communicating process information or changes as appropriate to ensure awareness
Providing process resources to support activities required throughout the service lifecycle
Making improvements to the process
Process Manager
Working closely with the process owner, the process manager role is accountable for operational management of a process. There may be several process managers for one process, for example, regional change managers or IT service continuity managers for each data center. The process manager role is often assigned to the person who carries out the process owner role, but the two roles may be separate in larger organizations.
The process manager has the following accountabilities:
Working with the process owner to plan and coordinate all process activities
Ensuring that all activities are carried out as required throughout the service lifecycle
Appointing people to the required roles
Managing resources assigned to the process
Working with service owners and other process managers to ensure that services run smoothly
Monitoring and reporting on process performance
Identifying improvement opportunities for inclusion in the CSI register
Working with the CSI manager and process owner to review and prioritize improvements in the CSI register
Making improvements to the process implementation
Process Practitioner
We have considered the generic roles of process owner and process manager, and now we will review the practitioner role. A process practitioner is responsible for carrying out one or more process activities.
In some organizations, and for some processes, the process practitioner role may be combined with the process manager role. In others, there may be large numbers of practitioners carrying out different parts of the process.
The process practitioner typically has the following responsibilities:
Carrying out one or more activities of a process
Understanding how their role contributes to the overall delivery of service and creation of value for the business
Working with other stakeholders, such as their manager, coworkers, users, and customers, to ensure that their contributions are effective
Ensuring that inputs, outputs, and interfaces for their activities are correct
Creating or updating records to show that activities have been carried out correctly
Specific Service Design Roles
There are a number of specific roles that complement and support the service design generic process roles.
Service Design Manager The job title service design manager typically combines the roles of design coordination process owner and design coordination process manager. It may also include some degree of line management of the people involved in service design.
IT Planner An IT planner is responsible for the production and coordination of IT plans.
IT Designer/Architect An IT designer/architect is responsible for the overall coordination and design of the required technology.
Service Design Process Roles
In the following sections, we consider roles and responsibilities within the service design lifecycle stage for each of the service design processes.
Design Coordination Roles
There are additional aspects to the generic roles for each process; first we’ll consider the process of design coordination.
Design Coordination Process Owner
The design coordination process owner is responsible for the following activities:
Carrying out the generic process owner role for the design coordination process
Setting the scope and policies for service design
Overseeing the overall design of all service design processes to ensure that they will work together to meet the needs of the business
Design Coordination Process Manager
The design coordination process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the design coordination process
Coordinating interfaces between design coordination and other processes
Ensuring that overall service strategies are reflected in the service design practice
Ensuring the consistent design of appropriate services, service management information systems, architectures, technology, processes, information, and metrics to meet current and evolving business outcomes and requirements
Coordinating all design activities across projects, changes, suppliers, and support teams, and managing schedules, resources, and conflicts where required
Planning and coordinating the resources and capabilities required to design new or changed services
Producing service design packages (SDPs) based on service charters and change requests
Ensuring that appropriate service designs and/or SDPs are produced and that they are handed over to service transition as agreed
Managing the quality criteria, requirements, and handover points between the service design stage and service strategy and service transition
Ensuring that all service models and service solution designs conform to strategic, architectural, governance, and other corporate requirements
Improving the effectiveness and efficiency of service design activities and processes
Ensuring that all parties adopt a common framework of standard, reusable design practices in the form of activities, processes, and supporting systems whenever appropriate
Service Catalog Management Roles
Next, we consider the additional aspects to the generic roles for the process of service catalog management.
Service Catalog Management Process Owner
The service catalog management process owner is responsible for the following activities:
Carrying out the generic process owner role for the service catalog management process
Working with other process owners to ensure that there is an integrated approach to the design and implementation of service catalog management, service portfolio management, service level management, and business relationship management
Service Catalog Management Process Manager
The service catalog management process manager is responsible for the following activities and tasks:
Coordinating interfaces between service catalog management and other processes, especially service asset and configuration management and release and deployment management
Ensuring that all operational services and all services being prepared for operational running are recorded within the service catalog
Ensuring that all the information within the service catalog is accurate and up-to-date
Ensuring that appropriate views of the service catalog are maintained and made available to those for whom they are targeted
Ensuring that all the information within the service catalog is consistent with the information within the service portfolio
Ensuring that the information within the service catalog is adequately protected and backed up
Service Level Management Roles
In the following sections, we consider additional aspects to the generic roles for the process of service level management.
Service Level Management Process Owner
The service level management process owner is responsible for the following activities:
Carrying out the generic process owner role for the service level management process
Liaising with the business relationship management process owner to ensure proper coordination and communication between the two processes
Working with other process owners to ensure that there is an integrated approach to the design and implementation of service catalog management, service portfolio management, service level management, and business relationship management
Service Level Management Process Manager
The service level management process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the service level management process
Coordinating interfaces between service level management and other processes, especially service catalog management, service portfolio management, business relationship management, and supplier management
Keeping aware of changing business needs
Ensuring that the current and future service level requirements of customers are identified, understood, and documented in service level agreement (SLA) and service level requirements (SLR) documents
Negotiating and agreeing with the customer on levels of service to be delivered; formally documenting these levels of service in SLAs
Negotiating and agreeing on operational level agreements (OLAs) and, in some cases, other SLAs and agreements that underpin the SLAs with the customers of the service
Assisting with the production and maintenance of an accurate service portfolio, service catalog, application portfolio, and the corresponding maintenance procedures
Ensuring that agreed targets within underpinning contracts are aligned with SLA and SLR targets
Ensuring that service reports are produced for each customer service and that breaches of SLA targets are highlighted and investigated and actions taken to prevent their recurrence
Ensuring that service performance reviews are scheduled, carried out with customers regularly, and the actions agreed on at the review documented and progressed.
Ensuring that improvement initiatives identified in service reviews are acted on and progress reports are provided to customers
Reviewing service scope, SLAs, OLAs, and other agreements on a regular basis, ideally at least annually
Ensuring that all changes are assessed for their impact on service levels (such as changes in SLAs, OLAs, and underpinning contracts), including attendance at change advisory board (CAB) meetings if appropriate
Identifying all customers and other key stakeholders to involve in SLR, SLA, and OLA negotiations
Developing relationships and communication with customers, key users, and other stakeholders
Defining and agreeing on complaints, including recording, managing, escalating (where necessary), and resolving them
Measuring, recording, analyzing, and improving customer satisfaction
Availability Management Process Roles
In the following sections, we consider additional aspects to the generic roles for the process of availability management.
Availability Management Process Owner
The availability management process owner is responsible for the following activities:
Carrying out the generic process owner role for the availability management process
Working with managers of all functions to ensure acceptance of the availability management process as the single point of coordination for all availability-related issues regardless of the specific technology involved
Working with other process owners to ensure that there is an integrated approach to the design and implementation of availability management, service level management, capacity management, IT service continuity management, and information security management
Availability Management Process Manager
The availability management process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the availability management process
Coordinating interfaces between availability management and other processes, especially service level management, capacity management, IT service continuity management, and information security management
Ensuring that all existing services deliver the levels of availability agreed on with the business in SLAs
Ensuring that all new services are designed to deliver the levels of availability required by the business and validation of the final design to meet the minimum levels of availability as agreed by the business for IT services
Assisting with the investigation and diagnosis of all incidents and problems that cause availability issues or unavailability of services or components
Participating in the IT infrastructure design, including specifying the availability requirements for hardware and software
Specifying the requirements for new or enhanced event management systems
Specifying the reliability, maintainability, and serviceability requirements for components
Being responsible for monitoring actual IT availability achieved against SLA targets
Proactively improving service availability
Creating, maintaining, and regularly reviewing an availability management information system
Maintaining and completing an availability testing schedule for all availability mechanisms
Ensuring that all availability tests and plans are tested after every major business change
Capacity Management Process Roles
In the following sections, we consider additional aspects to the generic roles for the process of capacity management.
Capacity Management Process Owner
The capacity management process owner is responsible for the following activities:
Carrying out the generic process owner role for the capacity management process
Working with managers of all functions to ensure acceptance of the capacity management process as the single point of coordination for all capacity- and performance-related issues regardless of the specific technology involved
Working with other process owners to ensure that there is an integrated approach to the design and implementation of capacity management, availability management, IT service continuity management, and information security management
Capacity Management Process Manager
The capacity management process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the capacity management process
Coordinating interfaces between capacity management and other processes, especially service level management, availability management, IT service continuity management, and information security management
Ensuring that there is adequate IT capacity to meet required levels of service
Identifying, with the service level manager, capacity requirements through discussions with the business users
Understanding the current usage of the infrastructure and IT services and the maximum capacity of each component
Identifying capacity requirements and current usage of the infrastructure and IT services
Performing sizing on all proposed new services and systems
Forecasting future capacity requirements
Production, regular review, and revision of the capacity plan
Analysis of usage and performance data
Raising incidents and problems when breaches of capacity or performance thresholds are detected
Identifying and initiating any technical tuning to be carried out
Identifying and implementing initiatives to improve resource usage
Being familiar with potential future demand for IT services and assessing this on performance service levels
Ensuring that all changes are assessed for their impact on capacity
Acting as a focal point for all capacity and performance issues
IT Service Continuity Management Process Roles
In the following sections, we consider additional aspects to the generic roles for the process of IT service continuity management (ITSCM).
ITSCM Process Owner
The IT service continuity management process owner is responsible for the following activities:
Carrying out the generic process owner role for the IT service continuity management process
Working with the business to ensure proper coordination and communication between business continuity management and IT service continuity management
Working with managers of all functions to ensure acceptance of the IT service continuity management process as the single point of coordination for all issues related to IT service continuity regardless of the specific technology involved
Working with other process owners to ensure that there is an integrated approach to the design and implementation of IT service continuity management, information security management, availability management, and business continuity management
ITSCM Process Manager
The IT service continuity management process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the IT service continuity management process
Coordinating interfaces between IT service continuity management and other processes, especially service level management, information security management, availability management, capacity management, and business continuity management
Performing business impact analyses for all existing and new services
Implementing and maintaining the IT service continuity management process
Ensuring that all IT service continuity management plans, risks, and activities underpin and align with all business continuity management
Performing risk assessment and risk management
Developing and maintaining the organization’s continuity strategy
Assessing potential service continuity issues and invoking the service continuity plan if necessary
Managing the service continuity plan
Performing postmortem reviews of service continuity tests and invocations, and instigating corrective actions where required
Ensuring that all IT service areas are prepared and able to respond to an invocation of the continuity plans
Maintaining a comprehensive IT testing schedule, including testing all continuity plans in line with business requirements and after every major business change
Undertaking quality reviews of all procedures
Communicating and maintaining awareness of IT service continuity management objectives within the business areas
Undertaking regular reviews of the continuity plans, at least annually
Negotiating and managing contracts with providers of third-party recovery services
Assessing changes for their impact on service continuity and continuity plans
Information Security Management Process Roles
In the following sections, we consider additional aspects to the generic roles for the process of information security management.
Information Security Management Process Owner
The information security management process owner is responsible for the following activities:
Carrying out the generic process owner role for the information security management process
Working with the business to ensure proper coordination and communication between organizational (business) security management and information security management
Working with managers of all functions to ensure acceptance of the information security management process as the single point of coordination for all issues related to information security regardless of the specific technology involved
Working with other process owners to ensure that there is an integrated approach to the design and implementation of information security management, availability management, IT service continuity management, and organizational security management
Information Security Management Process Manager
The information security management process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the information security management process
Coordinating interfaces between information security management and other processes, especially service level management, availability management, IT service continuity management, and organizational security management
Developing and maintaining the information security policy and a supporting set of specific policies
Communicating and publicizing the information security policy
Ensuring that the information security policy is enforced
Identifying and classifying IT and information assets
Assisting with business impact analyses
Performing security risk assessment and risk management
Designing security controls and developing security plans
Developing and documenting procedures for operating and maintaining security controls
Monitoring and managing all security breaches
Reporting, analyzing, and reducing the impact and volumes of all security incidents in conjunction with problem management
Promoting education and awareness of security
Maintaining a set of security controls and documentation
Ensuring that all changes are assessed for impact on all security aspects
Ensuring that security tests are performed as required
Participating in security reviews arising from security breaches
Ensuring that the confidentiality, integrity, and availability of the services are maintained at the levels agreed to in the SLAs
Ensuring that all access to services by external partners and suppliers is subject to contractual agreements and responsibilities
Supplier Management Process Roles
In the following sections, we consider additional aspects to the generic roles for the process of supplier management.
Supplier Management Process Owner
The supplier management process owner is responsible for the following:
Carrying out the generic process owner role for the supplier management process
Working with the business to ensure proper coordination and communication between corporate vendor management and/or procurement and supplier management
Working with other process owners to ensure that there is an integrated approach to the design and implementation of supplier management, service level management, and corporate vendor management and/or procurement processes
Supplier Management Process Manager
The supplier management process manager is responsible for the following activities and tasks:
Carrying out the generic process manager role for the supplier management process
Coordinating interfaces between supplier management and other processes, especially service level management and corporate vendor management and/or procurement processes
Providing assistance in the development and review of SLAs, contracts, agreements, and other documents for third-party suppliers
Ensuring that value for money is obtained from all IT suppliers and contracts
Ensuring that all IT supplier processes are consistent and interface to all corporate supplier strategies
Maintaining and reviewing a supplier and contract management information system
Ensuring that underpinning contracts, agreements, or SLAs developed are aligned with those of the business
Ensuring that all roles and relationships between lead and subcontracted suppliers are documented, maintained, and subject to contractual agreement
Reviewing lead suppliers’ processes to ensure that subcontracted suppliers are meeting their contractual obligations
Performing contract or SLA reviews at least annually
Updating contracts or SLAs when required
Maintaining a process for dealing with contractual disputes
Maintaining a process for dealing with the expected end, early end, or transfer of a service
Monitoring, reporting, and regularly reviewing supplier performance against targets
Ensuring that changes are assessed for their impact on suppliers, supporting services, and contracts and attending CAB meetings when appropriate
Summary
This chapter covered service design roles.
We explored the generic ITIL roles and their responsibilities and related them to the service design processes. We also considered the roles specific to the service design lifecycle stage.
Exam Essentials
Understand the generic roles in the service lifecycle. Know the responsibilities of the service owner, process owner, process manager, and process practitioner.
Be able to explain and expand on the role of process owner for the service design processes. Each process will have an owner, and each process has slightly different responsibilities allocated to the role to meet the process objectives.
Understand and expand on the role of process manager for the service design processes. Be aware of the difference between the process owner and process manager. Differentiate between the process managers for each process for service design and the responsibilities associated with each.
Review Questions
You can find the answers to the review questions in the appendix.
Which of these is the best description of the role of service owner?
Manage the process so that it is performed efficiently and meets the expectation of the business customer
Ensure that the process produces the correct output
Represent the service across the service provider and business organization
Represent the process at the change advisory board
What is the correct description for process owner, process manager, and process practitioner?
Carries out the activity of the process
Ensures that the process can be carried out effectively
Ensures that the process is carried out effectively
Which of these is the best description of the role of service design manager?
Often combines design coordination process owner and design coordination process manager
Often combines service level manager and incident manager
Often combines availability manager and capacity manager
Often combines continuity manager and supplier manager
The RACI matrix is often expanded to include other potential roles. Which of these describes the additional roles correctly?
RACI-PM: process manager; RASCI: serviceable
RACI-VS: volunteer, supportive; RASCI: signs off
RACI-PM: process, management; RASCI: supplier
RACI-VS: verifies, signs off; RASCI: supportive
Which option is the best description of the role of IT planner?
An IT planner delivers the service strategy to the service design lifecycle stage.
An IT planner is responsible for the production and coordination of IT plans.
An IT planner is responsible for the plans for the service transition lifecycle stage only.
An IT planner delivers the contents of the service level agreements and contracts.
Which option best describes the responsibility of a service capacity process manager?
Performing sizing on all proposed new services and systems
Producing service design packages (SDPs) based on service charters and change requests
Sizing SDPs for the service portfolio management
Defining the service processes that support availability
Which process in service design is responsible for the production of the service design package?
Service level management
Service catalog management
Design coordination
Supplier management
Which of these skills would be most useful for a service level manager?
Technical understanding of monitoring systems
Experience of configuring security applications
Business analysis
Negotiating skills and business understanding
Which of these best represents the responsibilities of an availability process owner?
Coordination and communication between corporate vendor management and supplier management
Ensuring acceptance of the information security management process as the single point of coordination for all information security
Working with other process owners to ensure that there is an integrated approach to the design and implementation of availability management
D. Working with the business to ensure proper coordination and communication between business continuity management and IT service continuity management
True or False? ITIL suggests that all organizations should adopt the same common service design structure to enable easy integration with other organizations and suppliers regardless of their size.