C. Service transition provides guidance to ensure that the new or changed service meets the expectations agreed in service design.

D. Perspective is the vision and direction of the organization. Plans are how the service provider will transition from its current situation to its desired situation. Position is how the service provider intends to compete against other service providers in the market. Patterns are the ongoing, repeatable actions that a service provider will have to perform.

A, C, D, F. The purpose of the service strategy stage of the service lifecycle is to define the perspective, position, plans, and patterns that a service provider needs to be able to execute to meet an organization’s business outcomes.

B. For services to provide true value to the business, they must be designed with the business objectives in mind. Design encompasses the whole IT organization, for it is the organization as a whole that delivers and supports the services. Service design is the stage in the lifecycle that turns a service strategy into a plan for delivering the business objectives.

C. The level of investment required to carry out the strategy is calculated using financial management for IT services. Availability management is part of service design, knowledge management is part of service transition, and the seven-step improvement process is used for continual service improvement.

D. The ITIL Service Operation core volume provides guidance on how to maintain stability in service operation, allowing for changes in design, scale, scope, and service levels. New models and architectures such as shared services, utility computing, web services, and mobile commerce to support service operation are described.

C. Service catalog management is part of service design. Problem management is a service operation process, service asset and configuration management is part of service transition, and service portfolio management is a responsibility of service strategy.

C. Whatever the strategy, and however well the resulting new or changed service is designed, unless it can be transitioned successfully, the value will not be realized. Attempting to implement an improvement that results in downtime due to a badly planned change could mean that the damage to the business outweighs any potential intended benefit. Service transition ensures that changes are controlled and managed so that this risk is minimized.

E. The ITIL service operation core guidance includes a detailed description of the four service management functions (technical management, applications management, operations management, and the service desk). The service knowledge management system (SKMS) is used throughout the lifecycle and described as part of knowledge management in the ITIL service transition core guidance. Plan-Do-Check-Act (PDCA) is primarily discussed in continual service improvement, and return on investment (ROI) is mostly considered in service strategy. Service level agreements are primarily discussed in service design.

B. Improvements may be to the level of service delivered or to the alignment of the service to business needs. They might not result in a cost saving but will deliver better value.

D. The concepts link together as future versus present, operational effectiveness versus improvement in functionality, and launch versus ongoing.

C. An outcome is the result of carrying out an activity, following a process, or delivering an IT service. Business outcomes represent the business objectives of both the business unit and the service provider and involve internal customers. Customer outcomes are usually based on external service providers; the service provider’s outcomes are based on the customer’s outcomes but are different.

C. The service types described in service strategy are core, enabling, enhancing.

B. Economic value is based on the reference value perceived by the customer and the net difference that the service provider makes to the delivery.

A. This is the correct definition of utility and warranty.

E, C. The internal service provider is embedded in the business unit it serves.

B. This is the correct sequence for defining a service, starting with definition of the market. If you do not define the market first, you will not be able to provide the right service for the organization.

A. Options B and C are used for future planning. Only A is carried out after the investment has been made.

A, C, E, G, I. These are the basic elements of a business case, as discussed as part of financial management.

B, D, F, G, H. These are valid sourcing strategies as described in the sourcing strategy section of this chapter.

B. Securing the funding that is required for the provision of the agreed services is an objective of the financial management for IT services process, not the strategy management process.

D. Service valuation is defined as the ability to understand the costs of a service relative to its business value. The process responsible for identifying the actual costs of delivering IT services, comparing them with budgeted costs, and managing variance from the budget is accounting within financial management for IT services. The framework that allows the service provider to determine the costs of providing services is the cost model, and the activity of predicting and controlling the spending of money is budgeting within financial management for IT services.

D. All service providers need to understand what funding they will require, using the budgeting process, and where the money has been spent, using the accounting process. Charging is the activity whereby payment is required for services delivered. For internal service providers charging is optional, and many organizations choose to treat their IT service provider as a cost center. External service providers must charge for their services, since this is where the organization obtains the revenue which keeps it in business.

B. Options A, C, and D are all business relationship management responsibilities. Option B describes a responsibility of service level management, not business relationship management.

D. The service portfolio should engage with all the lifecycle stages.

C. The ITIL Service Strategy publication states that the IT strategy document, the service management strategy document, and the strategy plans for each service are the documents that should always be included.

D. Managing by crisis, managing by reacting to customer demand, managing by extrapolation, managing by hope, and managing by best effort are all poor management strategies named in the ITIL Service Strategy publication.

D. Option A is incorrect as IT finances are a subset of the enterprise’s finances, and the same rules and controls apply to it as to any other department. Option B is also incorrect as internal service providers may not necessarily charge for their services directly. Option C is incorrect as external service providers will not usually share this information, which would show their profit margins, to their customers. Option D is correct, as IT exists to serve the business, so all expenditure on IT must benefit the business directly or indirectly.

C. The others are objectives of business relationship management.

D. This is a key aspect of the purpose of service portfolio management. The other answers relate to the service design processes of capacity management, service level management, and availability management.

C. Patterns of activity are mechanisms for tracking business activity to deliver business outcomes, which show how the business will need to use business services.

B. Demand management is about matching supply to demand.

A. Demand management will use all of these information sources.

A. User profiles are based on the roles and responsibilities within an organization.

D. It is consumption that produces demand and production that consumes it in a highly synchronized pattern, not as stated in option D.

D. Services are designed to enable business activities, which in turn achieve business outcomes. Thus every time a business activity is performed, it generates demand for services. These patterns of business activity (PBAs) have to be properly defined and documented. ITIL guidance says that the following items need to be documented: classification, attributes, requirements, and service asset requirements.

D. Business relationship management has a strategic focus but not an operational focus.

A. Business relationship management will work with the business to build a business case for a new service. Service level management is only involved in ensuring that the service can be provided as required, not in whether it is the best use of investment funds.

A. Both are true statements and describe data repositories used by BRM.

B. Option B describes a situation that may be a trigger for CSI.

B. Governance is an overarching area that ties business and IT together, defining common policies and rules that both business and IT need to do business.

C is 1 (direct), A is 2 (evaluate), and B is 3 (monitor). The direct activity relates to communicating the strategy, policies, and plans to, and through, management. Evaluate refers to the ongoing assessment of the organization’s performance and its environment. In the monitor activity, the governors of the organization are able to determine whether governance is being fulfilled effectively.

D. ISO 20000 refers to IT service management. ISO 27001 refers to security. ISO 15504 refers to process assessment. ISO 38500 refers to corporate governance of IT.

A. Governance is expressed in a set of strategies, policies, and plans.

A. This statement is correct; policies should define boundaries for the organization.

A, B, C, D, E, F. All of these are principles covered in the ISO 38500.

C. IT governance must be part of the approach to corporate governance because IT is part of the organization and must abide by the same governance standards as the rest of the organization.

C. The final decision about the strategy, policies, rules, and plans and how they are enforced is made by the governors because they are accountable for governance. This accountability may not be delegated to managers, who are required to comply with governance.

A, C, D, E. All but option B are valid discussion points at the IT steering group. Agreeing on corporate strategy is not appropriate for the IT steering group.

B, D, E, G. Options B, D, E, and G are the valid service strategy processes. Design coordination, IT service continuity management, and service level management are design stage processes, and service asset and configuration management is part of service transition.

C, E. The rest are all service desk structures; centralized is both an organizational structure and a service desk structure.

D. The ITIL Service Strategy publication describes the sequence as moving through network, directive, delegation, coordination, and collaboration.

B. The ITIL Service Strategy publication describes the network stage as “Focused on rapid, informal, and adhoc delivery, reluctant to adopt formal structures.”

A, B, C, D. Before deciding on the appropriate organizational design, the strategy and culture of the organization need to be considered, because there is a risk that the design will not enable the strategy or be resisted by the staff. Similarly, if the provider’s organization will be structured by geography or aligned by customers, the process design will be guided by this criterion. Once key processes are understood, it is appropriate to begin organizational design.

C. The ITIL Service Strategy publication describes a role as a set of responsibilities, activities, and associated levels of authority granted to a person or team. A role is defined in a process or function.

C. The ITIL Service Strategy publication states that the service owner is accountable for the delivery of a specific service, and also that the role of service owner is critical to service management.

B. The ITIL Service Strategy publication identifies the financial management for IT services roles of process owner, process manager, and budget holder.

C. The service owner represents the service across the organization. It is the responsibility of the process manager to manage the process so that it is performed efficiently and produces the correct output. Although the service owner does represent the service at the change advisory board, option D says “represent the process.”

A, C. It is the process owner’s responsibility to ensure that everything is in place to enable the process to be carried out effectively, such as ensuring that staff are trained, the process documentation is up to date, etc. The process owner is NOT responsible for ensuring that the process is actually carried out; this is the responsibility of the process manager.

A. Designing services to meet the patterns of business activity and being able to meet business outcomes is part of demand management responsibilities. Sizing applications, services, and systems is a key aspect of capacity management. Compiling and formulating the annual IT budgets to be scrutinized by the IT steering group is part of financial management responsibilities. Establishing and articulating business requirements for new services or changes to existing services is part of business relationship management responsibilities.

B. Personalized service is not a benefit of service automation. All the other options are benefits.

B. Statements 1, 2, 4, 6, 7, and 8 are the techniques listed in the ITIL Service Strategy publication.

B. The ITIL Service Strategy publication describes service analytics as understanding patterns of information.

A. A fault is defined as an abnormal condition that requires action to repair, while an error is a single event. A fault is usually indicated by excessive errors. The behavior of a service is impacted by a combination of elements working together, so we need to understand the context to understand the actual relevance of any data. The simpler the process, the smaller the chance of error, so removing unnecessary steps may itself reduce performance variations because there are fewer steps to go wrong.

D. Technology-assisted describes a service encounter in which only the service provider has access to the technology, as when an airline representative uses a terminal to check in passengers.

B. There is no such technique as synthetic generation. All the other answers are techniques described in the ITIL Service Strategy publication.

C. All of these are listed in the ITIL Service Strategy publication as areas where service management may benefit from automation.

B. The greatest benefit often results from automating simple but frequent tasks. Complex tasks may be hard to automate because of the possibility of error, and the time saved may be minimal if they are infrequently used. So complex tasks may therefore be unsuitable for automation, and ITIL recommends that complex tasks should be simplified before automation is considered.

D. Service analytics will help convert data to information and then to knowledge, but no computer-based technology can provide wisdom. It requires people to provide evaluated understanding, to answer and appreciate the “why?” questions. So statement 1 is FALSE. Service analytics does provide the linkage between components and the business process, the service model, so statement 2 is TRUE.

B. The items in the statement are listed as characteristics of service interfaces in the ITIL Service Strategy publication.

C. These are the four Ps of service strategy, but they are also the four elements that service strategy should ensure are managed successfully.

D. Service strategy has an impact on all other stages of the lifecycle.

D. Both of these statements about the service strategy four Ps are correct.

A. Defined services are captured in the service portfolio. The defined services include the pipeline, the catalog, and retired services.

C. The services are delivered to customers, and complementary to the service portfolio, this information is captured in the customer portfolio.

B. Testing the processes will be part of the service transition approach to implementing service strategy.

C. These are all valid constraints, as referenced in Figure 8.3, shown in Chapter 8.

A. Service models are a key factor in the development of services during design.

A. Patterns of business activity are explored as part of demand management.

B. Service design will consider business impact analysis in a number of processes during the design of services. Business impact analysis will help the teams judge where their efforts are best spent, especially where there is a resource conflict.

B. Measurements should not be focused on internal goals. They should be focused instead on customer satisfaction.

C. The ITIL glossary defines risk as “a possible event that could cause harm or loss, or affect the ability to achieve objectives. A risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred.”

A. There is a risk that services fail to deliver the expected utility benefits; poor design causes poor performance. For example a change in the pattern of demand for a service could reduce the service’s utility if it has not been designed to be scalable. This is defined as a design risk.

B. Accurate measurement is described as a challenge in the ITIL framework. Monitoring of discrete failures does not provide a picture of the customer experience. The failure to meet this challenge constitutes a risk to effective service management because inadequate or incomplete information impacts the quality of decision-making.

C. These are the challenges listed in the ITIL Service Strategy publication. The need to coordinate and prioritize many new or changed services is a service transition risk. If maturity levels of one process are low, it will be impossible to achieve full maturity in other processes, which is a service design risk. Lack of engagement with development and project staff is a service operation risk.

A, B, C, D. These are all essential elements of risk management.

C. These are among the methods listed as ways of preserving value.

B. Risk is normally seen as something to be avoided due to the possible negative consequences, but risks may also present opportunities. For example, underserved market spaces and unfulfilled demand are risks to be avoided, but they can also be seen as opportunities to be exploited. Organizations need to take risks but limit exposure to an acceptable level.

C. Appropriate responses are as follows: reducing the total cost of utilization (TCU), giving customers financial incentives to not switch to other options; differentiation, providing services that are unique, novel, or difficult for competitors to replicate; and consolidation, concentrating demand from several customers or customer groups onto a single service rather than offering a lot of diverse but similar services, thus reducing costs to help retain customers.

C. If the challenge of ensuring sufficient coordination is met, silos will not develop. Without the coordination, this would be a risk. Decision-makers have limited time, so they delegate roles and responsibilities to specialized teams and individuals. Specialization allows for development of in-depth knowledge, skills, and experience. However, increasing specialization requires a corresponding increase in the need for coordination. It is important to appreciate this increased need for coordination and to address it through cooperation and control between teams and individuals and with suppliers.

A. Option A describes a purpose of the financial management for IT services process, which is part of service strategy, not service design.

C. These are all listed in the ITIL framework as goals of service design.

B. Risk management is not one of the five aspects.

1. The five aspects of service design are as follows:

• The design of the actual solution itself
• The service management system and tools that will be required to manage the service
• The management and technology architectures that the service will use
• The processes needed to support the service in operation
• The measurement systems, methods, and metrics that will be required

D. This is the ITIL glossary definition of a service design package.

C. The SACs are used to ensure that an IT service meets its functionality and quality requirements and that the IT service provider is ready to operate the new IT service when it has been deployed; the postimplementation review takes place after deployment.

C. Service portfolio management is a service strategy process. Service catalog management, service level management, and information security management are service design processes.

D. Service design does not impact the effectiveness of business processes. Options A, B, and C are benefits of effective service design.

D. Service design packages and updated service models are outputs to transition. Service strategy inputs are vision and mission, service portfolio, policies, strategies and strategic plans, priorities, and service charters.

B. These are some of the outputs from transition to design listed in the ITIL Service Design core volume.

C. All of the items mentioned except change schedule and the CMS are valid inclusions in a service design package.

B. The service portfolio contains the service pipeline, service catalog, and retired services. The portfolio is part of the service knowledge management system. The SKMS includes the service portfolio and the configuration management system as well as other databases and information systems.

D. Warranty refers to the ability of a service to be available when needed, to provide the required capacity, and to provide the required reliability in terms of continuity and security. Warranty can be summarized as “how the service is delivered” and can be used to determine whether a service is “fit for use.” Utility describes the functionality offered by a product or service to meet a particular need, “what the service does,” and can be used to determine whether a service is able to meet its required outcomes, or is “fit for purpose.” Removal of constraints is an aspect of utility.

D. The four Ps of service design are the people, the processes, the products (the services, technology, and tools), and the partners (the suppliers, manufacturers, and vendors). Service design must consider each of the four Ps to ensure a robust design that meets the requirements.

B. The three aspects to be balanced in a balanced design are functionality (the service or product and everything that is part of the service and its provision), resources (the people, technology, and money available for the effort), and schedule (the timescales for completion).

C. There are four separate technology domains that support components of every service, and design needs to address all four. They are infrastructure, environmental, data/information, and applications.

C. The service portfolio is made up of the service pipeline, the service catalog, and retired services.

B. When a design needs to be changed or any of the individual elements of the design need to be amended, consideration must be given to all aspects. This is called holistic service design. Holistic service design, therefore, involves all five aspects of design.

C. Option C is not a valid risk because it is utility that is about fitness for purpose. Spending insufficient time on warranty would not affect the service’s fitness for use. The other options are all valid risks.

D. The design of a service must include the technology architectures that the service will use and details of the skills that the support staff will need to operate, support, and maintain the services. It also must include an understanding of which aspects will be supported internally and which by suppliers (and the OLAs and underpinning contracts that will be required to meet the required SLRs). It must include the details of the measurement systems, methods, and metrics that will be required to measure and monitor the service, and provide the necessary management information that will also be necessary. Governance and compliance requirements are inputs into defining the utility of the service, and the design will need to meet these requirements. These are in addition to the actual solution itself.

B. The business case will have been developed in strategy, and its development is not a service design activity. Evaluating the alternative solutions, procuring the preferred option, and developing it are all activities undertaken in service design.

C. Option A is carried out by the manager of the service level management process. Option B is carried out by the transition planning and support process. Option D is completed by the IT steering group and senior management of the department.

A. The multi-view catalog shows all services that are used. The technical view shows the supporting services, and the business / customer catalog shows the customer facing services.

C. Option C describes the service catalog. Option A describes a service level agreement, option B the service portfolio, and option D a business case.

C. Strategic and retired services are not included in the service catalog.

B. The service catalog forms part of the service portfolio. The rest of the statements are false.

D. The design coordination process is not responsible for ensuring that the design meets the requirements, but it is responsible for ensuring that the solution is designed, providing a coordination point, and ensuring that the objectives of the service design stage are met.

D. The CMS and governance requirements are not part of the outputs from design coordination.

C. Option C is the only correct option because it is used to show which IT service supports each business process.

A. A connection can be drawn between the service catalog and the lifecycle processes because the service catalog refers to all the services provided to the organization and how they are delivered.

B. Design coordination is responsible for the coordination of the service design lifecycle stage, not the service operation stage.

A. The purpose of service level management is to ensure that there is a high-level relationship with customers to capture business demands. A high-level relationship with the customer is provided through the business relationship management process. The single point of contact for the users is the service desk. Service transition looks after the smooth transition of services.

B. Option A is an objective of change management, option C is an objective of the service desk, and option D is an objective of problem management.

C. AST stands for agreed service time, and DT stands for downtime.

D. Reliability, resilience, serviceability, and maintainability are all key concepts in availability management.

B. Utility is not included in the SLM requirements, and change records and configuration records are also out of scope.

C. You would not find a definition of business strategy in a service level agreement.

C. A strategic business plan and an internal finance agreement do not commonly support an SLA.

D. Option A describes an OLA, and option B describes an SLA. Option C is not a formal part of service level management.

B. VBF stands for vital business functions.

B. The service level monitoring chart is also known as a RAG chart—red, amber, and green.

A. Service level management negotiates the targets for service level agreements.

A. The subprocesses of capacity management are business, service, and component capacity management.

B. Ensuring that the business has contingency plans in place in case of a disaster is the responsibility of the business, not IT service continuity management.

D. BIA stands for business impact analysis.

C. BCM and ITSCM are closely linked as described.

A = 1, B = 3, C = 2. Business capacity relates to business activities, service capacity to service performance, and component capacity to the technical infrastructure.

A. There are reactive and proactive elements to the process, to both plan and react to operational needs.

C. The number of incidents (4) is a KPI for incident management.

B. Risk management is part of service continuity management, not capacity management.

C. Testing takes place during implementation and ongoing operation.

D. The business is responsible for defining the protection required for systems and data. Information security management ensures that it can be applied and implemented.

A. Security management information system (SMIS) is the information database associated with the information security management process.

D. Supplier management is concerned with external suppliers only.

C. Tactical is the other category, not trusted.

A. Although the rest of the options are part of information security management, the key purpose is to create a policy that will guide the other activities.

C. Suppliers are categorized according to the risk and impact to the achievement of business objectives and goals and their relative value and importance in providing the service.

C. Plan and maintain are both parts of the information security management approach, along with control, implement, and evaluation.

A. Service level agreements are often supported by third-party contracts and so there should be a close relationship between the processes.

A. Operational level agreements are internal agreements, not agreements with customers, and are not managed through supplier management.

C. Both statements are correct because the SCMIS is a repository for information relating to suppliers, such as supplier policies and contracts.

B. Requirements engineering is the name given to the approach by which we ascertain, understand, and document the requirements of the business, users, and other stakeholders. This enables service design to understand what is required and ensures the traceability of changes to each requirement. The three stages of requirements engineering are elicitation, analysis, and validation.

C. A requirement is defined as a formal statement of what is needed—for example, a service level requirement, a project requirement, or the required deliverables for a process. The three categories of requirements are functional, management/operational, and usability.

D. All but market testing and outsourcing are valid methods for gathering requirements.

B. We need to know who will access the data and how and why this will be done. We need to maintain data quality and plan for its eventual disposal. If data is not managed effectively, resources will be wasted collecting and maintaining unnecessary data, or the data that is useful may not be available to those who need it. A data management process that establishes policies and standards will provide expertise and make it easier to handle the data aspects of new services. It will deliver all of the benefits listed in the question.

1 and B, 2 and A, 3 and C. ITIL defines the data categories as follows: Tactical data is typically concerned with summarized data and historical data, operational data is necessary for the ongoing functioning of an organization, and strategic data is often concerned with longer-term trends and comparison with the outside world.

C. Option C does not describe one of the four areas. The missing area is the management of data standards and policies.

A. Customer satisfaction scores are not among the four types. The missing type is custom information provided by the applications.

C. CASE stands for computer-aided software engineering. Applications design may use CASE tools to specify requirements, draw design diagrams, or even generate complete applications or nearly complete application skeletons. These tools also provide a central location, generally called a repository, for storing and managing all the elements that are created during application development.

D. These are methods of describing functional requirements, that is, the utility to be provided.

C. Allowing insufficient time or failing to give priority to requirements gathering is the cause of most system errors; these will take far longer to fix later than gathering the requirements would have taken. It may even mean the project is unable to deliver.

C. The service owner represents the service across the organization.

Process owner = (2) Ensures the process can be carried out effectively; Process manager = (3) Ensures that the process is carried out effectively; Process practitioner = (1) Carries out the activity of the process. The process owner is accountable for the process, the manager is responsible for the process management, and the practitioner will be responsible for carrying out the activity of the process.

A. The role of the service design manager often includes the process owner and manager roles for design coordination.

D. RACI stands for responsible, accountable, consulted, and informed. Option D describes the additional roles correctly.

B. Option B describes the role of the IT planner: the production and coordination of IT plans that will be used throughout the service lifecycle, but this takes place within service design.

A. Sizing applications, services, and systems is a key aspect of capacity management when the organization is designing and preparing for new or changed services.

C. Design coordination is responsible for the production of the service design package; the other processes contribute to its contents.

D. Service level management requires negotiating skills with the business to establish service level agreements that meet the requirements of both the business and IT.

C. Option A relates to supplier management, option B relates to information security management, and option D relates to ITSCM.

B. ITIL suggests adoption of a structure that supports the organizational needs, not necessarily the same one other organizations use.

C. Stating the budget in advance would hamper negotiation later, which makes option C the incorrect statement. The other three statements are true.

A. Customization (but not configuration) will have to be repeated for each upgrade. Configuration would not affect supplier support obligations (customization might). Out-of-the box tools would mean standard training could be used. Processes should be defined before tool selection. The tool should follow the process, not vice versa.

C. M stands for Must have requirements, S stands for Should have requirements, C stands for Could have requirements, and W stands for Would like in the future requirements.

C. The steps in option C are in the correct order.

B. The use of a service design tool will not reduce testing time. All the other options show actual benefits of using a tool.

A. The tool should fit the process, not the other way around. It is acceptable if the tool fails to fit some process areas and some changes are made to the process as long as they are not major.

B. It is insufficient to just address the tool’s capabilities and how it matches the process; due diligence should be carried out to ensure that the support offered is of the required standard.

C. All of the aspects that are listed should be considered.

D. These costs should all be included. If the tool is implemented but insufficient training or configuration is carried out, the capabilities of the tool will not be realized. Without good reporting, the data held in the tool will not be easily available, and so monitoring achievement against targets, monitoring of KPIs, and so on will be ineffective. Without time spent setting up the web portal, a major advance in terms of efficiency will not be realized because a poorly implemented portal will not be used by the customers. Failure to include these costs explains why so many operation initiatives fail; there is an attempt to deliver too much as business as usual rather than as a costed and funded project.

B. Training will still be required, but access to the service across a network to the supplier will simplify implementation and may reduce costs.

A. What is the vision? (Business vision, mission, goals, and objectives); Where are we now? (Baseline assessments); Where do we want to be? (Measurable targets); Did we get there? (Measurements and metrics).

C. All of the statements apply to business impact analysis.

B. SLM finds out the requirements prior to the start of the design. Design then attempts to ensure that the requirements are met by the design. The SLA is not agreed to and signed until design is complete because there may be reasons the SLRs may not be fully met in the design, such as cost or technical issues. These deviations will be negotiated during the design phase.

C. All of the approaches that are listed are valid.

D. These aspects of the review cover the people, processes, products, and partners—the four Ps.

A. A balanced scorecard allows the business to prioritize what is important to achieve success.

B. Option B includes the correct steps for Six Sigma DMADV. Six Sigma is the problem solving approach that is complementary to the ITIL framework.

D. SMART stands for specific, measurable, achievable, realistic, and time-bound. These elements are identified to ensure that all objectives have a clear purpose, intent, and scope and can be achieved within a realistic timescale.

A. SWOT is used to identify the opportunities for improvement by investigating the elements that impact an organization.

D. All of these are the steps used in the Six Sigma DMAIC process, which is an improvement system for existing processes that fall below specification and need incremental improvement.

A. A critical success factor (CSF) describes something that must happen if an IT service, process, plan, project, or other activity is to succeed.

D. Key performance indicators (KPIs) are used to measure the achievement of each critical success factor. For example, the critical success factor “Protect IT services when making changes” could be measured by a key performance indicator such as reducing the number of changes that fail or that cause incidents over time measured as a percentage of all changes.

B. All the other KPIs are reporting on the success of cutting costs, speeding delivery, or improving quality; only option B is about reducing the impact of conflicting demands for resources.

B. The question includes the definition of a KPI in the official ITIL glossary and publications.

D. Testing is part of service transition. All of the other risks are valid service design risks.

B. A risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurred.

D. This is a challenge. There may be an associated risk that, due to unclear or changing requirements, the design does not fulfil the requirements. A risk is the possible result of a challenge not being met successfully.

D. Market risks, such as sourcing decisions made by customers, are potential risks for all service providers, but they are a risk to service strategy, not design.

B. If speed and quality are most important, the cost will be high. If quality and cost are most important, the design will take more time. If cost and time are most important, quality will suffer.

D. KPIs are designed from the outset and collected regularly and at important milestones.

C. Option C is an objective of service strategy, not service transition.

C. It is design that turns strategy into deliverables (1), and it is in the service operations stage that the design is used in the real world and the strategy is realized (2).

D. Service transition covers the transfer of services, as described in options 1, 3, and 4. Producing a business case is a service strategy task. Terminating a supplier contract would involve a number of transition tasks, such as updating the CMS and supplier and contract management information system, putting an alternative supplier in place, or taking the service in house.

B. The purpose of service transition is to ensure seamless transition of designed services to meet the business expectations agreed in strategy.

A. Capacity plans are developed as part of service design in the capacity management process.

B. Change evaluation focus is strongly related to service transition because evaluation is part of ensuring that the release is fit for delivery into operation.

C. Both statements are correct.

D. These are all approaches that can be managed under transition.

C. Service transition supports the introduction of new services.

A. As with all improvement activity across the lifecycle, service transition engages with CSI to ensure that improvements are made and prioritized according to business need.

C. The management team is responsible for approving the formal transition policy.

A. Transition emphasizes the need for controls, and governance is applicable across the whole service lifecycle, not just a specific stage.

B. Changing business requirements may require course corrections in a current transition.

A. Controls should be introduced as early as possible in the service lifecycle to support governance across the lifecycle.

C. Statement 2 refers to capabilities.

D. Capability refers to the ability of a service organization, person, process, application, configuration item, or IT service to carry out an activity.

B. The items in option B are all strategy inputs to transition. Option A describes inputs from service design, option C from CSI, and option D from service operation.

D. Although each of these policies will involve management of resource, the policies knowledge transfer and service transition, quality assurance, and plan release packages have other primary considerations. Proactively manage resources is primarily concerned with management of shared and specialist resources for transition.

C. The policy relating to transition efficiency recommends reuse of existing processes and systems.

A. Policies are used to provide guidance and management for the lifecycle stages.

C. It is important to note that transition planning and support is not responsible for detailed planning of the build, test, and deployment of individual changes or releases; these are part of change management and release and deployment management.

C. All of the options are valid start points for the change management process. A call to the service desk may require a change to fulfil the request or resolve the incident. A change proposal agrees to a major change in principle; this may then lead to several smaller changes being raised. A project initiation document will outline the changes that the project will deliver; change management will need to agree to each.

B. There are three different types of service change:

• Standard changes are low risk, relatively common, and follow a defined procedure. They are preauthorized.
• Emergency changes must be implemented as soon as possible (for example, to resolve a major incident or implement a security patch). These are normally defined as changes where the risk of not carrying out the change is greater than the risk of implementing it.
• All other changes are defined as normal changes.

C. Option C describes a critical success factor (CSF), not a key performance indicator (KPI).

A. Option A is the definition of a release package, option B describes a release unit, option C describes a release, and option D describes a release model.

A. Transition planning and support provides overall planning for service transitions and coordination of the resources they require.

C. Service asset and configuration management (SACM) is the process that manages the naming convention for the configuration management database. Release management is concerned with the release controls that are specified in the release policy; these would include release naming conventions, the use of the DML, and the roles and responsibilities of those involved.

D. The ECAB is responsible for emergency changes; it needs to be a small group because it needs to be contacted to make a decision quickly. The members are senior managers who agree whether the proposed change is workable (using the senior technical manager’s assessment) and the risk is acceptable (the senior IT manager and the customer representative would decide upon this).

D. Although simple releases may need no more management than that provided by the change management process, more complex releases will require more detailed management and would benefit from the application of project management disciplines. Similarly, where there are several connected releases, using project management to treat each release as a project and linking each of these related projects together into a program will provide the required control and management. Using project management is helpful, not confusing.

C. These statements are both objectives of transition planning and support, ensuring that transitions are managed effectively.

B. The purpose of SACM process is to identify and control the assets that make up services and maintain accurate information about these assets.

D. SACM is a process that supports all stages of the service lifecycle by providing information about the assets that make up services. The process is part of service transition, although the CMS is used across the lifecycle by many processes.

C. A configuration record captures the information about a configuration item and records the attributes and relationships. It is stored in the CMDB. Option A is a service asset, option B is a configuration item, and option D is an activity carried out in SACM.

A. The layers of the CMS are closely associated to the data, information, knowledge, wisdom (DIKW) model from knowledge management. The presentation layer allows for decision-making from the analysis and processing of data.

B. Although it may help provide background information for an incident, the CMS would not normally contain known error information that the service desk staff could use to resolve incidents.

A. When SACM has been successfully implemented, checking the related CIs for each change can be carried out quickly, and so will not slow down the change management process. It will actually benefit change management by allowing a more accurate impact analysis of the proposed change to be carried out, thus reducing risk. Failure of staff to carry out the process, because they are not aware of its importance, will endanger the accuracy of the CMS; staff need to understand the criticality of an accurate CMS through an awareness campaign. When implementing SACM, it is essential to ensure that the level of detail maintained matches the value of the information, as otherwise this process will not be cost-effective. Finally, without effective change management, effective SACM is impossible.

D. A service asset is any resource or capability that could contribute to the delivery of a service. A configuration item, or CI, is a service asset that needs to be managed in order to deliver an IT service. A configuration record is a set of attributes and relationships about a CI. Configuration records are stored in a configuration management database and managed with a configuration management system.

B. The configuration model enables other processes to access valuable information, as in the examples described in the question.

B. An SDP is an example of a service lifecycle CI, not a service CI. Service CIs include capability assets such as management, organization, processes, knowledge, and people. They can also include resource assets such as financial capital, systems, applications, information, data, infrastructure and facilities, financial capital, and people. Also included are service models and service acceptance criteria.

B. Options A, C, and D are untrue. A snapshot is not formally reviewed, asset management alone does not provide information about relationships required for effective service management, and SAM is a subset of SACM.

A. Option B describes a release unit, Option C describes a release, and Option D describes a release model.

B. Early life support is the handover that takes place between service transition and service operation during the deployment phase of release and deployment. It ensures that the support of the deployment and development teams is still available as the new or changed service is introduced to the live environment.

C. SACM is the process that manages the naming convention for the configuration management system. Release management is concerned with the release controls that are specified in the release policy.

D. Verification and audit is a step in the SACM process.

C. Early life support takes place in the deployment phase, where the handover to service operation takes place.

D. The test report is not part of a test model.

C. The correct order is as follows: Design tests, Verify test plan, Prepare test environment, Perform tests, Evaluate exit criteria and report, Test cleanup and closure.

D. The exit and entry criteria for testing are defined in the service design package.

B. The left-hand side of the service V model shows service requirements down to the detailed service design. The right-hand side focuses on the validation activities that are performed against these specifications.

C. Any of the listed results are valid.

D. The objectives of change evaluation include setting stakeholder expectations correctly and providing accurate information to change management to prevent changes with an adverse impact and changes that introduce risk being transitioned unchecked. It also evaluates the intended and the unintended effects of a service change and provides good-quality outputs to enable change management to decide quickly whether or not a service change is to be authorized.

B. The purpose of the change evaluation process is to understand the likely performance of a service change and how it might impact the business, the IT infrastructure, and other IT services. The process assesses the actual performance of a change against its predicted performance.

D. These are the four sections of the report specified in ITIL Service Transition.

C. A model is a representation of a system, process, IT service, or configuration item that is used to help understand or predict future behavior.

A. The trigger for change evaluation is receipt of a request for evaluation from change management.

B. Options A, C, and D are the only permitted outcomes. If a discount were provided, it would have to be combined with the customer accepting the deviation.

D. Release and deployment management is responsible for ensuring that appropriate testing takes place, but the actual testing is carried out as part of the service validation and testing process. The output of service validation and testing is a key input to change evaluation and must be provided at an appropriate time and in a suitable format to enable changes to be evaluated in time for change management decision-making.

1+B, 3+A, 4+C, 2+D. Knowledge management is typically displayed within the data, information, knowledge, wisdom (DIKW) model. The answer matches each of these concepts with its definition.

C. The tool is called the service knowledge management system (SKMS), and it’s a repository for information, data, and knowledge relating to service management. This has important connections for managing information and knowledge throughout the whole service lifecycle.

D. Knowledge management is a process that has influence across the whole of the service lifecycle. It is used to capture and present ideas, perspectives, data, and information to all stages of the lifecycle, ensuring that the appropriate decisions can be made.

C. It is important to ensure that all stakeholders are communicated with during the transition; this means both service provider and customer stakeholders.

B. Email and faxes are not recommended as communication methods. Email is too frequently received, and faxes are an old-fashioned approach to communication, and both are likely to be lost among many others of similar type.

A. Communication models support specific types of change with clearly understood, effective, and tested communication paths.

A. The emotional cycle of change reflects the path of an individual’s experience of change from introduction to acceptance.

B. Both statements are correct. Leadership for the change shows management support and commitment. Organization adoption ensures that there is a consistent approach across the organization.

D. A business development plan would be owned by the business. Policies, processes, and procedures are considered to be change products.

B. It is important to engage the stakeholders and ensure that their opinions on the progress of the transition are used to inform it.

D. Employee shock in response to change is the most likely challenge.

C. Kotter’s eight steps relate to actions that need to be taken to support transition.

A. Service transition requires the support and engagement of stakeholders and is therefore supported by stakeholder management.

A. Each organization must define its organizational roles to suit the needs of its own business. ITIL provides guidance and suggestions for specific processes, but the combination of roles and allocation of responsibility is dependent on the needs of the organization.

D. Small organizations are unlikely to have sufficient staff for multiple managers and are more likely to combine roles.

C. All the other options are specific process-based roles.

B. If the role of service transition manager exists within an organization (and this question assumes it does), then the person filling that role will be responsible for the service transition teams.

D. All lifecycle stages have an interface to the service transition lifecycle stage.

D. ITIL does not describe a role of process improvement manager. The process owner and manager roles have responsibility for identifying possible improvements.

C. ITIL specifies that the process owner is accountable for the process, and there can be only one person accountable.

C. Creating and maintaining the process documentation are the responsibilities of the process owner.

D. Anyone in the organization can be a knowledge creator.

B. The process managers in the service transition stage all work together.

C. Transition is supported by tools related to specific processes and by enterprise-wide tools such as the configuration management system or knowledge management system.

D. All of these are knowledge management tools. Knowledge management incorporates many tools to support the process.

B. Shared calendars and tasks, threaded discussions, and video- and teleconferencing are knowledge sharing tools. Collaboration is important as part of knowledge management.

C. The CMS is part of the SKMS. The service knowledge management system should incorporate knowledge tools and systems, even if they are managed independently of the knowledge management process.

A. One of the key benefits of the CMS is that it holds information about the relationships between items.

D. The CMS is sometimes made up of a number of CMDBs.

B. Discovery tools can be used, but they are not the only source for data entry in the CMS.

D. Communities are often used to ensure collaboration across organizations.

C. Although all of these options would support the CMS, security controls for the CMS data is the most important when considering the design of the system.

A. Workflow is an important factor for knowledge management because it provides systemic support for managing knowledge assets through a predefined workflow or process.

C. Even if procedures are mostly existing already, formalizing them may meet with resistance and will involve a degree of cultural change. It is also true that implementing improvements to service transition is itself a service transition exercise because it will result in a change to how services are delivered by the service provider, and as with any transition, this carries a risk of disruption unless done carefully. So the implementation has to be planned and tested like any other transition.

D. Service transition needs a degree of involvement in the justification and design activities to understand what the intended benefits of the transition are and how they are going to be achieved in the design. Service transition is responsible for the introduction activities, but once the period of early life support is completed, the activities required to run the service normally are the responsibility of service operation only; it is a key requirement of transition that it enables the service to be fully handed over to operations.

C. These are all proof of poor transition. Successful transition requires careful change management to ensure that changes are tested thoroughly to avoid the disruption and cost of failures resulting from changes. Discovering errors in live operation instead of during the testing stage means that the tests were poorly designed and did not reflect how the service would behave in operation. Transition also has a responsibility for ensuring that the service is delivered within budget and is able to run within the costs that were projected; if this is not the case, then the transition cannot be said to have been successful.

C. Well-designed services are indeed easier to transition, and the need for precise design for effective operations is also true, but these are justifications for design, not transition. Similarly, the importance of strategic planning is a justification for strategy, not transition. The difficulties encountered trying to retrofit new practices on existing services is a justification for using service transition processes to introduce the new practices.

A. An integrated plan for introduction or improvement of service transition processes must consider how the processes fit together because it must match the inputs, outputs, and triggers of each process step with the corresponding steps in other processes.

C. The answer shows the order of steps and the corresponding inputs, as illustrated in Figure 30.1.

C. These are all listed as possible challenges in the guidance contained within the ITIL Service Transition publication.

D. These are all possible groups that service transition may need to work with.

B. Based on the guidance within ITIL Service Transition, statement 3 is correct, and the other statements are false:

• Statement 3 is true because decisions around transitioning the transition service (as with all transitions) should only be made with a full understanding of the expected risks and benefits. Examples of possible risks include the alienation of support staff, excessive costs to the business, and unacceptable delays to business benefits.
• Statement 1 is false because careful consideration should be given to the introduction of service transition to existing projects. It will be practical to introduce these process only when the project is at the transition stage rather than attempting to “retrofit” the desired practices at an earlier stage.
• Statement 2 is false because the processes involved in the service transition stage of the service lifecycle are interdependent. The relationships between them are complex, and it is not possible to design and implement them separately.
• Statement 4 is false because even if procedures already exist, formalizing them may meet with resistance and will involve a degree of cultural change. As stated above, staff resistance to change is a likely risk.
• Statement 5 is false because there will be a need to adjust the processes over time to better fit the requirements, and this should be done in conjunction with continual service improvement.

A. Statement 1 is correct because configuration information is particularly challenging in a cloud environment because configurations are so dynamic. However, it may be sufficient to document the high-level configuration and use discovery tools to identify the current state when needed. Statement 2 is also correct because although the organization still needs to carry out service asset and configuration management, the CIs are likely to be at a much higher level.

C. Integration with the business processes and managing a complex stakeholder group are significant challenges for service transition.

A. Balancing the cost of design with the length of time it takes to complete it is applicable to service design, and the balance of service restoration to root cause investigation is applicable to service operation.

B. Cultural change and risk management are challenges of service transition. The impact of the business strategy would affect the service strategy lifecycle stage.

C. The performance measures should be standardized for use in service transition. Developing standard performance measures across projects and suppliers is a significant challenge for all organizations.

A. Establishing and maintaining stakeholder buy-in and commitment and having clearly defined relationships and interfaces with program and project management is vital to the success of a transition.

D. All of these are examples of critical success factors for service transition.

B. It is very important for service transition to demonstrate less variation in time, cost, and quality predictions during and after transition.

C. Design constraints are applicable in service design, but the others are all included in service transition.

C. During a crisis situation, it may not be possible to authorize funding as part of the process.

A. Increasingly, IT services directly support or actually deliver services on which lives depend. This sort of environment favors accuracy over speed and requires rigorous testing, sign-off at the appropriate level, and the ability to veto a change on safety grounds.

D. Rolling out and testing the service are service transition activities. Deciding whether to retire the service is the job of service strategy.

C. Design coordination happens only during the design stage, which includes coordinating all the design activities. The other processes take place in both the service design and service operation stages.

D. This stage of the lifecycle, which implements service improvements, is called continual service improvement in the ITIL publications.

B. The list in option B matches the list provided in the ITIL guidance.

B. Although service strategy is responsible for financial management, it is the responsibility of the other lifecycle stages to deliver within the budget allocated by strategy. If a service costs more to provide than was planned, it may fail to deliver the benefits that it was supposed to deliver.

B. Console management is undertaken by operations control (part of operations management), while it is the job of applications management to identify the functional and manageability requirements for application software. The service desk provides a single point of contact, and technical management designs and manages the infrastructure.

A. The service desk performs these two, customer-facing processes. The desk is not involved in design at all, and although it may attend the change advisory board meetings and approve changes, it is not responsible for change management.

C. The stage of the lifecycle in which service optimization takes place is service operation, not service optimization.

C. The service operation stage includes the services, processes, technology, and people within its scope.

B. Event management and request fulfilment are service operation processes (along with event, incident, and problem management). Risk management is not an ITIL process, and strategy management is a strategy process.

B. The user experience is not based solely on the technical aspects of service provision. Service operation management must consider the service as well, particularly customer service from a user perspective.

C. This is a purpose of the service asset and configuration management, which is part of service transition. The others are all part of the balance of operations discussed in this chapter.

B. It is important to ensure that service operation contributes to service strategy by, for example, identifying the operational risks for IT strategies being considered.

B. Options A, C, and D are wrong answers; the business does care about the efficiency of the service because inefficiency has implications for cost and quality.

A. An organization that responds only after something has been reported is reactive. Anticipation of issues demonstrates a proactive approach.

D. Operational health refers to the overall performance of a service, which is understood by monitoring and measuring to ensure that functions and processes are delivering correctly and targets are being met.

A. An organization that is focused on meeting budgets and reducing costs is extremely cost focused, but an organization focused on delivering the level of quality demanded by the business regardless of what it takes is focused on quality.

D. Communication is vital throughout service operation and should not be left until regular review meetings.

C. Problem management is most involved with proactive management of operational services, as it seeks to prevent incidents by identifying and resolving problems that could cause incidents before the incidents occur. The other processes react to incidents, service requests, or requests for new or changed access.

A. Service operation integrates with all other lifecycle stages.

B. Option B is the definition of an incident given in the ITIL framework. Option A refers to an event, and option C is a diagnosed problem.

C. The incident should not be closed until the user confirms that the service has been restored.

B. Option B does not restore the service to the agreed level or provide a workaround; the other options do this.

C. Option C is the definition of normal service operation given in the ITIL framework. Normal service operation is what the customer should expect because both sides have agreed on it in the SLA.

C. These are called incident models. A model is a repeatable way of dealing with a particular item, in this case a particular type of incident. It defines steps to be taken to resolve the incident along with timescales and escalation points. This speeds up logging and improves consistency.

D. All incidents should be logged to ensure that a true picture of the customer experience is achieved; this also allows the cumulative impact of minor incidents to be evaluated. It provides evidence as to when these incidents occur, which may be useful in diagnosing the underlying cause. Option B is incorrect because not all incidents will come from the user; they could come from event logs, suppliers, technical staff, and so on.

B. Priority within ITIL terms is always based on impact (effect on the business) and urgency (how quickly the business needs resolution).

B. Hierarchic escalation involves going up the chain of command to inform or gain additional resource. Functional escalation is going across increasing technical skill levels to speed up resolution.

C. A problem takes an unknown cause from one or more incidents, diagnoses the cause, and determines a permanent solution, where possible, thus turning an unknown into a known.

D. These are all potential outputs of problem management. Known errors and the associated workarounds are documented and passed to the service desk so that new incident occurrences can be resolved. An RFC may need to be raised to implement a permanent resolution.

D. Only common, low-risk requests with a documented fulfilment procedure should be implemented using the request fulfilment process. Other changes require risk assessment through the change advisory board.

A. Service desk staff fulfil many requests, with second-line staff carrying out installations, moves, and so on. Requests do not fall under the responsibilities of SLM or BRM.

A. Requests do not need CAB approval. If a change is required to fulfil the request, it should usually be preauthorized because the level of risk is low and the fulfilment process known and defined. The usual financial controls still apply, so part of fulfilment may be obtaining the budget holder’s agreement to the expenditure. Technical authorization may be required, as mentioned in the chapter.

D. A request to change the functionality of a service by adding a web interface would require consideration of all of the implications and would need to be considered by the CAB. All the other options are examples of service requests.

B. Option B is the definition of a service request provided in the ITIL guidance. A request might be for a standard change, but many requests are not. The procurement process is not necessarily involved in every request. An RFC is not required for a service request.

D. The first three options are listed among the objectives of request fulfilment in the ITIL guidance. Requests are by definition low risk, so understanding and minimizing risk is part of change management, not request fulfilment.

C. Although the request fulfilment process and tools may be used to simplify all sorts of non-IT requests, it does not follow that non-IT requests should be managed by the service desk. This is for the organization to decide; it may lead to a de-skilled service desk.

B. Although the same process may be used, reporting will be complex due to the different goals of the processes—although we want to reduce the number of incidents over time, we may be encouraging users to log requests. So although the number of incidents may be reducing, this may be hard to measure if the number of requests logged this way is increasing. The ability to differentiate between requests and actual incidents is essential. There are similarities in the processes, but many differences too, such as the use of known errors and workarounds in incident management and the emphasis on time, whereas requests may have a set lead time. Each organization will need to assess whether it would be more efficient to have one process, so it cannot be said that it will always be more efficient to combine the two processes.

D. Service level management interfaces with request fulfilment as this process will agree on target fulfilment times for various request types. Many requests will be to provide or remove access to services, and financial management rules may require financial approval of some requests. There is, however, no regular interface between request fulfilment and demand management.

B. A well-designed request fulfilment process will include a process to check on the existence of spare equipment that can be reallocated to avoid the need to purchase a new item. The budget holder should still control expenditure, so the budget will not be spent unnecessarily. The process will also include steps to update the CMS. Users might try to use the request system to avoid change management; this needs to be resisted by checks in the process and communication of the rules to the user community.

D. Situation 2 would not be helped by using events. Situation 1 would detect an alert that a time threshold or a priority condition existed and would carry out the escalation defined. Situation 3 would similarly respond to a particular event such as an alarm and would automatically notify the police station. Situation 4 could use the events signifying the successful backup of each file to automate the backup of the next file.

C. 1, 2, and 4 are all examples of where event management can be used. Heat and moisture content can be monitored through event management, and actions can be taken if they breach acceptable parameters. Licenses can be controlled by monitoring who is signing onto applications and raising an alert if the maximum legal number is breached. Staff rosters do not have changing conditions that could be monitored by the use of events.

C. The two types of event monitoring described in the chapter are passive and active. Passive monitoring waits for an error message to be detected, and active monitoring checks periodically on the “health” of the CI. The other two are not recognized by ITIL as event monitoring types.

D. Option C is the definition given in the chapter of an alert. Option A is the definition of an incident. Option B is the definition of a problem. Option D is the definition of an event.

C. Option A describes the correlation engine, Option B describes a CMDB, and Option D describes an access management tool. The definition given in Option C matches the explanation in the ITIL Service Operation publication.

C. Sending notification of every event to every support team would be inefficient. Part of setting up event management is defining who needs to know about specific types of event; the correct team can then be automatically notified, saving time and ensuring a consistent response.

A. ITIL does not define an emergency event type. Exception events indicate a failure that must be fixed, while informational events simply consist of a flag that something has happened and should be recorded. A warning event signifies unusual but not necessarily exceptional behavior.

B. The correlation engine allows the creation of rule sets that it will use to process events. This will enable the system to determine the significance of each event and also to determine whether there is any predefined response to that event. The correlation engine is not usually used for change management.

B. The initial sequence of activities in the event management process is as follows: an event occurs, the event notification is sent, the event is detected by the event management system and logged, and first-level correlation and filtering takes place.

B. All of these are valid inputs to event management.

B. Option A is incorrect because security management does not prevent nonauthorized users from gaining access. Option C is incorrect because security management is responsible for setting security policies. Option D is incorrect because access management carries out the wishes of whoever is responsible for authorizing access (usually a business manager); it does not make the decision.

D. All of the statements except number 3 are correct. Organizations often have a legal requirement to protect data, and failure to do so may damage their reputation and lead to less business. The data belongs to the business, and effective access management is required to ensure that access is based on business reasons, not what IT thinks. Access management does not necessarily reduce costs.

C. Option C is not a valid challenge because access management will ensure that every user can be uniquely identified by using additional information such as employee number, date of birth, and so on, so a name change or the appointment of someone with the same name does not cause confusion. All the other options are challenges that access management has to meet.

A. Access management will remove or restrict access for staff on long-term leave because there is no valid reason for them to be accessing data. Any attempt to do so would raise suspicions. Access rights for those who have left the organization should be removed. It is poor practice to keep their access information available for the remaining staff to use; it should be adjusted if required to ensure a proper audit trail.

If a user is under investigation for wrongdoing, their access should be reduced to prevent possible increased harm and to prevent any attempt on the part of the user to “cover their tracks.” Finally, users moving within the organization should have their existing access reduced or removed and replaced with the access required for their new position.

B. Monitoring the use of the access rights granted to users helps to confirm that the security policies are being adhered to; the aim is not to find and punish those breaking the rules or to read personal emails but to be aware of breaches and raise awareness of the security policy.

D. Access management is the efficient execution of information security management policies that protect the confidentiality, integrity, and availability (CIA) of the organization’s data and intellectual property. Confidentiality here means that only authorized users are able to see the data. Integrity means that the data is kept safe from corruption or unauthorized change. Availability refers to the service being available to the authorized user.

B. Organizations sometimes maintain a specialized team to carry out the requests, but more commonly it is carried out by other functions. Technical and application management functions are involved, and a significant part of the process may be handled within the service desk. There should be a single coordination point to ensure consistency. The information security process owner is NOT involved in carrying out access management.

B. It is the job of information security management to define the levels of protection required for different classes of data. All the other options provided are examples of business benefits of access management.

C. Option A refers to access, the level and extent of a service’s functionality or data that a user is entitled to use. Option B refers to identity, the information about a user that distinguishes them as an individual and verifies their status within the organization. Option D refers to rights or privileges, which are the actual settings whereby a user is provided access. Finally, option B refers to directory services, which are specific types of tools that are used to manage access and rights.

A. These are all valid sources for access requests.

D. Options A, B, and C are all part of the measurement and control cycle. D is not because restoration is required after a failure and failure should not be continuous.

A. Option B is the definition of the dimension of an item, C is the capacity of an item, and D is the cost of an item.

C. Both of these statements are correct; monitoring is used for both of these purposes.

A. Active monitoring is the ongoing “interrogation” of a device or system to determine its status. Passive monitoring is generating and transmitting events to a “listening device” or monitoring agent. Reactive monitoring is designed to request or trigger action following a certain type of event or failure. Proactive monitoring is used to detect patterns of events that indicate that a system or service may be about to fail.

C. Options A, B, and D would measure against a target, not a control. A control is measured against a predefined norm.

A. Service operation is the only place where monitoring and control can be applied.

B. Design coordination and service validation and testing are processes from service design and service transition.

B. Both statements are correct. Audits must be completed regularly and should check if processes are fit for purpose.

A. Service operation is engaged in all other lifecycle stages.

C. Both statements are correct. Service operation should be looking for improvements, and these should be included in the CSI improvement register.

D. Testing and rolling out the service are part of the service transition stage, and the decision to retire the service is strategic.

D. Design coordination takes place solely within the service design lifecycle stage, whereas the other processes have elements of operational activity.

C. Option C includes the correct list of functions in service operation.

B. Defining the infrastructure requirements will be part of service design.

B. Option B correctly matches the activities and functions.

C. The problem management process is responsible for the prevention of incidents.

B. Design coordination is a process of service design, and change management is a process of service transition.

D. Specialist technical knowledge is more likely to be found in the technical or application management functions.

D. Facilities management and operations control are the two elements of operations management.

B. Matrix is not recognized as a service desk structure in the ITIL framework.

B. Tools enable processes, not replace them, and although tools are used to support the processes, they should not define them.

A. Statement 2 is incorrect; a tool does not need to have a service knowledge management system to be a service management tool. However, having details of all CIs and being able to link incidents, problems, requests, and so on is incredibly useful.

B. The first step in selecting a toolset should be requirements gathering; if the requirements are not met, the tool may not function sufficiently to support the needs of the processes and teams.

C. All of the options are part of the generic requirements for a service management tool.

A. Must, Should, Could, Would (MoSCoW) technique is used to categorize requirements in the selection of a tool. For example, the tool must have the ability to link incident records to problem records.

D. The ability to authorize change requests is unlikely to be part of a self-service portal, but all of the rest are potentially standard capabilities.

D. Reporting is essential in service management. A good tool will have a selection of generic reports but should also provide the functionality to support tailored report requirements to support organizational needs.

A. Management should provide support and guidance throughout service management, and commitment is apparent if they provide the budget to enable training, obtain tools, and so on.

C. The KEDB (known error database) is important for both the processes of incident and problem management because this is where the information on root cause, workarounds, and resolutions is stored. Incident management can use it to improve its capability to fix incidents at first point of contact, and problem management will use the information to support raising changes and for trend analysis to understand underlying causes.

B. Telephony systems such as an ACD system may also be classified as a service management tool, not just a record/ticket logging system. It is important to remember that service management requires a suite of tools to support the processes effectively. For example, there should be monitoring systems for event and access management, which may be linked to an incident management system.

C. These are all valid triggers listed in the ITIL Service Operation core volume.

B. Statement 1 is incorrect; the aim of managing change is to ensure the benefits are delivered without any unexpected variation or outages. Statement 2 is correct, since if the change is successful, no such variations or outages will be visible to the customer; all they will notice is the benefits that have been delivered. Some technical changes may not be noticed by the customer at all, but will deliver a more robust service and reduce the likelihood of future outages.

A. Service operation personnel should be involved in design and transition to ensure that the end result is “supportable.”

B. Processes are defined first; the tool is used to support them. Tools can facilitate process operation. Customer satisfaction is dependent upon many factors, and the tool alone is not likely to improve it. A service management tool will not reduce outages or increase first-time fix rates on its own, but using the tool correctly and optimizing data capture and knowledge share will assist the support teams.

B. Adopting project management does not mean that service operation does not have to fund the change. All other answers are benefits of using project management.

D. The six items in the question are all triggers for operational change listed in ITIL Service Operation.

D. Service operation staff need to be involved early in the process to ensure that the design takes into account operational issues, but their involvement is also needed later. Service operation staff also need to be involved late in the process to ensure that the schedule for implementation does not clash with other operational priorities. So staff involvement is necessary throughout the design and implementation process to ensure that all operational issues and possible impacts are dealt with.

C. ITIL and project management can be complementary; however, project management is not required for simple changes. Project management is useful where changes are large or complex. Not all operational changes are business as usual, and simple changes do not require project management.

D. These are all risks and should be mitigated using ITIL best practice.

B. Time limited is not a valid type of license. All the other terms are descriptions of possible licensing options.

D. As explained above, operational expenditure is seen as infrastructure costs and thus an overhead. It is not always understood that investment in operations can lead to cost savings. For example, investment in a knowledge base should improve first-contact resolution, saving the cost and delay of involving second- and third-line staff.

D. Service operation should engage with all lifecycle stages. This chapter has explained why involvement by design and transition is essential to ensure that the service can be operated as designed and the transition delivers a working system. Unless operations understand why a service is being deployed, and what it is meant to achieve, the focus will not be on achieving these aims. All stages of the lifecycle should engage with CSI.

B. Support from senior/middle management and the business is important when trying to implement changes in the face of opposition from some staff. Support from “champions” can help change how staff regard the changes. Support from suppliers is irrelevant; however, they can play a significant part in helping to deliver services.

A. All of these are CSFs for staff retention listed in ITIL Service Operation.

C. A successful service desk requires adequate funding because understaffing or insufficient tools will adversely impact the service to customers. Loss of key personnel, unless an effective knowledge base exists, could reduce the first-contact fix rate. Resistance to change could lead to second-line staff refusing to share knowledge to enable the service desk to resolve more incidents. This can be overcome with management support; if this is lacking, the service desk will struggle.

B. The focus of work in the operation stage of the lifecycle differs from the other stages because it concentrates on delivering a live service. Other staff work on projects with defined end dates, but operations staff seldom do; they are providing a continuous service. This means that operations staff are more concerned that the service works when delivered than about meeting a particular date. Operations staff are concerned with warranty because failure to meet warranty requirements will lead to problems delivering the live service; other areas, such a service design, are more concerned that the new capabilities work. However, all stages are concerned with sticking to the budget, and there is no evidence that operations staff are not respected.

B. Implementing best practice in configuration management will save money in preventing unnecessary license sales, problem management will reduce repeat incidents, and availability and capacity management will ensure the best utilization of the infrastructure. Better testing is a result of investment in transition, not operations.

B. Defining requirements is a challenge for service design, not service operation. Translating technical metrics into service metrics, sharing knowledge effectively, and managing suppliers and internal teams are all challenges listed in ITIL Service Operation.

B. Translating strategic plans into tactical and operational plans is a challenge for service design, not service operation. Ensuring that there is the right number of staff and that they have the necessary knowledge and skills are critical success factors for service operation, as is visual management support.

C. Inadequate funding, loss of momentum, and resistance to change are all risks listed in ITIL Service Operation. A clear definition of measurement and reporting is a critical success factor, not a risk.

B. To ensure that IT services remain aligned to changing business needs is the main objective of CSI according to the ITIL Continual Service Improvement core volume.

D. The first three statements are correct.

C. All areas, including CSI itself, are within the scope of CSI.

C. These are the inputs and outputs for each step of the process:

• What is the vision? (Business vision, mission, goals, and objectives)
• Where are we now? (Baseline assessments)
• Where do we want to be? (Measurable targets)
• How do we get there? (Service and process improvements)
• Did we get there? (Measurements and metrics)
• How do we keep the momentum going?

A. The second statement is the purpose of the service strategy lifecycle stage.

B. Options A and D are service transition objectives; option C is an objective of service strategy. CSI is concerned with the identification of improvement opportunities.

C. CSI provides guidance on service management improvements, not on business strategic planning.

A. The CSI stage applies across the whole of the service lifecycle and is key in the management of all improvements across all service stages.

C. The CSI approach is a set of steps that can be used to manage improvement initiatives in line with the requirements of the business.

B. Wanting to improve the level of service, being able to deliver it at a lower cost (thus improving the profit margin), and streamlining a process are all valid reasons for undertaking CSI. Increasing the cost of a service is not; CSI ensures that the service is provided to the agreed level, with no unnecessary costs or delays in that provision.

A. There are eight steps in Kotter’s transformation program.

D. The register should not be managed by the customers. It should be managed on behalf of the customers by the CSI manager, and there should be a single register, not multiple registers to avoid duplication.

A. Regulation and legislation, competition and market pressures, and economics are all external drivers that come from outside the organization; the others are internal drivers.

B. To validate, direct, justify, and intervene are all reasons to measure.

C. The knowledge spiral connects strategic, tactical, and operational approaches.

A. ITIL complements other standards and frameworks, and CSI should work with all stages of the service lifecycle.

B. A baseline captures a starting point for improvement.

A. Knowledge management is concerned with the management of information.

C. Corrective action is the last step, but this corrective action may lead to further improvement.

A. CSI is an important part of all change in an organization and should be included as part of organizational change.

B. The seven-step improvement process is the process used as part of the CSI lifecycle stage to ensure that the correct data is gathered, analyzed, and presented to the correct audience to enable informed decision-making.

B. Improving service delivery by eliminating the root causes of incidents is the responsibility of problem management.

D. Service improvement must focus on increasing the efficiency, maximizing the effectiveness, and optimizing the cost of services and the underlying IT service management (ITSM) processes. The only way to do this is to ensure that improvement opportunities are identified throughout the entire service lifecycle.

C. All steps must be followed, and they must be followed in sequence. The process may be used at any stage of the service lifecycle.

C. The integration of the PDCA cycle and the seven-step improvement process is as follows:

• Plan
  1. Identify the strategy for improvement.
  2. Define what you will measure.
• Do
  3. Gather the data.
  4. Process the data.
• Check
  5. Analyze the information and data.
  6. Present and use the information.
• Act
  7. Implement improvement.

B. The three main types of metrics are technology, relating to component and application based metrics such as performance and availability; process, metrics captured as CSFs, KPIs, and activity metrics for monitoring the health of a process; and service, metrics used to assess the end-to-end service.

B. It is not advisable to take action based solely on a “snapshot” of a data point at a specific moment in time; an analysis of the data points over a period of time will show whether this is an ongoing issue requiring action or was a one-off occurrence.

B. There are usually four distinct audiences:

• The customers: Their real need is to understand whether IT delivered the service they promised at the levels they promised and, if not, what improvements are being implemented to improve the situation.

• Senior IT management: This group is often focused on the results surrounding CSFs and KPIs, such as customer satisfaction, actual versus planned costs, and achievement of revenue targets. Information provided at this level helps determine strategic and tactical improvements on a larger scale. Senior IT management often wants this type of information provided in the form of a balanced scorecard or IT scorecard format to see the big picture at one glance.

• Internal IT: This group is often interested in KPIs and activity metrics that help them plan, coordinate, schedule, and identify incremental improvement opportunities.

• Suppliers: This group will be interested in KPIs and activity metrics related to their own services and performance. Suppliers may also be targeted with improvement initiatives.

B. Step 2 (define what you will measure) and step 3 (gather the data) are aligned to the data part of the DIKW structure.

B. The order of the seven steps is as follows:

1. Identify the strategy for improvement.
2. Define what you will measure.
3. Gather the data.
4. Process the data.
5. Analyze the information and data.
6. Present and use the information.
7. Implement the improvement.

C. Both statements are correct.

D. Costs, staff, and management buy-in are essential, but there is no specific requirement for an assessment tool.

A. Maturity assessment frameworks evaluate people, processes, and technology. Services are made up of these elements but are not part of the maturity assessment.

B. The acronym commonly used is PDCA, which stands for Plan-Do-Check-Act.

C. Benchmarking is used as a comparison to best practice. The other three options are measurements that can be used in service management.

D. All of these are techniques that can help identify problem areas for improvement action.

C. All of the personnel listed may be involved in benchmarking.

D. These are basic measures used in service measurement.

C. All of these are drivers for service targets.

D. SWOT stands for strengths, weaknesses, opportunities, and threats. Strengths and weaknesses are both internal attributes, not external.

C. “The reporting analyst reviews and analyses data from components, systems and sub-systems in order to obtain a true end-to-end service achievement.” (ITIL CSI core volume, Chapter 6)

B. RACI is an acronym of the four levels of involvement in a process activity: responsible, accountable, consulted, informed.

• Responsible: The person or people responsible for getting the job done.
• Accountable: Only one person can be accountable for each task.
• Consulted: Involvement through input of knowledge and information.
• Informed: Receiving information about process execution and quality.

D. The process owner ensures the process can be carried out effectively, the process manager ensures that it is carried out effectively, and the process practitioner actually carries out the process activity.

C. The service owner is accountable for the delivery of a specific IT service and represents the service across the organization. The service owner is accountable to the customer for the initiation, transition, and ongoing maintenance and support of a particular service and accountable to the IT director or service management director for the delivery of the service.

C. The CSI manager is responsible for developing CSI practices and communication throughout the organization. The service owner is responsible for maintaining accurate information in the service catalog. The process owner is responsible for sponsoring, designing, and managing changes to the process and its metrics. The process manager is responsible for ensuring that activities are carried out as required throughout the service.

B. The RACI matrix shows who is responsible, accountable, consulted, or informed for each task in a process. It is the combination of OLAs and underpinning contracts that show what can be promised in an SLA.

D. The process practitioner is responsible for creating or updating records to show that activities have been carried out correctly. An example of a process practitioner is a service desk analyst who creates and updates incident and request records.

B. The reporting analyst does not need to have the ability to build trust with senior business managers; it is the CSI manager’s role to build trust with senior IT and business managers. The reporting analyst does not need an in-depth understanding of the technical infrastructure, just an understanding of its reporting capabilities. Similarly, customer-facing skills are not required as their work is mostly internal, with the service provider.

B. These skills are required by those responsible for identifying the strategy for improvement (step 1), defining what to measure (step 2), and presenting and using the information (step 6).

D. Customer focus is a primary responsibility of the service level manager and business relationship manager; it is a secondary responsibility for the CSI manager and service owner.

D. There is no single tool that can do everything.

B. Separate tools will make linking items difficult or impossible.

C. Tools support processes. Each organization will adopt and adapt the ITIL processes to suit its environment; the tool should be programmed to support the organization’s processes. The tools themselves do not enforce adherence. Answers A, B, and D correctly describe the benefits of using such tools.

B. Business process automation tools and customer relationship management tools are not tools that would be used to assist service management. All the others are frequently used in service management.

B. However intuitive the tool is, training is always required to get the best use of the product. Reporting requirements should be considered from the beginning to ensure that the required data is captured. Requirements will change as processes mature, so one should expect the tool configuration to change over time. Strict adherence to ITIL is not necessary as long as the tool supports your processes.

C. Although tools may be involved in managing and automating processes, the area of service management that is mostly concerned with tools is products. This area involves the products and tools that may be used to assist in effective service management.

D. Holistic means that the tool deals with service management as a whole, not just some of its components. Integrated toolsets fit this definition. Business process engineering tools and customer relationship management (CRM) toolsets are specialist tools for those areas or activities; they are not service management tools. Finally, a tool may be centralized without being holistic; an event management tool may be operated centrally but only assists a single process, so it is not integrated.

D. The tools will provide data upon which a prioritization decision may be based, but the decision cannot be automated. It must be a matter for the service provider, based on the business benefits and priorities.

A. Both these statements are true.

B. Tools cannot replace the need for effective processes.

C. The decision regarding what to improve first can only be made when there is data to analyze and key people appointed to do it. The internal reviews will help inform the analysis.

D. The three approaches in ITIL are functional, lifecycle, and service.

B. Good data can be obtained from a combination of different tools, although the stakeholders need to agree on the criteria for what is gathered. CSI is concerned with the improvement of both customer-facing and internal processes because inefficient internal processes may increase cost and have an indirect negative impact on customer services.

C. Establish a sense of urgency is the first of Kotter’s steps.

D. Senior management involvement is crucial to show that it is regarded as important. Key individuals who are not managers can still be influential among their peers. Only those who believe in the changes should be involved.

D. A mission statement does not coordinate actions.

B. Good data helps to direct and justify improvement actions, but ignoring failing areas because you lack the statistical data is wrong; the first step for improvement in these areas is to improve the quality of data being collected.

A. Cultural change means winning the hearts and minds of staff. Enforcement of a process does not mean that cultural change has taken place.

A. The four key roles are CSI manager, service owner, reporting analyst, and service level manager.

C. CSI must be continual. Reporting and reviewing should be embedded in every process, and improvement based on these reviews should be part of business as usual.

B. These are all common challenges.

B. The business has to be involved in improvement decisions that will impact them, and if they do not understand the reasons behind the actions being taken, they may even be hostile to the changes. CSI needs to include improvements to both services and service management processes. Poor service management processes will ultimately impact the business

D. The cost to overcome the situation is already covered in the assessment of impact. Even if it is expensive to remove, a risk with a high chance of occurring and with a major impact will need to be mitigated.

A. Measurements should be focused on customer satisfaction and should not be inwardly focused on measuring the achievement of internal goals. Achievement of the strategy should be able to be ascertained from day-to-day performance trends. If your strategy changes, the current measurements may be irrelevant and would therefore need to change.

D. All of these are possible challenges.

D. ITIL describes this as a challenge. There may be an associated risk that time is wasted re-creating knowledge that already existed but was not shared. Sharing of knowledge is a CSF for CSI; this could be measured by KPIs of “an expansion in the number of validated articles in the knowledgebase” and “increasing numbers of occasions when staff refer to the knowledge base and successfully obtain the information they require.”

C. These are all possible reasons CSI may be resisted. Adequate time and training needs to be provided, together with a cultural change program.

A. If the IT provider does not have a good relationship with the business and has little communication with it, it will be difficult for them to appreciate business priorities. Similarly, technical metrics that do not show the impact of IT failures on the business will make it difficult to prioritize actions. Department heads within the service provider may try to use CSI as a means of implementing changes they think are important; there is a danger that priorities will be set that suit the IT department rather than the business. Inadequate resources may limit the improvements that can be made, but it does not stop them being prioritized.

B. Option B describes a risk, not a CSF.

B. KPIs measure critical success factors. A risk is the possible result if a challenge is not met successfully.