Purpose of Service Level Management

We will begin by looking at the purpose of the service level management process according to the ITIL framework. ITIL states that the purpose of SLM is to ensure that all current and planned IT services are delivered to agreed achievable targets. The key words here are agreed and targets. Service level management is about discussing, negotiating, and agreeing with the customer about what IT services should be provided and ensuring that objective measures are used to ascertain whether that service has been provided to the agreed level.

Service level management is therefore concerned with defining the services, documenting them in an agreement, including the commitments on each side, and then ensuring that the targets are measured and met and taking action where necessary to improve the level of service delivered. These improvements will often be carried out as part of continual service improvement.

Note also that the definition of SLM talks about current and planned IT services. Service level management’s purpose is to ensure not only that all IT services currently being delivered have a service level agreement (SLA) in place, but also that discussion and negotiation takes place regarding the requirements for planned services so that an SLA is agreed on and in place when the service becomes operational. In the initial period following the transition of a new or changed service, the SLA targets are likely to remain provisional, as they are tested in the live environment. They may then be adjusted, if required, before being finalized.

It is for this latter reason that service level management is one of the service design processes; services must be designed to deliver the levels of availability, capacity, and so on that the customer requires and that service level management documents in the SLA. It is a frequent problem that the SLA is not considered until just before (or even after) the go-live date, when it is realized that the customer service level requirements are not met by the design. Service level management is concerned primarily with the warranty aspects of the service. The response time, capacity, availability, and so on of the new service will be the subject of the SLA, and it is essential that the service is designed to meet both utility and warranty requirements.

Objectives of Service Level Management

The objectives of SLM are not restricted to “define, document, agree, monitor, measure, report, and review” (how well the IT service is delivered) and undertaking improvement actions when necessary. It also includes working with business relationship management to build a good working relationship with the business customers. The regular meetings held with the business as part of service level management form the basis of a strong communications channel that strengthens the relationship between the customer and IT.

It is an essential feature of SLM that the customer and IT agree on what constitutes an acceptable level of service. Therefore, one of the objectives of SLM is to develop appropriate targets for each IT service. These targets must be specific and measurable so that there is no debate whether they were achieved. The temptation to use expressions such as “as soon as possible” or “reasonable endeavors” should be resisted, because the customer and IT may disagree on what constitutes “as soon as possible” or what is “reasonable.” By using such expressions in an SLA, it may be impossible for the IT service provider to fail, but this leads to cynicism from the customer and damages the relationship that the SLM aims to build. Where the IT service provider is an external company, the legal department will inevitably seek to reduce the possibility of the provider being sued for breach of contract, and these phrases may therefore be included; for an internal service provider, there is no such excuse. Using objective success criteria is essential if SLM is to achieve another of its objectives: that of ensuring that both the customer and IT have “clear and unambiguous expectations” regarding the level of service.

A further SLM objective is to ascertain the level of customer satisfaction with the service being provided and to take steps to increase it. There are challenges in this objective, because obtaining an accurate assessment of customer satisfaction is not straightforward. Customer satisfaction surveys may be completed only by a self-selecting minority. Those who are unhappy are more likely to complete such a survey than those who are content. Despite this tendency, the service level manager must still attempt to monitor customer satisfaction as accurately as possible, using whatever methods are appropriate. In addition to surveys, focus groups, and individual interviews, other methods can be employed.

The final objective that ITIL lists for SLM is that of improving the level of service, even when the targets are being met. Such improvements must be cost-effective, so an analysis of the return expected for any financial or resource investment must be carried out. SLM actively seeks out opportunities for such cost-effective improvements. Achieving this objective forms part of the continual service improvement that is an essential element in all ITIL processes.

Scope of Service Level Management

The scope of service level management includes the performance of existing services being provided and the definition of required service levels for planned services. It forms a regular communication channel between the business and the IT service provider on all issues concerning the quality of service. SLM therefore has an important role to play in managing customers’ expectations to ensure that the level of service they expect and the level of service they perceive they are receiving match. As stated earlier, SLM is concerned with ensuring that the warranty aspects of a service are provided to the expected level. The level of service expected for planned services is detailed in the service level requirements (SLR) specification, provided by the customer, and the agreed service levels (following negotiation) are documented in the SLA. SLAs should be written to cover all operational services. Through this involvement in the design phase, SLM ensures that the planned services will deliver the warranty levels required by the business.

Service Level Management Value to the Business

Each IT service is composed of a number of elements provided by internal support teams or external third-party suppliers. An essential element of successful service level management is the negotiation and agreement with those who provide each element of the service regarding the level of service that they provide. A failure by these providers will translate to a failure to meet the SLA. We will look at these agreements, called operational level agreements (OLAs) in the case of internal teams and underpinning contracts in the case of external suppliers, later in this chapter.

Finally, SLM includes measuring and reporting on all service achievements compared to the agreed targets. The frequency, measurement method, and depth of reporting required are agreed on as part of the SLA negotiations.

It is important to understand the relationship between service level management and business relationship management. SLM deals with issues related to the quality of service being provided; a business relationship management’s role is more strategic. The business relationship manager works closely with the business, understanding its current and future IT requirements. It is then the responsibility of the business relationship manager (BRM) to ensure that the service provider understands these needs and is able to meet them. SLM is concerned more about how to meet the targets by ensuring that agreements are in place with internal and external suppliers to provide elements of the service to the required standard. Business relationship management is covered in more detail in Chapter 19, “Business Relationship Management and Financial Management for IT.”

Service level management cooperates with and complements business relationship management. Similarly, the improvement actions identified by SLM in a service improvement plan (SIP) are implemented in conjunction with continual service improvement; they are documented in the CSI register, where they are prioritized and reviewed.

Service Level Management Policies, Principles, and Basic Concepts

Next we consider some of the policies, principles, and basic concepts of service level management.

Basic Concepts

Service level management terminology is expressed from the point of view of the IT service provider, particularly as it relates to underpinning contracts and agreements. You should be familiar with this terminology from your foundation studies.

Service Level Agreement

The term SLA is used to refer to an agreement between the IT service provider and the customer(s) only. It should be a formal, written agreement, defining the key service targets and responsibilities of both parties. It is not sufficient to have an unwritten “understanding” as any disagreements regarding the level of service provided need to be resolved by reference to agreed, defined, and objective targets. The word agreement is important—an SLA cannot be imposed by either side since the agreement has to be mutually beneficial. An SLA will typically define targets for the warranty aspects a service should deliver and will also describe the utility of the service.

Underpinning Contract

The term underpinning contract is used here to refer to any kind of agreement or contract between an IT service provider and a supplier that supports the delivery of service to the customer. Examples include contracts with Internet service providers or software suppliers describing the service and support provided.

Operational Level Agreement

The term operational level agreement is an agreement between an IT service provider and another part of the same organization that assists with the provision of services. It describes agreements made by internal teams regarding the aspects of the service delivered by these teams. Examples include incident response and resolution times and support hours for each second-line support team.

Underpinning Agreements

Underpinning agreements is a generic term used to refer to all OLAs, and contracts or other agreements that underpin the customer SLAs. The term underpin means that these agreements support the targets in the SLA. It is essential that all targets contained within these agreements underpin those agreed to by the service provider and its customers. With appropriate underpinning agreements in place, the service provider can be assured that the targets in the SLA can be met. Figure 18.1 shows these service relationships and dependencies.

SLA Structures

There are a number of possible structures for SLAs, and the service provider should choose the structure that is most suitable. Each of the potential structures has advantages and disadvantages. Let’s examine these structures in turn:

• A service-based SLA structure has an SLA for each service for all the customers of that service. This suits organizations offering a standard service, such as a hardware repair service, where all customers get the same response and repair service targets. It is not suitable where different customers have different requirements for the service, or if different service levels are inevitable. An example might be where customers in remote areas have to accept a slower response time. In such cases, separate targets may be needed within the one agreement. It is important that appropriate signatories to these agreements are identified. In situations where common levels of service are provided across all areas of the business (for example, email or telephony), the service-based SLA can be a suitable structure. To cater to some variation in requirements for these standard services, multiple classes of service (for example, gold, silver, and bronze) can also be used. Customers may not like having to refer to different SLAs for the different services they use.
• A customer-based SLA is an agreement with an individual customer group, covering all the services they use. An example is an SLA with an organization’s finance or human resources department covering the IT systems that they use. Customers often like that all of their requirements are covered in a single document. Only one signatory is normally required, which simplifies this issue. The service provider may find it inconvenient that the same service may be referenced in several SLAs.
• Multilevel SLAs are another option and an example of a three-layer structure shown in Figure 18.2. The three layers in this example are corporate, customer, and service. The corporate level describes all the generic SLM issues that apply to every customer throughout the organization. The customer level covers all SLM issues relevant to one particular customer group or business unit, regardless of the service being used. The third level is the service level, which covers all SLM issues relevant to the specific service, in relation to a specific customer group (one for each service covered by the SLA).

This structure allows SLAs to be kept to a manageable size, avoids unnecessary duplication, and reduces the need for frequent updates. It does involve extra administration to maintain the necessary relationships and links within the service catalog and the CMS.

Service Level Management Process Activities, Methods, and Techniques

Let’s now explore the process and its activities in detail. In Figure 18.3, the service level management process, you can see the full scope of the activities in the service level management process.

The key activities within the SLM process should include the following; ensure that you can identify each of these steps in the diagram.

Determining, negotiating, documenting, and agreeing on requirements for new or changed services and for existing services SLAs should be agreed to in advance of the deployment of a new or changed service into the live environment. The targets in the SLA will be the results of the negotiation of service level requirements; for new services these targets will originate from SLRs developed early in the service design stage, and will be developed into a pilot or draft SLA. This document will be refined during the design stage and monitored during early life support. If the targets can be achieved, the SLA will be formally adopted and signed. If the targets are not being achieved, there may need to be improvements implemented to the design so that it can support the required targets, or the targets may need to be renegotiated. When the service meets the specified targets, the draft SLA can be finalized and signed by the service provider and the customer representatives.

As explained earlier, SLRs describe the customer requirement for an aspect of an IT service and are primarily concerned with the warranty aspects such as the availability of the service. These SLRs form the basis for the service level targets. If the requirements exceed the level of service currently supplied by the underpinning agreements, the service level manager will have to either renegotiate these underpinning agreements or negotiate with the customer to agree to a service level that can be supported.

Existing operational services also require service level agreements. If this process is being introduced for the first time, the service level targets for these will also need to be negotiated and agreed on.

Monitoring and measuring achievements of all operational services against targets within SLAs As stated previously, targets for service performance must be specific, objective, and measurable. A balance must be struck between providing detailed service reporting and overwhelming the customer with numerous graphs. Cynical service providers may believe that providing large numbers of reports may actually obscure the truth about service level achievements. The reporting needs to be simple and clear and reflect the customer experience. It is better to report on a few key metrics, providing detailed analysis of any failures and a plan of action to address them, than to provide dozens of graphs that the customer does not fully understand.

One simple approach is to produce a report with the status of each service each month showing as red, amber, or green. Red signifies a breach or an agreed-to service level target, amber signifies that the target was nearly breached, and green shows that the service performed within target. This “RAG” report can convey a lot of information across all services but draws attention to the areas of concern so that they may be addressed.

Every report produced should follow reporting best practice—it should have a clear purpose, a defined audience, and clearly identified data sources. Reports should be produced to the schedule specified in the SLA.

Conducting service reviews Some organizations carry out the negotiating, documenting, and agreement stages of service level management, and produce the agreed-to reports, but do not actively manage the level of service being provided. Meeting regularly (on a defined schedule) with customers to discuss achievements or issues and to identify improvement opportunities are important SLM activities. These service reviews build a stronger relationship with the customer and enable issues to be identified and dealt with. It is unfortunately common for organizations to fail to hold regular meetings after the first few. The customer then feels that their concerns are not being addressed.

Collating, measuring, and improving customer satisfaction Customer satisfaction may be measured in a variety of ways. As with reporting against targets, it is important that issues are identified and actions taken. There is little point in the service desk routinely gathering such information after incident resolution or request fulfillment if no one in the service provider organization is analyzing the results. SLM is also responsible for logging and managing complaints and compliments.

Supporting activities These other activities within the SLM process support the successful execution of the key activities:

• Designing SLA frameworks as described earlier.
• Periodically reviewing and revising the current SLAs and service scope. Reviewing and revising OLAs and contracts to ensure that they continue to underpin the SLAs (revision of contracts will be done in conjunction with supplier management).
• Developing, maintaining, and operating SLM procedures, including procedures for logging, actioning, and resolving all complaints, and for logging and distributing compliments.
• Making available and maintaining up-to-date SLM document templates and standards, including assisting with the service catalog. These templates are used as a starting point for all SLAs, SLRs, and OLAs and provide a consistent approach and format that will make them easier to maintain and administer.

Service Level Management Triggers, Inputs, and Outputs

Let’s consider the triggers, inputs, and outputs for the service level management process. SLM is a process that has many active connections throughout the organization and its processes. It is important that the triggers, inputs, outputs, and interfaces be clearly defined to avoid duplicated effort or gaps in workflow.

Service Level Management Interfaces

SLM interfaces with several other processes to ensure agreed service levels are being met:

• Problem management will address the causes of any failures that impact targets and work to prevent their recurrence, thus improving the delivery of the service against targets.
• Availability management works to remove any single points of failure that could lead to downtime and addresses the causes of such downtime in order to deliver the specified level of availability to the customer.
• Capacity management plans ahead to ensure that sufficient capacity is provided, thus preventing service failures that would otherwise have occurred.
• Incident management focuses on resolving incidents and restoring service as quickly as possible. Performance against targets for incident resolution by identifying agreed-to priorities is usually a major area within an SLA.
• IT service continuity will plan to ensure that service continues to be provided despite major upheavals; where a break in service cannot be prevented, it will work to ensure that the service is restored in line with the business requirements.
• Information security ensures that the customer’s data is protected and will work with the service level manager to educate the customers and users regarding their own responsibilities in this area.
• Supplier management ensures that underpinning contracts are in place and are being fulfilled.
• Service catalog management provides information about services to support the SLA.
• Financial management provides cost information.
• Design coordination ensures the design meets the SLR.
• SLM works with CSI in designing and implementing the SIP.
• SLM works with business relationship management (BRM). BRM is more concerned with strategy, identifying customer needs, and ensuring that the objectives are met.

Information Management and Service Level Management

Service level management is a process that provides key information on operational services, their expected targets, and the service achievements and breaches for all operational services. This means it is an important part of information management across the lifecycle. It assists service catalog management with the management of the service catalog and also provides the information and trends on customer satisfaction, including complaints and compliments.

The service provider organization is reliant on the information that service level management provides on the quality of IT service provided to the customer. This includes information on the customer’s expectation and perception of that quality of service. This information should be widely available to all areas of the service provider organization.

Service Level Management Process Roles

This section describes a number of roles that need to be performed in support of the service level management process. These roles are not job titles; rather they are guidance on the roles that may be needed to successfully run the process, and each organization will have to define appropriate job titles and job descriptions for its needs. Chapter 1, “Introduction to Operational Support and Analysis,” explored the generic roles applicable to all processes throughout the service lifecycle. The roles described there are relevant to the service level management process and to the supplier management roles we discuss later in this chapter, but once again several additional requirements also apply.

Critical Success Factors and Key Performance Indicators for Service Level Management

The term critical success factor (CSF) is used for an element that is necessary for an organization or project to achieve its mission. CSFs can be used to identify the important elements of success. These are measured by key performance indicators (KPIs). Understanding the CSFs for each of the SOA processes will provide a strong basis for the KPIs that will be used to demonstrate success.

Key performance indicators can be used to judge the efficiency and effectiveness of service level management activities and the progress of the service improvement plan.

The KPIs should be developed from the service, customer, and business perspective and should cover both subjective (qualitative) and objective (quantitative) measurements.

Objective measures include the following:

• The number or percentage of service targets being met
• The number and severity of service breaches
• The number of services with up-to-date SLAs
• The number of services with timely reports and active service reviews

A subjective measure would be an improvement in customer satisfaction.

The following list includes some sample critical success factors and key performance indicators for SLM:

• CSF: Managing the overall quality of IT services required in both the number and level of services provided and managed.
  • KPI: Percentage reduction in SLA targets threatened
  • KPI: Percentage increase in customer perception and satisfaction of SLA achievements via service reviews and customer satisfaction survey responses
• CSF: Deliver the service as previously agreed at affordable costs.
  • KPI: Total number and percentage increase in fully documented SLAs in place
  • KPI: Percentage reduction in the costs associated with service provision
  • KPI: Frequency of service review meetings
• CSF: Manage the interface with the business and users.
  • KPI: Increased percentage of services covered by SLAs
  • KPI: Documented and agreed-to SLM processes and procedures in place
  • KPI: Documentary evidence that issues raised at service and SLA reviews are being followed up and resolved
  • KPI: Reduction in the number and severity of SLA breaches
  • KPI: Effective review and follow-up of all SLA, OLA, and underpinning contract breaches

Challenges for Service Level Management

You will face numerous challenges when introducing service level management. Doing so requires alignment and engagement across the whole organization.

One challenge faced by service level management is that of identifying suitable customer representatives with whom to negotiate. Who “owns” the service on the customer side?

Another challenge may arise if there has been no previous experience of service level management. In these cases, it is advisable to start with a draft service level agreement. If an organization is just beginning to establish SLM and does not yet have SLAs in place for existing services, the process of defining them may require monitoring, measuring, and reporting on the current levels of service being delivered and using this information to inform negotiations with customers to establish acceptable targets.

One difficulty sometimes encountered is that staff at different levels within the customer community may have different objectives and perceptions.

Risks for Service Level Management

Some of the risks associated with service level management are as follows:

• A lack of accurate input, involvement, and commitment from the business and customers
• Lack of appropriate tools and resources required
• The process becoming a bureaucratic, administrative process
• Insufficient access to and support of appropriate and up-to-date CMS and SKMS
• Bypassing of service level management processes
• High customer expectations and low perception

Purpose of Supplier Management

The purpose of supplier management is to ensure that suppliers provide value for money. By managing suppliers, the service provider can ensure the best delivery of service to their customer. Managing suppliers ensures that the necessary contracts are in place and enforced. Some service providers will have a sourcing strategy that ensures that most or all elements of the service are delivered by the service providers themselves, without using third parties, whereas others will use third-party suppliers to provide large parts of the service. Where service provision depends on the performance of suppliers, it is essential that suppliers be appropriately managed to ensure that the service provided is of the required quality.

Objectives of Supplier Management

The main objectives of the supplier management process are to obtain value for money from suppliers and contracts and ensure that contracts with suppliers are aligned to business needs. These contracts should support and align with specified targets in service level requirements and service level agreements, in conjunction with service level management.

Scope of Supplier Management

The supplier management process should include the management of all suppliers and contracts needed to support the provision of IT services to the business. Each service provider should have formal processes for the management of all suppliers and contracts.

The supplier management process should include implementation and enforcement of the supplier policy, including maintenance of a supplier contract management information system (SCMIS). It is important to ensure that suppliers and contracts are categorized and a risk assessment is carried out. Suppliers and contracts need to be evaluated and selected so that the appropriate suppliers are engaged.

A key part of the process is the development, negotiation, and agreement of contracts, including contract review, renewal, and termination. This is part of the management of suppliers and supplier performance.

The process will also identify improvement opportunities for inclusion in the CSI register, as well as the implementation of service and supplier improvement plans.

Supplier management will also manage the maintenance of standard contracts, terms, and conditions; contractual dispute resolution; and, where applicable, the engagement of subcontracted suppliers.

IT supplier management often has to comply with organizational or corporate standards, guidelines, and requirements, particularly those of corporate legal, finance, and purchasing.

Supplier Management Value to the Business

The process will manage relationships with suppliers, and monitor and manage supplier performance. Supplier management is responsible for the negotiation and agreement of contracts with suppliers and managing them through their lifecycle. This process is assisted by the development and maintenance of a supplier policy and a supporting supplier and contract management information system (SCMIS).

The purpose is to ensure the delivery to the business of end-to-end, seamless, quality IT services that are aligned with the business’s expectation. The supplier management process should align with all corporate requirements and the requirements of all other IT and service management processes, particularly information security management and IT service continuity management. This ensures that the business obtains value from supporting supplier services and that they are aligned with business needs.

Supplier Management Principles, Policies, and Basic Concepts

The supplier management process seeks to ensure that the service provider receives the level of service from third-party suppliers that is specified in the contracts with them. It ensures that suppliers meet the terms, conditions, and targets of their contracts. The process aims to increase the value for money obtained from suppliers and the services they provide.

Principles

All supplier management process activity should be driven by a supplier strategy and policy from service strategy. The supplier strategy, sometimes called the sourcing strategy, defines the service provider’s plan for how it will leverage the contribution of suppliers in the achievement of the overall service strategy. Some organizations might adopt a strategy that dictates the use of suppliers only in very specific and limited circumstances, whereas another organization might choose to make extensive use of suppliers in IT service provision. The greater the contribution the supplier makes to business value, the more effort the service provider should put into the management of the supplier. In Figure 18.4 you can see the engagement of the process with the contracts manager and the various supplier managers in the organization.

You can also see the interaction with finance and purchasing and the legal department, all of which are important when engaging with third parties outside the main organization.

You can see the management of the services provided by or supported by the suppliers, and their subcontracted partners.

Basic Concepts

Let’s now look at some of the basic concepts involved in supplier management.

Underpinning contracts and agreements were discussed earlier in this chapter with regard to service level management. They are also relevant to supplier management, since the underpinning contracts are managed through the supplier management process. Contracts provide binding legal commitments between IT service provider and supplier. Typical contents of these agreements include

• Scope of services to be provided
• Service performance requirements
• Division and agreement of responsibilities
• Contact points, communication, and reporting frequency and content
• Contract review and dispute resolution processes
• Price structure
• Payment terms
• Commitments to change and investment
• Agreement change process
• Confidentiality and announcements
• Intellectual property rights and copyright
• Liability limitations
• Termination rights of each party
• Obligations at termination and beyond

The procurement and legal departments will input into the wording of these contracts. The contracts may also include a number of other related documents as schedules, including security and business continuity requirements, required technical standards, migration plans, and disclosure agreements.

The supplier and contract management information system is a database or structured document that provides a repository of all the information required to manage supplier contracts throughout their lifecycle. It contains key attributes of all contracts and suppliers together with details of the type of service(s) or product(s) provided by each supplier, and all other information and relationships with other associated CIs. It should be part of the service knowledge management system.

It is important for the organization to appreciate the importance of the suppliers and the impact should they fail to provide the agreed level of service. This requires that the suppliers be categorized according to their value, importance, risk, and impact if the supplier does not perform as contracted, as shown in Figure 18.5.

There are four layers of categorization:

Strategic For significant “partnering” relationships that involve senior managers sharing confidential strategic information to facilitate long-term plans. These relationships would normally be managed and owned at a senior management level within the service provider organization, and would involve regular and frequent contact and performance reviews.

Tactical For relationships involving significant commercial activity and business interaction. These relationships would normally be managed by middle management and would involve regular contact and performance reviews, often including ongoing improvement programs.

Operational For suppliers of operational products or services. These relationships would normally be managed by junior operational management and would involve infrequent but regular contact and performance reviews.

Commodity For suppliers providing low-value and/or readily available products and services, which could be alternatively sourced relatively easily.

Supplier Management Process, Methods, and Techniques

Once the requirements for suppliers have been defined as part of the overall approach to the delivery of a service, the supplier management process needs to evaluate the appropriate suppliers and ensure that the contracts are fit for purpose and use. It is important to establish relationships with new suppliers and ensure that appropriate measures and management are in place to monitor supplier performance. All contracts should have reference to renewal and termination, which should be included in regular views of the contract.

All information, reports, and measures should be stored in the supplier and contract management information system.

The activities of supplier management include the following:

• Define new supplier and contract requirements:
• Identify business needs and preparation of the business case, including options (internal and external), costs, timescales, targets, benefits, and risk assessment
• Produce a statement of requirement (SoR) and/or invitation to tender (ITT)
• Ensure conformance to strategy/policy
• Evaluate new suppliers and contracts
• Identify the preferred method of purchase or procurement
• Establish evaluation criteria—for example, services, capability (both personnel and organization), quality, and cost
• Evaluate alternative options
• Select the best supplier based on the evaluation criteria
• Negotiate contracts, targets, and the terms and conditions, including responsibilities, closure, renewal, extension, dispute, and transfer
• Agree on and award the contract
• Categorize suppliers
• Maintain the SCMIS
• Assess or reassess the supplier and contract
• Ensure that changes progressed through service transition
• Set up the supplier service and contract within the SCMIS and any other associated corporate systems
• Transition the service
• Establish contacts and relationships
• Monitor, report, and manage supplier performance, including implementing improvement plans
• Manage the relationship with the supplier
• Review, at least annually, service scope against business need, targets, and agreements
• Plan for possible closure, renewal, and extension
• Renegotiate and renew or terminate and/or transfer contracts

The process should be subject to the corporate supplier management policy, but an IT supplier strategy should be developed to manage the specific requirements for IT service delivery. Figure 18.6 shows the main activities of the supplier management process.

Supplier Management Triggers, Inputs, and Outputs

We will now review the triggers, inputs, and outputs of supplier management.

Supplier Management Interfaces

The key interfaces that supplier management has with other processes are as follows:

Service Level Management Supplier management provides assistance with the determining of targets, requirements, and responsibilities for suppliers. SLM assists supplier management in the investigation of SLA and SLR breaches caused by poor supplier performance. SLM also provides invaluable input into the supplier management review process.

Change Management Contractual documents should be managed through change control.

Information Security Management Information security management relies on supplier management for the management of suppliers and their access to services and systems, and their responsibilities with regard to conformance to the service provider’s ISM policies and requirements.

Financial Management for IT Services This process provides adequate funds to finance supplier management requirements and contracts and provides financial advice and guidance on purchase and procurement matters.

Service Portfolio Management This process looks to supplier management input to ensure that all supporting services and their details and relationships are accurately reflected within the service portfolio.

IT Service Continuity Management This process works with supplier management with regard to the management of continuity service suppliers.

Information Management

The information required by supplier management should be stored in the supplier contract and management information system (SCMIS) and form part of the CMS or the service knowledge management system (SKMS).

All information relating to suppliers and contracts, as well as all the information relating to the operation of the supporting services provided by suppliers, should be held in the system. Information relating to these supporting services should also be contained within the service portfolio, together with the relationships to all other services and components. This information should be integrated and maintained in alignment with all other IT management information systems, particularly the service portfolio and the CMS.

Supplier Management Process Roles

This section describes a number of roles that need to be performed in support of the supplier management process. As with the service level management roles described earlier in this chapter, these are specific additional requirements to the generic roles applicable to all processes throughout the service lifecycle described in Chapter 1.

Supplier Management Critical Success Factors and KPIs

The following list includes some sample critical success factors for supplier management.

• CSF: Business protected from poor supplier performance or disruption
  • KPI: Increase in the number of suppliers meeting the targets within the contract
  • KPI: Reduction in the number of breaches of contractual targets
• CSF: Supporting services and their targets align with business needs and targets
  • KPI: Increase in the number of service and contractual reviews held with suppliers
  • KPI: Increase in the number of supplier and contractual targets aligned with SLA and SLR targets
• CSF: Availability of services is not compromised by supplier performance
  • KPI: Reduction in the number of service breaches caused by suppliers
  • KPI: Reduction in the number of threatened service breaches caused by suppliers

Supplier Management Challenges and Risks

We’ll begin with looking at the key challenges for the process.