THE FOLLOWING ITIL SERVICE OFFERINGS AND AGREEMENTS EXAM OBJECTIVES ARE DISCUSSED IN THIS CHAPTER:
This chapter brings all technology and implementation requirements together to define the overall requirements of an integrated set of service management technology tools to support the processes in service offerings and agreements. The same technology, with some possible additions, should be used for the lifecycle stages of IT service management (ITSM)—service strategy, service design, service transition, service operation, and continual service improvement—to give consistency and allow an effective ITSM lifecycle to be properly managed.
Tools can help the service management processes to work more effectively. They should allow large amounts of repetitive work to be carried out quickly and consistently. Tools also provide a wealth of management information, leading to the identification of weaknesses and opportunities for improvement.
The use of tools will help standardize practices and both centralize and integrate processes.
We are going to consider the generic requirements for such tools. It is important that the tool being used should support the processes, not the other way around.
We will begin by considering the generic requirements for technology to support service design, which for IT service management means IT service management tools. In this section, we will look at a number of these requirements, which you would expect any good integrated toolset to offer.
The first two requirements are self-help functionality and a workflow engine.
You should be able to recall from the discussion of the release fulfillment process that we discussed the option for dealing with requests or simple incidents via self-help functionality. This might be restricted to the logging of requests and incidents, or it could allow them to be tracked and updated throughout their lifecycle. The advantage to providing a self-help facility is that requests and incidents can be logged at any time, and this process is not dependent on service desk staff being available to answer the phone. This helps the service desk manage high volumes of calls if the less urgent ones are handled via a self-help, self-logging site. Self-help request tools can assist with password resets by, for example, requiring the user to validate their identity by answering previously set questions before the reset takes place. Additionally, a self-help request tool could download approved versions of requested software.
The next generic requirement is for a workflow or a process engine that can automate the steps of the process (assigning, escalating, etc.). It can also release work orders when prerequisite steps have been completed.
The next generic requirement is for an integrated configuration management system (CMS).
The service management tool should be integrated with the CMS to allow the organization’s configuration item (CI) information to be interrogated and linked to incident, problem, known error, and change records as appropriate.
Another generic requirement is for discovery, deployment, and licensing technology tools. These are extremely helpful in verifying the accuracy of the CMS, especially with regard to license use. It is also helpful if only changes since the last audit can be extracted and reported on. The same technology can often be used to deploy new software to target locations; this is essential to enable patches, upgrades, and so on to be distributed to the correct users.
When implemented in conjunction with the self-help functionality previously mentioned, the service management toolset facilitates the automation of the fulfillment of many service requests for software.
Another generic requirement is remote control. This allows the service desk analysts to take control of the user’s desktop (under properly controlled security conditions) to do things such as conduct investigations and correct settings.
Some tools will store diagnostic scripts and other diagnostic utilities to assist with earlier diagnosis of incidents.
Good reporting is a requirement of any ITSM toolset. The tools hold enormous amounts of data about what is happening day to day. This data is helpful in planning ahead and tracking trends, but such reporting has to be flexible if it is to be useful. Standard reports and ad hoc reports should both be easily available.
Another generic requirement to consider is a dashboard facility. Dashboards are useful, both for day-to-day operations and for IT and business management to get a clear idea of real-time performance.
To facilitate greater business alignment, business applications and tools need to be able to interface with ITSM support tools to give the required functionality. An example of integration includes event management tools spotting unusual spending patterns on credit cards.
Software as a Service (SaaS) technologies offer hosted service management capabilities over the Internet. The advantages SaaS offers include lower capital and start-up costs, faster implementation, and built-in service continuity.
However, it also means limited customization and changes to functionality, access restricted to the vendor’s hours of service availability, and licensing schemes that may become restrictive or expensive. There may also be limits on data storage size and possible security and access management constraints or risks. Finally, integration with other service management tools may be difficult or even impossible.
Each organization should review its requirements carefully so that it acquires the most appropriate toolset for its needs.
In the following sections, we’ll consider the basics of implementing good practices and processes. We need to consider the requirements relating to the service offerings and agreements processes, and the approach to implementing service design. This should include
When looking at the implementation of any service management processes, including those in service design, you must consider the needs and desires of the customer and the business. The activities should be prioritized by
The activities will also be influenced by the service level requirements and agreements made in service level agreements.
One of the key inputs for understanding business needs, impacts, and risks is the output from a business impact analysis (BIA). BIA is used in a number of service design processes, particularly IT service continuity management (see Chapter 9, “IT Service Continuity Management and Demand Management”), where it is essential to help define the strategy for risk reduction and service continuity, BIA is normally used to identify the effect a disaster will have on the business, on both individual sections and the business as a whole. It is used to identify the criticality of any particular business process or activity, and will also be used to identify the times when this will particularly affect the business. BIA is also used for other processes—for example, availability management, capacity management, and information security management.
There are two areas of BIA. One is for business management, which involves understanding the impact of loss on a business process or function. The second is to understand the BIA from the perspective of service loss. Both of these should be applied to identify the critical services and determine what constitutes a major incident on the services when a new service is being designed. BIA will also help in defining the acceptable level and duration of service outage, including the important periods to avoid. In addition, BIA can assist with the understanding of financial loss and any security issues.
As part of the service level management process (see Chapter 18, “Service Level Management and Supplier Management”), service level requirements for all services will be identified and the ability to deliver against the requirements will be assessed and defined in the service level agreements. This needs to be part of the approach to the design of services, and all processes in service offerings and agreements will need to be considered as part of the requirements capture.
It is important to ensure that business-as-usual processes are not adversely impacted by the implementation of the service offerings and agreements processes. This factor should be considered as part of the risk assessment during design, and will then be explored more fully during the transition lifecycle stage. Risk assessment and management form a key part of the service offerings and agreements processes—for example, service level management and supplier management. Any solution created during service design must take risks into consideration.
The process, policy, and architecture for the design of IT services will need to be documented and utilized to ensure that the appropriate services are provided to the business.
We recommend that service design follow the continual service improvement approach and base the designs on the business requirements:
When we consider the relationship between implementing good practices, and service offerings and agreements processes, it is important to be aware of the challenges, CSFs, and risks associated with the implementation.
Challenges will take many different forms, depending on the nature of the organization supported. Some common factors are applicable to most organizations in some aspect. These include
These are common to most organizations, and the meeting of these challenges will be critical to the success of implementation of service management processes, including those for service offerings and agreements.
As you are aware, critical success factor (CSF) is a term used for an element that is necessary for an organization or project to achieve its mission. CSFs can be used to identify the important elements of success. These are measured by key performance indicators (KPIs) and should be set and measured as part of the service design lifecycle stage. The SOA processes will be critical in establishing the service requirements, and understanding the CSFs for each of the processes will provide a strong basis for the KPIs, which will be used to demonstrate success in the service lifecycle stage.
As with challenges, some common risks are applicable to most organizations. These need to be appropriately identified and addressed to ensure successful service management implementation. Some examples are
Many service management tools are available, each with its own strengths and weaknesses, which makes choosing the right one difficult. To overcome this, you should define some objective selection criteria (see Figure 20.1).
One simple method is MoSCoW analysis. This involves creating a detailed list of all your requirements and classifying each one as must have, should have, could have, or would like in the future.
You can then devise a scoring system based on this analysis, which would enable you to rank alternatives. It is possible to weight your decision, making a scoring system to ensure that you are getting the service management tool that delivers against your requirements.
The final topic of this chapter is service management tools. A good service management tool can be helpful for implementing processes based on the ITIL framework, but the tool should not define the process. Many organizations implement new tools to assist their implementation of new or improved processes. These organizations need to consider a number of factors if the new tool is to be helpful and appropriate.
The first factor to be considered is the type of license. Usually a number of options are offered, at different costs. Where tools are licensed on a modular basis, careful planning is needed to ensure that the right access is obtained to enable people to carry out their work with no unnecessary modules being purchased. Here are some possible options:
Dedicated Licenses For this option, each named person has his or her own license. Dedicated licenses are suitable for staff who require frequent and prolonged use of a particular module. For example, service desk staff would need a dedicated license to use an incident management module.
Shared Licenses These licenses can be shared between individuals; there is, however, a possibility that a staff member may not be able to access the tool because the license is already in use. Shared licenses are suitable for regular users who do not require constant access, such as second-line support staff. Careful calculation is required to ascertain the correct ratio of users to licenses. These licenses are more expensive than dedicated licenses, but fewer are required.
Web Licenses These allow access via a web browser. Web licenses are usually suitable for staff requiring remote access or only occasional access. They usually cost a lot less than other licenses (they may even be free with other licenses). It is possible to provide sufficient access for a large number of occasional users by purchasing a small number of such licenses, since the number of concurrent users and therefore the number of licenses required will be low. In this way, overall costs can be reduced further.
On Demand Access to tools is provided when required (on demand), and the supplier charges for the access based on the time spent using the application. This can be attractive to smaller organizations or if the tools in question are very specialized and used relatively infrequently. A variation to this is the use of a specialist tool as part of a consultancy assignment (e.g., specialist capacity management tools); in such cases, the license fees are likely to be included in the consultancy fee.
Agent/Activity A further variation in license options is software that is licensed and charged on an agent/activity basis. An example of this is simulation software (e.g., agent software that can simulate customer paths through a website to assess and report on performance and availability).
In all cases, it is essential that sufficient investigation be done to ensure that the costs are understood and agreed to and that the organization remains legal in respect to having sufficient licenses.
Many ITSM tools, particularly discovery and event monitoring tools, will require some client/agent software deploying to all target locations before they can be used. This deployment will require careful planning and execution and should be handled through formal release and deployment management. Some deployment considerations are listed here:
Remember, a tool is usually not enough to make things work better. However, if it supports processes and the user has been trained to use it, a good tool can help staff carry out new processes.
Here are some further aspects of the deployment that must be considered:
The Type of Introduction to Be Used A decision must be made whether a “Big Bang” introduction or some sort of phased approach is to be adopted. Because most organizations will have live services to keep running during the introduction, a phased approach is more likely to be necessary.
Transition between Tools If an older tool is being replaced, consideration must be given to the best way to transition between the old tool and the new tool. For example, the service desk should not be assigning an incident on a new tool to a team that has yet to transition from the old tool.
Data Migration A decision needs to be made regarding what data needs to be migrated from the old tool to the new one. This may require reformatting, and so may need to be validated after migration, especially if the data is transferred electronically. A period of parallel running may be implemented instead, with the old tool being available in a read-only mode for an initial period alongside the new one so that historical data can be referenced if needed.
Complete details on the release and deployment management process can be found in the ITIL Service Transition publication.
In this chapter, we examined the key steps to be carried out when choosing and implementing a new integrated service management tool. This included the gathering requirements, considering other factors, assessing tools against requirements, and implementing the tools.
Understand the benefits that an integrated service management tool delivers. This includes understanding how tools can process large amounts of data and deliver consistency and their ability to link different pieces of information together (such as incidents and problems) and to produce reports on service delivery.
Explain the importance of defining the utility and warranty aspects required from a tool. Understand the importance of clearly specifying both what the tool needs to do and the performance it needs to deliver in terms of capacity, availability, and security.
Understand the different types of requirements. Be able to identify the difference between mandatory and desirable requirements.
Explain the selection technique known as MoSCoW. Understand what the acronym stands for (Must/Should/Could/Would) and be able to explain its use in tool selection.
You can find the answers to the review questions in the appendix.
Which of the following statements about a statement of requirements is incorrect?
Which of the following statements regarding the implementation of a new tool is correct?
The MoSCoW approach is often adopted when preparing a request for a new service management tool. What do the uppercase letters in the term MoSCoW stand for?
Which of the following shows the correct order of steps to be carried out when selecting a tool?
Which of the following is not an advantage of using tools during service design?
Which of the following statements is untrue?
Which of the following statements about tool selection is/are correct?
Which of the following aspects of service design tools should be considered when evaluating different products?
When implementing a new tool, what additional costs should be budgeted for, in addition to the software’s purchase costs?
Which of the following are advantages of implementing a new tool under a Software as a Service arrangement?