ITIL

What is ITIL®?

Executive Summary

ITIL is a proven methodology and set of best practices to run IT "departments" ranging in size from the tiny (one PC and a dog), to the largest enterprises in the world, and anything in between. ITIL began in Britain in the 1980s and was intended to create a set of IT working practices for UK government agencies. The Service Management section of ITIL is made up of 11 different disciplines, split into two sections: Service Support and Service Delivery. ITIL is not concerned about the automation or selection of the tools used to make it work. However, infraWise is, which is why it developed iWise. Third-party independent research has come to the firm conclusion that iWise software is ITIL-compliant for eight of these disciplines.

For more general ITIL information, please read on.

General Summary

ITIL is the IT Infrastructure Library; ITIL® is a Registered Trade Mark and a Community Trade Mark of the Office of Government Commerce. Developed in the late 1980s by the CCTA (now the OGC), by the mid-1990s it had become the world-wide de facto standard in service management. ITIL has become very popular because it is a public domain framework that is scalable. Very small to very large organizations and everything in between have implemented ITIL processes. ITIL focuses on best practice, and as such can be adapted and adopted in different ways, according to each individual organization's needs.

So what is it?

ITIL (Information Technology Infrastructure Library) is a set of best practices standards for Information Technology (IT) service management. The United Kingdom's Central Computer and Telecommunications Agency (CCTA) created ITIL in response to organizations' growing dependence on information technology to meet business needs and goals. ITIL provides businesses with a customizable framework of best practices to achieve quality service and overcome difficulties associated with the growth of IT systems. ITIL is organized into sets of texts that are defined by related functions: service support, service delivery, managerial, software support, computer operations, security management, and environmental. In addition to texts, ITIL services and products include training, qualifications, software tools, and user groups such as the IT Service Management Forum (itSMF), all of which you can find details on here.

While owned by the CCTA since the mid-1980s, ITIL is currently maintained and developed by the Office of Government Commerce. The Service Management section of ITIL is made up of eleven different disciplines, split into two sections, Service Support and Service Delivery:

Service Support	Service Delivery
Configuration Management	Service Level Management
Change Management	Capacity Management
Release Management	Financial Management for IT Services
Incident Management	Availability Management
Problem Management	IT Service Continuity Management
Service Desk

Configuration Management

The object of Configuration Management is to provide a logical model of the IT infrastructure by identifying, controlling, maintaining, and verifying the versions of all configuration items in existence. Configuration Management is used to:

• account for all IT assets.
• provide accurate information to support other Service Management processes.
• provide a sound a base for Incident, Problem, Change, and Release Management.
• verify records against the infrastructure.
• correct exceptions.

There are five basic activities of Configuration Management:

1. Planning: The Configuration Management plan should cover the next three to six months in detail, and the following twelve months in outline. It should be reviewed at least twice a year and include a strategy, policy, scope, objectives, roles and responsibilities, the Configuration Management processes, activities and procedures, the CMDB, relationships with other processes and third parties, as well as tools and other resource requirements.
2. Identification: The selection, identification, and labeling of all Configuration Items (CIs). This covers the recording of information about CIs, including ownership, relationships, versions, and unique identifiers. CIs should be recorded at a level of detail justified by needs of the business - typically to the level of "independent change."
3. Control: This assures that only authorized and identifiable CIs are accepted and recorded from receipt to disposal. It ensures that no CI is added, modified, replaced, or removed without the appropriate controlling documentation (for example, an approved RFC or updated specification). All CIs will be under Change Management Control.
4. Status Accounting: The reporting of all current and historical data concerned with each CI throughout its life-cycle. It enables changes to CIs and the tracking of their records through various statuses (for example, ordered, received, under test, live, under repair, withdrawn, or for disposal).
5. Verification and Audit: This is a series of reviews and audits that verifies the physical existence of CIs, and checks that they are correctly recorded in the CMDB. It includes the process of verifying release and configuration documentation before changes are made to the live environment.

Change Management

The object of Change Management is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes, in order to minimize the impact of any related incidents upon service. Changes in the IT infrastructure may arise reactively in response to problems or externally imposed requirements (for example, legislative changes). They may also arise proactively from seeking efficiency and effectiveness, or to enable or reflect business initiatives, or from programs, projects, or service improvement initiatives. Change Management can ensure that standardized methods, processes, and procedures are used for all changes; facilitate efficient and prompt handling of all changes; and maintain the proper balance between the need for change and the potential detrimental impact of changes.

Change Management is responsible for controlling changes to all CIs within the live environment. It is not responsible for change within ongoing projects, which are controlled by the project change process. However, close liaison between development project managers and the Change Manager is expected. Change Management would typically comprise:

• the raising and recording of changes
• assessing the impact, cost, benefit, and risk of proposed changes
• developing business justification and obtaining approval
• managing and coordinating change implementation
• monitoring and reporting on implementation
• reviewing and closing RFCs

Release Management

The object of Release Management is to take a holistic view of a change to an IT service and ensure that all aspects of a Release, both technical and non-technical, are considered together. Release Management should be used for large or critical hardware roll-outs, major software roll-outs, and bundling or batching related sets of changes. Release management coordinates the many service providers and suppliers involved with a significant release of hardware, software, and associated documentation across a distributed environment.

Release Management is responsible for planning and overseeing the successful roll-out of new and changed software and associated hardware and documentation. It serves as a liaison with Change Management to cooperate on an exact content and roll-out plan for the release, ensuring that all items being rolled out or changed are secure and traceable via the CMDB, and managing customers' and users' expectations of releases and roll-outs.

Incident Management

The object of Incident Management is to restore normal service to operation as quickly as possible with a minimum disruption to the business, thus ensuring that the best achievable levels of availability and service are maintained.

Incident Management should be used to ensure the best use of resources to support the business, to develop and maintain meaningful records relating to incidents, and to devise and apply a consistent approach to all incidents reported.

Incident Management is responsible for

• incident detection and recording.
• classification of all incidents.
• initial support, investigation, and diagnosis.
• resolution and recovery.
• incident closure.
• ownership, monitoring, tracking and communication.

Problem Management

The object of Problem Management is to minimize the adverse effect of incidents and problems caused by errors in the infrastructure, and to proactively prevent the occurrence of incidents, problems, and errors.

Problem Management should be used to

• resolve problems quickly and effectively.
• ensure resources are prioritized to resolve problems in the most appropriate order, based on business needs.
• proactively identify and resolve problems and known errors, thus minimizing incident occurrences.
• improve the productivity of support staff.
• provide relevant management information.

Problem Management is responsible for problem identification, recording, classification, investigation and diagnosis. Problem Management is also concerned with:

• error identification, recording, and assessment.
• recording of resolution and closure.
• monitoring resolution progress.
• assisting with the handling of major incidents.
• proactive prevention of problems through trend analysis.
• targeting support action and providing information to the organization.
• obtaining management information from problem data and completing major problem reviews.

Service Desk

The object of the Service Desk is to act as the central point of contact between the user and IT Service Management. The Service Desk also handles incidents and requests, and provides an interface for other Service Management activities, such as Change, Problem, Configuration, Release, Service Level and IT service Continuity Management.

The Service Desk, unlike the other ten disciplines or processes, is a function that is essential to effective Service Management. More than just a Help Desk, it is the principal operational interface between IT staff and the end-users. A good first impression by each of its users is predicted upon its performance and attitude. It is often a stressful place to work, and underestimating its importance, high profile, and the skills required to perform the duties well can severely hinder an organization's ability to deliver high-quality IT services.

Since the ITIL re-write took place, the change of name from Help Desk to Service Desk demonstrates the broader role of front line support: more organizations are looking to radically increase the percentage of calls closed at first point of contact.

The main reasons organizations are investing in Service Desks now are that they:

• provide a single point of contact for users
• enable delivery of high quality support, which is critical for achieving business goals
• help to identify and lower the cost of ownership for IT services as a whole
• support changes across business, technology, and process boundaries
• help to aid user retention and satisfaction
• assist in the identification of business opportunities

Most of the activities carried out by the Service Desk fall under the responsibility of one of the IT Service Management processes. The role and responsibilities of the Service Desk depend upon arrangements that the organization has put in place. Among the tasks commonly assigned to the Service Desk are to

• receive and record all calls from users.
• deal directly with simple requests and complaints.
• provide initial assessment of all incidents.
• make the first attempt at incident resolution and/or refer to second-line support based on agreed service levels.
• monitor and escalate all incidents, according to agreed service levels.
• keep users informed on status and progress.
• produce management reports.

Service Level Management

The object of SLM is to maintain and gradually improve business-aligned IT service quality through a constant cycle of agreeing to, monitoring, reporting, and reviewing IT service achievements, and through eradicating unacceptable levels of service.

SLM is responsible for ensuring that the service targets are documented and agreed upon in SLAs. SLM also monitors and reviews the actual service levels achieved against their SLA targets. SLM should also try to proactively improve all service levels within the imposed cost constraints. SLM is the process that manages and improves agreed-upon levels of service between two parties: the provider and the receiver of a service.

SLM is responsible for negotiating and agreeing upon service requirements and expected service characteristics with the customer, the measuring and reporting of the service levels that are actually being achieved against the target, the resources required, and the cost of service provisions. SLM is also responsible for:

• continuously improving service levels in line with business processes and with a SIP
• coordinating other Service Management and support functions
• including third-party suppliers
• reviewing SLAs to meet changed business needs or resolving major service issues
• producing, reviewing, and maintaining the Service catalog

Capacity Management

The object of Capacity Management is to:

• understand the future business requirements (required service delivery)
• understand the organization's operation (current service delivery)
• understand the IT infrastructure (means of service delivery)
• ensure that all current and future capacity and performance aspects of the business requirements are provided cost-effectively

Capacity Management is responsible for ensuring that IT processing and storage capacity provision match the evolving demands of the business in a cost-effective and timely manner. The process includes:

• monitoring the performance and throughput of the IT services and supporting IT components
• tuning activities to make efficient use of resources
• understanding the current demands for IT resources and deriving forecasts for future requirements
• influencing the demand for resource in conjunction with other Service Management processes
• producing a capacity plan predicting the IT resources needed to achieve agreed-upon service levels

Capacity Management has three main areas of responsibility. The first of these is BCM (business capacity management), which is responsible for ensuring that the future business requirements for IT services are considered, planned, and implemented in a timely fashion. These future requirements will come from business plans outlining new services, improvements and growth in existing services, development plans, etc. This requires knowledge of existing service levels and SLAs, future service levels and SLRs, the business and capacity plans, modeling techniques (analytical, simulation, trending, and baselining), and application sizing methods.

The second main area of responsibility is SCM (service capacity management), which focuses on managing the performance of the IT services provided to the customers, is responsible for monitoring and measuring services as detailed in SLAs, and collecting, recording, analyzing, and reporting on data. This requires knowledge of service levels and SLAs, systems, networks, service throughput and performance, monitoring, measurement, analysis, tuning, and demand management.

The third main area of responsibility is RCM (resource capacity management), which focuses on managing the components of the IT infrastructure, ensuring that all finite resources within the IT infrastructure are monitored and measured, and collected data is recorded, analyzed, and reported. This requires knowledge of the current technology and its use, future or alternative technologies, and the resilience of systems and services.

Financial Management for IT Services

The object of Financial Management for IT Services is to provide cost-effective stewardship of the IT assets and financial resources used in providing IT services.

Financial Management for IT Services is an integral part of Service Management. It provides the essential management information to ensure that services are run efficiently, economically, and cost-effectively. An effective financial management system:

• assists in the management and reduction of overall long-term costs
• identifies the actual cost of services and their provision
• provides accurate and vital financial information to assist in decision-making
• identifies how IT adds value to the customer's business
• enables the calculation of TCO and ROI
• makes customers aware of what services actually cost (if appropriate)
• supports the recovery costs - from the customer if appropriate - in a fair and equitable manner
• provides measurements of value for money
• provides incentives to produce quality services aligned to business needs
• helps influence customer behavior; for example, by providing incentives for using non-critical resources
• encourages more efficient use of resources
• provides better cost information and control of external contracts and suppliers
• assists in the assessment and management of changes

Financial Management for IT services is responsible for enabling an organization to account fully for its spending on IT services and to attribute these costs to the services delivered to its customers. Financial Management should also assist management decisions on IT investment by supporting detailed business cases for changes to the IT services, control and manage the overall IT budget, and enable the fair and equitable recovery of costs by charging for the provision of IT services.

Availability Management

The object of Availability Management is to optimize the capability of the IT infrastructure and support the organization in delivering a cost-effective and sustained level of availability that enables the business to satisfy its objectives.

Availability Management ensures that services are available when the customer needs them, and is influenced by

• business demand and the cost required to meet it.
• the configuration and complexity of the IT infrastructure, including the level of redundancy.
• the reliability of the infrastructure and its components.
• the levels of infrastructure maintenance.
• the processes and procedures used by IT services.
• the human factors and external events.

Availability Management is responsible for

• optimizing availability by monitoring and reporting on all key elements of availability.
• determining availability requirements in business terms.
• predicting and planning for expected levels of availability and security
• producing the availability plan
• collecting, analyzing, maintaining, and reporting on availability data
• ensuring service levels are met by monitoring service availability levels against SLAs
• monitoring OLA targets and external supplier serviceability achievements
• continuously reviewing and improving availability

IT Service Continuity Management

The object of IT Service Continuity Management is to support the overall business continuity management process by ensuring that the required IT technical and services facilities can be recovered within required and agreed-upon business time-scales.

IT Service Continuity Management is concerned with managing an organization's ability to continue to provide a predetermined and agreed-upon level of IT services to support the minimum business requirements following an interruption to the business. This includes ensuring business survival by reducing the impact of a disaster or major failure, reducing the vulnerability and risk to the business by effective risk analysis and risk management, preventing the loss of customer and user confidence, and producing IT recovery plans that are integrated with and fully support the organization's overall business continuity plan.

IT Service Continuity is responsible for ensuring that the available IT service continuity options are understood and the most appropriate solution is chosen in support of the business requirements. It is also responsible for identifying roles and responsibilities and making sure these are endorsed and communicated from a senior level, to ensure respect and commitment for the process. Finally, IT service continuity is responsible for guaranteeing that the IT recovery plans and the business continuity plans are aligned, and are regularly reviewed, revised, and tested.

• For in-depth information, please refer to the independent IT Service Management Forum (itSMF) website.
• For a half a day or one day ITIL executive briefing by Dr. Eugene Ball, please refer to our education page .
• To see why iWise software exceeds ITIL specifications, please request a 77 minute web demo.

Copyright © 1983-2007 infraWise, Inc. | Terms of Use | Privacy | Credits and Trademarks

For additional information, please call (919) 460-7447 | Copyright © 1983-2007 infraWise, Inc.