Upload
billy82
View
2.148
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
Pink Elephant – Leading The Way In IT Management Best Practices
“ I T I L “What is the
ITIL REVOLUTION ?
IT Service Management Overview
Brenda IniguezDirector, Western US Pink Elephant
Industry Strategic ConsultantHDI-Global MAB Chairman Emeritus
2ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Today’s Objective
To provide a very basic understanding of: ITIL Service Support components ITIL Service Delivery components ITIL and IT Governance ITIL and Business Trends
3ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
What Is ITIL?
ITIL is a seven book series (was 40!) that guides business users through the planning, delivery and management of quality IT services
Documented ‘common sense’ The only de facto industry best practice guidance
on IT service management – ‘no competitor’. Pronunciation ‘ITIL’.
Information Technology
Infrastructure Library
4ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Planning To Implement Service Management
Service Management
ServiceSupport
ServiceDelivery
The
Business
The Business
Perspective
Application Management
ICTInfrastructureManagement
The
Technology
Security Management
The ITIL Books
5ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
What Is ITIL All About?
A set of best practices, not a process model or a standard.
Documented: process flows, roles, KPIs, consistent terminology – why start from scratch?
Not a how-to manual; implementation of ITIL processes varies according to your ‘pain points’
Non-proprietary, vendor-neutral, Public domain – ‘free’
Business drivers? Aligning IT services with business requirements Continually improve service Reduce cost – efficiencies
Has become a philosophy – education, toolsets, standards.
6ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Practitioner LevelOrganizational Focus:
Incident Management
Configuration Management
Problem Management
Release Management
Change Management
Service Level Management
Financial Management
Capacity Management
IT Service Continuity Management
Availability Management
Executive Level
Focus On:
The Alignment Of IT With The
Business
Vision, Mission &
Objectives For IT
IT Policy & Strategy
Executive Level
Focus On:
The Alignment Of IT With The
Business
Vision, Mission &
Objectives For IT
IT Policy & Strategy
Foundation Level
For All IT Professionals
Manager Level
Focus On The Need To
Effectively Manage Larger
Scale Transitions & Improvements
Manager Level
Focus On The Need To
Effectively Manage Larger
Scale Transitions & Improvements
Role Focus:
Establishing & Managing IT Services According To ITIL Best Practices
Managing The Changing IT Infrastructure According To ITIL Best Practices
Establishing A Service Desk According To ITIL Best Practices
Measuring, Reporting & Improving The IT Infrastructure According To ITIL Best Practices
How To Implement ITIL: Integrating People, & Tools With Processes
IT Service Management Certification
7ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Parties Involved
Office Of Government Commerce (OGC) (www.itil.co.uk) Formerly Central Computer and Telecommunications Agency Kicked off ITIL
Information Systems Examinations Board (ISEB), Examination Institute for Information Science (EXIN) & Loyalist College
Examining bodies that administer the ITIL certification process
Information Technology Service Management Forum (itSMF) International Trade Association; Networking forum for ITIL Membership based; Owned and operated by the membership
Pink Elephant Largest Worldwide Accredited Supplier of ITIL Education
8ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
ITIL: Strategic Benefits
Provides a documented framework for IT best practices: The only public, non-proprietary set of recognized best practices
Provides a holistic, connected and integrated approach to IT Identifies best practices for reducing IT costs Improves communication and information flows between IT departments Improves interfaces between IT and its customers and suppliers Improves user productivity Provides process models for IT business alignment Promotes a common language of terminology Because it is non-proprietary it is not associated with only one
entity: it is public domain The best practices in ITIL can be customized. The process models
have been designed to use whole, or in part – it’s up to you There are tens of thousands of IT professionals worldwide who
know, and use, ITIL Numerous opportunities for sharing and learning
9ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Processes v.s. Departments
IT
Service
Desk2nd Dept. 3rd Dept.
Department View
Step 1 Step 2 Step 3 Step 4 Step 5
Process View
10ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
If You Can’t Measure It,You Can’t Manage It
Activities & Sub-Processes
Process
Input & Input Specifications
Output & Output Specifications
Resources Roles
Process Owner
Process Goal
Quality Parameters & Key Performance Indicators
Process Control
Process Enablers
ISO900X
ISO recognizes that ITIL supports quality management certification
High-Level Process Model
11ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Definition: IT Service
What is an IT service?
An IT service is a described set of facilities, IT and non-IT, sustained by the IT service provider, that:
Fulfills one or more needs of the customer Supports the customer’s business objectives Is perceived by the customer as a coherent whole
12ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
The Essential IT Service Management Processes
Service Level ManagementAvailability ManagementCapacity ManagementIT Service Continuity
Management Financial Mgmnt for IT
Services
Service Desk (function)Configuration ManagementIncident Management Problem ManagementChange ManagementRelease Management
Service Support
Service Delivery
13ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Management Tools
DifficultiesQueries, Enquiries
CommunicationUpdates
Workarounds
Service Desk
Incidents
Incidents
CMDB
Change ScheduleCAB MinutesChange StatisticsChange ReviewsAudit Reports
Releases
CIsRelationships
ProblemsKnown Errors
ChangesCMDB ReportsCMDB StatisticsPolicy/StandardsAudit Reports
Release ScheduleRelease StatisticsRelease ReviewsSecure LibraryTesting standardsAudit Reports
Problem StatisticsTrend AnalysisProblem ReportsProblem ReviewsDiagnostic AidsAudit Reports
ProblemService ReportsIncident statisticsAudit Reports
Releases
Release
The Business, Customers & Users
ChangesIncident
Change
Incidents
Configuration
CIsRelationships
Service Requests
RFCs/Change Documentation
Release Documentation
ITIL Service Support Model
14ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Configuration Management
To identify, record and report on all IT components that are under the control and scope of Configuration Management
Definitions: Infrastructure Configuration Management Database (CMDB) Configuration Item (CI) Baseline Scope CI Level Attributes Relationships
15ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Configuration Management Activities
Identification &RegistrationVerification & Audit
StatusAccounting
ConfigurationManagement
Control
Planning
Scope, CI level, Attributes,Relationships
16ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
NETWORKNETWORKMAINFRAMEMAINFRAME FILESERVERSFILESERVERS
SWITCHSWITCH
PCPC PCPC PCPC PCPC PCPC
MODEMMODEM
MODEMMODEM
PCPC CI LEVELCI LEVEL
SCOPESCOPE
ATTRIBUTESATTRIBUTESOwner, Status,
Location, OS VersionSerial Number
RELATIONSHIPSRELATIONSHIPSIs Connected To
Is Part OfIs Member Of
Example Hardware CIs
Keyboard CPU Mouse
17ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Service Desk
To provide a strategic central point of contact for customers and an operational single point of contact for managing incidents to resolution
In addition, the Service Desk handles Service Requests
Activities: Improve service to, and on behalf of the business Provide advice and guidance to customers Provide rapid restoration of normal service operations Meet expectations set out in the Service Level Agreements
(SLA) Management information
18ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Incident Management
To restore normal service operation as quickly as possible and minimize the adverse impact on business operations
Incident Any event which is not part of the standard
operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service
19ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Activities
Ow
ne r
s hi p
, M
on
ito
rin
g,
Tra
c kin
g &
C
om
mu
ni c
ati o
n
Ow
ne r
s hi p
, M
on
ito
rin
g,
Tra
c kin
g &
C
om
mu
ni c
ati o
n
Incident Detection & Recording
Incident Detection & Recording
Resolution & RecoveryResolution & Recovery
Investigation & DiagnosisInvestigation & Diagnosis
Classification & Initial Support
Classification & Initial Support
Incident ClosureIncident Closure
Service Request
Procedure
Service Request
Procedure
Yes
No
Service RequestService Request
20ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Problem Management
To minimize the adverse impact of incidents and problems on the business that are caused by errors in the IT Infrastructure and to prevent recurrence of incidents related to these errors
Problem Management seeks to get to the root cause and initiate action to remove the error
Problem A condition identified from multiple incidents exhibiting
common symptoms, or from a single significant Incident, indicative of a single error, for which the cause is unknown
Known Error A condition identified by successful diagnosis of the root
cause of a problem, when it is confirmed which CI is at fault
21ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
ChangeManagement
Incident Management
Problem Management
From Incident(s) To A Problem To A Known Error To A Change
ProblemProblem Known ErrorKnown Error
Change
CI at Fault
XX
XX X
X
XX} X
X
X
X} XX
XX}
Workaround
}Incident Matching
ProblemEvolves
Into Error Record
Root CauseDetermined
TemporarySolution RFC
22ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Change Management
To ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to minimize the impact of change-related incidents and improve day-to-day operations
Change An action that results in a new status for one or more IT
infrastructure configuration items Standard change (Pre-Approved) Urgent change Request For Change (RFC) Forward Schedule Of Changes (FSC) Change Advisory Board (CAB) Change Advisory Board Emergency Committee (CAB/EC )
23ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Change Approval
RFC
Change Manager
Change Advisory Board
Management Board
CAB Meeting
Authorization
MINOR RFC
SIGNIFICANT RFC MAJOR RFC
(Change Manager Reports Actions To CAB)
24ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Release Management
Release Management takes a holistic view of a change to an
IT service and should ensure that all aspects of a Release,
both technical and non-technical, are considered together
Bridges the gap between Application Development and
Operations.
Avoids the ‘over the wall syndrome’.
Definitions
Definitive Software Library (DSL)
Definitive Hardware Store (DHS)
25ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Activities
ReleasePolicy
ReleasePlanning
Design &Develop, Or Order& Purchase The
Software
Build &Configure
The Release
Fit-For-PurposeTesting
ReleaseAcceptance
Roll-OutPlanning
CommunicationPreparation& Training
Distribution&
Installation
RELEASE MANAGEMENT
DevelopmentEnvironment
Controlled TestEnvironment
LiveEnvironment
Configuration Management Database (CMDB)&
Definitive Software Library (DSL)
26ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
The Service Delivery Process Model
SLA’s, OLA’s, SLR’sService requestsService CatalogueSIPException reportsAudit reports
Management Tools
The Business, Customers & Users
Capacity PlanCDBTargets/ThresholdsCapacity ReportsScheduleAudit Reports
Capacity
AlertsExceptions
Changes
IT ServiceContinuity
IT Continuity PlansBIA & Risk AnalysisDefine RequirementsControl CentersDR ContactsReportsAudit Reports
IT Financial Management
Availability PlanAMDBDesign CriteriaTargets/ThresholdsReportsAudit Reports
QueriesEnquiries
CommunicationUpdatesReports
RequirementsTargets
Achievements
Financial PlansTypes & ModelsCosts & ChargesReports Budgets & ForecastsAudit Reports
Service LevelManagement
Availability
27ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Service Level Management
To maintain and improve IT service quality through a constant cycle of agreeing, monitoring and reporting to meet the customers’ business objectives
Definitions: Service Level Agreement (SLA) Operational Level Agreement (OLA) Underpinning Contract (UC) Service Catalog Service Improvement Program (SIP) Service Level Requirements (SLR)
28ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Activities
Establish FunctionEstablish Function
Periodic ReviewsPeriodic Reviews
Implement SLAsImplement SLAs
Draft
Draft
Negotia
tee
Revie
w UCs
& OLAs
OLAs
Agree
Agree
Revie
w SLAs
Revie
w SLM
Pro
cess
Plannin
g
Imple
men
tatio
n
Manage The Ongoing ProcessManage The Ongoing Process
Monito
r
Monito
r
Report
Report
Revie
w
Revie
w
Catal
ogue Ser
vice
s
Plan
Do
CheckAct
29ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
The Service Catalog
Service Catalog
Options
Parameters
Levels
Default
SLA
OLA UC
Request For Service
GoldGold
SilverSilver
BronzeBronze
Defines the default services with the default levels of service and the options
SLA
30ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Availability Management
To optimize the capability of the IT infrastructure, services and supporting organization to deliver a cost effective and sustained level of availability, enabling the business to meet their objectives
Definitions: Availability Reliability Maintainability (Internal) Serviceability (External) Resilience Security (Confidentiality, Integrity, Availability) – legislation.. Vital Business Function (VBF) - CFIA
31ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Capacity Management
To ensure that all the current and future capacity and performance aspects of the business requirements are provided cost effectively ‘business alignment’
Definitions: Capacity Database (CDB) Demand Management Resource Management Modeling Application Sizing
32ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Definitions
Business Capacity Management Responsible for ensuring that the future business
requirements for IT services are considered, planned and implemented in a timely fashion
Service Capacity Management The management of the performance of the live,
operational IT services used by the customers
Resource Capacity Management The management of the individual components of the IT
infrastructure
33ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Formerly disaster recovery. Need BCM
To ensure that the required IT technical and services facilities can be recovered within required, and agreed timescales
IT Service Continuity Planning is a systematic approach to the creation of a plan and/or procedures (which are regularly updated and tested) to prevent, cope with and recover from the loss of critical services for extended periods
IT Service Continuity Management
34ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
More Definitions
Crisis An unplanned situation in which it is expected that
the period during which one or more IT services will be unavailable will exceed threshold values agreed to with the customer
Risk Management: Asset – Threat – Vulnerability Manual Work-Around Reciprocal Arrangements Gradual Recovery a.k.a Cold Standby Intermediate Recovery a.k.a Warm Standby Immediate Recovery a.k.a Hot Standby
35ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Initiate BCMStage 1
Initiation
Stage 2Requirements
&Strategy
Stage 3Implementation
Stage 4Operation Management
Organization & ImplementationPlanning
Implement Stand-ByArrangements
Develop Recovery Plans
Implement Risk ReductionMeasures
Develop Procedures
Initial Testing
Education & Awareness
Review& Audit
Testing ChangeManagement
Training
Assurance
Business Impact Analysis
Risk Assessment
Business Continuity Strategy
Activities
36ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Financial Management For IT ServicesProvide stewardship of IT assets & resources used in providing IT services
Budgeting enables an organization to: Predict the money required to run IT services for a given period Ensure actual expenditures can be compared with predicted expenditures Reduce the risk of overspending Ensure revenues are available to cover predicted expenditures
IT Accounting enables an organization to: Account for the money spent in providing IT services Calculate total cost of ownership of providing IT services Perform cost-benefit or return-on-investment analyses Identify the cost of changes
Charging enables an organization to: Recover costs of the IT services from the customers of the service Operate the IT organization as a business unit if required Influence user and customer behavior
37ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Business & IT Processes
Customer care1 800 FOR HELPComplaints
Fault impactFault sourceFault elimination
Cabin faultsPilot reportsPre-flight checks
New planesNew routesNew services
Plane upgradesAirport upgradesLivery change
PlanesPartsSpares
ScheduleLocationMaintenance
PricingAirport feesProfit/loss
Emergency exitsSeat beltsChutes
TermsClassesRewards
FuelWeightSpeed
Service Desk
Problem
Incident
Change Release Configuration
Availability Financial Contingency SLM
Capacity
Pink Elephant – Leading The Way In IT Management Best Practices
ITIL & IT Governance
An Introduction to the Key Role of IT Governance; An overview of COBIT and its relationship to ITIL
& U.S. Legislation (Sarbanes-Oxley)
39ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Enterprise & IT Governance
RegulatoryReporting / Privacy
CorporateObjectives
Internal Risk ControlFramework (COSO)
IT Governance Framework(CobIT)
DriversDrivers
Enterprise Enterprise WideWide
IT Risk IT Risk Mgmt.Mgmt.
Standards Controls
ITIL / ASL / ISO17799 / PMI / ISO
Ownership & Accountability
Monitoring & Reporting
DisciplinesDisciplines
40ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
CobIT
IT OPERATIONS
Audit Models
Quality Systems & Mgmt. Frameworks
Service M
gm
t.
Ap
p. D
ev. (SD
LC
)
Pro
ject Mg
mt.
IT P
lann
ing
IT S
ecurity
Qu
ality System
IT Governance Model
COSO
ISO17799
PMI
ISO
SixSigma
TSOIS
Strategy
ASL
CMM
Sarbanes- Oxley
US Securities & Exchange Commission
ITIL
BS 15000
AS 8018
41ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
The Legislation Minefield
Privacy & Security: Personal Information Protection
Electronic Document Act (PIPEDA)
US Patriot Act \ Homeland Security (Critical Infrastructure)
Personal Health Information Protection Act (PHIPA)
Health Insurance Portability and Accountability Act (HIPAA)
SEC Rules 17a-3 & 17a-4 re: securities transaction retention
Gramm-Leach Bliley Act (GLBA) privacy of financial information
Children’s Online Privacy Protection Act
European Privacy Directive (Safe Harbor Framework)
Clinger-Cohen Act (US Gov.) Federal Information Security
Mgmt. Act (FISMA)
Finance: Sarbanes-Oxley (US) Basel 2 (World Bank) Turnbull Report (UK) Canadian Bill 198 (MI 52-109 &
52-111)
Other International IT Models: Australian Corporate
Governance for ICT DR 04198 Intragob Mexican Quality Effort
42ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Sarbanes-Oxley
The Sarbanes-Oxley Act provides the foundation for new corporate governance rules, regulations and standards issued by the Securities and Exchange Commission (SEC)
Despite all the publicity surrounding the Sarbanes-Oxley Act of 2002, relatively little attention has focused specifically on the role of information technology in the financial reporting processes
Chief Executive Officers of publicly traded companies will be held accountable for the quality of the controls established which enable accurate financial reporting (This includes IT processes, systems and roles)
43ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Section 302: Corporate Responsibility for Financial Reports The first phase of Sarbanes-Oxley took effect the fall of 2003. Section 302, requires CFOs and CEOs to personally certify and attest to the accuracy of their companies' financial results.
Section 404: Management Assessment of Internal Controls, the most urgent IT challenge for SOX compliance is found within Section 404, which requires auditors to certify the underlying IT controls and processes companies need to ensure accurate financial results. Section 404 requires auditors -- either internal and external -- to certify internal controls and the processes by which executives arrived at the numbers.
Section 409: Real-Time Issuer Disclosures The most difficult aspect of Sarbanes-Oxley compliance, is still planned for the future. It calls for real-time reporting of material events that could affect a company's financial performance. The time-sensitive aspect of this regulation will likely put significant pressure on existing IT infrastructures and data management activities.
Sarbanes Oxley Act
44ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
CobIT
CobIT: is an open standard control framework for IT
Governance with a focus on IT Standards and Audit
Based on over 40 International standards and is supported by a network of 150 IT Governance Chapters operating in over 100 countries
Describes standards, controls and maturity guidelines for four domains and 34 control objectives
45ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
CobIT: 34 Control Objectives; 4Domains
Planning & OrganizationMonitoring
Delivery & Support
Acquisition & Implementation
PO1 Define a strategic IT Plan
PO2 define the information architecture
PO3 Determine the technological direction
PO4 define the IT organization / relationships
PO5 Mange the IT investment
PO6 Comm. management aims / direction
PO7 Manage human resources
PO8 Ensure compliance with external requirements
PO9 Assess Risks
PO10 Manage Projects
PO11 Manage Quality
AI1 Identify automated solutions
AI2 Acquire and maintain application software
AI3 Acquire and maintain technology infrastructure
AI4 Develop and maintain procedures
AI5 Install and accredit systems
AI6 Manages Changes
DS 1 Define and Manage service levels
DS 2 Manage third party services
DS3 Manage performance capacity
DS4 Ensure continuous service
DS5 Ensure systems security
DS6 Identify and allocate costs
DS7 Educate and train users
DS8 Assist and advise customers
DS9 Manage the configuration
DS10 Manage problems and incidents
DS11 Manage data
DS12 Manage facilities
DS 13 Manage operations
M1 Monitor the processes
M2 Asses internal control adequacy
M3 Obtain independent assurances
M4 provide for independent audit
46ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
ITIL Framework
The BusinessCustomers End Users
Services
Application Management
Design and Planning Deployment Operations
Technical Support
Service Management
Service Level Management
Availability Management
Capacity Management
Financial Management Release Management
Configuration Management
Change Management
Problem Management
Incident Management
Service Desk
ICT Infrastructure Management
IT Service Continuity Management
47ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Deliver & SupportDeliver & SupportMonitorMonitor
Planning & Organization
Acquire & Implement
Planning & Organization
Acquire & ImplementPlan & OrganizePlan & OrganizeAcquire & Maintain
Application Software
Acquire & Maintain
Application Software
Assess Risks
Assess Risks
Manage Performance
& Capacity
Manage Performance
& Capacity
Ensure Continuous
Service
Ensure Continuous
Service
Ensure System Security
Ensure System Security
Identify & Allocate
Costs
Identify & Allocate
Costs
Manage Third-Party
Services
Manage Third-Party
Services
Define & Manage Service Levels
Define & Manage Service Levels
Install & Accredit Systems
Install & Accredit Systems
Manage ChangeManage
Change
Assist & Advise
IT Customers
Assist & Advise
IT Customers
Manage ConfigurationManage
Configuration
Manage Problems & Incidents
Manage Problems & Incidents
Acquire & Maintain
Technology Infrastructure
Acquire & Maintain
Technology Infrastructure
Manage DataManage
Data
Manage FacilitiesManage
Facilities
Manage OperationsManage
Operations
Define Strategic IT Plan
Define Strategic IT Plan
Define IT Organization
& Relationships
Define IT Organization
& Relationships
Manage IT InvestmentManage IT
Investment
Determine Technological
Direction
Determine Technological
Direction
Communicate Aims & Direction
Communicate Aims & Direction
Manage Human
Resource
Manage Human
Resource
Ensure Compliance With External
Standards
Ensure Compliance With External
Standards
Manage ProjectsManage
Projects
Manage QualityManage
Quality
Identify Automated Solutions
Identify Automated Solutions
Develop & Maintain
IT Procedures
Develop & Maintain
IT Procedures
Educate &
Train Users
Educate &
Train Users
Monitor The
Process
Monitor The
Process
Assess Internal Control
Adequacy
Assess Internal Control
Adequacy
Obtain Independent
Assurance
Obtain Independent
Assurance
Provide Independent
Audit
Provide Independent
Audit
Define Information
Architecture
Define Information
Architecture
48ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Business Trends for IT Services Forresters Research 2005
IT Spending 2005:
Biggest priority for CIOs in 2005 will be applications, with 49% of decision-makers identifying deployment or upgrade of major packaged applications as a priority.
Global spending on software will rise steadily over the next four years, even as businesses look increasingly to the delivery of traditional software functionality via online services.
Security has been one of the top three IT priorities among businesses for the past 3 years; eMarketer expects this trend to continue in 2005.
Content Management: Is this the next “killer app”? Purchase plans for content mgmt increased 15 % from last year, because companies are adopting enterprise-wide strategies for managing Web content, documents, records, and digital assets.
Consulting: 69% of the companies that identified application upgrades as a priority will purchase consulting help for those projects; 44% for system integration consulting services.
49ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Business Trends for IT Services Forresters Research 2005
Things to watch:
Regulatory compliance: 65% consider support for governance, such as the Sarbanes-Oxly Act, a priority, while 38% categorized it as a ”critical priority”
Outsourcing: application outsourcing will grow 9% and outsourcing for applications maintenance will increase 27% for 2005.
Organic IT: self-managing, self-healing data centers, transition to services-oriented architecture, components that can be invoked in a Web services model, and RFID
RFID: Wal Mart’s deadline was Jan 2005 for it’s top suppliers to start sending RFID-tagged goods units to its warehouse in Dallas. IDC estimates US retailers and their suppliers spent roughly $90 million in 2003 on RFID and AMR Research estimates consumer goods companies, many of which supply retail giant Walk-Art, spent $250million on RFID tags in 2004; Reports put Wal-Mart’s RFID spending alone at $3 billion over the next several years.
50ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Links
Useful ITIL Resources: Pink Elephant, recognized worldwide as the ITIL experts
www.pinkelephant.com
Useful IT Governance Resources: Institute of Systems Audit & Control Association www.isaca.org
www.itgi.org (IT Governance paper COBIT & SOX)
Sarbanes Deadlines: www.sec.gov/news/press/2004-21.htm (Please refer to Release No. 33-8392 for more detailed information)
Pink Elephant – Leading The Way In IT Management Best Practices
GET “ITIL-IZED” !
… be part of the ITIL REVOLUTION
Brenda IniguezDirector, Western US Pink ElephantHDI-Global MAB Chairman Emeritus
www.pinkelephant.com
52ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Pink Elephant
More than 20 years experience Recognized worldwide as The ITIL Experts Initiated ITIL revolution in North America First to offer ITIL education in U.S. & Canada Trained more than 150,000 IT professionals Contributed to numerous ITIL books Received EXIN award for promoting ITIL worldwide Introduced the industry’s first IT Executive
Management Certification program ITIL based service lines: Education, Consulting,
Conferences
53ITIL IT Service Management & Governance Overview© Pink Elephant, 2005. All Rights Reserved. ITIL® is a registered trademark of the OGC – the Office of Government Commerce.
Director, Western US, Pink Elephant Over 20 years in IT as a practitioner, IT Management
Financial Services background; deadline & transaction driven; daily volumes of magnitude
HDI-MAB Chairman Emeritus HDI Member Advisory Board Member Served on HDI Strategic Advisory Board Served on industry Conference Boards: HDI, HDP, GCSC Founding Member of HDP, Help Desk Professionals Frequent Industry Conference Speaker: HDI, HDP, GCSC, ITSM,
local HDI chapters Officer of SFHDI Local Chapter Named one of Top 25 Support Professionals in US
Brenda Iniguez – Experience