The IT SERVICE MANAGEMENT (ITSM) OASIS

Does a Change Advisory Board (CAB) authorises Changes?

2009-12-01T14:57:00.001+08:00

Those new to ITIL will often think that the role of the CAB is to authorise Changes, especially the major or significant changes. Well, yes and no.

The Change Advisory Board (CAB) is a concept defined in ITIL V2 and V3’s Change Management process and is a body that exists to support the authorization of changes and to assist Change Management in the assessment and prioritization of changes. The CAB is usually consulted for significant changes that have a broad or major impact to the organisation. The CAB may be asked to consider and recommend the adoption or rejection of changes appropriate for higher level authorization and then recommendations will be submitted to the appropriate Change Authority.

Similar in concept to the CAB is the Emergency Change Advisory Board (ECAB). This is done as part of the Emergency Change procedure which is used to process a change request related to fixing an error in the IT infrastructure that has major impact to the business if it is not fixed quickly, hence the Emergency Change. An ECAB is necessarily formed since there is often not enough time to convene a normal and larger scale CAB meeting.

So, who authorises changes? ITIL defines the role of Change Authority that, as the name stated, authorises change. This is a role that may be given to a person (e.g. Change Manager, department manager) or a group of people (e.g. CAB or ECAB). The levels of authorization for a particular type of change should be determined by the type, size or risk of the change. A major or significant change in a large enterprise that affects several distributed sites may need to be authorized by a higher-level Change Authority such as the Board of Directors. A lesser change with limited scope and impact to the business or IT infrastructure may be authorised by a person. A simple, low risk change may even be pre-approved or pre-authorised.

Figure 4.5 in the ITIL V3 Service Transition book is misleading when taken out of context and often leads a reader to wrongly believe that the CAB or ECAB’s role is to authorise Change. That figure only shows an example where the CAB or ECAB is given the role as a Change Authority.

In summary, a CAB or ECAB’s main role is an advisory one, which is to support and assist the Change Authority in making to decision as to whether a request for change should be approved or rejected. The CAB or ECAB does not authorise a Change unless they are specifically given the role as a Change Authority as well.

Understanding Configuration Management System (CMS) and Configuration Management Database (CMDB) – Part 3

2009-11-24T10:40:00.001+08:00

Supplier Management is the ITIL V3 process responsible for defining and maintaining the Supplier and Contracts Database (SCD), which is a database or structured Document used to manage supplier contracts throughout their lifecycle. The SCD contains key attributes of all contracts with suppliers, and should be part of the Configuration Management System (CMS), which is a subset of the overall Service Knowledge Management System (SKMS).

As mentioned in my previous post, a CMDB is a database within a CMS. At the data level, the Configuration Management System (CMS) may take data from several physical CMDBs, which together constitute a federated CMDB. Other data sources will also plug into the CMS such as the definitive media libraries (DML).

Ideally, a SCD (Supplier and Contracts Database) which stores information on supplier and contracts used in service management is also a database within the CMS. Relationship information between a Service to Suppliers of outsourced or externally supported components that supports that specific Service should be defined and captured in the CMS. In addition, the relationships between the Service, any Service Level Agreements (SLAs) and Underpinning Contracts (UCs) linked to that Service ought to be captured as well. These information forms part of the Logical Configuration Model of that Service. Using this Logical Configuration Model, any Service Management staff can easily trace the components used to support the Service, related SLAs and contracts and also finds information about the related suppliers.

Be careful of the inconsistency in the naming of the terms. A “gotcha” if you are taking the ITIL examinations. There is no “Supplier Management Information System” or SMIS, unlike the new ITIL V3 terms Availability Management Information System (AMIS) or Capacity Management Information System (CMIS) which are information systems used to support Availability Management and Capacity Management respectively. The information system to support Supplier Management is simply called SCD (like the old ITIL V2 Availability Database or ADB and Capacity Database or CDB). By the way, there is a SMIS in ITIL V3 but it stands for Security Management Information System.

Understanding Configuration Management System (CMS) and Configuration Management Database (CMDB) – Part 2

2009-11-07T16:04:00.001+08:00

Is the Service Portfolio and Service Catalogue part of the Configuration Management System (CMS) in ITIL V3? Yes.

We can and should define a “Service” as a configuration item (CI) and build a logical configuration model for the Service, i.e. linking the “Service” CI to the other components or CIs that supports the Service. Such logical configuration models are useful when handling incidents, solving problems, assessing impact of changes or developing a cost model for a service.

Services are described using specification sheets (Service Specifications) and forms part of the Service Catalogue and Service Portfolio. Hence, the Service Specifications, Service Catalogue and Service Portfolio should be registered as controlled documents, subject to the Change Management process, and hence defined as CIs within the Configuration Management System (CMS).

In actual implementation, the Service Catalogue may take the form of a matrix, table or spreadsheet. Some may even document their services in an intranet and present it in the form of web pages, with drill down capability to show greater details as required. The Service Catalogue can be viewed as a "database”, which forms part of a federated CMDB, containing detailed information and attributes of the Services and has linkages or relationships with other physical CMDBs within the CMS.

Announcement on ITIL V2 withdrawal

2009-11-01T20:50:00.001+08:00

ITIL has formally announced the dates for the withdrawal of ITIL V2 certification. More details can be found in the link below:

http://www.exin-exams.com/content/news/ogc-announces-timeline-for-withdrawal-of-itil-v2.aspx

For those hoping to pursue the ITIL Expert certification via the V2 Manager route, note that the V2 Manager certification examinations will be withdrawn on 31 August 2010 and the V2 to V3 Manager Bridge will be withdrawn on 30 June 2011.

All of the above will be available for re-sits until 30 June 2011.

Do sign up for the next ITIL V2 Manager and V2 to V3 Bridge courses before it is too late.

Understanding Configuration Management System (CMS) and Configuration Management Database (CMDB) – Part 1

2009-10-20T15:33:00.001+08:00

In ITIL V2, the CMDB is described as a database that contains the relationships between all the system components, including Incidents, Problems, Known Errors, Changes and Releases. The CMDB also contains information about Incidents, Problems, Known Errors, corporate data about employees, suppliers, locations and business units. It also goes on to say that the CMDB is often used to store details of Services and relate them to the underlying components and may also be used to store contracts and licences.

ITIL V2 seems to imply that a configuration management system is a set of tools used to support the Configuration Management activities.

In ITIL V3, the definition of CMS and CMDB is slightly changed from that of ITIIL V2. According to the ITIL V3 Glossary:

CMS = A set of tools AND databases that are used to
manage an IT Service Provider's Configuration data. The CMS also
includes information about Incidents, Problems, Known Errors, Changes
and Releases; and may contain data about employees, Suppliers,
locations, Business Units, Customers and Users. The CMS includes
tools for collecting, storing, managing, updating, and presenting data
about all Configuration Items and their Relationships. The CMS is
maintained by Configuration Management and is used by all IT Service
Management Processes.

CMDB = A database used to store Configuration Records
throughout their Lifecycle. The Configuration Management System
maintains one or more CMDBs, and each CMDB stores Attributes of Configuration Items (CIs), and Relationships with other CIs.

In other words, a CMDB is a database within a CMS. At the data level, the CMS may take data from several physical CMDBs, which together constitute a federated CMDB. Other data sources will also plug into the CMS such as the definitive media libraries (DML). A SCD (Supplier and Contracts Database) which stores information on supplier and contracts used in service management is also a database within the CMS and can be considered a CMDB. A service catalogue is just a form of CMDB.

According to the ITIL V3 books, the CMS maintains the relationships between all service components and any related incidents, problems, known errors, change and release documentation and may also contain corporate data about employees, suppliers, locations and business units, customers and users.

Relationships are the mechanism for associating RFCs, incident records, problem records, known errors and release records with the services and IT infrastructure CIs to which they refer. All these relationships should be included in the CMS. Request for Change (RFC) and change and release records will identify the CIs affected.

What about the actual incident, problem, change and release records? Are the actual records stored in or forms part of the CMS? According to the ITIL Glossary, the CMS contains “information about” incident, problems, Known Errors and Releases.

I think actual incident, problem, change and release records should be considered as part of the CMS although the ITIL V3 Service Operation book does not explicitly mention about storing incident records in the CMS. However, it mentions that Problem Management uses the CMS to identify faulty CIs and also to determine the impact of problems and resolutions. The CMS can also be used to form the basis for the KEDB and hold or integrate with the Problem Records. This means CMS may or may not store Problem and Known Error records, but the relationships information should be captured in the CMS.

The ITIL V3 Service Transition book does explicitly mention that the change and release records are stored within the CMS.

As an RFC proceeds through its lifecycle, the change document, related records (such as work orders) and related configuration items are updated in the CMS, so that there is visibility of its status. Estimates and actual resources, costs and outcome (success or failure) are recorded to enable management reporting.
Release information is recorded within the CMS, supporting the release and deployment process.

In real-life implementations, off-the-shelf tools from vendors like HP (HP Service Center) and BMC (Remedy) provides an integrated toolset that contain integrated modules to support the Incident, Problem, Change and Configuration Management processes. It contains all incident, problem and known errors records with relationships and linkages to the services and CI details stored in a database.

Which ITIL processes include risk analysis and management activities?

2009-10-12T15:59:00.001+08:00

There is often disagreement amongst the ITIL students (and also between ITIL trainers and practitioners) as to which ITIL processes include risk analysis and management activities. Of course, processes like Security Management, Change Management, Release & Deployment Management, Availability Management, Supplier Management and IT Service Continuity Management obviously include risk analysis and management activities. In some cases, they are explicitly mentioned in the ITIL books.

What about other ITIL processes? These may not be so obvious. How do we answer such questions (samples below) if they should appear in ITIL examinations?

Q1. Which of the following processes should include risk analysis and management activities?

IT Service Continuity Management
Information Security Management
Incident Management
Change Management

a. 1, 2 and 4

b. 3 and 4

c. 1 and 2

d. All of the above

Most of us would have selected (a) as the answer and I think this is probably the “best” or “obvious” answer. However, one could argue that Incident Management would include “risk analysis and management activities”. Examples, if there are two workarounds or potential solutions that could be used, Incident Management (or Service Desk staff) would have to analyse and consider which workaround or solution could potentially be more risky to use when restoring service. The question specifies “should include”. Hmm…, so maybe (d) is the correct answer.

Q2. Which of these processes includes a need to carry out Risk Analysis and Management?

1. IT Service Continuity Management
2. Information Security Management
3. Service Level Management

a) All of the above

b) 1 and 3 only

c) 2 and 3 only

d) 1 and 2 only

Again, most (including myself) would have answered (d) since Service Level Management (SLM) does not have a direct need to perform risk analysis. But one could say that SLM would have to consider risks and uncertainty of outcomes during drafting and negotiation of SLAs. For example, SLM would need to consider the risks that Service Level requirements could not be met and hence should not be committed to. However, one could also say that such activities could be delegated to the other processes like Availability Management, Capacity Management, Security Management, Supplier Management and IT Service Continuity Management.

So, should the answer be (a) or (d) in the questions above?

In general, I think that any Process that includes some form of “PLANNING” or "ANALYSIS" as an activity ought to have included some form of risk analysis and management since we need to take into account the uncertainty of outcome and hence risk when doing any form of planning and analysis.

Which answers you pick in the ITIL examination would depends on how you interpret the question asked and whether you think this is a straight-forward question or a question to test your deeper understanding.

Perhaps, such examination questions should have been better worded (or avoided) to reduce the risk that the students may have doubt about what the examiner is looking for.

ISMS vs SMIS. Are they the same?

2009-09-17T15:51:00.001+08:00

I don’t think so. ISMS refers to the Information Security Management System and SMIS refers to the Security Management Information System.

The SMIS is not formally defined in the ITIL V3 Glossary. However, the ISMS is. According the ITIL V3 Glossary, the “Information Security Management System (ISMS) describes the framework of Policy, Processes, Standards, Guidelines and tools that ensures an Organisation can achieve its Information Security Management Objectives.”

ISO 27001 is the formal standard against which organizations may seek independent certification of their ISMS (meaning their frameworks to design, implement, manage, maintain and enforce information security processes and controls systematically and consistently throughout the organizations).

From Section 4.6.8 of the Service Design book:

“All the information required by Information Security Management (ISM) should be contained within the Security Management Information System (SMIS). This should include all security controls, risks, breaches, processes and reports necessary to support and maintain the Information Security Policy and the Information Security Management System (ISMS). This information should cover all IT services and components and needs to be integrated and maintained in alignment with all other IT information management systems, particularly the Service Portfolio and the CMS. The SMIS will also provide the input to security audits and reviews and to the continual improvement activities so important to all ISMSs. The SMIS will also provide invaluable input to the design of new systems and services.”

From the above, the SMIS is an Information System to support the Information Security Management process, similar in concept to the Availability Management Information System (AMIS) and the Capacity Management Information System (CMIS).

Hence, they are not the same. SMIS is an information system and ISMS is a framework, for Information Security Management process.

I think a formal definition of the SMIS should be included in the ITIL V3 Glossary. Also, Figure 4.27 in the Service Design book should refer to an SMIS (this was changed to ISMS in later release of the Service Design book).

More V3 traps for V2 folks

2009-09-10T13:12:00.001+08:00

To add to my previous post on the above topic, there are other gotchas that you need to be careful of when taking the ITIL V3 examinations, especially if you came with ITIL V2 background.

In the Capacity Management process, the data and information used for supporting the process is now stored in a Capacity Management Information System (CMIS). In V2, it was called a Capacity Management Database (CDB). The ITIL V3 Glossary defines the CMIS as a virtual repository of all Capacity Management data, usually stored in multiple physical locations. The “multiple physical locations” could be “databases” or CBD in the ITIL V2 context.

Similarly, for Availability Management, the data and information used for supporting the process is now stored in a Availability Management Information System (AMIS). In V2, it was called Availability Management Database (AMDB).

Both the AMIS and CMIS are part of the Service Knowledge Management System (SKMS).

So you would think that since there is a AMIS and CMIS for the Availability and Capacity Management processes respectively, there would be a Supplier Management Information System (SMIS) for the Supplier Management process.

Gotcha! For those learning ITIL and sitting for ITIL V3 certification examinations, note that in the Supplier Management process, there is no Supplier Management Information System (SMIS) defined in ITIL V3. The data (e.g. supplier and contracts information, reports, supplier service improvement plans ) are stored in a Supplier and Contracts Database (SCD).

Confused?

What about Configuration Management with its Configuration Management System and Configuration Management Database? I will cover this in the next post.

Criteria for Triggering an IT Escalation – some examples

2009-09-03T13:34:00.001+08:00

"Escalation" is often mentioned when dealing with Incident and Problem Management processes. The ITIL Incident Management process talks about Hierarchical and Functional escalations. Hierarchical escalations are where higher management attention and additional resources are needed. Functional escalations are done when incidents are assigned to next level support personnel with greater expertise to work on them. Criteria for triggering such escalations are very much organisational dependent. The majority of escalations will be initiated from Incident Management and there are a number of triggers, both time and event based.

Incident Management handles many incidents each month and only a very small percentage will require escalation. It is important that Incident Management adhere diligently to the triggers. Failure to do so may result in Customer anxiety and dissatisfaction. On the other hand, "false alarms" or "crying wolf" may lead to increased costs due to the additional attention and resources required to manage the Customer.

Hence the criteria should be well-defined, documented and made known to the Service Desk, and other IT Support functions. These criteria could be embedded within support tools to help the support staff. The tool could also be used to control the process flow within agreed timescales for those escalations that are triggered due to prolonged service outages.

Examples of reasons to initiate an escalation could include the following:

A prolonged service outage that exceeds or threaten to exceed the Service Level Requirements or timeframe, leading to high customer anxiety or complaints.
Frequently recurring or multiple related High Priority incidents where Priority is related to business impact and urgency. In situations like this, the Customer's confidence in the Service Provider would have been greatly impacted, not to mention the impact to the Customer's business. Hence, an escalation is called for to bring about management attention and also expertise to find the root cause and prevent future incidents.
Management of a major Incident (part of Major Incident Procedure). Typically, a Major incident procedure would have included activities related to escalation or crisis management
Management of a major Problem especially where impact to business is high and the assigned problem management team is taking too long to isolate the cause of the incidents. This could in turn cause other issues, such as high customer anxiety, recurring incidents and lost of Customer’s confidence in the Service Provider.
Data loss or risk of potential data loss. Any loss of data has a significant impact on the Customer. For example, a disk storage system has malfunctioned, leading to a service outage. The customer's last backup was done yesterday and there is potential data loss if the right solution is not found. In situations like this, an escalation may be called for to ensure the right steps is done to repair the disk storage system and recover the data or ensure no data is lost.
Risk of actual or potential damage to customer or provider's reputation
Safety issue identified or reported by Customer
Risk of bleach or non-compliance of regulations e.g. industrial health or safety
Customer's crisis situation or customer's anxiety is high and customer requests for escalation
Common sense

The last one is a good one, as not all situations can be well foreseen! So, service staff needs to exercise judgement and common sense when it comes to triggering an escalation, even with a documented checklist or tool. When in doubt, check with a more experienced colleague or better still, check with the immediate supervisor.

What is “Service Transition Pack” in ITIL Service Design book?

2009-08-09T16:55:00.001+08:00

I was preparing some materials for my coming ITIL class and came across the term “Service Transition pack” in Chapter 8 of the Service Design book by OGC. It appears under section 8.51 – Pre-requisite for Success where “The design of the service will be impossible without the Service Portfolio and Service Transition Pack”. Also under section 8.5.2 – Critical Success Factors and Key Performance Indicators where the “Percentage of Service Transition pack completed on time” is one of the KPI listed for Service Design.

Wondering what is ‘Service Transition Pack”, I checked up the ITIL V3 Glossary but it was not found there. A quick keyword search of the entire Service Design book did not give any definition of this term. Neither could I find a definition of these term in the Service Transition book.

Hmm. Probably typo error. I think it could be referring to “Service Design Package”.

Importance of Having an Escalation Management process

2009-08-04T12:43:00.001+08:00

In my previous organisation, escalation management is well-defined and documented process. It is even handled or managed by a separate dedicated team of people. This "escalation center" function, called the Customer Escalation Center (CEC), works closely with the Service Desk function called the Response Center. It also supports the field or onsite support engineers who taking on maintenance and support roles.

When I started out as a rookie service engineer in the Response Center, the knowledge that there is a team of experts which I can call upon to help out in major incidents or problems is often reassuring. The fact that the Response Center or an onsite technical or application support engineer has escalated a major incident or problem to the CEC and there is a team of experts attending to the escalated incident or problem is also reassuring to the Customer.

Escalation Management is to bring order, structure, focused management attention and additional resources to those customer situations which could otherwise result in a high level of customer dissatisfaction and/or damage to the service provider’s reputation. These are situations which could lead to significant loss of business to the Customer or IT Service Provider or where significant costs may be incurred by IT Service Provider to resolve the customer situation.

The criteria to trigger an escalation depends on the organisation or service provider. But it should be well defined.

The process could consist of the following activities:

· Initiate an Escalation, based on meeting specific escalation criteria

· Assign an Escalation manager for the escalation

· Log the Escalation and link the Escalation record to related Incident or Problem records

· Escalation manager assigns or appoints the escalation team. The escalation team should include the Incident owner, Problem owner, and other subject matter experts, as required

· Identify appropriate Service Provider and Customer management contacts

· Conduct a detailed situation appraisal and review, led by the Escalation manager

· An escalation management action plan, including additional resources needed, is developed in conjunction with the Customer. The escalation management plan is to be executed in parallel with the detailed technical action plan (as per Incident/Problem Management)

· The escalation management action plan is reviewed and adjusted as required

· A Hierarchical Escalation (as per Incident Management process) is initiated, if appropriate. Senior management and executives are alerted.

· Escalation team works to resolve the problem. At each stage, records are updated and management contacts and team are informed of the progress and escalation plan reviewed and adjusted as required.

· Once resolved to the Customer’s satisfaction, the situation is monitored for an agreed period

· The escalation team remains on standby and available in case the problem recurs during the monitoring period

· Once the monitoring period is successfully completed, the escalation is closed by the Escalation manager, after seeking agreement with the Customer

· Once the escalation is closed, a post escalation review is conducted and input provided to the Problem Management process. This can be done in conjunction with the Major Problem Review which is part of Problem Management.

As can be seen above, Escalation Management is closely related to and supports the Incident Management, Request Management and Problem Management processes. It is an important process that should be treated with equal or greater focus as compared to these other well-defined ITIL processes.

Why Not Take on Problem Management (as defined by ITIL) During The Economic Slowdown?

2009-07-20T17:11:00.001+08:00

During period of rapid business growth, systems and processes quality may have been overlooked by many IT organisations as they would be focused on implementing new systems and rolling out new IT services as quickly as possible to keep up with the business expansion.

With the current economic slowdown, many new projects and systems may be put on hold as company will be looking into measures to reduce cost and improve efficiency. These may mean that some staff may have less work assigned or made temporarily or permanently redundant. Instead of considering staff reduction, why not get these staff to work on Problem Management (as defined by ITIL) during the economic slowdown? Why not get them to work on systems and processes quality improvement that had been overlooked and long overdue?

ITIL defines an "Incident" as any unplanned interruption to an IT service or reduction in the quality of an IT service and ITIL defines a "Problem" as the cause of one or more of those incidents. The primary objectives of taking on Problem Management are to prevent problems and resulting incidents from happening, to eliminate recurring incidents and to minimize the impact of incidents that cannot be prevented.

Working on Problem Management means the staff will perform activities required to determine the root cause of incidents and to determine the resolution to those problems. They will also ensure that the resolution is implemented so that the cause of such incidents is resolved. Service availability is therefore increased through lesser service downtime. Reduction in effort in fire-fighting or resolving repeat incidents will increase efficiency and reduce cost. Any activities that results in improved service quality, reduce cost and improve customer satisfaction would be a good thing.

Problem Management will also maintain information about problems and the appropriate workarounds and resolutions. Over time, this enables the organization to reduce the number and impact of incidents by speeding up the resolution time and identifying permanent solutions. Doing these now will position the organisation well for growth during the recovery phase. This results in less downtime and less disruption to business critical systems now and in the future. A highly reliable and quality service could turn out to be a competitive advantage in times of growth.

Employee morale boost would be another benefit as the staff will be working on meaningful activities that will make their jobs easier in the longer run.

ITIL V3 Manager Bridge Course - classes available in Singapore

2009-07-08T21:13:00.001+08:00

The ITIL V3 Manager Bridge course are available through Hewlett Packard Education Service in Singapore. Upon successful completion of this 4-day course, participants will be able to:

Gain a good management-level understanding of the ITIL V3, including all aspects of the ITSM lifecycle
Gain the knowledge necessary to prepare for the “ITIL V2 Managers to ITIL V3 Expert” examination from EXIN, ISEB or APM Group. Successful candidates will be awarded the new ITIL V3 Expert certification.

The scheduled classes from now till end 2009 are:

1-4 September, with the exam scheduled for the 20 October 2009.
16-19 October, with the exam scheduled for the 14 December 2009.

Prerequisite : ITIL V1 or V2 Manager certification.

Good news for Singapore citizens and permanent residents! This course is endorsed by IDA for CITREP grant, capped at SGD3,000. In addition, Singapore-registered companies can claim Absentee Payroll support of SGD50 per trainee per day. More information can be found at the IDA website.

Leave me a comment with your email contact if you are interested to register for any of the above classes. I will email a registration form to you together with other details for the registration.

ITIL V2 Manager course in Singapore

2009-07-01T15:51:00.001+08:00

The ITIL V2 Manager course is available through Hewlett Packard Education Service in Singapore. This is likely to be the last ITIL V2 Manager course that will be available in Singapore for 2009.

The scheduled classes are:

24 August to 28 August – ITSM Service Support
28 Sept to 2 October – ITSM Service Delivery
2-3 November – Examination preparation course, with the actual examinations scheduled for the 24 and 26 November 2009.

Good news for Singapore citizens and permanent residents! This course is endorsed by IDA for CITREP grant. In addition, Singapore-registered companies can claim Absentee Payroll support of SGD50 per trainee per day.

Leave me a comment with your email contact if you are interested to register for the above class. I will email a registration form to you together with other details for the registration.

ITSM Roles - When is a Manager Not a Manager?

2009-06-29T16:22:00.001+08:00

One of the critical tasks in any ITSM implementation is to define roles and responsibilities for the various activities and procedures in a process. These would include roles such as Incident Manager, Problem Manager, Change Manager, Service Level Manager and new roles introduced with ITIL V3 such as Service Catalogue Manager (from ITIL V3), Supplier Manager and Deployment Manager, etc.

Culture and tradition within a company would have to be considered when assigning people to such roles or given such titles within the company. In one of my consulting engagements for a client in Indonesia, such an “issue” did surfaced.

In this project, my colleagues and I were engaged to assist my client define and implement the ITIL Service Support processes. While conducting a workshop to discuss the various roles for the incident, problem and change management processes with various stakeholders in client’s office, we noticed that the participants were looking increasing disturbed when we discussed the various “manager” roles for each of these processes. We called for a tea-break soon after.

During the break, we found out that in this company, staff appointed as Managers are expected to wear a tie and are given special company privileges like car allowance.

Aha!

After the break, we decided that all “manager” roles in ITIL will now be called PIC (person-in-charge) for this client. So, it will be Incident PIC, Problem PIC, instead of Incident Manager, Problem Manager respectively.

The stakeholders in the workshop are happy after that, except those guys in IT who thought they could be getting a new car!

Steps and Tips on Implementing ITIL Problem Management

2009-06-09T17:10:00.001+08:00

Problem Management is dependent on a mature Incident Management process.Although it is possible to start early with Problem Management, this process is highly integrated with Incident management. So, it is best to implement Problem Management after you have implemented Incident Management. You will require incident data, impact, frequency and incidents trends to help identify relevant and worthwhile Problems to work on eventually.

It is often possible to start with Problem Management activities, without having a formally defined Problem Management process. Instead of getting bogged down with process design, implementing supporting tools and documentation at the start of the project, consider going for quick wins.

Start with actions like:

- Identify the top 5 to 10 incidents

- If needed, provide guidance to incident management/service desk on how to record incidents

- Find some problems and solve them!

A key activity in Problem Management is to look for the root cause of one or more incidents and recommend a permanent fix. Choosing the right people for the job is crucial. Analytical people with the right technology background are best given such roles. This need not be a permanent role. If fact, most organisation do not assign someone to be "THE Problem Manager". Problem Managers are best identified and assigned based on the Problem(s) at hand. Sometimes, a task force could be appointed, instead of a single person. Besides technical skills, the assigned Problem Manager(s) would preferably have problem-solving skills and experience with techniques like Kepnor Tregoe, Pain-Value Analysis and Ishikawa diagrams.

At some stage, the process would need to be designed, documented and formally rollout. Roles and Responsibility for Problem Management needs to be defined and a process owner needs to be assigned for this process.

Reports and metrics have to be defined. Examples include:

- Number of Problems and Known Errors in a period by status, Service or Category.

- Percentage of Problems which have been solved per category and period.

- Average time for finding root cause per category.

- Average resolution time of problems and known errors per category.

- Effort invested in Problems pending resolution and expected effort required for closure per period (as measured by resolution time).

- Total Problem Management effort on a per Service basis vis-à-vis changes in Service availability. This would relate Problem Management effort with estimated downtime avoided due to incident prevention.

- Number of problems that re-occur.

Unlike Incident Management metrics like "percentage solved within target time", Problem Management metrics are typically not included explicitly in SLAs.

Setting up a Known Error Database (KEDB) is another key activity. The KEDB maintains information about problems (i.e., isolation and resolution procedures) and the appropriate workarounds, scripts, references to patches, FAQs and resolutions. The KEDB or knowledge database must allow for flexible retrieval of information, preferably by keyword search.

However, the KEDB may not add much value if the Incident Management process or Service Desk staff is too immature to efficiently use them. A KEDB system would not be really useful if Service Desk or IT staff do not help capture information and use the system to aid in first-line diagnostics. So, setting up a KEDB system in itself is not enough. A knowledge management mindset and culture is needed as well. Incentives and metrics would have to be introduced to motivate the right behaviour in Incident and Problem management staff.

A tool to support the creation and tracking of Problem and Known Error records should be considered. Given the close dependency between the Incident and Problem Management, integration of incident and problem management workflow and data records in the tool is important. Most commercially available tools like BMC's Remedy or HP's Service Manager comes with separately purchasable but integrated modules for Incident Management, Problem Management, Change Management and a Configuration Management Database (CMDB) to store the system management records and also Configuration Item (CI) information.

Like any other ITIL processes, the Problem Management process should then go through the Plan-Do-Check-Act cycles and improved and refined over time.

ITIL V3 Publications – Which format should I Buy?

2009-06-01T13:48:00.001+08:00

The ITIL V3 Publications from the OGC is “Recommended reading” or some may even consider "Must-have" for anyone who is pursuing ITIL certification at the Intermediate or Expert level or any organisations implementing IT Service Management.

The 5 core books in the ITIL V3 Publications cover the ITIL Service Lifecycle, namely, Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement. In addition, there is The Official Introduction to the ITIL Service Lifecycle book that explains the basic concept of IT service Management and the place of ITIL, introducing the new lifecycle model, which puts into context all the familiar ITIL processes from the earlier ITIL V2 books.

The books can be purchased individually or as an entire set. There are savings if the entire set is purchased at one go compared to buying all the books individually. So, my recommendations is to buy the entire set since most individuals and organisations will need all the books.

Once you have decided to buy, you will need to decide on the format. The new ITIL V3 library is available in these formats:

Hardcopy book with softcovers
Downloadable PDF (Adobe Digital Editions)
Online subscription (single user)
Online subscription (multiple user) - applicable only to the Complete Publication Suite and/or the Official Introduction.
eBook (MobiPocket eBook) version.

Hardcopy book format

This format is for individuals who prefer the traditional way to read or browse through the books. For an organisation, this would be a good format to buy if you have a physical library to store the books and enables readers easy access to the books.

Downloadable PDF format

The softcopy PDF versions of these books come with Digital Rights Management technology which is a form of protection against illegal copying. The PDF files can only be downloaded and stored on one computer. They can only be printed once and cannot be copied, cut or pasted.

To read a digital edition, you need the free Adobe Reader software, version 6.0 or higher. You will also need an Internet connection to authorize your device for digital rights management and to download the digital edition. Once you have downloaded the digital edition, you can disconnect from the network and read the digital edition offline.

The advantages of reading digital editions instead of paper books are:

Digital editions are immediately available. You can download and read a digital edition right away, rather than waiting for the book to come in the mail. You also save on shipping costs.
You can use Adobe Reader mark up features to highlight text, search, and make notes in digital editions. For me, the keyword search function is the most useful.
You can download a digital edition onto a laptop for easy portability. This is ideal for consultants, trainers or staffs who are mobile and needs easy access to the information without having to lug the hardcopy books around.

However, the OGC PDFs are not networkable. So, sharing of a single copy within the organisation will not be possible.

Online subscriptions (single user access)

In this format, the ITIL V3 information is available online from the OGC website via the web browser. Online subscriptions are annual, and are designed for individual identified users. You can purchase an annual licence online for one or more users, whose access to the OGC material will be controlled by a single user name and password.

An Online Subscription gives you access to the latest updated versions of the publications. This version would be good if the Publications are updated frequently. Other advantages are features such as:

Dynamic content
Easy navigation
Bookmarking
History
Cross-linking between chapters
Pop-up glossary of terms

This format is slightly cheaper compared to the other formats. There is also no shipping cost. There is no need to install any readers on your PC, laptop or PDA. But you need to be connected to the internet via web browser to access the information. It allows sharing within the organisation but only one concurrent access at any one time. Access will be prevented until the current user logs out, thereby allowing another to log on.

Online Subscriptions (Multi-user access)

This format is recommended if multiple, concurrent user access to the library. In this format, users logs on to the OGC website for central access to the Complete ITIL Publication Suite. Any number of users can be provided with access details; once the purchased number of access licences is simultaneously active on the OGC site, further access will be prevented until one user logs out, thereby allowing another to log on. As all users of ITIL material within an organisation do not necessarily need to access it simultaneously, multi-user licences can be a very cost-effective option for large organisations.

As a general guide, one concurrent user licence will support 10 core users of the material or 15 whose usage are less frequent, temporary or spread geographically.

eBook (MobiPocket eBook) version

An eBook is a digital edition of a book that is designed to be read on an eBook reader. An eBook is not the same thing as a downloadable pdf. There are a number of eBook readers, and eBooks are published to be read in one or all of the standard eBook readers. The OGC publication requires the pre-installation of a free MobiPocket eBook reader on your PC or PDA. Full instructions on how to access OGC eBooks and install a MobiPocket eBook reader are available from the online store.

Hopefully, this post would have helped you in deciding on which format(s) is suitable for you or your organisation. Some organisations may choose to buy two or more formats to increase the accessibility of the ITIL Publications to as many staff as possible, for example, a set of hardcopy books in the library or online subscriptions for the general IT staff, in addition to individual PDF formats for their key staff that is driving the IT Service Management project.

All the above formats are available for order online here.

Economic Recession – Right Time for Training and Certification

2009-05-25T12:12:00.001+08:00

In boom time, training and certification may lead to salary increase. Obviously, the direct impact of training is improved or higher skills for the person and hence leading to higher productivity in their job. Higher productivity and job performance often leads to promotion to a more senior or responsible position and that implies more salary.

However, in an economic downturn, salary is often frozen or cut. That does not mean a person should not invest in training and certification. In fact, it may be even more important! Training and professional certifications, like IT certifications, provides better job security. If the worst should happen and a person needs to look for a new job, IT certifications make the person more marketable in the talent marketplace.

Having a recognised certification can be your differentiator to clinch that job. IT training and certification like PMP, ITIL Foundation or ITIL Expert is widely recognised. Some employers actually specify PMP or ITIL certification in their job advertisements. For new or fresh graduates without relevant job experience, this could be your differentiator over your cohort and makes you stand out from the rest.

A good example can be seen in Singapore. The Singapore government truly recognises the importance of training and certification, more so in an economic downturn. Hence the introduction of initiatives such as SPUR and CITREP. CITREP (Critical Infocomm Technology Resource Programme) is a training incentive programme to equip Singapore infocomm professionals with critical and emerging skills, thus enabling them to enhance their employability and to improve their organisations' competitive advantage. ITIL trainings, leading to approved ITIL certification, are included in this programme. Up to 80% of training and certification fees are reimbursed to the students when they complete the trainings and obtained their certifications.

SPUR (Skills Programme for Upgrading and Resilience) is an enhanced funding support scheme that help employers cut cost and save jobs, allows workers to upgrade their skills so that they become more employable and able to convert to new jobs and lastly to prepare workers and companies for the economic recovery that will eventually come. Employers are given funding when they send workers for relevant trainings.

So, don’t let this downturn pull you down. Go sign up for the relevant trainings and get your IT certification. The best form of investment is to invest in your own self.

ITIL V3 Intermediate courses (Lifecycle modules) available in Singapore

2009-05-20T13:26:00.001+08:00

ITIL V3 Intermediate courses (Lifecycle Modules) are now available through Hewlett Packard Education Service across Asia Pacific. These are in addition to the Capabilities Modules (OSA, RCV, SOA) available now.

There are 5 ITIL V3 Intermediate Lifecycle courses namely, Service Strategy (SS), Service Design (SD), Service Transition (ST), Service Operations(SO) and Continual Service Improvement. ST and SO are available now, with the rest of the modules planned for later.

Duration for the Lifecycle Modules course: 4 days each (including sitting for EXIN certification examination).

Prerequisite : ITIL V3 Foundation certification (Holders of the V2 Foundation Certification can take the V2 to V3 Foundation Bridge course to sit for the V2 to V3 Foundation Bridge exam)

Registration is through ITIL Center or HP Education Singapore. Similar courses are also available in other countries. ITIL Center partners with Hewlett Packard to deliver ITSM / ITIL Training and Workshops across Asia Pacific, namely in Singapore, Hong Kong, China, Philippines, Malaysia, Taiwan and Indonesia. The team of trainers from ITIL Center and HP are amongst the first in the world to be certified as ITIL EXPERTs.

Planning and Conducting an IT Service Management Assessment – Steps Involved

2009-05-13T11:02:00.001+08:00

Planning and conducting an IT Service Management (ITSM) assessment is a key activity undertaken when an IT organisation aims to improve its IT service effectiveness and business value. The key steps involved are highlighted below:

Step 1: Understanding the purpose, scope and expected outcome of the assessment

At this stage, it would be good to confirm the scope of the assessment, what is the objective and expected outcome and define what information is to be collected. The assessors (especially if they are not internal staff) would need to understand the business goals, IT goals, vision and mission and IT strategy. This is normally done through looking at documented IT strategy and plans and also interviews with the project sponsor to get his vision and goals.

Step 2: Planning and Preparation

Various factors would need to be considered when planning the assessment. A copy of the organisation chart should be obtained. The organisation chart provides useful information that helps the planners identify who are the key managers and stakeholders and who may have the information needed. Meeting and interviews will have to be planned and scheduled at least one or two weeks ahead of the actual event. Meeting or interview rooms would need to be booked. Any visits to restricted sites should be highlighted and authorisation obtained. The output is usually a fairly detailed project plan. A typical assessment would have duration of two to three weeks.

Step 3: Kick Off Meeting

A kick off meeting is recommended. The kickoff meeting starts the assessment formally. Invited attendees may include process managers, interviewees, data providers, stakeholders and external consultants involved in performing the assessment. It is a good practice to invite the project sponsor or most senior of the stakeholder to this meeting and say a few words to define the purpose of the assessment, show management support and to introduce and empower the assessors. Depending on the culture, the sponsor may have to set expectations that the purpose of the assessment is not an audit and all staff should collaborate with the assessors fully.

Step 4: Data Gathering

The scope of the assessment would often cover only the key Service Operations and Service Transition processes. Data are gathered though interviews, workshops session, reviewing of documentation and site visits. Visits to the service desk and data center may be necessary.

A checklist of questions is often used. A maturity-based assessment would aim to determine the level of maturity of each ITIL processes. Other data to gather includes availability of tools, skills, organisation role and responsibilities, availability and quality of documentation, evidence of continual improvement, metrics and reports, circulation and usage of the reports.

Step 5: Analysis

Based on the responses to the questions gathered, the scores are tabulated using a spreadsheet tool and presented. A maturity-based assessment may use the 5-level ITSM maturity model to rate the individual process.

Spider diagrams or bar charts can be used to compare current state with desired state and highlight key gaps and deficiency areas.

Benchmarks with the maturity levels of other companies in same industries are useful and that is one advantage of engaging external consultants to perform the assessment instead of conducting a self assessment.

Gaps, issues, constraints should be identified as compared to the vision, mission, goals and objectives. The analysis should include highlighting potential risks to the quality and reliability of current service delivery.

Step 6: Action Planning

Having understood the current state versus the desired state and armed with the information obtained in the earlier steps, viable solution approaches would need to be identified, including products and services that are needed. An IT service improvement initiative may require multiple sub-projects to address what needs to be done at each step of way. Each project should be defined with a possible project scope or charter, estimated timeline and costs, products and services.

Step 7: Presentation

The presentation should not be a lengthy session to discuss the details of the assessment or findings. Instead, it should be a high level, executive presentation focusing on key pain-points uncovered, business implications and what are the recommended solutions and next steps. The desired outcome is to seek sponsorship and approval from the management team to proceed with service improvement action plans.

Step 8: Produce the Assessment Report

A formal assessment report should be produced. The aim of this report is to document the objectives of the assessment, key findings, issues uncovered and solutions proposed. This document is important as it serves as the baseline upon which comparisons of the "before" and "after" snapshots of the situation can be made subsequently.

Planning and Conducting an Initial IT Service Management Assessment - Factors to Consider

2009-05-02T23:50:00.008+08:00

There are many types of IT Service Management (ITSM) assessments that can be conducted. They could range from quick and inexpensive self-assessments to complex, detailed and expensive investigations led by ITSM consultants or experts. They can also be also classified as a compliance-based assessment or a maturity-based assessment or combination of both.

Compliance-based assessments are aimed at evaluating whether an organization meets some type of external or internal criteria. Examples of external criteria are ISO 20000 standard or some proprietary ITSM frameworks like HP ITSM Reference Model or Microsoft's MOF. Internal criteria could be the organisation's policies or documented procedural requirements. Compliance-based assessments are usually conducted by organisation that has already some degree of ITSM implementation.

Maturity-based assessments evaluate where an organization is located on a journey from one state or level to another. The areas being assessed are usually scored between maturity level of 0 and 5. Maturity level of zero means nothing is in place and maturity level of 5 means everything that needs to be done is in place and is working perfectly and there are mechanisms in place for adaptations to changes and continual improvement. Each level of maturity contains a list of criteria for each of the five levels above. The criteria could include vision and leadership, process, people, tools and overall environment factors or culture.

Most organisations would not be aiming to reach the highest level of maturity but would instead focused on defining what level of maturity is needed to meet their business goals and determining which level of maturity they are currently at and what they must do to progress to the next level. Maturity-based assessments are useful for creating a known starting point for the planning and implementation team.

The following further describes what would need to be assessed:

Vision and Leadership

Prior to the start of the ITSM assessment, the assessors would need to understand the business goals, IT goals, vision and mission and IT strategy. This is normally done through looking at documented IT strategy and plans and also interviews with the project sponsor and key executives.

Processes

Since IT Service Management is a process-based approach it is important to determine which processes are defined, documented and how much of it is in being practiced or followed currently. That is where best practice guidelines like ITIL, standards like ISO 20000, ISO 27001 or even proprietary frameworks like Microsoft's MOF and HP's ITSM Reference Model comes in handy as a reference or basis for comparison. Questionnaires or checklists to determine adequacy of the existing processes are usually derived from them and used.

Although external references are used for comparison, it is important to keep in mind that the assessment is not an audit. It aims to reveal which processes are in place or defined rather than to determine the degree of compliancy of existing processes to ITIL or ISO 20000. The assessment is usually focused on determining process maturity and gaps so that the findings can be used for service or process improvement planning.

Organization and People

Managing changes in organisation and people is the most difficult part of an ITSM implementation. The focus includes assessing organisation and people on areas that can help in planning the ITSM project and management of change activities later on. It should also identify what the constraints are so that the project can be more successful.

The assessment should check that roles and responsibilities are defined (e.g. RACI charts) for each process activity. It should also covers people’s understanding of their roles, how they contribute to the organization’s objectives and how they are measured and rewarded.

It is good to check on the availability of existing HR processes for performance management and development planning. The assessment could helps to identify the availability of skills and competency to perform the required tasks, the skills and experience required for the project as well as who has them.

The organisation charts will provide information of organisation structure, decision-making structure and authority levels that would be useful for project planning. It also identifies key stakeholders and potential supporters and resistors to change.

Technology

Technology is also a key factor in the project’s success. When planning and implementing an ITSM strategy and defining end-to-end processes, technology and tools would play an important role. Tools are needed to support and enable the processes as well as for monitoring of the IT infrastructure and reporting. The aim is to determine what tools are needed to support the existing and future processes and infrastructure.

A good initial ITSM assessment should also take into account several technology factors, such as:

Which processes and functionalities can be effectively supported now and more importantly, for the future.
The level of process integration that should be available in the tool (e.g. the ability to link incidents to problems records, the availability of event monitoring tools and the ability of he event monitoring tools to automatically log specifically defined events as incidents).
Need for a tool that supports easy knowledge capture, storage, searching, sharing, presenting and reviewing of knowledge and information.
Need for a tool that supports easy data analysis, reporting and circulation of reports

The aim of an initial ITSM assessment is to understand gaps and key issues and top priority areas which need to be addressed first and foremost to improve IT Service effectiveness and business value. Hence an initial ITSM assessment would usually be a maturity-based assessment, with a little of compliance-based assessment included as needed, especially in areas or processes that is found to be already in placed or matured to some degree. It is also usually done at a fairly detailed level.

For organisations new to ITSM, it should be conducted or led by experienced ITSM consultants. The ITSM consultants should have the aid of ready-made assessment tools with well-specified criteria and reporting features and would be expected to add value by suggesting viable solution approaches, possible project scope, estimated timeline and costs, products and services to address what needs to be done at each step of the ITSM project.

For more information and tools on conducting an ITSM Assessment, check out this IT Service Management Self-assessment Workbook.

Planning Your IT Service Management Project - Need For an ITSM Assessment

2009-04-18T11:11:00.004+08:00

Implementing IT Service Management is like going on a journey. Before you embark on your journey, you will need to define your end point or desired state. This means defining the vision and mission, goals and objectives for the project.

The ITIL books, ISO20000 standard and other frameworks are like your map and compass. However, to plan your journey, you need to know your starting point. Hence the need for an ITSM assessment. The determination of "where we are now" through an ITSM assessment creates a known starting point for the planning and implementation team. The results will often point out gaps and key issues and top priority areas which need to be addressed first and foremost to improve IT Service effectiveness and business value. It also gives you a better understanding of your organization's constraints, capabilities and resources. It will help to identify who needs to be involved and who are the stakeholders. Therefore, the output from the assessment will guide you as you plan your ITSM implementation journey.
The output will often help determine which ITSM implementation approach to use and which ITIL process(es) to implement first. This is often a question that is commonly asked. The planner, using the findings from the assessment, can then outline the projects and actions that will enable the IT organization to improve IT service delivery. All this is done while still needing to maintain the day to day IT operations.

Some IT organizations perform an ITSM assessment to provide supporting information needed to justify service management initiatives. It shows the how bad the current situation is, what are the problems areas and the implications if these problems not resolved and therefore justifying the need for an ITSM project.

The assessment is also called a baseline assessment as it will allow us to compare the "before" and "after" snapshots of the situation. The ITSM project or journey is often broken up into several parts or phases. Baselines are often conducted at the beginning and end of each phase so that achievements and quick wins can then be demonstrated to the project sponsor, senior management, and other stakeholders whose support is crucial to help the organization down the rest of the IT Service Management path. Any deviations can also be reported, corrected and overall strategy validated. This is an important part of keeping the momentum going and ensuring that the end point is reached and desired state is achieved.

Which ITIL Processes Shall We Implement First?

2009-04-07T17:30:00.002+08:00

This is a frequent question that is asked and you get no definite answers from the ITIL experts. Ideally, an organisation should implement all process together since all processes inter-relate with each other and in some cases are totally dependent. The value and benefits from implementing all processes is greater the sum of value and benefits of implementing each individual processes.

In reality, organisations are faced with constraints related to capabilities and resources and most will not be in a position to implement all ITIL processes at one go.

There is no universally agreed or documented right way to approach an ITSM implementation. The answer to the question is therefore, "It depends". A number of different approaches have been used successfully:

Single Process Approach

In this approach, organisation implement, develop or improve one process at a time. Often, the aim is to achieve some quick wins or to address some short term and pressing service delivery and support issues. When choosing this approach, be careful of process dependencies. For example, never implement Problem Management without having first implemented Incident Management. Never implement Configuration Management without first implementing Change Management.

Multi-Process Approach

In this approach, organisation implement, develop or improve a number of highly inter-related processes concurrently.

It is interesting to note that the ITIL V3 Intermediate courses under the Service Capability modules are organised with such inter-process relationship in mind:

Operational Support and Analysis (OS&A). Subjects covered include Event, Incident, Request, Problem, Access, Service Desk, Technical, IT Operations and Application Management.
Service Offerings and Agreements (SO&A). Subjects covered include Portfolio, Service Level, Service Catalogue, Demand, Supplier and Financial Management.
Release, Control and Validation (RC&V). Subjects covered include Change, Release & Deployment, Validation & Testing, Service Asset & Configuration, Knowledge, Request Management and Service Evaluation.
Planning, Protection and Optimization (PP&O). Subjects covered include Capacity, Availability, Continuity, Security, Demand and Risk Management.

Similarly, the ITIL V2 Practitioner courses are clustered around the following inter-related processes:

ITSM Practitioner Support and Restore (IPSR). Processes covered include Service Desk, Incident and Problem Management.
ITIL Practitioner Release and Control (IPRC). Processes covered include Change, Configuration and Release Management.
ITIL Practitioner Plan and Improve (IPPI). Processes covered include Availability, Capacity and IT Service Continuity Management.
ITIL Practitioner Agree and Define (IPAD). Processes covered include Finance and Service Level Management.

Other combinations are possible too but the above are the commonly defined scope for a multiple-process implementation project.

All Processes or “Big Bang” Approach

In this approach, organisation implement, develop or improve all or most of the ITIL processes simultaneously. This approach comes with considerable risks. The demands on the people, time, disruption to day-to-day operational tasks, resources, money and need for organisation change management are risks. These risks needs to be mitigated by taking small steps in all processes concurrently, coordinated by one central project management office. Each process should be designed to be as simple as possible to start with, and then further refined and improved over time. Organisations may adopt this approach if they have experience implemented some ITIL processes which are fairly matured, have experienced and adequate staff and are looking at improving the integration of the inter-related processes. Often these implementation are supported by process-enabling tools.

When you plan your ITIL implementation, it is good to adopt the service improvement model as described in the ITIL V3 Continual Service Improvement book.

In this model, you start by defining the vision, mission, goals and objectives for implementing IT Service Management (define your desired state). Next, you conduct an ITSM Assessment (determine where you are now) and then set a target (where you want to be). The output from the assessment will often point out gaps and key issues which need to be addressed first and foremost. It also gives you a better understanding of your organisation's constraints, capabilities and resources. These will then guide you as you plan your ITSM implementation journey. Which ITSM implementation approach to use and which ITIL process(es) to implement first will often become clearer and it will be specific to your organisation.

ITIL Foundation Certification Examination Taking Tips

2009-03-27T11:44:00.006+08:00

The EXIN or ISEB ITIL Foundation examinations comprises of 40 multiple choices questions where an answer out of 4 possible answers given has to be selected. One mark is given for a correct answer and no marks are deducted for an incorrect answer. Time allocated is 1 hour and a score of at least 26 marks out of 40 is needed to pass.

Many may dread the idea of having to sit for an examination and perform below par even though they may be sufficiently prepared for the examination through self study or have attended a formal training course.

These are the tips that I typically share with the participants of the ITIL Foundation course before they sit for the ITIL Foundation certification examinations. Most have found these tips useful.

1. You have 60 minutes to answer 40 questions. This works out to 1.5 minutes per question. This is more than enough time. Therefore, no need to rush, take your time.

2. It is natural to be a little bit nervous in the beginning, therefore it is a good practice to relax a little. Attempt the easy questions first, followed by the questions that are more difficult. If you are skipping questions, make sure you mark your answers correctly next to the question number in the answer sheet or form.

3. There are always a few tricky questions within the 40 questions. Don’t panic if you don’t know the answers to these few questions. You can still pass the exam and get your certification.

4. A lot of students are making the wrong choice because they did not clearly understand what was asked in the question. One key tip is that you have to read the question carefully.

5. Look for the KEYWORDS in the questions and answers. Most of the time they will lead you to the right choice. Sometimes the answer is simpler than you think!

6. It could be that you have implemented ITIL or IT Service Management different from the book. This exam is based on the ITIL books. Therefore for this one hour: forget your experience!

7. Be extra careful when the question has words like "best", "most accurate", "most closely". It indicates that multiple options in this question are (somewhat) right, there is however only one answer that is the most complete and therefore the BEST.

8. Be extra careful when the question has word "NOT" in it.

9. If you do not know what is right, it helps when you start with what is wrong. Narrow down the possibilities by eliminating some answer(s) that you know is/are wrong.

10. If you have to make a guess, it is a good practice NOT to change the answer later (unless you absolutely know the answer after some careful thought). In other words: if you need to make a guess, don’t guess again! Your intuition is often right the first time.

For those who are not attending a classroom training and/or doing your own self study before sitting for the examination, you may want to buy the Passing Your ITIL Foundation Exam - The Official ITIL Foundation Study Aid (ITIL Version 3) book. This, the only official study guide for the new ITILv3 Foundation Exam, is an essential tool for anyone taking this exam. It is endorsed by APM Group, the official ITIL accreditor. It is also suitable for individuals taking the Version 2 to Version 3 Bridging Examination.

Good luck and all the best in your examinations.

New ITIL V3 Foundation Syllabus released

2009-03-10T14:15:00.005+08:00

The “go-live” date for the new revised “ITIL V3 Foundation Certificate Syllabus v4.2” and “ITIL Foundation Bridge Certificate Syllabus v4.1” will be 01 May 2009.

The scope of the V3 Foundation course is wider and less detailed compared to Foundation on earlier ITIL versions. The Bridge syllabus is based on the ITIL version 3 Foundation Syllabus. The main focus of the Bridge course will be the new content. It will also provide an overview of the main differences on topics known from earlier ITIL versions.

The following are the key changes in the Foundation Syllabus V4.2 (approved date 27 February 2009) as compared to the Interim Foundation Syllabus V3.2.

Additions includes

Service Assets
Release Policy
The role of KPIs in the Improvement Process
more focus on SLM, in particular SLA framework like service-based SLAs, multi-level SLAs, SLR, SLAM chart
Service Review and Service Improvement Plan (SIP)
Demand Management, in particular business activities pattern and user profiles
Business Case in Financial Management
Process activities for Problem Management
Availability Management concepts and terminology such as reliability, serviceability, maintainability
Importance of end-to-end service availability vs component availability
Capacity Management concepts such as Business Capacity Management, Service Capacity Management and Component Capacity Management. This were previously focused in ITIL V2 Foundation syllabus but somewhat not emphasized in earlier V3 Foundation syllabus.

Deletions includes

Service Sourcing approaches and options
Services V model
Conflicting balances in Service
Operation
Details of the 7 step improvement process in CSI
What value Continual Service Improvement provides to the business
Roles in Service Catalogue Management, Information Security Management and Supplier Management, Release and Deployment Management, Event Management, Request Fulfilment and Access Management

The number of recommended study hours and examination format remains unchanged.

The following are the key changes in the Foundation Bridge syllabus V4.1(approved date 27 Feb 2009) as compared to the previous Syllabus V3.2.

Additions includes

Demand Management, in particular business activities pattern and user profiles
Business Case in Financial Management
Concept of Good Practices
Functions and Processes, process model and characteristics of a process
Main differences on topics known from earlier ITIL versions.

Deletions includes

Service Sourcing approaches and options
Services V model
Conflicting balances in Service
Operation
What value Continual Service Improvement provides to the business
Activities in the Service Strategy process
Objectives, basic concepts and roles for demand management and service portfolio management
Roles in Service Catalogue Management, Information Security Management and Supplier Management, Release and Deployment Management, Event Management, Request Fulfilment and Access Management

The number of recommended study hours has now increased to 9.5 hours (from 6.5 hours), excluding time for the conduct of a mock examination. The examination format remains unchanged. This may mean that some training centres may increase the duration of the ITIL Foundation Bridge course after May 2009.