Chapter 5: Service Management Practices & Technical Management Practices Flashcards

Question 1

Q

What are the 17 service management practices?

Answer

A

Availability management

Business analysis

Capacity and performance management

Change enablement

Incident management

IT asset management

Monitoring and event management

Problem management

Release management

Service catalogue management

Service configuration management

Service continuity management

Service design

Service desk

Service level management

Service request management

Service validation and testing

Question 2

Q

What is the purpose of availability management?

Answer

A

The purpose of the availability management practice is to ensure that services deliver agreed levels of availability to meet the needs of customers and users.

Question 3

Q

Definition of availability

Answer

A

The ability of an IT service or other configuration item to perform its agreed function when required.

Question 4

Q

The availability of a service depends on which two factors?

Answer

A

how frequently the service fails, and how quickly it recovers after a failure

Question 5

Q

Two terms that need to be known in availability management (think about rail guns in the Expanse)

Answer

A

mean time between failures (MTBF) and mean time to restore service (MTRS):

*MTBF measures how frequently the service fails. For example, a service with a MTBF of four weeks fails, on average, 13 times each year.

*MTRS measures how quickly service is restored after a failure. For example, a service with a MTRS of four hours will, on average, fully recover from failure in four hours. This does not mean that service will always be restored in four hours, as MTRS is an average over many incidents.

Question 6

Q

MTBF and MTRS: How were systems designed in the past and how has that changed since then?

Answer

A

Older services were often designed with very high MTBF, so that they would fail infrequently. More recently there has been a shift towards optimizing service design to minimize MTRS, so that services can be recovered very quickly. The most effective way to do this is to design anti-fragile solutions, which recover automatically and very quickly, with virtually no business impact. For some services, even a very short failure can be catastrophic, and for these it is more important to focus on increasing MTBF.

Question 7

Q

When services are unavailable, what are four common measurements?

Answer

A

User outage minutes
Number of lost transactions (for transaction-related businesses)
Lost business value
User satisfaction

Question 8

Q

What is the purpose of business analysis?

Answer

A

The purpose of the business analysis practice is to (A) analyse a business or some element of it, (B) define its associated needs, and (C) recommend solutions to address these needs and/or solve a business problem, which must facilitate value creation for stakeholders.

Question 9

Q

Business requirements can be utility-focused or warranty-focused. What are warranty requirements and utility requirements?

Answer

A

*Warranty requirements Typically non-functional requirements captured as inputs from key stakeholders and other practices. Organizations should aim to manage a library of pre-defined warranty acceptance criteria for use in practices such as project management and software development and management.

*Utility requirements Functional requirements which have been defined by the customer and are unique to a specific product.

Question 10

Q

What is the purpose of capacity and performance management?

Answer

A

The purpose of the capacity and performance management practice is to ensure that services achieve agreed and expected performance, satisfying current and future demand in a cost-effective way.

Question 11

Q

Definition of performance

Answer

A

A measure of what is achieved or delivered by a system, person, team, practice, or service.

Question 12

Q

What does CI stand for?

Answer

A

configuration item

Any component that needs to be managed in order to deliver an IT service.

Question 13

Q

Service performance depends on what?

Answer

A

Service capacity

Question 14

Q

How is service capacity defined?

Answer

A

The maximum throughput that a CI or service can deliver

Question 15

Q

What is the purpose of the change control practice?

Answer

A

The purpose of the change control practice is to (A) maximize the number of successful service and product changes by (1) ensuring that risks have been properly assessed, (2) authorizing changes to proceed, and (3) managing the change schedule.

Question 16

Q

Definition of change

Answer

A

The addition, modification, or removal of anything that could have a direct or indirect effect on services.

Question 17

Q

What is the difference between organizational change management and change control?

Answer

A

Organizational change management manages the people aspects of changes to ensure that improvements and organizational transformation initiatives are implemented successfully. Change enablement is usually focused on changes in products and services.

Question 18

Q

The person or group who authorizes a change is known as a …?

Answer

A

Change authority.

Question 19

Q

There are three types of change, what are they?

Answer

A

Standard changes
Normal changes
Emergency changes

Question 20

Q

What’s the difference between standard changes, normal changes, and emergency changes?

Answer

A

These are low-risk, pre-authorized changes that are well understood and fully documented, and can be implemented without needing additional authorization.

These are changes that need to be scheduled, assessed, and authorized following a process.

These are changes that must be implemented as soon as possible; for example, to resolve an incident or implement a security patch. Emergency changes are not typically included in a change schedule, and the process for assessment and authorization is expedited to ensure they can be implemented quickly.

Question 21

Q

How is a standard request triggered?

How is a normal request triggered?

Answer

A

By a service request, but may also be operational changes

By a change request

Question 22

Q

Who is the change authority for normal changes and emergency changes?

Answer

A

It can be a different or the same change authority. Depends on the organization.

Question 23

Q

Who is the change authority for standard changes?

Answer

A

These are pre-approved changes, there is no change authority.

Question 24

Q

Which change is usually not contained in the change schedule?

Answer

A

Emergency change.

Question 25

Q

What is a change schedule used for?

Answer

A

The change schedule is used to (1) help plan changes, (2) assist in communication, (3) avoid conflicts, and (4) assign resources.

Question 26

Q

Which type of change has a facilitated risk management?

Answer

A

Standard change.

This risk assessment does not need to be repeated each time the standard change is implemented; it only needs to be done if there is a modification to the way it is carried out.

Question 27

Q

What is the purpose of incident management?

Answer

A

The purpose of the incident management practice is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible.

Question 28

Q

Definition of Incident

Answer

A

An unplanned interruption to a service or reduction in the quality of a service.

Question 29

Q

It is important that people working on an incident provide good-quality updates in a timely fashion. What kind of information is contained in these updates?

Answer

A

These updates should include information about (A) symptoms, (B) business impact, (C) CIs affected, (D) actions completed, and (E) actions planned.

Each of these should have a timestamp and information about the people involved, so that the people involved or interested can be kept informed.

Question 30

Q

What six levels of escalation do incidents have?

Answer

A

*Some incidents will be resolved by the users themselves, using self-help. Use of specific self-help records should be captured for use in measurement and improvement activities.

*Some incidents will be resolved by the service desk.

*More complex incidents will usually be escalated to a support team for resolution. Typically, the routing is based on the incident category, which should help to identify the correct team.

*Incidents can be escalated to suppliers or partners, who offer support for their products and services.

*The most complex incidents, and all major incidents, often require a temporary team to work together to identify the resolution. This team may include representatives of many stakeholders, including the service provider, suppliers, users, etc.

*In some extreme cases, disaster recovery plans may be invoked to resolve an incident. Disaster recovery is described in the service continuity management practice.

Question 31

Q

Some organizations use a technique called swarming to help manage incidents. How does swarming work?

Answer

A

Many different stakeholders working together initially, until it becomes clear which of them is best placed to continue and which can move on to other tasks.

Question 32

Q

What’s the purpose of IT asset management?

Answer

A

The purpose of the IT asset management practice is to plan and manage the full lifecycle of all IT assets, to help the organization:

*maximize value

*control costs

*manage risks

*support decision-making about purchase, re-use, retirement, and disposal of assets

*meet regulatory and contractual requirements.

Question 33

Q

Definition IT asset

Answer

A

Any financially valuable component that can contribute to the delivery of an IT product or service.

Question 34

Q

What is operational technology?

Answer

A

The hardware and software solutions that detect or cause changes in physical processes through direct monitoring and/or control of physical devices such as valves, pumps, etc.

Question 35

Q

What is asset management? (in the IT context)

Answer

A

Asset management is a well-established practice that includes the acquisition, operation, care, and disposal of organizational assets, particularly critical infrastructure.

Question 36

Q

What two subtypes of asset management exist? (in the IT context)

Answer

A

IT asset management (ITAM) is a sub-practice of asset management that is specifically aimed at managing the lifecycles and total costs of IT equipment and infrastructure.

Software asset management (SAM) is the infrastructure and process necessary for the effective management, control, and protection of the software assets within an organization, throughout all stages of their lifecycles.

Question 37

Q

What is a configuration management system?
To what practice does it belong?

Answer

A

A set of tools, data, and information that is used to support service configuration management.
Service configuration management

Question 38

Q

The practice exists to systematically observe services and service components, and record and report selected changes of state identified as events. What practice is this?

Answer

A

Monitoring and event management practice.

Question 39

Q

What is the purpose of the monitoring and event management practice?

Answer

A

The purpose of the monitoring and event management practice (A) identifies and prioritizes infrastructure, services, business processes, and information security events; (B) it also establishes the appropriate response to those events, and (C) conditions that indicate potential faults or incidents.

Question 40

Q

Definition of event

Answer

A

Any change of state that has significance for the management of a service or other configuration item (CI). Events are typically recognized through notifications created by an IT service, CI, or monitoring tool.

Question 41

Q

What does the event management part of the monitoring and event management practice do?

Answer

A

The event management part focuses on recording and managing those monitored changes of state that are defined by the organization as an event, determining their significance, and identifying and initiating the correct control action to manage them.

Question 42

Q

How are events often classified?

Answer

A

Events are often classified as informational, warning, and exceptions.

Informational events do not require action at the time they are identified, but analysing the data gathered from them at a later date may uncover desirable, proactive steps that can be beneficial to the service.

Warning events allow action to be taken before any negative impact is actually experienced by the business, whereas exception events indicate that a breach to an established norm has been identified (for example, to a service level agreement).

Exception events require action, even though business impact may not yet have been experienced.

Question 43

Q

What is the purpose of problem management?

Answer

A

The purpose of the problem management practice is to reduce the likelihood and impact of incidents by identifying actual and potential causes of incidents, and managing workarounds and known errors.

Question 44

Q

Definitions of problem and known error

Answer

A

*Problem A cause, or potential cause, of one or more incidents.

*Known error A problem that has been analysed but has not been resolved.

Question 45

Q

3 Phases of problem management

Answer

A

Problem identification -> Problem control -> Error control

Question 46

Q

Every service has errors, flaws, or vulnerabilities that may cause incidents. How are they called in ITIL?

Answer

A

Problems.

Question 47

Q

What is the difference between problems and incidents?

Answer

A

*Incidents have an impact on users or business processes, and must be resolved so that normal business activity can take place.

*Problems are the causes of incidents. They require investigation and analysis to identify the causes, develop workarounds, and recommend longer-term resolution. This reduces the number and impact of future incidents.

Question 48

Q

How are problems prioritized for analysis and managed?

Answer

A

Problems are prioritized for analysis based on the risk that they pose, and are managed as risks based on their potential impact and probability.

Question 49

Q

Definition of workaround

Answer

A

A solution that reduces or eliminates the impact of an incident or problem for which a full resolution is not yet available. Some workarounds reduce the likelihood of incidents.

Question 50

Q

What is the purpose of release management?

Answer

A

The purpose of the release management practice is to make new and changed services and features available for use.

Question 51

Q

Definition release

Answer

A

A version of a service or other configuration item, or a collection of configuration items, that is made available for use.

Question 52

Q

How is the release management different in waterfall environment and Agile/Devops environment?

Answer

A

Release plan -> New or changed infrastucture OR new or changed software OR training and documentation -> Deploy & Release -> Review

For agile, deploy and release are seperate.

Question 53

Q

Release management is often staged, what does that mean?

Answer

A

Release management is often staged, with pilot releases being made available to a small number of users to ensure that everything is working correctly before the release is given to additional groups.

Question 54

Q

Staging of a release is often achieved using two different methods. Which are these?

Answer

A

*Blue/green releases use two mirrored production environments. Users can be switched to an environment that has been updated with the new functionality by use of network tools that connect them to the correct environment.

*Feature flags enable specific features to be released to individual users or groups in a controlled way. The new functionality is deployed to the production environment without being released. A user configuration setting then releases the new functionality to individual users (or groups of users) as needed.

Question 55

Q

Release management is often integrated with the continuous integration and continuous delivery toolchain. Which environment (waterfall, agile, DevOps) does this relate to?

Question 56

Q

What is the purpose of service catalogue management?

Answer

A

The purpose of the service catalogue management practice is to provide a single source of consistent information on all services and service offerings, and to ensure that it is available to the relevant audience.

Question 57

Q

What different views are possible in service catalogue management?

Answer

A

*User views Provide information on service offerings that can be requested, and on provisioning details.

*Customer views Provide service level, financial, and service performance data.

*IT to IT customer views Provide technical, security, and process information for use in service delivery.

Question 58

Q

Definition request catalogue

Answer

A

A view of the service catalogue, providing details on service requests for existing and new services, which is made available for the user.

Question 59

Q

What is the purpose of the service configuration management?

Answer

A

The purpose of the service configuration management practice is to ensure that accurate and reliable information about the configuration of services, and the CIs that support them, is available when and where it is needed. This includes information on how CIs are configured and the relationships between them.

Question 60

Q

What are 7 examples of configuration items?

Answer

A

Hardware, software, networks, buildings, people, suppliers, and documentation

Question 61

Q

Service configuration management typically needs processes to do what?

Answer

A

*identify new CIs, and add them to the CMS

*update configuration data when changes are deployed

*verify that configuration records are correct

*audit applications and infrastructure to identify any that are not documented.

Question 62

Q

What is the purpose of service continuity practice?

Answer

A

The purpose of the service continuity management practice is to ensure that the availability and performance of a service are maintained at sufficient levels in case of a disaster.

Question 63

Q

When is service continuity management triggered?

Answer

A

It is triggered when a service disruption or organizational risk occurs on a scale that is greater than the organization’s ability to handle it with normal response and recovery practices such as incident and major incident management. An organizational event of this magnitude is typically referred to as a disaster.

Question 64

Q

What’s a business impact analysis?

Answer

A

A key activity in the practice of service continuity management that identifies vital business functions and their dependencies.

Answer 64

A

Business time objective

Recovery point objective

Answer 65

A

*Business time objective (BTO) The maximum acceptable period of time following a service disruption that can elapse before the lack of business functionality severely impacts the organization. This represents the maximum agreed time within which a product or an activity must be resumed, or resources must be recovered.

*Recovery point objective (RPO) The point to which information used by an activity must be restored to enable the activity to operate on resumption.

Answer 66

A

Service continuity management focuses on those events that the business considers significant enough to be treated as a disaster. Less significant events will be dealt with as part of incident management or major incident management. The distinction between disasters, major incidents, and incidents needs to be pre-defined, agreed, and documented with clear thresholds and triggers for calling the next tier of response and recovery into action without unnecessary delay and risk.

Answer 67

A

The purpose of the service design practice is to design products and services that are fit for purpose, fit for use, and that can be delivered by the organization and its ecosystem.

Answer 68

A

Design thinking
Customer and user experience

Answer 69

A

The purpose of the service desk practice is to capture demand for (A) incident resolution and (B) service requests. It should also be the entry point and single point of contact for the service provider with all of its users.

Answer 70

A

The purpose of the service level management practice is to (A) set clear business-based targets for service levels, and to (B) ensure that delivery of services is properly (1) assessed, (2) monitored, and (3) managed against these targets.

Answer 71

A

One or more metrics that define expected or achieved service quality.

Answer 72

A

(1) A documented agreement between a service provider and a customer that (2) identifies both services required and (3) the expected level of service.

Answer 73

A

Customer engagement
Customer feedback
-Surveys
-Key business-related measures
Operational metrics
Business metrics

Answer 74

A

Key business-related measures These are measures agreed between the service provider and its customer, based on what the customer values as important. This could be a bundle of SLA metrics or a very specific business activity such as a sales transaction, project completion, or operational function such as getting an ambulance to the site of an accident within x minutes.

Operational metrics These are the low-level indicators of various operational activities and may include system availability, incident response and fix times, change and request processing times, and system response times.

Business metrics These can be any business activity that is deemed useful or valuable by the customer and used as a means of gauging the success of the service. These can vary from some simple transactional binary measures such as ATM or POS terminal availability during business hours (09:00–17:00 daily) or successful completion of business activities such as passenger check-in.

Answer 75

A

The purpose of the service request management practice is to (A) support the agreed quality of a service by (B) handling all pre-defined, user-initiated service requests in an effective and user-friendly manner.

Answer 76

A

A request from a user that initiates a service action

Answer 77

A

*a request for a service delivery action (for example, providing a report or replacing a toner cartridge)

*a request for information (for example, how to create a document or what the hours of the office are)

*a request for provision of a resource or service (for example, providing a phone or laptop to a user, or providing a virtual server for a development team)

*a request for access to a resource or service (for example, providing access to a file or folder)

*feedback, compliments, and complaints (for example, complaints about a new interface or compliments to a support team).

Answer 78

A

The purpose of the service validation and testing practice is to ensure that new or changed products and services meet defined requirements.

Answer 79

A

The definition of service value is based on input from (A) customers, (B) business objectives, and (C) regulatory requirements, and is documented as part of the value chain activity of design and transition.

Answer 80

A

Service validation focuses on establishing deployment and release management acceptance criteria (conditions that must be met for production readiness), which are verified through testing.

Answer 81

A

Acceptance criteria can be either utility- or warranty-focused, and are defined through understanding customer, regulatory, business, risk management, and security requirements.

Answer 82

A

*Unit test A test of a single system component

*System test Overall testing of the system, including software and platforms

*Integration test Testing a group of dependent software modules together

*Regression test Testing whether previously working functions were impacted.

Answer 83

A

*Performance and capacity test Checking speed and capacity under load

*Security test Testing vulnerability, policy compliance, penetration, and denial of service risk

*Compliance test Checking that legal and regulatory requirements have been met

*Operational test Testing for backup, event monitoring, failover, recovery, and reporting

*Warranty requirements test Checking for verification of necessary documentation, training, support model definition, and knowledge transfer

*User acceptance test The test performed by users of a new or changed system to approve a release.

Answer 84

A

Functional: Utility test
Non-functional: Warranty test

Answer 85

A

The purpose of the deployment management practice is to move new or changed hardware, software, documentation, processes, or any other component to live environments. It may also be involved in deploying components to other environments for testing or staging.

Answer 86

A

*Phased deployment The new or changed components are deployed to just part of the production environment at a time, for example to users in one office, or one country. This operation is repeated as many times as needed until the deployment is complete.

*Continuous delivery Components are integrated, tested, and deployed when they are needed, providing frequent opportunities for customer feedback loops.

*Big bang deployment New or changed components are deployed to all targets at the same time. This approach is sometimes needed when dependencies prevent the simultaneous use of both the old and new components. For example, there could be a database schema change that is not compatible with previous versions of some components.

*Pull deployment New or changed software is made available in a controlled repository, and users download the software to client devices when they choose. This allows users to control the timing of updates, and can be integrated with service request management to enable users to request software only when it is needed.

Answer 87

A

The purpose of the infrastructure and platform management practice is to oversee the infrastructure and platforms used by an organization.

Answer 88

A

*Software as a service (SaaS) The consumer can use the applications running in the cloud infrastructure without having to control or even manage the underlying cloud infrastructure.

*Platform as a service (PaaS) The consumer can deploy onto the cloud acquired applications created using programming languages, services, libraries, and/or tools supported by the supplier without having to control or even manage the underlying cloud infrastructure. They have control over the deployed applications and sometimes the configuration settings for the application and hosting environment.

*Infrastructure as a service (IaaS) The consumer can get processing, storage, and/or any other computing resources without having to control the underlying infrastructure.

Answer 89

A

*Private cloud This type of cloud may be located within the organization’s premises or outside of it. It is a cloud infrastructure or platform to be used exclusively by a specific organization which, at the same time, can have one or several consumers. This cloud is normally managed and owned by an organization, a provider, or a combination of both.

*Public cloud This type of cloud is located on the cloud provider premises. It is provisioned for open use and may be owned, managed, and operated by any type of organization interested in using it.

*Community cloud A community cloud may be owned, managed, and operated by one or more of the stakeholders in the community, and it may exist on or off the organization’s premises. This cloud deployment model consists of several cloud services that are meant to support and share a collection of cloud service customers with the same requirements and who have a relationship with one another.

*Hybrid cloud This cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability.

Answer 90

A

One of the adjustments that IT departments often have to make for cloud computing is to their fiscal planning, which typically uses both traditional capital expenditure (CAPEX) and operational expenditure (OPEX). With the advent of cloud computing, OPEX is preferred over CAPEX, as cloud services are often consumed as utilities and paid out of the operational budget.

Answer 91

A

The purpose of the software development and management practice is to ensure that applications meet internal and external stakeholder needs, in terms of (A) functionality, (B) reliability, (C) maintainability, (D) compliance, and (E) auditability.

Answer 92

A

*solution architecture

*solution design (user interface, CX, service design, etc.)

*software development

*software testing (which can include several components, such as unit testing, integration testing, regression testing, information security testing, and user acceptance testing)

*management of code repositories or libraries to maintain integrity of artefacts

*package creation, for the effective and efficient deployment of the application

*version control, sharing, and ongoing management of smaller blocks of code.

Answer 93

A

Change enablement

Brainscape's Knowledge GenomeTM

Chapter 5: Service Management Practices & Technical Management Practices Flashcards

Brainscape's Knowledge Genome^TM