ITIL Flashcards

Question

Service Portfolio Management

Answer 1

The Service Portfolio Management process is concerned with management of the information concerning services in the Service Portfolio. Service Portfolio Management organizes the process by which services are identified, described, evaluated, selected, and chartered.

Answer 2

The Demand Management process is concerned with understanding and influencing customer demand. Unmanaged demand is a source of both cost and risk to Service Providers. Demand Management models demand in terms of:  User Profiles which characterize different typical groups of users for a given service.  Patterns of Business Activity which represent the way that users in different user profiles access a service over the course of a given time period.

Answer 3

IT Financial Management provides a means of understanding and managing costs and opportunities associated with services in financial terms. At a minimum, IT Financial Management provides a clear means of generating data useful for decision support around the management of services. IT Financial Management includes three basic activities:  Accounting -- tracking how money is actually spent by a Service Provider  Budgeting – planning how money will be spent by a Service Provider  Charging – securing payment from customers for services provided

Answer 4

The Service Design lifecycle phase is about the design of services and all supporting elements for introduction into the live environment.

Answer 5

Service Design offers value by:  Ensuring that services are aligned with business objectives  Ensuring that services are able to provide the utility and warranty required for them to meet the objectives outlined during Service Strategy  Ensuring that service management systems and tools are capable of supporting service offerings  Ensuring that service-e management processes are capable of supporting service offerings  Ensuring that services are constructed according to agreed architectural standards  Ensuring that services are designed so as to be implemented efficiently  Ensuring that services are designed so that their performance can be measured

Answer 6

ITIL® stresses the importance of purposefully building quality into IT services, processes, and other aspects of the Service Management effort. The Service Design lifecycle phase is structured to support this emphasis by including processes for clear specification of quality targets (Service Level Management) followed by processes for achieving the major warranty ingredients of quality: Availability, Capacity, IT Service Continuity, and Security Management. Targeting quality during Service Design ensures that quality can be delivered during Service Operations.

Answer 7

The Service Catalog is the subset of the Service Portfolio which contains services currently available to customers and users. The Service Catalog is often the only portion of the Service Portfolio visible to customers. Typically the Service Catalog is implemented as a database and is often web-accessible. The Service Catalog commonly acts as the entry portal for all information regarding services in the live environment.

Answer 8

The ‘Four P’s of Service Design’ represent areas which should be taken into consideration when designing a service. They are: 1. People – Human resources and organizational structures required to support the service 2. Processes – Service Management Processes required to support the service 3. Products – Technology and other infrastructure required to support the service 4. Partners – Third parties which provide services required to support the service

Answer 9

The ‘Five Aspects of Service Design’ are areas which should also receive design focus as part of the overall effort design a service. The areas include: 1. The new or changed service itself – with special attention to service requirements 2. Service Management processes required to support the service 3. Service Management systems and tools required to support the service (especially the Service Portfolio) 4. Technology Architectures used or referenced by the service 5. Measurement systems and metrics necessary to understand the performance of the service

Answer 10

Service Catalog Management involves management and control of the Service Catalog which contains information about services currently available to customers for use. Typically such information includes: ```  Features of the service  Guidelines for appropriate use of the service  Means of accessing the service  Pricing information (where relevant)  Key contact information  Service Level Agreement information ``` The Service Catalog Management process is included within the Service Design lifecycle phase primarily because design activity typically generates a large volume of documentation and information which should be included in the Service Catalog. Associating management of the Service Catalog with Service Design makes a good deal of practical sense as it provides a means of capturing and organizing relevant information about services early on in their lifecycle.

Answer 11

Service Level Management is the process charged with securing and managing agreements between customers and the service provider regarding the levels of performance (utility) and levels of reliability (warranty) associated with specific services. Service Level Management is part of the Service Design lifecycle phase primarily because it provides an opportunity to establish performance requirements early on so that design work may be specifically directed to meet such requirements. Service Level Management results in the creation of Service Level Agreements (SLAs) between customers and the provider.

Answer 12

Operational Level Agreements (OLA’s) are performance agreements nearly identical in nature to SLAs except that they exist between parts of the service provider organization specifically for the purpose of supporting ‘upstream’ SLAs which require dependable performance by multiple business units, functions, or teams within the service provider organization.

Answer 13

The Availability Management process is concerned with management and achievement of agreed availability requirements as established in Service Level Agreements. In ITIL®, availability is defined as the ability of a system, service, or configuration item to perform its function when required. Among other things, Availability Management may assist with:  Development of availability Service Level Targets which make up part of an overall Service Level Agreement  Design of services capable of meeting or exceeding agreed availability requirements  Measurement and monitoring of availability achievements  Responses to availability-related incidents

Answer 14

Capacity Management is concerned with ensuring that cost-effective capacity exists at all times which meets or exceeds the agreed needs of the business as established in Service Level Agreements. In ITIL®, capacity is defined as the maximum throughput a service, system, or device can handle.

Answer 15

Business Capacity Management (BCM) addresses capacity factors which exist primarily at the business level such as mergers, acquisitions, plans for new facilities, reductions in force, etc. Typically, BCM factors are addressed first in the overall Capacity Management effort. Service Capacity Management (SCM) addresses capacity factors at the service level. Business capacity factors in turn drive Service capacity requirements. The primary task of Service Capacity Management is to translate business capacity factors into capacity requirements for services. Component Capacity Management (CCM) addresses capacity factors at the level of components or Configuration Items. The primary task of CCM is to translate Service Capacity Management factors into capacity requirements for individual components or Configuration Items.

Answer 16

The IT Service Continuity Management process (ITSCM) is responsible for ensuring that the IT Service Provider can always provide minimum agreed Service Levels. ITSCM is largely concerned with management of risks and with planning for the recovery of IT Services in the event of disaster. IT Service Continuity Management uses techniques such as Business Impact Analysis (BIA) and Management of Risk (MOR) and is driven by the larger Business Continuity Management effort. ITSCM results in the production of the IT Service Continuity Plan which is an aspect of the overall Business Continuity Plan.

Answer 17

IT Security Management is the process concerned with the protection of IT assets (including services) from security threats. IT Security Management is driven the larger security management efforts and policies of the organization. IT Security Management is charged development and management of the IT Security Policy which is executed and implemented as a part of the Access Management process in Service Operations. IT Security Management focuses on protection of five basic qualities of information assets:  Confidentiality – Assurance that the asset is only available to appropriate parties  Integrity -- Assurance that the asset has not been modified by unauthorized parties  Availability -- Assurance that that asset may be utilized when required  Authenticity -- Assurance that transactions and the identities of parties to transactions are genuine  Non-Repudiation -- Assurance that transactions, once completed, may not be reversed without approval

Answer 18

Supplier Management is the process charged with obtaining value for money from third-party suppliers. Supplier Management plays a very similar role to that of Service Level Management, but with respect to external suppliers rather than internal suppliers and internal/external customers. Supplier Management is critical to effective design because for nearly all IT organizations, dependency on external suppliers is increasingly central to their ability to deliver services to their own customers. Supplier Management handles supplier evaluation, contract negotiations, performance reviews, renewals and terminations.

Answer 19

Service Transition is concerned with management of change and, more specifically, with the introduction of new and changed services into the live environment.

Answer 20

Service Transition provides value to the business by:  Enabling business change  Minimizing impact to the business which might otherwise result from unmanaged change  Enabling the business to make use of new and changed services  Ensuring that designs for services are implemented as intended  Ensuring that the Service Management organization is prepared to support new and changed services  Reducing the number of defects introduced into the live environment

Answer 21

The Service V-Model defines progressive levels activity and corresponding levels of testing/valid toward a define objective such as a release or major change. Testing at each level prior to moving to the next level helps progressively reduce risk.

Answer 22

ITIL® defines a change as the addition, removal, or modification of anything that could have an effect on an IT service. All changes involve risk.

Answer 23

A Request for Change or RFC is a documented request to alter a service or other Configuration Item. RFCs may be issued by any one: customers, IT staff, users, etc. and are received by the Service Desk and handled via the Change Management process.

Answer 24

 Normal Changes are changes which meet predefined criteria that qualify them for handling via the Normal Change Management process.  Standard Changes are changes which are pre-approved for implementation. Generally, Standard Changes are low risk and occur frequently in the environment. Examples might include such things as: o Password resets o New hire procedures o Office moves  Emergency Changes are changes which meet predefined criteria that qualify them for handling via the Emergency Change Management process. In most environments, Emergency Changes are those which cannot be foreseen and which unless addressed quickly put the environment at high risk of impact. Emergency Changes are reviewed by the Emergency Change Advisory Board (ECAB).

Answer 25

In ITIL® the entity charged with approval of a Request for Change is called the Change Authority. In most environments, the identity of the Change Authority varies with the type of change under consideration. For many ordinary changes, the Change Manager may act as the Change Authority. However, for extremely large changes, the Change Authority may be an executive or even the board of directors.

Answer 26

The Change Advisory Board or CAB is a group of experts convened by the Change Manager to advise on the approval/rejection and planning for a specific change. The membership of the CAB usually varies with the change under consideration.

Answer 27

The Emergency Change Advisory Board or ECAB is a special group convened by the Change Manager to advise on the approval/rejection and planning for Emergency Changes as part of the Emergency Change Management Process. The membership of the ECAB usually includes persons with the experience and organizational authority required to make rapid and often difficult decisions and to accept the consequences of those decisions.

Answer 28

A Change Model is a template or pre-defined set of steps, procedures, and guidelines for execution a specific type of change. Change Models are used to help minimize risk, save costs, and improve the consistency of execution around changes.

Answer 29

A release is a collection of changes which must be implemented together in order accomplish a specific objective or set of objectives.

Answer 30

A Release Unit is the particular set of configuration items released together for a specific deployment effort. The Release Unit for a release is selected as part of the Release and Deployment Management process based upon both technical and business criteria. For example, for the deployment of an accounting package the release unit might be determined to be the accounts payable and payroll modules, but not the tax computation module.

Answer 31

In the context of Service Transition generally and, more specifically, in the context of the Service Asset and Configuration Management process, the term Baseline refers to the documented and validated configuration of a component, system, service, etc. Baselines are used within Service Asset and Configuration Management to provide a roll-back point useful in managing risk around changes in the environment.

Answer 32

The Configuration Management System is the controlled repository and interfaces for management of information concerning items under configuration control (Configuration Items) in the environment. The purpose of the CMS is to provide accurate and up-to-date information regarding how the environment is configured. The CMS stores records of Configuration Items in the Configuration Management Database (CMDB). Importantly, the CMS/CMDB differs from a traditional asset database in that it also provides information regarding how Configuration Items are related to each other.

Answer 33

A Configuration Item or CI is anything which has significance for the delivery of an IT Service. Configuration Items can include hardware and software, but also documentation, process definitions, facilities, etc. Configuration Items are tracked using the Configuration Management System which stores records of them in the Configuration Management Database (CMDB). At a bare minimum, the record of a Configuration Item should include a unique identifier and the location of the CI.

Answer 34

Change Management is concerned with recording, evaluating, approving, testing, and reviewing changes to services, systems, and other Configuration Items. ITIL® reminds us that all changes involve risk. As such Change Management is largely concerned with managing risk associated with change. The major activities which make up the Change Management process include:  Recording of RFCs involves logging of the RFC in the Change Management system. Recording must include all details required to assess the RFC.  Review of RFCs involves checking to see if the RFC is complete and free of obvious defects which would make it impractical or impossible to implement.  Assessment and Evaluation of RFCs involves further review and consideration of the RFC, usually by the Change Advisory Board, for the purpose of determining the desirability and feasibility of the requested change.  Authorization of RFCs involves identification of the appropriate Change Authority and the determination by the Change Authority to approve or deny the RFC.  Planning involves identification and scheduling of the activities required to implement the change, including any testing which may be required to manage risk associated with the change.  Implementation Coordination  Review and Closure

Answer 35

Service Asset and Configuration Management ```  Planning  Identification  Control  Status Accounting  Verification and Audit ```

Answer 36

Four additional Service Transition processes are included within ITIL®, but are not covered in detail on the Foundation exam. For exam purposes, candidates are only required to recognize that the processes exist within the Service Transition lifecycle phase and to understand that in many environments the processes provide additional support for the three primary Service Transition processes described earlier.

Answer 37

Transition Planning and Support provides broader support for large-scale transitions and releases and would be helpful for an organization anticipating an unusual volume of change, as for example would be the case during a merger or acquisition scenario.

Answer 38

Service Validation and Testing provides separate and more focused support for testing prior to release. Organizations for which quality and error control are of paramount importance might especially benefit from implementation of Service Validation and Testing as a separate process. In such a scenario, Release and Deployment Management would focus more exclusively on deployment/release logistics and testing would become the domain of the new process.

Answer 39

Evaluation provides support for post-release evaluation and confirmation of customer acceptance of new and changed services. It would be useful in situations characterized by customer satisfaction challenges and in situations where other factors might require closer management of customer acceptance.

Answer 40

Knowledge Management provides support for the capture and effective publishing of knowledge which surfaces during the Service Transition lifecycle phase and elsewhere. From a practical perspective, Knowledge Management belongs in Service Transition simply because Service Transition has responsibility for most testing and validation where the most valuable operational data is gathered prior to release into the live environment.

Answer 41

The Service Operation phase of the Service Lifecycle is concerned with ensuring that services operate within agreed parameters. When service interruptions do occur, Service Operation is charged with restoring service as quickly as possible and with minimizing the impact to the business.

Answer 42

Service Operation is the only lifecycle phase in which value is actually realized by customers. Whereas all other phases of the Service Lifecycle contribute to and enable value, it is only experienced during Service Operation. Service Operation also adds business value by:  Ensuring that services are operated within expected performance parameters  Restoring services quickly in the event of service interruption  Minimizing impact to the business in the event of service interruption  Providing a focal point for communication between users and the Service Provider organization

Answer 43

``` Because Service Operation is the first lifecycle phase in which the Service Provider organization must respond to rather than plan for and drive user and customer demand, balance is difficult to maintain. Accordingly, ITIL® emphasizes the importance of striving to achieve and maintain balance during Service Operation in the form of specific balances between:  Reactive and Proactive Focus  Internal and External Focus  Cost and Quality  Stability and Flexibility ```

Answer 44

During Service Operation, the importance and criticality of communication is especially acute. ITIL stresses the importance of communication:  Between users and the IT Service Provider  Between customers and the IT Service Provider  Between different processes, functions, teams, etc. within the IT Service Provider  Between the IT Service Provider and its suppliers

Answer 45

An incident is any occurrence which causes or may cause interruption or degradation to an IT Service.

Answer 46

A problem is the unknown underlying cause of one or more incidents. A problem is NOT just a particularly serious incident.

Answer 47

An error is the known underlying cause of one or more incidents.

Answer 48

A known error is the known cause of an incident for which a workaround also exists.

Answer 49

An event is any change of state of an infrastructure or other item which has significance for the delivery of a service.

Answer 50

Incident Management is concerned with the rapid restoration of services and with minimization of impact to the business. In most but not all cases the Incident Management process is owned and executed by the Service Desk. Within ITIL®, Incident Management consists of a number of basic activities or steps:  Detection – The incident becomes known by any mechanism, e.g. user call, system alert, etc.  Logging – Details of the incident are recorded in the incident management system.  Classification – The incident is categorized according to predefined criteria for the purpose of facilitating diagnosis and prioritizing its handling relative to other incidents.  Prioritization – The impact and urgency of the incident are determined and factored together to determine its relative priority among other incidents.  Investigation and Initial Diagnosis – Additional details regarding the incident are gathered and used along with tools such as the Known Error Database to attempt resolution.  Escalation – If necessary, the incident may be forwarded to the appropriate handling group.  Resolution and Recovery – Service is restored and users are provided assistance to allow them to resume work.  Closure – Successful resolution of the incident is verified with the user, the incident resolution details are recorded, and the incident is flagged as being closed in the incident management system.

Answer 51

Problem Management is concerned with the identification and correction of flaws or errors in the environment which cause incidents. Problem Management helps reduce and prevent incidents. Problem Management is broadly divided into two major sub-processes:  Reactive Problem Management, which is charged with responding to problems as they arise in the environment, usually driven by the Incident Management process.  Proactive Problem Management, which is charged with proactively seeking out improvements to services and infrastructure before incidents occur. Problem Management uses techniques such as Kepner-Tregoe, Ishikawa diagramming, and Fault Tree Analysis to identify the root cause of incidents. Once the root cause of an incident is determined, Problem Management may issue a Request For Change to initiate action toward implementation of a permanent fix for the underlying cause or, if a permanent solution is not feasible, may assist in the development of a Work Around for use in restoring service and minimizing the impact of associated incidents. The production and maintenance of the Known Error Database (KEDB) is one of the most important outputs of the Problem Management process. The Known Error Database is used by the Incident Management process to more rapidly resolve incidents.

Answer 52

Event Management is concerned with detection of events in the infrastructure and with selection of appropriate response actions. By facilitating early detection of incidents, Event Management helps reduce the number of incidents which impact users and can greatly improve the performance of the Incident Management process itself. As described earlier, an Event is any change of state which has significance for the delivery of a service. As such, Event Management mainly focuses on IT detecting and addressing issues at the infrastructure level and is most commonly a largely automated process. Events may be one of three basic types:  Informational – No action is required. The event information is logged for potential future reference.  Warning --An infrastructure item is approaching a predefined performance or capacity threshold which could cause an incident or require intervention.  Exception—An infrastructure item has exceeded a threshold or is no longer operating within defined parameters. Intervention is required.

Answer 53

Service Request Fulfillment is the process charged with assisting users in situations where no service degradation or interruption is involved. Service Request Fulfillment provides a means of addressing common user requests for non-incident support, new equipment, training, etc. Service Request Fulfillment frequently makes use of Standard Changes and automation to meet user requests more efficiently. In much the same way that Event Management supports the Incident Management process by addressing incidents before they impact users, Service Request Fulfillment can reduce the load on the Incident Management process by providing a means of addressing non-incident related requests before they enter the Incident Management stream.

Answer 54

The Access Management process is charged with is providing authorized parties with appropriate access to service and information as specified in the Information Security Policy. Access Management executes the Information Security Policy as defined by the Information Security Management process, but does not itself set policy.

Answer 55

Continual Service Improvement is about the alignment and re-alignment of services, processes, functions, etc. with changing business needs. It is also concerned with the consistent application of quality management methods to the overall Service Management effort.

Answer 56

Continual Service Improvement offers value to Service Provider and customer organizations by:  Ensuring that services, processes, and other aspects of the Service Management effort are aligned with business objectives  Ensuring that services meet agreed levels of performance  Ensuring that the efficiency (cost) of service delivery improves steadily  Ensuring that all aspects of the Service Management effort undergo regular and consistent reviews

Answer 57

Measurement plays a critical role within ITIL®, both as a part of Continual Service Improvement, but also within Service Level Management and as an essential part of all processes. Measurements can be used for four basic purposes as shown below:  To JUSTIFY a proposed course of action  To DIRECT activity  To INTERVENE when corrective action is required  To VALIDATE actions which have already been taken

Answer 58

 Objectives establish the reason for measurement. Measurement in itself has no value. Rather, it only has value inasmuch as it supports achievement of specific objectives.  Critical Success Factors define specific things that must happen if objectives are to be achieved.  Key Performance Indicators are metrics which specifically indicate progress or performance around or toward Critical Success Factors.  Metrics are the definitions of what will be measured and how it will be measured.  Measurements are the actual readings taken based upon a specific metric.

Answer 59

The Deming Cycle is an improvement model originally created by W. Edwards Deming and used to great success in the Japanese auto industry. It consists of four simple steps (Plan, Do, Check, Act)

Answer 60

The Continual Service Improvement Model is a simple set of guiding questions which can be used to organize and perpetuate an improvement program. It closely mirrors the basic approach also used in the ITIL® 7-Step Improvement Process.

Answer 61

A Service Improvement Plan or Service Improvement Program is the primary output of periodic service reviews carried out as part of Continual Service Improvement or as part of the Service Level Management process. The SIP maps specific improvement objectives for an identified time period between one service review and the next.

Answer 62

``` The Seven Step Improvement Process provides a simple means of using measurement to guide the improvement and correction of service performance. The steps are:  Decide what should be measured  Decide what can be measured  Gather the data  Process the data  Analyze the data  Present and use the data  Implement corrective action ```

Answer 63

Although Service Level Management is one of the processes within the Service Design lifecycle phase, it shares many activities and objectives with Continual Service Improvement. In particular, both Service Level Management and Continual Service Improvement emphasize regular measurement and review of services and other aspects of the Service Management effort.

Answer 64

ITIL® introduces the concept of ‘bounded rationality’ in its discussion of the role of automation in IT Service Management. ‘Bounded rationality’ refers to the limits which constrain humans’ ability to entertain more than a few factors at a time when seeking to make decisions in complex situations. In the most fundamental sense, automation and technology play an important role in IT Service Management by helping human decision makers effectively confront vastly more complex scenarios than they might otherwise be able to. Some examples include:  Use of automation to identify patterns and trends in large data sets such as event logs, incident logs, etc.  Use of automation to help guarantee consistency during design efforts  Use of automation to accurately record high volumes of detailed data, e.g. incident logs  Use of automation to avoid arbitrary assignment of priority to incidents, problems, changes, etc.  Use of automation to respond to events in real time ITIL® urges the point that all phases of the Service Lifecycle can be supported very effectively using technology and automation.

Answer 65

ITIL® offers some discussion of how automation can best be used to support processes. It’s most essential recommendations include:  Process definition should precede attempts to purchase or apply technology to processes  Processes should be simplified prior to automating them

Answer 66

ITIL® describes a number of information systems which represent the application of technology/automation to the IT Service Management effort. The most important of these include:  Service Knowledge Management System (SKMS)  Service Portfolio/Catalog  Availability Management Information System (AMIS)  Configuration Management System/Configuration Management Database (CMS/CMDB) Capacity Database (CDB) or Capacity Management Information System (CMIS)  Known Error Database (KEDB)  Security Management Information System (SMIS)