IT Asset Management Policy | ITIL Asset Management

What is IT Asset Management Policy

IT Asset management policy is a management directive that significantly influences the IT asset management processes and procedures.

[the_ad id=”667″]

IT Asset Management, IT Asset Management Policy
IT Asset Management Policy

ITIL Asset Management Policies are written instructions which specify

  • What needs to be accomplished
  • Who are the audience for the policy
  • Why is the policy needed

An IT asset management policy sample must contain:

  • Defined in simple understandable language
  • Implemented by building about awareness and education
  • Periodically reviewed and updated to maintain relevance

Guidelines for IT Asset Management Policy Operations

Guidelines for Financial Management for IT Assets

  1. Define the procedures for activities like budgeting, accounting, invoicing, etc.
  2. Establish a database for tracking budget and costs associated with assets, accounting details, invoicing details, and auditing details.
  3. Define a budget for all assets, comprising software, hardware, facility assets, compliance requirements, etc.
  4. Define an invoice payment mechanism to capture the details of the invoices (invoice number, vendor name, invoice date and time, purchase order number, invoice items, quantity, unit price, total price and etc) and payments.
  5. Perform accounting on fixed assets, current assets and intangible assets.
  6. Develop depreciation calculation procedure for all hardware and software assets.
  7. Consolidate asset values and replacement costs.

Guidelines for IT Asset Procurement

  1. Define the policies and standards for all procurement internal activities.
  2. Develop supplier management plans like:
    • Escalation process
    • Supplier contingency plan
    • Supplier contract renewal and termination procedures
  3. Define the templates for documentations like purchase request (PR), request for quotation (RFQ), request for information (RFI), and request for proposal (RFP’s).
  4. Establish a database for procurement which will track all the details and activities of the asset procurement process.
  5. Categorize the suppliers and their respective products.
  6. Establish a bidding system, defining the procedure for contacting a list of suppliers and selection.
  7. Define and negotiate the contracts, service level agreements (SLA’s), and penalization procedures. Key aspects to be considered in negotiation are:
    • Payment frequency and procedure
    • Asset acceptance criterion
    • Contract closure formalities
  8. Define a method to submit purchase requests (PR) to the supplier, capturing all the details of the needed asset.
  9. Define the conditions and criteria, when a PR should seek approvals from the Procurement lead and IT Asset Manager.
  10. Define a team to register, receive, and inspect the assets with respect to the purchase requests submitted.

Guidelines – IT Asset Management Software License

[the_ad id=”667″]

  1. Classify and group the assets licenses into categories based on license type, agreements, costs, and renewal dates, etc. to define an organized structure.
  2. Identify the license life span, and define a mechanism to track the license expiration dates and renewals dates.
  3. Define a mechanism to get detailed information on purchased licenses and installed licenses.
  4. Define a mechanism to get information on the unauthorized software in the organization.
  5. Define a mechanism for tracking the proof of purchase on licenses.
  6. Define a mechanism to notify the license expiry details.
  7. Define a procedure for optimum utilization of licenses especially for instances like transferred licenses.
  8. Define procedures for license renewal and maintenance.
  9. Define procedures for license entitlements.
  10. Develop a procedure for associating the requested assets with its respective software licenses and entitlements.
  11. Develop a standard procedure for attributing software license entitlements and software license installations to the requested assets.

Guidelines for IT Asset Inventory

  1. Establish IMIS (Inventory Management Information System) which will track all the IT asset details.
  2. Develop the inventory documents like stock requisition, stock transfer receipt, stock return, etc.
  3. Define a method to group your assets which enables you to understand the context and to manage them easily.
  4. Define a method to track and identify the assets and its attributes:
    • Record all hardware serial numbers, model numbers, etc.
    • Record all software names, versions, and editions, etc.
  5. Set up an assets handling team to receive and register the assets in IMIS (Inventory Management Information System).
  6. Define a procedure for communicating with other teams like financial management and procurement in clearance of the invoices.
  7. Define a procedure for the asset handling team to move the assets at the requestor’s premises.
  8. Define a procedure to reserve and ship the assets requested through the asset catalog.
  9. Define a check-in and check-out policy for all assets being moved from inventory to live environment and vice versa.

Guidelines for IT Asset Retirement and Disposal

  1. Target Zero Waste Goal.
  2. Define an asset disposal procedure encompassing identification of assets, assessment of assets, approval, disposal methods, and reporting.
  3. Define a status snapshot mechanism for an asset to represent whether if the asset is in “stock”, “operational”, “repair”, and “disposal” statuses.
  4. Define data security procedures to protect the confidential data.
  5. Develop Request for disposal (RFD) forms capturing the important details of assets.
  6. Define asset disposal methods for assets based on the utilization rate, financial value, asset lifetime, assets category, etc.
  7. Implement data security procedures on assets before disposal.
  8. Define a procedure for mass asset disposal.

IT Asset Management Policy – Roles and Responsibilities

Responsibilities of IT Asset manager

IT Asset manager is accountable for the whole asset management practice and its encompassing processes and activities. IT asset manager administers, supports, and manages the contracts for technology spending on IT assets across the organization. He/ She ensures:

  1. Definition and facilitation of communication between the organization and its suppliers in order to deliver products and services according to plan and within budget.
  2. Providing advice to management and staff on IT asset management related processes, models, improvements, and best practices.
  3. Continuous improvement on the ITAM-process model framework and alignment with the relevant departments to fine-tune the processes.

Responsibilities of IT Financial manager

Asset Financial Manager is accountable for the financial management for IT assets process and operations. He/ She ensures:

  1. Definition of process, policies, and standards as per business requirements.
  2. Execution of financial operations (budgeting, accounting, invoicing, and payments) in sync with defined policies.
  3. Appropriate cash flow management to ensure proper funding with minimal financial charges and in line with business requirements.
  4. Analysis of opportunities and development of financial models with respect to the strategies defined.

Responsibilities of IT Asset Procurement Manager

IT Procurement Manager is accountable for the asset procurement process and operations. He/ She ensures:

  1. Definition of process, policies, and standards as per business requirements.
  2. Execution of the procurement operations (bidding, selection of the suppliers, quoting prices, negotiating the contracts and agreements) in sync with defined policies.
  3. Developing long term procurement strategy of purchasing materials with visibility and alignment with corporate strategy while considering the continuity of supply with a contingency plan.
  4. Revenue of bought outs & its associated services as per project schedule on a monthly basis.
  5. Identification of suppliers, establishment of contracts, cost models and price agreements. It also develops alternate suppliers and solutions.

Responsibilities of Software License Manager

Software license manager is accountable for the software license management process and operations. Software license manager has the goal to utilize software licenses as efficiently as possible and ensure that the organization is in control of its software licenses. He/ She ensures:

  1. Definition of the process, policies, and standards.
  2. Execution of the operational activities like license distribution, administration, control, and renewal of licenses.
  3. Tracking, evaluating and managing of a wide variety of software licenses and usage.
  4. Support during audits with respect to software asset licenses.
  5. Up-to-date knowledge on developments in the market with respect to software license models and entitlements.
  6. Compliance checking to reconcile license usage to plan for renewals.

Responsibilities of IT Inventory manager

Asset Inventory manager is accountable for the complete asset inventory process and operations. He/ She ensures:

  1. Definition of process, policies, and standards as per business requirements.
  2. Execution of the inventory operations (stocking, stock replenishment, stock inspection, and stock returning) in sync with defined policies.
  3. Reviewing all the purchase requests and purchase orders processed.
  4. Receiving the goods, physical checking, appropriate storage and maintenance of records.
  5. Conducting physical count regularly and ensure inventory accuracy.
  6. Monitoring and reporting of all out of stocks, below safety stocks and expected out of stocks.
  7. Providing demand shaping recommendations.

Responsibilities of IT Asset Disposal Manager

Asset Disposal Manager is accountable for asset disposal process and operations. He/ She ensures:

  1. Definition of the process, policies, and standards.
  2. Retirement and disposal of obsolete assets at the right time in the right way to avoid risks and non-compliances.
  3. Disposal of garbage in accordance with the waste management plan.
  4. Risk free asset disposal process including packaging, transportation and warehouse storage.

 

Download IT Asset Management Policy Template

Download IT Asset Management Policy PDF Document

Service Catalogue Template | ITIL Service Catalog

Service Catalogue Management

Service catalogue management (SCM) is the process responsible for creating, updating, and maintaining the service catalogue in ITIL service. An ITIL service catalog contains accurate information on all operational services in the IT infrastructure which will act as a medium for users and customers to know about the available services in an organization. Service Catalogue Template which lists all IT services, including information related to a specific service that is presented in service catalogue.

[the_ad id=”667″]

Service Catalog Template, ITIL Service Catalog, services catalog template
Service Catalogue Template

Service Catalogue

A service catalogue briefs the information about the services, services description, its costs, and SLAs associated.
A service catalogue can be viewed from two perspectives, from the business department and from technical departments, as:

[the_ad id=”667″]

  • business service catalogue
  • technical service catalogue

The purpose of SLM is to provide an accurate and updated single point of view of current/ live or operational IT services that are available for IT stakeholders.

ITIL Service Catalog – Objectives

itil service catalog example, itil service catalog, services catalog template excel
Services Catalog Template
  • Provides an accurate and updated view of current IT services that are available.
  • Provides an easy interface, so that customers and internal users can select and order items/services that are currently available in the IT infrastructure.

Service Development Process

Development of Service Catalogue can be defined as Design, Draft, Classification, Verification and validation, & Publish.

Design

Important tasks to be considered in the design phase of a service catalogue are:

  • Define the architecture and structure for service catalogue portal or database.
  • Define the service catalogue template.
  • Define the user groups that can access the service catalogue portal or database.

Draft

Information on the operational services and retired services is collected from different service owners, process owners and IT staff. Information on all services is gathered, analyzed, and consolidated as a draft in one place.

Classify

After defining the services, classification and categorization of services is done as per the business needs and processes defined.
Services are usually classified based on category, impact, urgency, priority, financial value, and frequently requested services.

After the services are classified and categorized, an association is established between:

  • IT services and business units
  • IT services and the underlying CIs.

Verify and validate

Drafted services are verified to check that all accurate and complete details like price, specifications of a service, delivery time, etc., are collected.
Then the drafted services are validated by checking the existence of identified IT services in the operational environment.

Publish

After the services are verified and validated, the services are populated in the service catalogue and published to different stakeholders as per their privileges.
Services published in the service catalogue will be visible only for the authorized users and IT staff.
Mandatory details needed for this phase are:

  • service name.
  • service id.
  • description of the service.
  • cost of a service.
  • service owner.
  • quantity.
  • SLAs associated.
  • date requested.
  • impact of the service requested.
  • urgency of the service requested.

Download Service Catalogue Template – Word

Download Service Catalogue Template – Excel

IT Service Management | ITSM vs ITIL | ITSM Tools List

IT Service Management

IT Service Management (ITSM) is a branch of science in IT industry, which focuses on management and delivery of IT services to the customer, adhering to time, cost, scope and quality parameters defined by the customer. We will also look in detail difference between two ITSM vs ITIL. 

[the_ad id=”667″]IT Service Management, ITSM vs ITIL

IT Service ManagementIT Service Management (ITSM) is a practice which details procedures for providing and managing the IT services in an effective and efficient way, ensuring provision of customer satisfaction to the customers.

IT Service Management is an important, foundational piece of the IT infrastructure to deliver IT services. Without good IT Service Management, an organization will waste time and resources performing redundant, ineffective, unnecessary tasks. Having ITSM practice in an organization will avoid loss of reputation (as a service provider) and loss of money as penalizations. With a well functioning IT Service Management, the organization can expect to deliver:

  • better customer satisfaction
  • more effective and efficient IT services
  • better quality in IT services

To set up a strong ITSM practice, an organization would require people with strong knowledge in ITSM, ITSM processes (which can be referred from ITIL, MOF, ISM, etc.), and ITSM tools which must be aligned to the business requirements of the organization.

ITSM Best Practice Frameworks

In ITSM there are many practices that have incepted, some of the prominent are ITIL (IT Infrastructure Library), MOF (Microsoft Operations Framework), ISM (Integrated Service Management), and recently a new digital service management approach is VeriSM.

Value to Business

  • Resolves IT issues quickly and will enable to run business operations.
  • Provides the business with information to make the correct decisions with respect to IT investments, technology, vendors, etc.
  • Manages IT services and run the business operations without any breakdowns.
  • Minimizes risk of penalizations and non-compliance to the agreed contracts
  • Improves the quality of IT services to improve business performance
  • Helps improve the bottom line profitability of the business

Value to IT

  • Provides defined, repeatable processes, procedures, metrics, roles and responsibilities
  • Improves the customer satisfaction to IT end users
  • Proactively identifies, mitigates and tries to avoid IT issues

Practical understanding of ITSM

Imagine if a company called <Available > is managing and providing internet service to a business/ residential customers
Or
Imagine if a company called <Use App> is developing an application and providing application support services to another company
Or
Imagine if a company called <Data Manage> is managing a data center for another company

Here, all the above 3 instances, companies are involved in managing and delivering a service (i.e.: Internet/ Application development and Support/ Managing a Data center) which means they are involved in ITSM.

Let me explain more in detail with an example:
Available LLP company is an internet service provider in US, and its goal is to be the best internet service provider in the city New Jersey.

In order to achieve its goal, it needs to provide good internet service which is reliable, available, with good bandwidth (performance), security, etc.

To provide good internet service with reliability, availability, with good bandwidth (performance), security, etc. the company Available LLP should have:

  • Good helpdesk staff to provide support on phone calls / and onsite; and network engineers who can configure the cables, routers, etc.
  • Good cabling system (supplied by company A), routers & wifi routers (supplied by company B), gateways (supplied by company C), base station antenna (supplied by company D), etc. configured with backup plans and continuity plans.
  • There should be good technicians and engineers, with defined processes and procedures to do regular maintenance to check proactively and reactively
  • There should be defined roles who are accountable & responsible of doing specific tasks

Performing all these tasks is doing IT Service Management in internet service provision.

Data Manage LLP company is Data center company in US, and its goal is to be the best data center company in the US.
To provide data hosting service with reliability, availability, security, etc. the company Data Manage LLP should have :

  • Skilled resources and knowledge to manage the equipments in DC like racks, servers, application delivery controllers, cables, WAN optimizers, routers, switches, bridges, repeaters, SAN, NAS, etc.
    Stocked spare parts
  • Execution of timely backups, restoration, and archival of data as per the defined SLA’s.
  • Followed change management approvals before making any changes in the data center environment.
  • Defined governance structure, roles, and responsibilities.
  • Defined of escalation procedures & operations procedures

Performing all these tasks is doing IT Service Management in Data center to store all the data at one place and disseminate as per the requests.

ITSM vs ITIL : Difference

[the_ad id=”667″]

ITSM ITIL
ITSM is a branch of science in IT to manage the IT services. Managing the IT services involves various tasks like installation/ reinstallation/ modification of IT components (hardware/ software/ etc.)/ upgradation/ etc. and the purpose of doing these tasks is to deliver the IT services without any interruption ensuring customer satisfaction.

 

ITIL is one such best practice framework (for ITSM), which is a collection of 26 processes and 4 functions providing guidelines for managing the lifecycle of IT incidents, problems, service requests, changes, release, etc. ITIL framework is classified into 5 process areas as Service Strategy, Service Design, Service Transition, Service Operations and Continual Service Improvement where all the 26 processes and 4 functions are allocated their respective places in a lifecycle approach.

 

ITSM is a branch of science in IT, an approach for managing the IT services and it is not owned by anyone. ITIL framework is owned by Axelos, which was earlier owned by UK Government. ITIL can be adopted and adapted as per the requirements.
ITSM has no defined lifecycle. ITIL is a lifecycle based approach.

ITSM Tools List

Managing IT services in an organization will require people, processes and the most important tools for managing IT services. Some of the generic tools used in ITSM are:

Monitoring tools: To monitor the IT infrastructure (servers, networks, routers, computers, storage, etc) availability, capacity, performance, security issues, etc.

Service desk tools: To log and manage the lifecycle of service desk calls.
Backup and disaster recovery tools: To perform backup and recover data.

Self service portal: To help the end users to request/ order services or IT components, to find information, to resolve issues, etc. Self help functionality acts as a front-end for end users to be defined offering different menus, screens, buttons, etc providing direct interface to request/ order services.

Configuration and build management tool: To identify, track and assign unique numbers for software and hardware configurations.

Security management tools: To protect the integrity of the network, systems and applications, guarding against intrusion and inappropriate access and usage.

Content management systems: To store all the content of the IT service provider in various repositories like knowledge base, known errors, service catalogue, employee information, etc.
Email systems: To send, receive, backup, recover, etc. emails.

Project management tool: To manage the status of the projects in the IT organization.

Dashboard tools: To provide an overview of the overall IT service performance.
Remote Logging Tools: To enable the support staff and other escalation teams to conduct investigations to provide more efficient and effective support.

Service Charter Template

Service Charter

IT Service Charter is a high-level document for any new or significantly modified services and its approach to develop a new/ modified service. Customer Service Charter document will consolidate all the necessary information on the purpose, requirements of the new/ modified service, scope, resources needed, roles and responsibilities, service acceptance criteria, KPI’s and metrics, constraints, etc.

Service Charter Template

[the_ad id=”667″]

Service Charter Template,
Service Charter Template

 

The Service Charter Template is the document that will provide clear communication to the Service Design process area with all the necessary information for designing a new service.

Purpose of Service Charter

Service charter documents the necessary information required by the service design manager to design the service for transition and operations. Customer service charter is created during the service strategy phase which will provide clear direction to design the service for the benefit of service design process owners and managers.




The intended audience of the service charter template is the Service Design Manager, Service Design Process owners and managers and Service Owners.

Objectives of Service Charter

  • To provide a high-level description of a new or changed service to the Service Design stakeholders.
  • To provide the service level requirements, service acceptance criteria, and goals of the customer.

Service Charter Development Life cycle

Development of a service charter can be defined through 4 stages as analysis, budgeting, approval, and publish.

Analysis: An understanding is developed about the service provider’s current IT operations. Assessments and analysis is made on current services, market spaces, risks associated, customer’s history, customer needs, customer feedbacks and recommendations, competitors, and competitors’ services. These assessments are made in form of: interviews, questionnaire, direct observation, simulations, etc.

Budgeting: This stage involves predicting the funds necessary for services to deliver the agreed upon IT service. Budgets are allocated for every new IT service proposed.

Approval: In this stage, service portfolio manager makes the decision of approving services or rejecting, after careful evaluation of the analysis.

Publish: In this phase, chartered service is documented with high level descriptions with respect to availability, capacity, performance expected, security, continuity, etc. and are standardized and published. Accordingly, the service charter is disseminated to all the relevant stakeholders in service design process area (availability management, capacity management, information security management, IT service continuity management, etc.)

Download Service Charter Template 

Service Level Agreement Template

Service Level Management

The purpose of Service Level Management (SLM) is to ensure that the service targets are created, negotiated, agreed, documented, monitored, reviewed and reported to the customer. SLM acts like a liaison between the customer and the service provider which sets the targets in terms of quality, time, and scope as per the SLR and SAC.

[the_ad id=”667″]

The Service Level Management (SLM) process is responsible for seeking a realistic compromise between the customers’ needs, expectations and the cost of associated services, such that these are acceptable by both the customers and to the IT Organization. Service Level Management is also responsible for:

  • Performing service reviews
  • Creating reports on SLA’s, OLA’s & UC’s
  • Defining metrics and KPI’s

What is a Service Level Agreement ?

Service level agreement (SLA) is a document/agreement that describes the scope of services, details of services, availability, quality, recovery times, etc.

[the_ad id=”667″]

Service Level Agreement Template
Service Level Agreement

SLA Definition Process

Defining SLA should involve participation of all the service owners, process owners, and all other stakeholders from the IT organization. This definition process can be mentioned as Planning, Development, Piloting, Publish, SLA Activation & Monitoring.

Service Level Agreement Template

Planning process involves:

  • Understanding the business requirements of the customer (with respect to scope of services, timeliness, etc.) and translating it into IT requirements.
  • Gather and analyze historical data from customer or from previous experiences (where similar services were offered to any other customer).

Development process involves:

  • Define, develop, negotiate and standardize SLTs for SLA.
  • Encompass SLTs in SLA.
  • Get approvals from customer on SLA.
  • SLA will contain details like:
    • stakeholders involved
    • stakeholders involved
    • start, review and end dates
    • scope of services
    • roles and responsibilities
    • operational hours
    • holidays list
    • service costs
    • incentives and penalties
    • Define detailed metrics, KPI’S, etc.

Mandatory details needed for SLA development are:

  • vendor’s name
  • vendor id
  • vendor type (elite, large scale business, medium scale business, small scale business)
  • SLA id
  • SLA name
  • SLA type
  • service hours
  • start date and end date
  • description of the SLA

Piloting

When the service provider is not sure about the realistic conditions in operations; service provider does the piloting before base-lining the SLAs for the next quarter or half a year.
When it’s a Greenfield project, service provider pilots operations and observes the trends, issues, and patterns for few months and then baselines SLAs. The service provider should keep revisiting the piloted SLAs and redefine them after the observations.

Publish

In this phase SLAs are standardized and published. Management and stakeholders are made aware of the consolidated SLAs.

SLA activation

In this phase SLAs are activated for the live IT operations. IT operations take the defined SLAs as a baseline, and execute the IT operations.

Monitor

Monitoring is the main focus of SLM, which involves:

Reactive monitoring:

monitoring the weekly reports, monthly reports, quarterly reports and evaluates the quality of services.

Proactive monitoring:

This is proactively advising the operations and ensuring that there are no SLA misses or breaches, preventing penalties, preventing customer escalations and threats.

Service Level Agreement Template Download

Roles and Responsibilities in ITIL with a RACI

ITIL RACI Template Excel




ITIL RACI Template, ITIL RACI
ITIL Roles – RACI Template Excel

ITIL Roles

Executive Sponsor

The Executive Sponsor is accountable for the framework implementation and responsible for securing spending authority and resources to implement and manage the Services and Processes. The Executive Sponsor is a vocal and visible champion who legitimizes goals and objectives, involved in major activities, is the ultimate decision-maker, has final approval of all scope changes, and signs off on approvals to proceed to each succeeding phase.

Service Domain Owner

The primary responsibility of the Service Domain Owner is to ensure the processes within the Service Domain provide support to the Service Owners, who have accountability for the Services that are provided. The Service Domain Owner is accountable for all the Processes in the Service Domain, the interfaces and Process interdependencies and for measuring and maintaining Process maturity levels.

The Service Domain Owner ensures proper resourcing, the appointment of Process Owners, and the strategy for each Service Domain. The Service Domain Owners work jointly to ensure proper handoffs between the Service Domains. The Service Domain Owners represent their Service Domain on the upper governance boards, while establishing governance boards to handle Domain-specific matters related to policy, standards.

Service Domains are usually aligned with the stages in the Service Lifecycle.

Service Owner

Each Service needs an owner. The Service Owner is accountable for the Service without regard for where the technology, processes, or other enablers reside. In short, the Service Owner owns the end-to-end Service even if he or she relies on other Services to provide the Service. For example, the Business Service supporting Accounting will rely on multiple Infrastructure Services. The Service Owner will be the primary stakeholder in these supporting Services. This owner wants to ensure that these supporting Services enable his or her Service to be successful.




Service Manager

This role is responsible for managing the end-to-end lifecycle of one or more IT Services. The Service Manager:
Provides leadership on the development of the business case and process architecture,
Service deployment and lifecycle management schedules,
Performs Service cost management activities in close partnership with other organizations such as operations, engineering, and finance.

The Service Manager is also responsible for the controls built into the Service, both supporting the processes and corporate controls (e.g., SOX).

Process Owner

As with the Service Owner, the Process Owner is the one individual accountable for the success of the Process. The Process Owner will ensure the Process is being performed as agreed and documented in the Process documentation. This Process Owner is concerned with the overall quality and performance of the Process, especially the measuring of health and performance of the Process.

This is obtained through the definition of Key Performance Indicators (KPIs) and frequently reviewing the metrics, and acting as necessary. These metrics represent a scale of measuring managed Services, Processes, and activities and are used to identify trends, productivity, resources, and opportunities for improvement.

Process Manager

The Process Manager will manage the day-to-day activities of the Process. In matters that pertain to the Process, the Process Manager is answerable to the Process Owner and performs the day-to-day operational and managerial tasks demanded by the Process activities. While there should be one Process Owner for each process, there may be multiple Process Managers for that same Process. The Process Manager does not necessarily fall within the Process Owner’s organizational chain of command.

Process Analyst

The Process Analyst is responsible for Process execution, supporting Process development, design and implementation, implementing the process, and providing continuous process improvement support.

Download ITIL RACI Template

IT Service Continuity – Plan and Template

Introduction to IT Service Continuity Management

IT Service Continuity Management (ITSCM) defines a standardized procedure for developing restoration, recovery and continuity mechanisms for IT Infrastructure. It ensures that the IT services are available, continual and recovered within agreed timescales as defined in SLA.

IT Service Continuity Management (ITSCM) works closely with Business Continuity Management (BCM) and supports the business goals. ITSCM plans differ by region, size of the organization, type of the business operation, and etc.

[the_ad id=”667″]

IT Service Continuity Template
IT Service Continuity Template

ITSCM Process Description

IT Service continuity management subprocesses can be defined as:

[the_ad id=”667″]

Initiation

Initiation process involves defining the ITSCM policy and communicating throughout the
organization so that all those concerned are aware of the need for ITSCM.

In the initiation phase, IT Service Continuity Manager will identify define the scope of ITSCM and identifies the appropriate roles and responsibilities for ITSCM related activities. S(he) will determine of the command and control structure required to support a business interruption.

For the identified roles and responsibilities, the ITSCM manager will identify and allocate
resources and familiarize and/or train staff to accomplish the ITSCM related tasks, like BIA, Risk
Assessment, etc.

Requirements analysis

Based on the business plans and business continuity plans, IT service continuity management staff will do the Business Impact Analysis, and will identify the Vital Business Functions and related IT services. They shall quantify the impact to the business due to loss of service (such as it could be a ‘hard’ impact that can be precisely identified – such as financial loss – or ‘soft’ impact – such as public relations, morale, health and safety or loss of competitive advantage).

Strategy development

Based on the BIA and Risk Assessment, IT service continuity management staff will prepare the IT Continuity Strategy with an optimum balance of risk reduction and recovery or continuity options.

The strategy would typically include:

Risk reduction by taking suitable prevention measures such as:

  • Define recovery procedure
  • Build components redundancy
  • Improve availability detection
  • Refine maintenance scope, frequency
  • Appropriate recovery mechanisms (such as Manual Workaround, Reciprocal Arrangements, Gradual Recovery, Intermediate Recovery, Immediate Recovery

Planning and Implementation

Based on the ITSCM strategy, IT service continuity management will plan the implementation of ITSCM by preparing detailed IT Plans, Recovery Plans and Procedures. These include plans such as:

  • Emergency Response Plan
  • Communication Plan
  • Disaster Recovery Plan

Operational management

In operational management, ITSCM manager and coordinator shall periodically review the IT service continuity and DR training material for any updates. Further, they shall oversee and ensure that the Trainings are being conducted as per the planned schedule.

Disaster Recovery

In this phase, ITSCM Manager will initiate the execution of the ITSCM & DR Plan and closely monitor the execution till the services have returned to normal. After the services are back to normal state, the ITSCM Manager will:

  • Produce a report of disaster recovery and mention what went right and what went wrong
    during the execution.
  • Send the report to senior management for review.
  • Record any identified improvement opportunity in the CSI register.
  • If required, update ITSCM & DR plans (after due approvals from the Change management
    and relevant stakeholders)

Metrics

  • Time to recover and restore services after an outage
  • Number of changes to continuity plans
  • Frequency and number of periodic reviews
  • Number of tests on VBFs
  • Costs involved in storage.

Download IT Service Continuity Plan Template

ITIL Change Management Process

ITIL Change Management –  Process Overview

[the_ad id=”667″]

A Change is nothing but of shifting/transitioning/modifying/from its current state to a desired future state.

ITIL Change management is an IT service management discipline. It is a process used for managing the authorized and planned activities like addition, modification, documentation, removal of any configuration items in the configuration management database that are a part of a business’s live production and test environments along with any other environment that a business wants to have under Change Management.

Change Management focuses on transitioning new services or modifying the existing services into IT operational environment ensuring the changes wouldn’t create any outages in the IT environment.

Objectives

The objective of Change Management is to:

  • Respond to the customer’s changing business requirements while maximizing value and reducing incidents, disruption and re-work.
  • Respond to the business and IT requests for change that will align the services with the business needs
  • Ensure that changes are recorded and evaluated, and that authorized changes are prioritized, planned, tested, implemented, documented and reviewed in a controlled manner
  • Ensure that failed changes are analyzed and RCA’s done to reduce the reoccurrence of such instances. Check points are enforced to understand the progress of change and to understand the failures.
  • Ensure that all changes to configuration items are recorded in CMS
  • Optimize overall business risk

Scope

Scope of Change Management can be defined as:

  • Architectures
  • Processes
  • Tools
  • Metrics
  • Documentation
  • IT services
  • Configuration Items

Interface with other Processes

[the_ad id=”667″]

ITIL Change Management
Change Management Process Interface

The Change management process interfaces with various other Service management processes as shown in the diagram above. This diagram depicts how Change Management is operated and the interfaces associated with it.

Change Management Process

Change Management Process flow

In practical IT environment, change management operations would generally be executed as per the below diagram:

Change Management Process flow, Change Management Process
Change Management Process flow

Process Description of Change Management

Change Trigger/Input
This process starts with Request for Change due to major or minor upgrade to an existing service or a service request requiring a change.
Each change ticket or RFC is recorded so that it could be tracked, monitored, and updated throughout its life cycle.
Sub processes involved in change management is defined below:

RFC logging and review
The objective is to filter out Requests for Change which do not contain all information required for assessment or which are deemed impractical. The Change Initiator requests for a Change to Service Desk who in turn; creates a Change record. Where tool access is available, the Change Initiator raises a Change record himself.
Based on the initiator’s assessment and the Change Management policy/guidelines, the change is classified as Emergency, Normal, Standard, Minor change.
Check RFC for completeness, practicability and perform initial assessment: Consider the 7R’s of the Change Management.

  • Who raised the change?
  • What is the reason for the change?
  • What is the return required from the change?
  • What are the risks involved in the change?
  • What resources are required to deliver the change?
  • Who is responsible for the build, test and implementation of the change?
  • What is the relationship between this change and other changes?

Assessment and implementation of Emergency change
This phase assesses, authorizes and implements an Emergency Change as quickly as possible. This process is invoked if normal Change Management procedures cannot be applied because an emergency requires immediate action.
ECAB will be responsible for approving any emergency changes without formally going thru the CAB meeting. The verbal or telephonic approval from ECAB will construe the change management approval. Members of CAB/EC are:

  • Change Initiator
  • Change Manager
  • Configuration Manager
  • Domain Owner(s) (As per Change requirements)
  • Depending on the nature of the change, Change manager determine the other members of the ECAB.

Categorization
Categorization determines the required level of authorization for the assessment of a proposed Change. Significant Changes are passed on to the CAB for assessment, while minor Changes are immediately assessed and authorized by the Change Manager

Assessment by the CAB
Assesses a proposed Change and authorizes the Change planning phase. If required, higher levels of authority (e.g. IT Management) are involved in the authorization process.

Change Manager schedules CAB Meeting. The CAB reviews to RFC and related documents to understand the requirements of the change. The CAB determines if a Formal Evaluation is necessary for the proposed change.

CAB understands the effects of the change and identifies predicted performance. This can be determined from the requirements mentioned in the RFC, acceptance criteria, discussing with relevant stakeholders, etc.

CAB assesses risks and conducts feasibility analysis:
Feasibility analysis is performed with respect to different aspects to find if the proposed change is a viable option. The analysis could include different factors like:

  • Cost-benefit (Cost effectiveness)
  • Resource availability
  • Identified Risks
  • Impact on other services and business impact
  • Compliance requirements (if any)

Based on the assessment findings, CAB either approves the change or rejects it.

Scheduling and Building

This phase authorizes detailed Change and Release planning, and to assess the resulting Project Plan prior to authorizing the Change Build phase.
It involves other tasks like

  • Preparing the FSC after considering all approved RFCs which are still open for implementation. Also the ongoing RFC implementations are considered which preparing the schedule of changes. Changes of similar kind are grouped together to help release planning. The change window is reviewed with the Availability Management and ITSCM process plans for consistency.
  • Depending on the nature of the RFC, a decision is made on the requirement of a formal evaluation before the approval for build is provided.
  • Based on the criteria for evaluation after planning and before build, the project plan as well as the test plan are reviewed and evaluated.

Deployment
Deployment assesses if all required Change components have been built and properly tested, and to authorize the Change Deployment phase.

Deployment determines if a formal evaluation is required before the deployment can begin. Accordingly, provide the related/relevant documents to the Change Evaluation Process and request for a formal evaluation prior to deployment.

CAB is convened to:

  • Verify that all components required for the change have been built
  • Verify that all components required for the change have been successfully tested
  • Verify that the test results indicate that the change will meet its objectives
  • Assess the Project Plan for conflicts with other planned/ongoing changes and to check resource availability
  • Review the Evaluation Reports
  • Approve/Reject the change for deployment

Accordingly the change record is updated with the assessment findings of the CAB and the status of the change as appropriate. The change schedule is also updated as necessary.

Post Implementation Review and Closure
PIR assesses the course of the change implementation and the achieved results, in order to verify that a complete history of activities are present for future reference, and to make sure that any mistakes are analyzed and lessons learned.

Major activities involves are:

  • Determine if a formal evaluation is required post the deployment.
  • Determine if the implementation of the change achieved its objectives.
  • Analyze and identify lessons learnt from the whole lifecycle of the change. Collate all post implementation analysis and assessment information in the Change Evaluation report
  • Find how the implementation of change can be improved and update the CSI register for initiating SIP.
  • Determine if such change is likely to recur in future. If so, then a new change model might be necessary to handle such changes in future.
  • Update the change record with relevant inputs and set the status to “Closed” to formally close the change.

Tasks and Responsibilities

 Step  Task

 Responsibility

1 RFC Logging and Review Change Manager / CAB
2 Assessment and Implementation of Emergency Change Change Manager / Practitioner
3 Change Assessment and Categorization Change Manager / ECAB / Change Coordinator
4 Change Assessment by the CAB Change Manager / Practitioner
5 Minor Change Deployment Change Manager / CAB / Change Practitioner
6 Change Scheduling and Build Authorization Change Manager / Practitioner / Coordinator
7 Change Manager / Practitioner / Coordinator Change Manager / CAB / Change Practitioner
8 Post Implementation Review and Change Closure Change Manager / CAB / Change Practitioner
9 Change Management Support Change Manager / Practitioner

 

Download Change Management Process Template

ITIL Service Strategy

Service Strategy

Strategy Management for IT Services defines service strategy as a standardized process for building strategic assets with vision, strategic goals, innovation, value creation, and resilient attitude for adapting new changes.

[the_ad id=”667″]

Service Strategy Template
Service Strategy Template

ITIL Service Strategy main focus is to define the market, propose the service offerings, develop the service offerings as strategic assets, execute the developed offerings, also measure and evaluate the strategies.
Strategy Generation for IT Services is the most critical process for long term sustainability of the organization’s offerings.

Service Strategy Process Description

Strategy management for IT services subprocesses can be defined as:

Strategic Service Assessment

The Business strategy manager identifies the organization strengths and weakness. This is done by analyzing factors such as – existing services, resources, capabilities, projects, finance, operations etc.
Next step is to identify the growth opportunities and threats. By analyzing external factors such as – customer’s, supplier’s, partner’s, political trend’s, socio economic trend, technology trend etc. organization gets fair idea of its current position in market and can formalize future growth and
expansion plans.
Business strategy manager lists all market spaces where organization currently has hold and also lists any new market space identified after internal and external analysis. To decide on which market space to target it is important to define all critical success factor required for a market. Based on this information a decision can be taken to cater to the market need or not.
High level objectives are set after discussion with steering committee, service management director and service management process owners.

Service Strategy Definition

[the_ad id=”667″]

Business strategy manager defines the perspective to find out how objective can be achieved in best possible way. Vision and mission statements are prepared in alignment with business objective to be achieved.
To determine how the service provider will be differentiated from other service provider in the industry the business strategy manager finalizes a position for organization.
Based on positioning strategy and objectives to be achieved the business strategy manager finalizes on the type of service and the type of customer to be targeted. All services are mapped to business outcomes and aligned with end organization objective.
Determine critical success factor, risk, assumption and dependencies to be considered while
preparing the strategic plan. Prepare the IT strategy and decide on actions to be taken to achieve the objectives.

Service Strategy Execution

Identify budget requirements for developing new services identified as per IT strategy. Perform
service valuation to check for feasibility of developing a service and if post program ROI is required.
Prioritize IT strategy plans in the order of importance and ease of implementation. Communicate the plan to stakeholders.
Business strategy manager lists down all available assets and their utilization pattern. Organization services, process, skills, tools etc. are compared with competitors and the gap is documented.
If an organization lack any of the critical success factor required being successful in identified market space then such critical success factors are to be developed.
Investment options are prioritized and approved by senior management. Service offerings are
developed accordingly. The business strategy manager will work with other service management
process owners to implement strategic plans and achieve desired outcome.

Metrics

  1. Total number of services triggered as a result of IT strategy
  2. Number of new proposals, plans defined
  3. Number of new services proposed
  4. Number of failed services (that have not been approved by strategy manager/IT steering group)
  5. Total time taken for proposing a new service in service portfolio

Download Service Strategy Template 

Post Implementation Review Template for Incident Closure

Post Implementation Review (PIR)

Once an incident is reported to the IT help desk of the organization, they open a ticket which will follow the incident from report to conclusion. Once the incident has been resolved one way or another, the ITIL methodology says that the help desk must conduct a PIR (Post Implementation Review). The Post Implementation review will help the organization conclude whether the change made was required, if its implementation was successful and what the lesson learned was.

[the_ad id=”667″]

Post Implementation Review Template, Post Implementation Review
Post Implementation Review Template

There are many ways to conduct these types of reviews, either internally or by the help of a 3rd part auditor. Not each incident requires such a review, and only ones who were deemed important enough to the organization’s continuous growth are subject to a PIR.

Post Implementation Review Template

[the_ad id=”667″]

The Post Implementation Review Template includes the following information and details –

Name and Logo

The name and logo of the organization appear at the top

Source Details

The source details of the incident (PIR) appear below them, and include –

  • Who submitted the report
  • What their role is
  • When it was submitted
  • To which team they belong to
  • The PIR unique number
  • Who reported the incident
  • What the duration of the malfunction was
  • What the status of the incident is

Review Details

The review details include the following –

  • A short description of the incident
  • What the scope of the PIR is, and which change is the subject of the review. This is a brief history of the incident from start to finish, which includes the problem, the diagnosis and the solution.
  • The actual PIR of the incident which is mentioned in the paragraph above, and this section is the heart of the PIR. This includes the outcome of the PIR, whether the change was deemed as necessary and if the change fixed the initial problem. It also includes how the change was documented, and if any new lessons learned were added to the organizations’ “memory”
  • If any new lessons learned were indeed added, then the next field documents them. This includes simple instructions on what to do in future similar cases, and when. This field may contain more than one lesson

Authorization of PIR

The authorization of the PIR, including any future instructions as a result of the lessons learned. This includes the name and role of the authorizer, their decision and when it was approved. All of these are made official by the signature which comes last.

How This Fits Into the ITIL Methodology

Since the cornerstone of the ITIL methodology is aligning the IT with the business needs of the organization, constant improvements and learning from past mistakes is essential. Conducting thorough reviews and suggesting improvements are vital for living up to this goal, and the PIR is a major step in this direction.

The methodology doesn’t specify whether the PIR should be conducted internally or by an independent party, but hiring an external 3rd party professional is better for recognizing faults which an internal employee may deem as something that has “always been like this”. The downside of this is that the process may be lengthier, and almost always more expensive.

Download Post Implementation Review Template for Incident Closure

You may also be interested in Post Implementation Review Template for projects in Project Management.