Description
A research project completed in 4th semester of M.M.S as a part of curriculum.
A
PROJECT REPORT
ON
USE OF ITIL TOWARDS IT SERVICE DELIVERY FOR PANGEA3 LEGAL DATABASE SYSTEMS, MUMBAI
SUBMITTED BY MR. RAHUL SHARAD CHITALE
UNDER THE GUIDANCE OF PROF. AKASH NIRANJANE
SUBMITTED TO UNIVERSITY OF MUMBAI
IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOR THE AWARD OF THE DEGREE OF MASTER OF MANAGEMENT STUDIES (MMS)
RAJENDRA MANE COLLEGE OF ENGINEERING AND TECHNOLOGIES AMBAV (DEORUKH)
(2011-2012)
DECLARATION
I undersigned, hereby declare that “USE OF ITIL TOWARDS IT SERVICE DELIVERY” Is developed under the guidance of Prof. Akash Niranjane. The conclusion in this report is based on the idea, which is collected by me. I am declaring that this is my original work. I have not copied any materials, which are useful to my work, or other reports that are submitted to the “RMCET COLLEGE, AMBAV” this year. I do undersign that if my work is found to be copied, and then I am liable to punishment as per the university rule.
DATE:
PLACE:
(Mr. Rahul S. Chitale)
ACKNOWLEDGEMENT
It gives me immense pride and gratitude to express my hearty thanks to Mr.Santhosh Kumar, Sr.Manager (IT Operations) for giving me an opportunity to carry out my project work in Pangea3 Legal Database Systems which is a global leader in LPO. My special thanks to Mr. Girish Chitale for providing me the necessary facilities, guidance and cooperation. I would like to acknowledge the cooperation given by all the officers of various departments in Pangea3 Legal Database Systems, Mumbai. While giving this acknowledgement, I should not and cannot ignore the sincere efforts of all the workmen who directly or indirectly gave me full support and endless knowledge about the whole company and various processes in manufacturing during my project.
MR. RAHUL SHARAD CHITALE
EXECUTIVE SUMMARY
The purpose of this research was to investigate what is involved in IT Service Management and how the Pangea3 can implement it to improve the quality of IT service support and service delivery. The IT Service Management approach was investigated but the main focus was on the Service Support and Service Delivery in the ITIL framework.
Findings from the empirical study will be presented and recommendations highlighted to Top management and the IT department in order to promote and improve the quality of the IT service being delivered to users and customers.
The data was collected and administered by means of a structured questionnaire based on the ITIL Service Capacity Maturity Model.
It was discovered that the implementation of ITIL in most organizations brought about improvements and benefits in the quality of the IT service being delivered.
INDEX
Chapters No. 1.
Topic Introduction Statement of the Problem Objectives of the Study Significance of the Study Hypothesis Research Methodology Review of Literature Organization/Company Profile Collection of Data Data Presentation Data Interpretation Data Analysis Finding Conclusion Suggestions/Recommendations Bibliography Appendix
Page No.
2. 3. 4.
5. 6. 7. 8.
Chapter 1 Introduction
1.1 Background
Information Technology (IT) has become a vital asset in any business; it is part of one of the longterm business investments that organizations depend on and plays an essential role in building an infrastructure that enables important business improvements. As a result of the rapid changes in the IT industry, many organizations find themselves trapped in this situation of having to adapt or suffer in terms of performance and profit. It is therefore necessary that they manage their IT processes with efficient, secure and reliable solutions that will deliver IT services that further the organization?s business. It is this perceived lack of a complete management strategy that has prompted the study of IT Service Management, in particular the implementation of the IT Infrastructure Library (ITIL) framework in an organization in order to improve the quality of IT service delivery. Pangea3 Legal Database Systems Pvt. Ltd which came into effect in F e b r u a r y 2007,Having an IT Service Management (ITSM) framework implemented from August 2011 which will ensure that the organization meets its business objectives. Therefore the Pangea3 will be used in this case study to investigate the workings of ITSM, specifically the Implementation of the ITIL framework. Office of Government and Commerce (OGC) (2002) defines ITSM as a discipline for managing large-scale Information Technology (IT) systems to meet the Customers? requirements. It has its roots in the late 1970s in British central government, who saw the need to maintain control over IT support structures to achieve efficiency. ITIL was established as a new approach to IT Service Management with the purpose of ensuring better use of IT services and resources. It is a series of documents that are used to assist in the implementation of the framework for IT Service Management. ITIL is a seven-volume catalogue of best IT practices. It covers major aspects of IT operations, including service support, delivery and management; security, infrastructure and application management; and business alignment. The
latest development in IT Service Management has been the release of British Standards Institution?s Standard for IT Service Management (BS15000) in 2002 that supports the best-practice processes promoted in ITIL. In order to be ITIL certified, the IT personnel need to complete training in one of the following levels and the certification is individual rather than organizational: • • • ITIL Foundation Certificate Training (Entry Level) Practitioner (Intermediate) and ITIL Service Manager Certificate Training (Expert) (OGC, 2002, p. 92).
This study will focus on what is involved in IT Service Management and how can the Pangea3 implement it to improve the quality of IT service support and service delivery. The study should give insights into the workings of ITSM in particular, the ITIL service management approach, a framework that is rapidly gaining popularity all over the world. It is necessary to first define the concept of IT Service Management so as to gain a broad understanding of the topic.
1.2 Statement of Problem
The aim of the research is to investigate what is involved in IT Service Management and how can the pangea3 implement it to improve the quality of IT service support and service delivery. There are many best practice frameworks and standards that can help IT staff get started at shaping the IT operations and building better processes. However ITIL was found to be the most suitable because of its effective way in managing the relationships between business processes. ITIL provides best practices, which an organization can adopt or adapt to fit their specific needs. The Pangea3 currently has the basic ITIL recommendations in place but it is not structured. In order to address this, the following questions have been investigated: • • • What is involved in IT Service Management? What is the situation of ITSM in other organizations in India? What are the recommendations for an effective framework solution?
1.3 Objectives of Study
The objective of this study is to recommend a comprehensive framework solution that the Pangea3 can implement to improve the quality of IT service delivery and support. The thesis will therefore, use the ITIL framework to recommend a solution for higher education. The solution will be as generic as possible so that it can be applied to any higher education institution. The thesis is not meant to be a total solution for implementing ITIL. It merely proposes a comprehensive solution which may be used to assist with the ITIL process.
1.4 Significance of Study
• • • • • •
Improved IT services through the use of proven best practice processes. Improved customer satisfaction through a more professional approach to service delivery. Reduced costs. Standards and guidance. Improved use of skills and experience. Improved delivery of third party services through the specification of ITIL.
1.5 Research Methodology
The following section gives an overview of the methodology that was used in the study. The following procedures were adopted to solve the main problem and sub-problems: Literature Review An in-depth literature study was undertaken on the concept of IT Service Management and the approaches which are adopted by organizations. The information was analyzed to determine which solution best suits the Pangea3.
Questionnaire A Questionnaire was administered to gauge the ITIL maturity level of ITES in India
Interview The study also consisted of a personal interview with an ICT System Engineer at the Pangea3 in order to give more insight into what Pangea3 is doing with the current technological trends in the IT environment. In order to ensure that the ITSM Framework is aligned with the new Pangea3 business strategy; both the external environment in which the P an ge a3 does business as well as the current internal environment were analyzed.
Chapter 2 Review Literature
2.1 Introduction
This chapter is a review of literature with regards to IT Service Management, the ITIL framework the structure of the framework and the concepts related to the implementation of ITIL. IT Service Management is the main focus of the study. The chapter provides insights into the workings of ITSM in particular, the ITIL service management methodology, a framework that is rapidly gaining popularity all over the world.
2.2 The Service Industry
The service industry has changed over the years and the service organization is very different from a manufacturing organization but the basic core is the same. Organizations cannot
develop a sustainable business by offering a product or service only but need a combination of both and the customer is at the heart of this process .A service organization that wishes to stay on top of its game has to make sure it provides the best service quality it can to its customers. Customers are in search of a total service offering that can be used to create value. An organization can differentiate itself in terms of: Core product (Quality), Price, Image and Service strategies as the main source of competitive advantage. Grönroos (2007) argues that the organization can only differentiate on one of these strategies but that does not mean that the other strategies are any less important. In order to remain competitive, they need to focus on one only. The environment in which any organization functions, determines the strategies that it will employ to survive in that rapidly changing environment. The organization must consider both the current and future situation. Ward and Peppard have proposed some success factors to consider when formulating a service strategy;
(1) Service Delivery (2) Understanding customer needs in order to grow the business, (3) Business-driven innovation, using IT as enabler. Management faces challenges of coordinating services due to trends in the service industries as well as customer?s demand for high quality of services. It is therefore important for organizations to have a broader knowledge of service management .For the purpose of this study, IT Service Management will be discussed. The whole chain of activities has to be coordinated and managed as a total process. That is where IT Service Management plays a role, as a total solution for the integration of these processes, activities, services, people and technology. There are organizations world-wide that have taken it upon themselves to help businesses come up with appropriate IT service strategies that address issues in the development and delivery of IT services. One such organization is the OGC in the United Kingdom which has developed the ITIL framework for IT Service Management. The next section of this chapter focuses on IT Service Management.
2.3 ITSM
Various definitions of ITSM are proposed in the literature. OGC (2002) defines IT Service Management as a discipline for managing large-scale Information Technology systems to meet the customer?s requirements. It has its roots in the late 1970s in British central government, who saw the need to maintain control over IT support structures to achieve efficiency. “The concept of applying a structured set of processes to ensure the quality of mission-critical IT services to meet levels of service agreed to with the customer.”
The adoption of IT Service Management disciplines and processes will assist with the continuous improvement in the quality of IT services. This need for the integration of people, processes, products and services is a major headache for many organizations but is needed in order to maintain a good quality of IT services. The justification for the implementation of a service management strategy comes as a result of growing trends in business and because of external factors. There are persistent driving forces of
change which affect organizations and they are forced to adapt new strategies in order to stay competitive. Anderson and Anderson suggest the following driving forces of change: • • External forces - which are concerned with the environmental influences on a business, these include: political, economic, social, technological and legal forces; Market requirements for success - Understanding customer needs in order to grow the
business, these include: speed of service delivery, quality levels, innovation initiatives, and the level of customer service; • Business imperatives - it is critical to identify those areas of the organization that offer the biggest potential for competitive advantage and focus initial efforts there; these include changes in the mission, vision, strategic goals, and services of the organization; • Leader and employee behavior - changing paradigms within the organization.
These driving forces may arise from the need to deliver increased value for money, which would lead organizations to look at the external environment in which they operate to identify those areas that offer the biggest potential for competitive advantage. As IT costs continue to rise daily, it is essential that IT service departments react positively to the changing markets and focus on maintaining an IT infrastructure and support service. It is becoming vital for IT service departments to apply a more cost effective and efficient service. The diagram below depicts the ideal IT Service Management framework for an organization, based on the ITIL Framework which will be discussed in the next section.
Figure 2.1 IT Service Management Framework
Literature reflects that the standards and best practice approaches available are independent of the type of organization and would as such achieve the same objective irrespective of the nature or type of organization that adopts them.
2.4 What is ITIL
OGC (2002) defines ITIL as the most widely accepted approach to IT Service Management in the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally. Although the UK Government created the ITIL guide, it is rapidly being adopted throughout the world as the standard for best practice in the provision of IT Service by both public and private sector organizations alike. ITIL was developed in the 1980s by the Central Computer and Telecommunications Agency (CCTA) as a set of comprehensive best practice in achieving the efficient support and delivery of high quality IT services. The CCTA was later renamed to OGC. This body is independent of any trade interests which is where its strength lies.
The main focus of ITIL has been on service management, which is separated into two main areas, Service Support and Service Delivery as seen in the diagram in Figure 2.1. The services are dependent on a well-managed infrastructure to deliver business value. The ITIL framework consists of many components, one of them is service management mentioned above. The other components are, Business perspective, ICT Infrastructure Management, Application Management, Security Management, Planning to Implement, Software Asset Management and Small Scale Implementation. For the purpose of this study, the emphasis is on Service Support and Service Delivery as described in ITIL version 2. The Service Management disciplines at the center of the IT Infrastructure Library are categorized into two distinct groups:
? ?
Service Support Service Delivery
ITIL Skills Required
1) ITIL Foundation Training : The Foundation Certificate in IT Service Management guarantees your understanding of the basic terms, concepts of ITIL, and relationships between the ITIL processes. This training course introduces these concepts and terminology together with a view of where to begin through to continuous improvement of an organization.
2) ITIL Practitioner Training : This course is designed to specialize in any of the individual ITIL process disciplines which can be grouped and combined to provide practitioner relevant tools as per the customer?s organizational requirements.
3) ITIL Service Manager Training : This course delivers a more detailed and practical understanding of ITIL processes for IT Service Managers. This practice oriented course uses case studies and presentations to test and improve the participant?s essential skills in Service Management (Axios Systems Consulting, 2007).
Benefits and ROI of Implementing ITIL
ITIL provides a systematic and professional approach to the management of IT service provision, and offers the following benefits (OGC, 2002): • Reduced IT costs; • Improved IT services through the use of proven best practice processes; • Improved customer satisfaction through a more professional approach to service delivery; • Standards and guidance; • Improved productivity; • Improved use of skills and experience;
Challenges in ITIL and ITSM
In any organization, when making changes, managers are faced with challenges and issues. They just need to manage the relationships better. Some of the issues that IT managers may face include (Golden, 2007): • • Culture change, which is probably the hardest type of change to manage - the change in thinking and communication among the staff. Learning to keep it simple, focus on one process at a time and start with simple metrics to help your business partner see value as you go.
Other Frameworks and Standards
Over the years a number of models and frameworks have been developed and implemented in organizations with the goal to improve the management of IT and IT related resources (da Cruz & Labuschagne, 2007). It is necessary to point out that IT Service Management does not exist in isolation; there are other standards and frameworks in process improvement which need to be considered. In a recent study conducted in an Australian Information Technology Service
Management Forum, it was found that many organizations are adopting a combination of frameworks; mixing ITIL with other frameworks and guidelines such as Control Objectives for Information and related Technology (CobiT), Capability Maturity Model Integration (CMMI), ISO/IEC 17799/27002, MOF (Microsoft Operations Framework) and BS 15000 (Cater-Steel, Tan, & Toleman, 2005). Below is a brief description of these frameworks and standards, some of
which falls under IT Governance. IT Governance is the internationally accepted standard for control over IT, it is defined as the system by which IT within organizations is directed and controlled. The IT Governance structure specifies the distribution of rights and responsibilities among different members, such as the board, business and IT managers, and spells out the rules and procedures for making decisions on IT. By
doing this, it also provides the structure through which the IT objectives are set, and the means of attaining those objectives and monitoring performance. 1) COBIT : An IT Control and Governance Framework, its main focus is the development of clear policies and good practices for security and control of IT. Its primary goal is the development of control objectives from the business objectives and requirements viewpoint. The underpinning concept of the CobiT framework is that control in IT is approached by concentrating on information that is needed to support business objectives and by looking at information as being the result of the combined application of IT-related resources that need to be managed by IT processes. CobiT creates the link between the business objectives and a specific Information Technology management task. It classifies Information Technology resources into three levels of effort: domains, processes and tasks. Domains are groups of Information Technology processes. A process on its own is a group of tasks. The framework has defined a set of 34 high-level control objectives, one for each of the IT processes, grouped into 4 domains: Planning and Organization, Acquisition and Implementation, Delivery and Support and Monitoring. This framework covers all aspects of information and the technology that supports it. By addressing all 34 high-level control objectives, the process owner can ensure that an adequate control environment exists for the IT Environment.
2) ISO/27002
:
This standard provides information security specialists with recommendations for risk assessment, physical and information security policy, governance, compliance and access control. It details hundreds of specific controls which may be applied to secure information and related assets.
3) BS 15000 : In November 2000, the British Standards Institutes (BSI) published a new standard for IT Service Management, namely the BS 15000. This standard promotes the adoption of an integrated process approach to effectively deliver managed services to meet the business and customers requirements.
In a first part, BS15000 defines high level requirements for a management system that includes policies and a framework to enable the effective management and implementation of all IT services. It then gives recommendation using the Plan-Do- Check-Act methodology for planning and implementing service management.
•
Planning service management (Plan); Implementing service management and providing the services (Do); Monitoring, measuring and reviewing (Check); Continuous Improvement (Act).
• • •
BS15000 then provides recommendations concerning the planning and the implementation of the new service. This is to ensure that new services and changes to services are deliverable and manageable at the right cost and service quality.
4) Microsoft Operations Framework : According to Sallé (2004), MOF “provides technical guidance that enables organizations to achieve mission-critical system reliability; availability; supportability and manageability of IT solutions built with Microsoft products and technologies.” The MOF guidance addresses the people, process, technology, and management issues to support the distributed and complex IT environment.
Relationship between different Frameworks
The different frameworks and standards serve different roles within the IT Management domain but these frameworks complement each-other. All these frameworks are tools to assist the organization to manage the very important IT related functions and services, so as to limit risk and increase the potential benefit from the IT investment. Literature reveals that some organizations are in favor of implementing multiple frameworks in their organizations than just one framework. And there is certainly value in this approach, to use the ITIL framework in conjunction with other frameworks to obtain a more complete IT Service Management solution. It is clear that some of these approaches do overlap, as some have a wider scope than others.
Figure 2.2 Relation between IT Governance and ITSM
Conclusion : This chapter has not only described IT Service Management and the ITIL framework, but has also highlighted their role in improving the quality of IT Services. The review of the literature has uncovered a vast amount of information with regards to the role of service management in particular the integration of people, processes, products and services. The literature also uncovered the benefits that organizations can look forward to as well as some challenges that the IT managers in these organizations may face when they implement process improvement strategies. From the material presented it is clear that at the end of the day it is about results, no organization is going to follow a strategy which does not provide a return on investment. This is why many organizations are embracing the IT Service Management concept, because they are getting results. Management will be quick to follow a trail of processes that are benefiting the business.
Chapter 3 Company Profile
Pangea3 Legal Database Systems is the established leader in Legal Process Outsourcing (LPO) service to International corporations and Law firms. It is serving more than 100 Fortune 1000 companies and Am law 200 firms.
History of Company
Pangea3 Legal Database Systems was founded in 2004, It has grown up to become the largest pureplay LPO company globally. Pangea3 became part of a Thomson Reutors, the world?s leading provider of intelligent Information to legal and business professionals. Pangea3 is headquartered in New York City, USA and Mumbai, India, with operations in Mumbai, Delhi and Dallas, TX.
People and Processes
Like leading corporations throughout the world, Pangea3 ensures accuracy and efficiency using statistical methods, such as Six Sigma and Lean, project playbooks, and constant communication with clients and outside counsel.
Technology and Security
At Pangea3, data and physical security and confidentiality is paramount. They complete all legal services in our ISO 27001:2005 Information Security and Security Management Systems-certified facilities. Also, as certified by TÜV SÜD South Asia (one of the world?s leading testing and assessment companies), we implement rigorous physical and logical controls, a top-notch security management team and information security procedures that ensure the availability, confidentiality and integrity of your data. In addition to the security measures deployed at the network level, Pangea3 enforce policies to restrict access to removable media where required. Their communication and collaboration tools for messaging, e-mail and VoIP calls support Blowfish/AES encryption. Pangea3 can encrypt all intermediate and final work products to prevent access outside the intended work group. These security measures make us one of the safest LPO companies in the world.
Executive Team
Sanjay Kamlani Co-Chief Executive Officer
David Perla Co-Chief Executive Officer
Mohan Ayyangar Chief Operating Officer & Chief Technology Officer
Naveen Gupta Chief Finance Officer
Sajeev Kutty Assistant Vice President Information Technology
Greg McPolin Vice President and Managing Director, Global Litigation Solutions
Jonathan Goldstein Vice President and Managing Director, Legal Solutions
Adam Schair Vice President, Marketing and Communications
Lulu Khandeshi Vice President and Head of Human Resources & L&D
Awards
? ? Voted Best LPO in the 2011 New York Law Journal Reader Rankings Awarded LPO of the Year by India Business Law Journal and also ranked as a Top 5 Legal Process Outsourcing (LPO) provider in each of their award categories: Best Overall LPOs, IP Services, Legal Support, Contract Services, Litigation Support, and Corporate Services, 2009. Top 100 Fastest-Growing Private Company in America, 2009 Inc. 500|5000 List. Top 10 Company in the Business Products and Services Category, 2009 Inc. 500|5000 List Top 10 Company in the NY, NJ & PA region, 2009 Inc. 500|5000 List. Top 50 Best Managed Global Outsourcing Vendor by Brown-Wilson Group?s Black Book of Outsourcing, 2009. Top 5 Legal Outsourcing Vendor by Brown-Wilson Group?s Black Book of Outsourcing, 2009. #1 Provider of Corporate Governance, Compliance, Due Diligence and Risk Services by the Brown-Wilson Group?s Black Book of Outsourcing, 2009. Recognized as an exclusive LPO Participant to the General Counsel Roundtable's Preferred Pricing Program. Recognized as a leading intellectual property outsourcing services provider by Valuenotes, 2008. Ranked Top Legal Outsourcing Vendor by the Brown-Wilson Group?s Black Book of Outsourcing, 2007. Recognized by Time Magazine as an Industry Leader in Legal Outsourcing Services, 2007. Recognized as a leading legal outsourcing provider by Valuenotes, 2007. Received the Market Leader Award for Legal Process Outsourcing by Frost & Sullivan, 2006
? ? ? ? ? ? ? ? ? ? ? ?
Chapter 4 Collection of Data
Data collection was done by means of an questionnaire which was distributed to Pangea3 IT team post implementation of ITIL.
4.1 Data Presentation
Questionnaire
1) Did your IT department participate in Tenet?s ITIL project?
SELECT
If your answer to previous question was YES, Please proceed to next question. If your answer is NO, Please provide some reasons as to why not. Thank you for your time. Staff Training 2) How many staff from your institution attended the ITIL Foundation training? 3) How many staff passed Foundation examination? the SELECT SELECT SELECT SELECT SELECT SELECT SELECT
4) How many staff from your institution attended the ITIL Practitioners training? 5) How many staff passed Practitioners examination? the
6) How many staff from your institution attended the ITIL Managers training? 7) How many staff passed the Managers examination? 8) Is there sufficient time and budget allowed for training of staff?
Implemented Processes 9) For each of the ITIL processes/functions provide the following information:
(a) Was this process implemented in your organization? (b) Do the IT staff clearly understand this process? (c) Is there a regular review of the activities associated with this process?
(d) What electronic tools are used? (e) Are these tools fully utilised?
Process/Function
Implemented
Understandi ng
Reviews
Tools
Utilisation
Service Desk Incident Management Problem Management Configuration Management Change Management Release Management Service Level Management Capacity Management Availability Management Financial Management Service Management
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Services 10. Is there a Service Catalogue that describes the services offered by your IT organization? 11. Are there Service Level Agreements (SLA) in place that follows a defined structure? agreements with external suppliers (Underpinning contracts) 12. Are documented and reflected in the SLAs? 13. 14. 15. 16. Have all SLAs been accepted (signed off) by customers/business representatives? Is there an adequate Service Improvement Plan (SIP) that can be followed when SLAs are seriously breached? Does the SLA structure include features such as reliability, security, service hours, support, response times, turnaround times, performance criteria? Are regular service review meetings held to discuss current and future requirements of the IT organization? Select Select Select Select Select Select Select
4.2 Data Interpretation
The chapter included a definition of the concepts of ITSM; it considered the service industry as a whole, also the role that ITSM plays in the organization. The ITIL framework was discussed briefly as well as its processes and procedures. This chapter will provide the insights into the workings of ITIL, in particular, the ITIL service management approach, a framework that is rapidly gaining popularity all over the world. The focus is on service support and service delivery within the ITIL framework.
ITSM Background IT Service Management evolved starting in the late 1980s promoting a quality approach to achieving business effectiveness and efficiency in the use of information systems (Sallé, 2004, p. 10). IT departments have moved away from being technology providers into being service providers and this has made it necessary to change the perspective of how IT is managed. IT Service Management puts the services delivered by the IT department at the Centre of IT management. This means that the entire IT department has to work like a well-oiled machine, bringing an integration of the people, processes and technology together to deliver the high quality service that the users and customers can be proud of. Over the years, various ITSM frameworks have been defined to help the organizations move along the transition of IT Service Management.
Figure 4.1 Evolution of IT Management methodologies
Back in the 1980s, IT management was not a topic much talked about, the focus then was on IT operations. But as IT systems became widely used and the developments became more complex, organizations started looking at the concepts of systems management. The OGC from the British central government saw the need to maintain control over IT support structures to achieve efficiency, and so in the late 1980s they established a framework as a new approach to IT Service Management with the purpose of ensuring better use of IT services and resources now known as the ITIL framework . ITIL rapidly became the de facto standard for IT management. The first ITIL version became an instant success, firstly in the UK and then slowly other countries started to notice the benefits. With the global acceptance of ITIL as the number one framework for best practice in IT Service Management, came the first formal standard for ITIL processes, known as the BS15000. The standard allowed for organizations to become formally certified against the new standard. BS15000 compliance is all about having the right processes in place and being able to prove it. This would bring competitive advantage to any organization that became certified.
New developments in ITIL have been the release of ITIL version 3 in May 2007 which has made improvements to the version 2 library. The other significant development is the release of ISO/IEC 20000 international standard of IT Service Management. This standard is derived from the British BS15000 standard and is closely coordinated with the IT Infrastructure Library (ITIL) as a Best Practice recommendation for Service Support and Service Delivery. To achieve ISO/IEC 20000 certification, organizations must successfully undergo a third-party audit by an accredited assessment body. The accreditation is based on an organization demonstrating its competence to carry out specific compliance tasks and the certification based on the evidence related to technology, processes, systems, and people interrelations. The next section will explore the ITIL framework in more detail, starting with the methodology of the framework. The different processes within the framework are identified and their functions explained.
ITIL/ITSM Methodology
ITIL is all about processes, frameworks and best practices. This process is an approach to IT Service Management that places emphasis on the importance and value of coordination and control of the process across all the various functions and systems to manage IT services. ITIL consists of a series of publications giving guidance on the provision of Quality IT Services, and on the Processes and facilities needed to support them (OGC, 2000). The two mostly used books on version 2 are the Service Delivery and Service Support books which this research is primarily based on. The methodology encompasses all the processes in the Service Support and Service Delivery.
Service Desk The OGC (2000) define Service Desk as the “Single Point of Contact between the IT service provider and the users”. A Service Desk is a function rather than a process and typically manages Incidents and Service Requests, and also handles communication with the users. It provides an interface for other activities such as Change Management, Problem Management, Configuration Management, Release Management. The Service Desk handles the activities related to the many ITIL processes. Some of the responsibilities of the Service Desk function are; log an incident by categorizing it, diagnose it and prioritize it. It then attempts to solve the incident (this is the first line support) and if a solution is not immediately available then the incident will be escalated to the appropriate group or technical support. The last activity is to close all incidents by following the best practices of Incident Management. Benefits of the Service Desk may include • • • • • Improved user service, perception and satisfaction; Increased user accessibility via the single point of contact; Improved quality and faster response to user requests; More effective and efficient use of support resources; Better management information to make decision on support. Management, Service Level Management and IT Service Continuity
Incident Management
OGC (2006) defines Incident Management as a process which primary objective is to restore the IT Service to the customers as quickly as possible and with minimal impact to the business operation. A temporary work-around is identified in order to maximize availability. The Incident Management process starts with logging and tracking all incidents via the Service Desk and maintaining meaningful records. Incidents are categorized as follows: hardware, software,
networks, information requests, password changes, new users, service extension requests.
Incidents are tracked by an Incident Management System, like REMEDY Service Desk (BMC:http://www.bmc.com/), HEAT Helpdesk System (Front Range Solutions Inc.:
www.frontrange.com) or an in-house system which will track the incident categories and workflows based on the organizational needs. Incident M a n a g e m e n t w o r k s w i t h Problem
Management to pass along information that will assist in resolving problems or to alert that new problems may be arising (Shannon, 2007).
Benefits of Incident Management include: • Reduced business impact of Incidents by timely resolution, thereby increasing effectiveness; • Improved m o n i t o r i n g , a l l o w i n g performance against Service Level Agreements (SLAs) to be accurately measured; • Better staff utilization, leading to greater efficiency; • Improved User and Customer satisfaction.
Problem Management
Problem Management ensures that data is properly recorded and maintained regularly and that known errors are recorded in the organization?s Configuration Management Database (CMDB) (Cognizant Academy, 2004). Benefits of Problem Management are • • • • • • • Improved IT Service quality and management; Increased user productivity; Improved support personnel productivity; Improved IT Service reputation; Enhanced management and operational knowledge and learning; Improved incident recording; Higher first-line resolution rate.
Configuration Management Configuration Management deals with the physical and logical perspective of the IT infrastructure and the IT services being provided. Configuration Management (CM) is a methodology for collecting, revising, storing, and retrieving information about a company's IT assets, their configurations, and the relationship between those assets. ITIL recommends that this information be managed by means of a Configuration Management Database (Shannon, 2007). The OGC (2000) defines a CMDB as a federated, controlled repository for assets that are essential for running the business. The CMDB is made up of Configuration Items (CIs) which can be hardware, software, documentation, and services – anything that IT is responsible for. Defining the relationships between CIs is one of the issues that distinguish Configuration Management from asset management. Benefits of Configuration Management are • • • • • • • • • Providing accurate information on CIs and their documentation; Controlling valuable CIs; Facilitating adherence to legal obligations; Helping with financial and expenditure planning; Making software Changes visible; Contributing to contingency planning; Supporting and improving Release Management; Improving security by controlling the versions of CIs in use; Providing Problem Management with data on trends.
Change Management Change Management is a process of controlling changes to the infrastructure or any aspects of services, in a controlled manner, enabling approved changes with minimum disruptions. (Shannon, 2007). The Change Management process is initiated when an IT staff member submits a request for change (RFC). The RFC describes the desired outcome, usually in business-relevant terms. The
diagram in Figure 3.5 shows the process flow of Change Management as described in OGC (2000).
Some of the benefits of Change Management are • • • • •
Better alignment of IT services to business requirements; Increased visibility and communication of changes to both business and service- support staff; A reduced adverse impact of changes on the quality of services and on SLAs; Fewer changes that have to be backed-out, along with an increased ability to do this more easily when necessary; Improved Problem and Availability Management through the use of valuable
management information relating to changes accumulated through the Change.
Release Management Release Management offers a systematic framework for large or critical hardware rollouts, major software rollouts or bundled sets of changes. It takes into account all the aspects of a release from initial release policy and planning through to development, testing and controlled implementation (OGC, 2000). It is a process that protects the „live? or production environment by following a plan for the releases. For a large rollout of either software or hardware, once the quality assurance
department has done all its work in the approval of the implemented change, and then Release Management takes over. Release Management is responsible for coordinating, scheduling and testing the release packages. Release Management is driven by Service Level Management based on the
agreements that the IT department has with the other business units, agreements about the available software and hardware. Release Management is also linked to Change Management because it is driven by the changes. It generates the following databases; a Definitive Software Library (DSL) which is a definitive store of all the authorized versions of software in the organization and also a Definitive Hardware Library (DHL) which is the definitive store which stocks the hardware of the organization as well as the spare parts, like the laptops, power supplies, memory modules, network cards, etc. The details of these software and hardware libraries will be updated in the CMDB (Shannon, 2007).
Benefits of Release Management include • • • • • A greater success rate and consistency in the release of hardware and software; Minimization of the disruption of the service to the business as the release process protects the „live? environment; Stable test and live environments; Better use of User resources; Better expectation setting within the organization on publication of a Release schedule in advance.
Figure 4.1 Service Delivery
Service Level Management
Service Level Management is responsible for designing and negotiating service level agreements with the customers of the Service Desk. It aims to ensure a satisfactory quality of IT service provision by setting agreed targets between the IT department and customer. A process of monitoring, reporting and reviewing of actual service levels highlights any problem areas and facilitates continuous service improvement (OGC,2001).
Some benefits of a Service Level Management process include • • • • IT Services are designed to meet Service Level Requirements; Improved relationships with satisfied Customers; There are specific targets to aim for and against which service quality can be measured, monitored and reported – „if you aim at nothing that is usually what you hit?; Service monitoring allows weak areas to be identified, so that remedial action can be taken.
Availability Management
Availability Management is the process concerned with the design, implementation, measurement and management of IT services which ensures that all IT systems and services are functioning as required and that availability is sustained in a reliable and cost-effective way. With the supply and provision of information companies need to consider security management as well to prevent unauthorized use of information (Cognizant Academy). All ITIL processes are linked in some way or another to the IT availability process, which means that Availability Management interfaces with all the other processes. Incident Management and Problem Management provide a key input to ensure the appropriate corrective actions are being progressed. It also supports the Service Level Management process in providing measurements and reporting to support service reviews (OGC, 2001).
Some Benefits of Availability Management include • Optimal use of the capability of the IT Infrastructure according the requirements; • Single point of accountability; • • Cost justification of investments; Improvement of Business continuity. agreed
IT Service Continuity Management IT Service Continuity Management is the process that ensures that major failures of technical equipment or facilities associated with IT Service provision are managed efficiently and service levels are restored back to an acceptable level within agreed timeframes (HPDC, 2006, p. 306). It focuses on all IT services that are needed by providing a framework for developing IT infrastructure recovery plans in support of the critical business processes to keep them running. IT Service Continuity involves the elements of Business Impact Analysis and Disaster Recovery Planning. Business Impact Analysis is conducted with the customers in order to verify which major systems must be recovered and also to help determine the effects of an interruption of those systems.
Some Benefits of IT Service Continuity Management include • It supports the Business Continuity Management process and delivers therequired IT supporting Infrastructure; • Positive marketing of contingency capabilities; • Organizational credibility; and • Competitive advantage through the demonstration of the contingency capabilities.
Capacity Management
Capacity Management is the process which aims at aligning IT service level provision to the current and future business needs. It is concerned with optimizing the usage of existing IT resources as well as ensuring new resources are made available in a timely and efficient manner. Capacity Management is involved in Incident resolution and Problem Identification for those difficulties relating to capacity issues. Capacity Management process involves, monitoring of performance of IT services and the infrastructure that support those services, recommending tuning activities that would make the best use of the resources, understanding the current demands on IT resources and then making forecasts for future requirements, and finally producing a capacity plan which will be used by the IT department to meet the SLAs. Capacity Management also links with the other ITIL processes in order to improve those processes. It links with Financial Management for the budgeting, accounting, and charging purposes. It links with Availability Management for the availability metrics which are frequently captured and stored by Capacity Management and included in the Capacity Plan. It also links Service Level Management by controlling the SLAs and helping to negotiate appropriate SLAs with the business units
Financial Management for IT Services
Financial Management of IT Services is the process which provides essential management information on IT asset and service costs. Through a process of budgeting and accounting true costs are revealed and the value of IT to the business can be demonstrated. The scope of IT Financial Management is IT budgeting, IT accounting and charging, although many of the activities involved are often managed by the financial division within an organization. Budgeting is a process of predicting and controlling the expenditure within the organization, while IT accounting is the process which enables the IT organization to account for where money is spent on running the department and lastly, charging is the process of billing customers for services.
Other Segments of ITIL Framework
IT Security Management IT Security Management is the process that ensures the confidentiality, integrity and availability of an organization?s assets, information, data and IT services. IT security management usually has a wider scope than the IT service provider (OGC, 2006). IT Security Management in the ITIL framework is a book on its own and not part of either service support or service delivery because it can be integrated with all ITSM processes where security issues are involved. This process provides common terminology and well understood concepts so that the people in the organization can clearly understand the reasons behind the security policies and procedures that the IT department has documented. It also highlights the risks to the organization should these policies not be followed.
ICT Infrastructure Management The ICT Infrastructure Management„s goal is to use proven, repeatable processes to provide a stable operating environment for all IT functions. The four areas that make up this service are: Network Service Management, Operations Management, Computer Installation and Acceptance and Systems Management.
Application Management Application M a n a g e m e n t describes a n approach to the Software Development
Lifecycle. It covers creating the application specifications; designing the application; writing and testing the code; deploying the application; routine operation of the application; and, finally, reviewing the application once it is in operation to determine ways to improve its efficiency and cut costs. Applications Management expands on the issues of business change with emphasis on clear requirement definition and implementation of the solution to meet business needs .
4.3 Data Analysis
This chapter serves as the backbone of the theory required to identify the current state of ITSM/ITIL implementation in pangea3. The knowledge gained here will be used to identify the gap between where higher education is presently positioned and where it should be compared to the ITIL processes. It includes a discussion of the following key concepts:
? ? ? ? Role of Information Technology in the business (IT/ITES) Business Value of IT IT Strategic Technologies for the Future Alignment of business and IT strategy in Higher Education
These key concepts are important in this study as they will show how the education sector is embracing the ITSM strategy, and how some of the new technologies in the IT field are being handled by the institutions in their IT departments.
Role of Information Technology in Business (IT/ITES)
A review of literature reveals that there has been an increase in interest in technology in many IT/ITES industries. Some of the Roles that IT can play in any organization are mentioned below IT can help the organization to facilitate better communication, information sharing becomes easy and the business processes are streamlined which adds great value to the business. • With an ever-growing need for information, there is a requirement for increased data quality that is complete and up-to-date. This information is essential to the day-to-day operation of the business. • The web is the medium through which users actively communicate and provide service. Web Portals and SharePoint sites are playing an ever-increasing role in supporting organizational processes and a number of success factors play a role.
IT can be used to assist and accomplish other specific business roles in higher education institutions; these include those of being an infrastructure driver, collaborations agent, and an enabler of globalization (mobility). These are discussed in more detail below. Collaborations – IT facilitates better collaboration between the departments and between the organization and external suppliers. Online collaborations help enhance the planning, decisionmaking and day-to-day operations of the employees Mobility – The use of smart phones like Blackberries, iPods, iPhones etc. has really enhanced they way people communicate. There are added benefits for both the students and employees in
higher education. For the students, these can be used to download course material, research material and for SMS notifications. For employees, it is a great tool to improve communication, for project collaboration and document sharing.
Business Value of IT
Even though less than half of today's businesses are developing business value and Return on Investment (ROI) to justify IT spending, that trend is changing quickly. Going forward, IT departments must develop business value justification and ROI to fund new IT projects. This is demonstrated by increasing pressure on IT managers to justify IT investments via traditional internal functions such as increasing IT staff time on innovation versus operations .ROI is an interesting debate because businesses tend to see any IT project as a cost. IT managers have to constantly sell ideas to Top Management and to the Board because they talk a different language to IT, they want to see as much savings as possible.
IT Strategic Technologies for the Future
In the context of international developments, the review of IT/ITES industries in I n d i a would not be complete without a look at some top technologies and trends which industry as well as IT/ITES services are faced with in the near future. These trends may be seen as challenges by some but also as great opportunities by other organizations to help them in their quest for the advancement of organizational goals and objectives.
Process Implementation
Process Implementation, was designed to determine which of the ITIL Service Processes were covered by each institution in the adoption of ITIL best practice. The question allowed for multiple responses. As shown in Table below, the Service Desk is the process that was selected first by most of the respondents with Incident Management coming in at number 2. The numbers 1 to 11 in the table represent the processes which are listed on the left hand side. They are there to show the order of the processes being implemented.
ITIL Process
1. Service Desk 2. Incident Management 3. Problem Management 4. Change Management 5. Release Management 6. Service Level Management 7. Configuration Management 8. Availability Management 9. Capacity Management 10. Financial Management 11. IT Service Continuity and Business continuity Management
Process Implementation status
100% 100% 100% 100% 100% 100% 100% 100% 100% 100% In Process
Table :ITIL Process Implementation
This section concentrated on the technical side of the ITIL Process function. The questions were based on a basic list of those measurement metric questions that relate to direct and indirect, tangible and intangible business benefits that can be realized.
A standard ITIL maturity assessment analyzes each of the following process areas: ? Service Support processes include Service Desk, Incident Management, Change Management, Configuration Management, Problem Management and Release Management. ? The service support processes are intended to help organization to gain control of the incident lifecycle, from when an incident first develops until a system change or a new release permanently fixes it. (OGC, 2000). ? Service Delivery processes include Availability Management, Capacity
Management, Availability Management, Financial Management, Service Level Management, and IT Service Continuity Management. ? Service delivery covers the processes required for the planning and delivery of quality IT services, and looks at the longer-term processes associated with improving the quality of IT services delivered (OGC, 2001).
Extent of Implementation of ITIL Processes
In order to rank the implementation progress of the ITIL processes, a series of questions were asked depending on whether the process was implemented or certain procedures were in place in that institution.
Service Desk The Service Desk is the primary point of contact for customers and users with the IT department on a day-to-day basis and is crucial in delivering a quality service to the client. Question 5 of the questionnaire asks the respondents to select one or more of the following options in table 5.7 below, that apply to the role of the Service Desk in their institutions:
The role of the Service Desk Service Desk doesn?t play a role Call Logging And Prioritization 1st Line Support 2nd Line Support Call Closure Service Level Tracking – Incident Tracking
Count Percentage 2 4 4 2 3 4 33% 67% 67% 33% 50% 67% 67% 50%
Service Level Escalation - Escalation of incidents 4 User satisfaction questionnaire
Table : Role of the Service Desk
3
From the data gathered about the Service Desk function, 67% of the respondents have indicated that the following 4 functions are the primary roles that the Service Desk plays in their institutions: ? ? ? ? Call logging & Prioritization ; 1st Line Support ; Service level tracking ; Service level Escalation.
The table below, Table 5.8 sums up the extent of the implementation of each process from the series of questions which were asked and depending on whether the process was implemented or certain procedures were in place in that institution. These are the responses from questions, 7 – 16 of the questionnaire.
ITIL Service Support Function/Process Service Desk Incident Management • Are incidents resolved quickly and with minimal impact to the business?
Yes
No
Don?t Know
4 (67%)
1 (17%)
1 (17%)
Problem Management • • Has the impact of Problems been reduced since the implementation of a formal process Has the cost to Users been reduced? 2 (33%) 2 (33%) 2 (33%) 2 (33%) 2 (33%) 2 (33%)
Configuration Management Change Management • Is there a formal process for assessing impact on other services when making changes? • Are all changes reviewed prior to implementation? Release Management • Is there provision for testing the releases before implementing in the live environment? Service Level Management • Is SLA reporting in place to measure if the SLA is being met? • If SLA reporting is in place, are you in a position to meet the service levels agreed upon? Availability Management • Is availability management cost effective in your environment? Capacity Management • Is there an increased ability to demonstrate cost effectiveness? • Is there a Capacity Management plan that is reviewed regularly with resources allocated accordingly? Financial Management • Does the business believe the IT financial management process is effective? • Are customers satisfied with costs and charges of IT services? IT Service Continuity Management • Is there awareness throughout the Institution of the Business and IT Continuity Plans? 2 (33%) 0 (17%) 2 (33%) 1 (17%) 4 (67%) 4 (67%)
2 (33%) 1 (17%)
2 (33%) 3 (50%)
2 (33%) 2 (33%)
2 (33%)
1 (17%)
3 (50%)
1 (17%) 1 (17%)
2 (33%) 1 (17%)
3 (50%) 4 (67%)
2 (33%)
1 (17%)
3 (50%)
1 (17%)
1 (17%)
4 (67%)
1 (17%)
1 (17%)
4 (67%)
1 (17%)
3 (50%)
The results depicted in above table can be interpreted as follows:
For Incident Management:
Incident Management
17% 17% 66% Yes No Don't Know
67% of the respondents agreed that incidents are being resolved quickly and with minimal impact to the business, while 17% did not agree and another 17% were not sure.
For Problem Management:
Problem Management
33% 34% Yes No Don't Know 33%
It was an even 33% when asked if the impact of problems has been reduced since the implementation of a formal process; and if the cost to users has been reduced. This result means that it is not possible to get a clear answer because each institution is different and they results may vary depending on how far the implementation of the process is.
For Change Management:
Change Management
33%
34% Yes No Don't Know 33%
33% of the respondents said there was a formal process for assessing the impact on other services when making changes, while 33% said there was no formal process. Another 33% were not sure.Only 17% of the respondents agreed that all the changes were being reviewed prior to implementation, while 50% said no and 33 % were not sure.
For Release Management:
Release Management
33% 50% Yes No 17% Don't Know
When asked if there was provision for testing the releases before implementation in a live environment, 33% of the respondents agreed, while 17% said no, the majority of the respondents, 50% were not sure if there was provision made.
For Service Level Management:
Service Level Management
17% 50% 33% Yes No Don't Know
Only 17% of the respondents said that there was SLA reporting to measure if the SLA was being met, 33% said reporting was not implemented while 50% were not sure if there was SLA reporting. For the respondents who had SLA reporting in place, the next question asked was if SLA reporting was in a position to meet the service levels which were agreed upon?17% said the IT department was in a position to meet the service levels while 17% said no and 67% were not sure.
For Availability Management:
Availability Management
33% 50% Yes No Don't Know 17%
When asked if Availability Management was cost effective in their institutions, 33% agreed that it was, while 17% said no and 50% of the respondents were not sure. This again comes back to the question of measure. It will depend on how far the process has been implemented before the outputs are measured.
For Capacity Management:
Capacity Management
17% 17% 66% Yes No Don't Know
17% of the respondents agreed that there was an increased ability to demonstrate cost effectiveness when the Capacity Management process was implemented, while 17% said no and 67% were not sure.When asked if there was a Capacity Management plan that is reviewed regularly with resources allocated accordingly, 17% of the respondents said there was a Capacity Management plan in place, while another 17% said there was no plan and 67% of the respondents did not know if the plan existed.
For Financial Management:
Financial Management
34% 66% 0% Yes No Don't Know
When the respondents were asked if they thought that the business believed the IT Financial Management process was effective, some of the responses that came back revealed that, 33% thought the business believed in the effectiveness of the Financial Management process, and another 67% were not sure.When asked if their customers were satisfied with the costs and charges of IT services,17% of the respondents agreed that their customers were satisfied with the costs and charges, while another 17% said their customers were not satisfied, and 67% were not sure.
ITIL Training and Certification
The questionnaire enquired about the extent of ITIL training and certification undertaken. As shown in Figure 5.4, 83% of the respondents agreed that it is beneficial to have IT staff certified in ITIL. The respondents were invited to motivate or explain why they thought it was beneficial to be certified, below are the responses given: • • The awareness created seems to stimulate creative thinking and co-operation from staff. Training IT staff in ITIL allows everyone to understand best practices, processes, and concepts. It also creates awareness and a culture for adopting best practices. • More staff members are putting a lot of effort to understand the principles of ITIL. More are getting used to the terms and hence the requirements of ITIL standards. There is an improvement especially with the way that ICT staff members conduct themselves at work. The attitude has changed dramatically.
•
They have a much better understanding of the importance of the quality of the service delivery they providing.
•
The greater understanding of ITIL is starting to get the staff to think in terms of providing a service and not just running an application or infrastructure etc.
17% of the respondents did not believe it was beneficial to get all the IT staff ITIL certified and they did not give reasons, but one respondent said they only got certified in late August 2008, and were not yet experienced enough to answer.
Benefits of ITIL
Question 17 of the questionnaire asked the respondents on their overall impression of how ITIL best practice framework has improved IT Service Management in their institutions. Table 5.9 below shows the different views or perceptions of the respondents while figure 5.5 is the graphical representation. 50% of them said that ITIL had improved somewhat their ITSM strategy, while 17% said service improved considerably another 17% said the service has remained the same and another 17% said they were uncertain. In all of the mixed reviews, none of the respondents said the service had declined since the implementation of ITIL.
Order Improved considerably Improved somewhat Has remained about the same Has declined considerably Uncertain 1 2 3 4 5 Table 5.9 Overall impression of ITIL
Count 1 3 1 0 1
Percentage 16.67% 50% 16.67% 0% 16.67%
Chapter 5 Findings
5.1 Questionnaire Result The analysis below is from the questionnaire that was sent out by the ISO Audit Team, , in their meeting on the 19th and 20th July 2011. A Special Interest Group for Service Management was created with the task to investigate aspects of Service Management. This Questionnaire on ITIL is the result of many months of research into the kinds of questions needed in order to assess or measure the level of ITIL maturity in Pangea3. The questionnaire was divided into the following sections: ? ? ? ? ITIL Staff Training
Implemented ITIL Processes
Services
Benefits of ITIL
ITIL Staff Training
Foundation Level 12% of the respondents achieved a 100% in their Foundation exams, 18% achieved 60-
80% pass rate, 24% received in the range of 21-60 % pass rate and the rest 47%
received 0-20% pass rate. These results are of concern as the overall pass rate is 36%.
Practitioner Level 24% of the respondents achieved a 100% in their Practitioners exams, 6% achieved 6080% pass rate, 18% received in the range of 21-60 % pass rate and the rest 56% received 020% pass rate. These results are very low because most of the universities have not attended the course or written the exam, so the overall pass rate is 32%. Managers Level 6% of the respondents achieved a 100% in their Managers exams, 6% achieved 6080% pass rate, 18% received in the range of 21-60 % pass rate and the rest 71% received 020% pass rate. The same reason for the low results here is that most of the universities have not attended the course or written the exam, so the overall pass rate is 18%.
Implemented ITIL Processes
The processes that were implemented first as reported by the questionnaire participants are the Service Desk (59%) and Incident Management (47%) which typically are the first processes that many organizations address. This is followed by Change Management (24%) and Service Level Management (24%). The low number of respondents that chose Service Level Management at number 4 is worrying because the organizations need to engage with the business and align IT services with business demand. 18% of the respondents chose Problem Management at position 5 while Configuration Management came in at position 6 with 18% of the respondents choosing to implement it later in the process. This may be because many organizations fail to present a valid
business case for Configuration Management but with an effective CMDB, the impact of changes and releases on each process is identified. Capacity Management (6%) and Release Management (6%) are positioned at the bottom of the list of processes implemented. Capacity is often forgotten but it not only covers resource Capacity Management but also service and business Capacity Management. Release
Management is on the also at the bottom, this could be because many organizations focus their ITIL efforts on Infrastructure initially and don't include applications support. Availability Management (6%) is also at the bottom, this could be because it is dependent on the type of services that are being supported. The availability of services is one of the most important things to both our customers and end-users so it is surprising that more organizations are not focused on putting effort into implementing this process.
Figure below is a graphic representation of the processes/functions implemented.
Benefits of ITIL
Stakeholder Business Benefit Cost savings Creation of competitive advantage Common approach to service levels Quality of service delivery Understanding of business processes Improved IT uptime Better support from business on IT spend IT service delivery is more measurable A clear definition of activities in the ICT Division and the values embraced by the staff Business is made to understand what ICT is all about by the values unpacked by ITIL
User
Improved productivity Improved relationships with ICT staff Improved service Being reliable, expect from IT based on SLA Better service offered More feedback provided Can find out status of their problem effective and approachable Improved level of efficiency Increased level of confidence in IT as department Know what to Minimized service interruptions Better utilization of all IT facilities Better understanding of the level of service to be provided - 3 Being supportive to actual needs Building good team relationships Developing a common approach to service levels Improved relationships between IT and all stakeholders Consistency in the execution of support tasks Better control of IT changes Having a standard which is indoctrinated to all ICT staff Understand customer expectations - the importance of having SLAs Systematic approach to resolution of all ICT challenges
IT organization
Chapter 6 Conclusion
Post implantation of ITIL Pangea3 network infrastructure is found one of more secure network amongst IT industry, as described below. Pangea3 has instituted a robust security framework which ensures the institution of processes and measures to ensure the secure receipt, storage, processing, and transmission of information through physical, data, network, and personnel security enabled with continuity solutions to ensure uninterrupted services in the event of any disruptions. All our facilities are fully audited and certified for ISO 27001:2005. We address data and information security requirements at all of our facilities by ensuring that stringent controls are in place for data, physical, and information security and has deployed software, hardware tools and methodologies to secure and protect the confidentiality of client information and data. The below gives an overview of our IT infrastructure. To this end, the researcher set out to resolve the main problem of the study: How the Pangea3 implemented the ITIL Framework to improve the quality of IT service delivery and support? In order to help resolve the main problem, sub-problems were developed and addressed in chapter 2 to 5 by means of a literature study and questionnaires. sub-problems identified were: • • • What is involved in IT Service Management? What is the situation of ITSM in Higher Education in South Africa? What are the recommendations for an effective framework solution? The
By answering the sub-problems, the main problem is answered. The reason that many organizations do not realize the full potential of ITIL implementation is because it is not correctly implemented. It should be part of IT Governance where IT strategy is aligned with the business strategy. The literature study revealed that ITSM has evolved over the years, and continues to do so at a rapid rate. ITSM has a major role to play in the success of organizations today. ITSM is critical in today?s business as it includes the entire organization and beyond. The resultant output from the research was that of a better understanding of the ITSM solution.
Like all management strategies, the philosophy of ITSM is more similar to a journey than a destination. What's more, it is a journey that is never complete. The implementation
of ITIL at the Pangea3 had seen huge improvements in the quality of IT service being delivered. The Pangea3 or any other organization must therefore implement ITIL to its full potential and this can only be done with the proper combination of people, processes and technology. The people should have the right skills, appropriate training and the right service culture. The processes should be effectively and efficiently managed. The
organization should have a good IT infrastructure in terms of tools and technology.
Chapter 7 Suggestions/Recommendations
The following recommendations are offered :
Many organizations today depend on IT to survive and this has led to more complex systems and applications that are used within organizations which make for a very complex business-processing environment. There is also the constant threat of changing and emerging technologies which organizations need to be aware of. ITIL Service processes can be applied to the business to counter these challenges and threats. The solution needs to deliver IT business value across the organization. Rodriguez (2007) states that this is done by fully aligning the IT service delivery with the goals of the business and the processes on which the business operates. In order to successfully implement ITIL, an understanding of the process life cycle is required. From the literature study and the results of the questionnaires, the following criteria were identified for the selection of suitable ITSM/ITIL best practices for use in organizations. The following steps have been adapted. It is the recommended checklist to run before an implementation of the ITIL process. The first step for the IT department is to have a clear vision for what it wishes to accomplish and where it wants to go that is to determine goals. The second step is to get Top Management support. The success of any project depends on the cooperation of all parties involved, from Top Management right down to the clerks in the administration offices. Lack of commitment from senior executives has been shown to be a limit to successful implementation. The third step is to communicate with and get buy-in from the business and the IT staff. The main problem here is to communicate the effects that the changes will have on the organization and the organizational structure. The affected areas need to ensure that they can carry on with their business operations with minimal disruptions.
The forth step is to choose the approach. The researcher recommends choosing the practical approach. There is a much more practical approach to implementing ITIL which offers a much better efficiency and effectiveness of the ITIL adoption. This approach first looks at the needs of the organization and then integrates and automates ITIL processes. The fifth step is to determine the biggest opportunity for value, or where this will immediately benefit the business, and start there. What the researcher recommends is to treat the ITIL implementation as a project and then start by developing the processes first. The organization should start with Incident Management and Change Management so they know what they are capturing and have the capability to measure it with an ITIL framework then in place. The sixth step is to understand the current key performance indicators; this is done by benchmarking the activities of the IT department to determine how well it is performing against the recommendations of the ITIL framework. A Maturity Level Assessment tool
can help measure the maturity of an organization?s ITIL processes against the ITIL guidelines and provides recommendations on how to improve existing processes. This provides valuable information concerning the strengths and weaknesses in an organization?s Service Management operation. The seventh step is to develop simple metrics to calculate and communicate improvements in services. Once the maturity level assessment is done, the goal is to end up with a close representation as possible of what exactly exist. Only then can an organization begin to identify improvement opportunities. These opportunities were identified from the answers that the respondents gave when rating each of the elements of the ITIL processes.
The eighth step is to think long-term goals for the IT department and make sure that the processes are integrated. To better understand how these processes integrate, consider this example life cycle of an Incident, taken from the OGC Service Delivery book:
The ninth step is the Communication and Awareness Campaign. The purpose of an awareness campaign is to ensure a clear focus on the objectives and goals of all the process improvement efforts undertaken, which is the ITIL implementation. This awareness campaign could be in a form of various presentations across the organizations. This could be organized by departments.
Chapter 8
APPENDIX
Abbreviations
? ? ? ? OGC – Office of Government Commerce IT – Information Technology ITIL – Information Technology Infrastructure Library ITSM – Information Technology Service Management
BIBLIOGRAPHY
Web References ?http://www.pangea3.com ?http://www.wikipedia.org ?http://www.itil-officialsite.com ?http://itil.co.uk
Book References
? ? ? ? Pangea3 Reports IT Security Information Security ITIL for Beginners
doc_348385791.docx
A research project completed in 4th semester of M.M.S as a part of curriculum.
A
PROJECT REPORT
ON
USE OF ITIL TOWARDS IT SERVICE DELIVERY FOR PANGEA3 LEGAL DATABASE SYSTEMS, MUMBAI
SUBMITTED BY MR. RAHUL SHARAD CHITALE
UNDER THE GUIDANCE OF PROF. AKASH NIRANJANE
SUBMITTED TO UNIVERSITY OF MUMBAI
IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOR THE AWARD OF THE DEGREE OF MASTER OF MANAGEMENT STUDIES (MMS)
RAJENDRA MANE COLLEGE OF ENGINEERING AND TECHNOLOGIES AMBAV (DEORUKH)
(2011-2012)
DECLARATION
I undersigned, hereby declare that “USE OF ITIL TOWARDS IT SERVICE DELIVERY” Is developed under the guidance of Prof. Akash Niranjane. The conclusion in this report is based on the idea, which is collected by me. I am declaring that this is my original work. I have not copied any materials, which are useful to my work, or other reports that are submitted to the “RMCET COLLEGE, AMBAV” this year. I do undersign that if my work is found to be copied, and then I am liable to punishment as per the university rule.
DATE:
PLACE:
(Mr. Rahul S. Chitale)
ACKNOWLEDGEMENT
It gives me immense pride and gratitude to express my hearty thanks to Mr.Santhosh Kumar, Sr.Manager (IT Operations) for giving me an opportunity to carry out my project work in Pangea3 Legal Database Systems which is a global leader in LPO. My special thanks to Mr. Girish Chitale for providing me the necessary facilities, guidance and cooperation. I would like to acknowledge the cooperation given by all the officers of various departments in Pangea3 Legal Database Systems, Mumbai. While giving this acknowledgement, I should not and cannot ignore the sincere efforts of all the workmen who directly or indirectly gave me full support and endless knowledge about the whole company and various processes in manufacturing during my project.
MR. RAHUL SHARAD CHITALE
EXECUTIVE SUMMARY
The purpose of this research was to investigate what is involved in IT Service Management and how the Pangea3 can implement it to improve the quality of IT service support and service delivery. The IT Service Management approach was investigated but the main focus was on the Service Support and Service Delivery in the ITIL framework.
Findings from the empirical study will be presented and recommendations highlighted to Top management and the IT department in order to promote and improve the quality of the IT service being delivered to users and customers.
The data was collected and administered by means of a structured questionnaire based on the ITIL Service Capacity Maturity Model.
It was discovered that the implementation of ITIL in most organizations brought about improvements and benefits in the quality of the IT service being delivered.
INDEX
Chapters No. 1.
Topic Introduction Statement of the Problem Objectives of the Study Significance of the Study Hypothesis Research Methodology Review of Literature Organization/Company Profile Collection of Data Data Presentation Data Interpretation Data Analysis Finding Conclusion Suggestions/Recommendations Bibliography Appendix
Page No.
2. 3. 4.
5. 6. 7. 8.
Chapter 1 Introduction
1.1 Background
Information Technology (IT) has become a vital asset in any business; it is part of one of the longterm business investments that organizations depend on and plays an essential role in building an infrastructure that enables important business improvements. As a result of the rapid changes in the IT industry, many organizations find themselves trapped in this situation of having to adapt or suffer in terms of performance and profit. It is therefore necessary that they manage their IT processes with efficient, secure and reliable solutions that will deliver IT services that further the organization?s business. It is this perceived lack of a complete management strategy that has prompted the study of IT Service Management, in particular the implementation of the IT Infrastructure Library (ITIL) framework in an organization in order to improve the quality of IT service delivery. Pangea3 Legal Database Systems Pvt. Ltd which came into effect in F e b r u a r y 2007,Having an IT Service Management (ITSM) framework implemented from August 2011 which will ensure that the organization meets its business objectives. Therefore the Pangea3 will be used in this case study to investigate the workings of ITSM, specifically the Implementation of the ITIL framework. Office of Government and Commerce (OGC) (2002) defines ITSM as a discipline for managing large-scale Information Technology (IT) systems to meet the Customers? requirements. It has its roots in the late 1970s in British central government, who saw the need to maintain control over IT support structures to achieve efficiency. ITIL was established as a new approach to IT Service Management with the purpose of ensuring better use of IT services and resources. It is a series of documents that are used to assist in the implementation of the framework for IT Service Management. ITIL is a seven-volume catalogue of best IT practices. It covers major aspects of IT operations, including service support, delivery and management; security, infrastructure and application management; and business alignment. The
latest development in IT Service Management has been the release of British Standards Institution?s Standard for IT Service Management (BS15000) in 2002 that supports the best-practice processes promoted in ITIL. In order to be ITIL certified, the IT personnel need to complete training in one of the following levels and the certification is individual rather than organizational: • • • ITIL Foundation Certificate Training (Entry Level) Practitioner (Intermediate) and ITIL Service Manager Certificate Training (Expert) (OGC, 2002, p. 92).
This study will focus on what is involved in IT Service Management and how can the Pangea3 implement it to improve the quality of IT service support and service delivery. The study should give insights into the workings of ITSM in particular, the ITIL service management approach, a framework that is rapidly gaining popularity all over the world. It is necessary to first define the concept of IT Service Management so as to gain a broad understanding of the topic.
1.2 Statement of Problem
The aim of the research is to investigate what is involved in IT Service Management and how can the pangea3 implement it to improve the quality of IT service support and service delivery. There are many best practice frameworks and standards that can help IT staff get started at shaping the IT operations and building better processes. However ITIL was found to be the most suitable because of its effective way in managing the relationships between business processes. ITIL provides best practices, which an organization can adopt or adapt to fit their specific needs. The Pangea3 currently has the basic ITIL recommendations in place but it is not structured. In order to address this, the following questions have been investigated: • • • What is involved in IT Service Management? What is the situation of ITSM in other organizations in India? What are the recommendations for an effective framework solution?
1.3 Objectives of Study
The objective of this study is to recommend a comprehensive framework solution that the Pangea3 can implement to improve the quality of IT service delivery and support. The thesis will therefore, use the ITIL framework to recommend a solution for higher education. The solution will be as generic as possible so that it can be applied to any higher education institution. The thesis is not meant to be a total solution for implementing ITIL. It merely proposes a comprehensive solution which may be used to assist with the ITIL process.
1.4 Significance of Study
• • • • • •
Improved IT services through the use of proven best practice processes. Improved customer satisfaction through a more professional approach to service delivery. Reduced costs. Standards and guidance. Improved use of skills and experience. Improved delivery of third party services through the specification of ITIL.
1.5 Research Methodology
The following section gives an overview of the methodology that was used in the study. The following procedures were adopted to solve the main problem and sub-problems: Literature Review An in-depth literature study was undertaken on the concept of IT Service Management and the approaches which are adopted by organizations. The information was analyzed to determine which solution best suits the Pangea3.
Questionnaire A Questionnaire was administered to gauge the ITIL maturity level of ITES in India
Interview The study also consisted of a personal interview with an ICT System Engineer at the Pangea3 in order to give more insight into what Pangea3 is doing with the current technological trends in the IT environment. In order to ensure that the ITSM Framework is aligned with the new Pangea3 business strategy; both the external environment in which the P an ge a3 does business as well as the current internal environment were analyzed.
Chapter 2 Review Literature
2.1 Introduction
This chapter is a review of literature with regards to IT Service Management, the ITIL framework the structure of the framework and the concepts related to the implementation of ITIL. IT Service Management is the main focus of the study. The chapter provides insights into the workings of ITSM in particular, the ITIL service management methodology, a framework that is rapidly gaining popularity all over the world.
2.2 The Service Industry
The service industry has changed over the years and the service organization is very different from a manufacturing organization but the basic core is the same. Organizations cannot
develop a sustainable business by offering a product or service only but need a combination of both and the customer is at the heart of this process .A service organization that wishes to stay on top of its game has to make sure it provides the best service quality it can to its customers. Customers are in search of a total service offering that can be used to create value. An organization can differentiate itself in terms of: Core product (Quality), Price, Image and Service strategies as the main source of competitive advantage. Grönroos (2007) argues that the organization can only differentiate on one of these strategies but that does not mean that the other strategies are any less important. In order to remain competitive, they need to focus on one only. The environment in which any organization functions, determines the strategies that it will employ to survive in that rapidly changing environment. The organization must consider both the current and future situation. Ward and Peppard have proposed some success factors to consider when formulating a service strategy;
(1) Service Delivery (2) Understanding customer needs in order to grow the business, (3) Business-driven innovation, using IT as enabler. Management faces challenges of coordinating services due to trends in the service industries as well as customer?s demand for high quality of services. It is therefore important for organizations to have a broader knowledge of service management .For the purpose of this study, IT Service Management will be discussed. The whole chain of activities has to be coordinated and managed as a total process. That is where IT Service Management plays a role, as a total solution for the integration of these processes, activities, services, people and technology. There are organizations world-wide that have taken it upon themselves to help businesses come up with appropriate IT service strategies that address issues in the development and delivery of IT services. One such organization is the OGC in the United Kingdom which has developed the ITIL framework for IT Service Management. The next section of this chapter focuses on IT Service Management.
2.3 ITSM
Various definitions of ITSM are proposed in the literature. OGC (2002) defines IT Service Management as a discipline for managing large-scale Information Technology systems to meet the customer?s requirements. It has its roots in the late 1970s in British central government, who saw the need to maintain control over IT support structures to achieve efficiency. “The concept of applying a structured set of processes to ensure the quality of mission-critical IT services to meet levels of service agreed to with the customer.”
The adoption of IT Service Management disciplines and processes will assist with the continuous improvement in the quality of IT services. This need for the integration of people, processes, products and services is a major headache for many organizations but is needed in order to maintain a good quality of IT services. The justification for the implementation of a service management strategy comes as a result of growing trends in business and because of external factors. There are persistent driving forces of
change which affect organizations and they are forced to adapt new strategies in order to stay competitive. Anderson and Anderson suggest the following driving forces of change: • • External forces - which are concerned with the environmental influences on a business, these include: political, economic, social, technological and legal forces; Market requirements for success - Understanding customer needs in order to grow the
business, these include: speed of service delivery, quality levels, innovation initiatives, and the level of customer service; • Business imperatives - it is critical to identify those areas of the organization that offer the biggest potential for competitive advantage and focus initial efforts there; these include changes in the mission, vision, strategic goals, and services of the organization; • Leader and employee behavior - changing paradigms within the organization.
These driving forces may arise from the need to deliver increased value for money, which would lead organizations to look at the external environment in which they operate to identify those areas that offer the biggest potential for competitive advantage. As IT costs continue to rise daily, it is essential that IT service departments react positively to the changing markets and focus on maintaining an IT infrastructure and support service. It is becoming vital for IT service departments to apply a more cost effective and efficient service. The diagram below depicts the ideal IT Service Management framework for an organization, based on the ITIL Framework which will be discussed in the next section.
Figure 2.1 IT Service Management Framework
Literature reflects that the standards and best practice approaches available are independent of the type of organization and would as such achieve the same objective irrespective of the nature or type of organization that adopts them.
2.4 What is ITIL
OGC (2002) defines ITIL as the most widely accepted approach to IT Service Management in the world. ITIL provides a cohesive set of best practice, drawn from the public and private sectors internationally. Although the UK Government created the ITIL guide, it is rapidly being adopted throughout the world as the standard for best practice in the provision of IT Service by both public and private sector organizations alike. ITIL was developed in the 1980s by the Central Computer and Telecommunications Agency (CCTA) as a set of comprehensive best practice in achieving the efficient support and delivery of high quality IT services. The CCTA was later renamed to OGC. This body is independent of any trade interests which is where its strength lies.
The main focus of ITIL has been on service management, which is separated into two main areas, Service Support and Service Delivery as seen in the diagram in Figure 2.1. The services are dependent on a well-managed infrastructure to deliver business value. The ITIL framework consists of many components, one of them is service management mentioned above. The other components are, Business perspective, ICT Infrastructure Management, Application Management, Security Management, Planning to Implement, Software Asset Management and Small Scale Implementation. For the purpose of this study, the emphasis is on Service Support and Service Delivery as described in ITIL version 2. The Service Management disciplines at the center of the IT Infrastructure Library are categorized into two distinct groups:
? ?
Service Support Service Delivery
ITIL Skills Required
1) ITIL Foundation Training : The Foundation Certificate in IT Service Management guarantees your understanding of the basic terms, concepts of ITIL, and relationships between the ITIL processes. This training course introduces these concepts and terminology together with a view of where to begin through to continuous improvement of an organization.
2) ITIL Practitioner Training : This course is designed to specialize in any of the individual ITIL process disciplines which can be grouped and combined to provide practitioner relevant tools as per the customer?s organizational requirements.
3) ITIL Service Manager Training : This course delivers a more detailed and practical understanding of ITIL processes for IT Service Managers. This practice oriented course uses case studies and presentations to test and improve the participant?s essential skills in Service Management (Axios Systems Consulting, 2007).
Benefits and ROI of Implementing ITIL
ITIL provides a systematic and professional approach to the management of IT service provision, and offers the following benefits (OGC, 2002): • Reduced IT costs; • Improved IT services through the use of proven best practice processes; • Improved customer satisfaction through a more professional approach to service delivery; • Standards and guidance; • Improved productivity; • Improved use of skills and experience;
Challenges in ITIL and ITSM
In any organization, when making changes, managers are faced with challenges and issues. They just need to manage the relationships better. Some of the issues that IT managers may face include (Golden, 2007): • • Culture change, which is probably the hardest type of change to manage - the change in thinking and communication among the staff. Learning to keep it simple, focus on one process at a time and start with simple metrics to help your business partner see value as you go.
Other Frameworks and Standards
Over the years a number of models and frameworks have been developed and implemented in organizations with the goal to improve the management of IT and IT related resources (da Cruz & Labuschagne, 2007). It is necessary to point out that IT Service Management does not exist in isolation; there are other standards and frameworks in process improvement which need to be considered. In a recent study conducted in an Australian Information Technology Service
Management Forum, it was found that many organizations are adopting a combination of frameworks; mixing ITIL with other frameworks and guidelines such as Control Objectives for Information and related Technology (CobiT), Capability Maturity Model Integration (CMMI), ISO/IEC 17799/27002, MOF (Microsoft Operations Framework) and BS 15000 (Cater-Steel, Tan, & Toleman, 2005). Below is a brief description of these frameworks and standards, some of
which falls under IT Governance. IT Governance is the internationally accepted standard for control over IT, it is defined as the system by which IT within organizations is directed and controlled. The IT Governance structure specifies the distribution of rights and responsibilities among different members, such as the board, business and IT managers, and spells out the rules and procedures for making decisions on IT. By
doing this, it also provides the structure through which the IT objectives are set, and the means of attaining those objectives and monitoring performance. 1) COBIT : An IT Control and Governance Framework, its main focus is the development of clear policies and good practices for security and control of IT. Its primary goal is the development of control objectives from the business objectives and requirements viewpoint. The underpinning concept of the CobiT framework is that control in IT is approached by concentrating on information that is needed to support business objectives and by looking at information as being the result of the combined application of IT-related resources that need to be managed by IT processes. CobiT creates the link between the business objectives and a specific Information Technology management task. It classifies Information Technology resources into three levels of effort: domains, processes and tasks. Domains are groups of Information Technology processes. A process on its own is a group of tasks. The framework has defined a set of 34 high-level control objectives, one for each of the IT processes, grouped into 4 domains: Planning and Organization, Acquisition and Implementation, Delivery and Support and Monitoring. This framework covers all aspects of information and the technology that supports it. By addressing all 34 high-level control objectives, the process owner can ensure that an adequate control environment exists for the IT Environment.
2) ISO/27002
:
This standard provides information security specialists with recommendations for risk assessment, physical and information security policy, governance, compliance and access control. It details hundreds of specific controls which may be applied to secure information and related assets.
3) BS 15000 : In November 2000, the British Standards Institutes (BSI) published a new standard for IT Service Management, namely the BS 15000. This standard promotes the adoption of an integrated process approach to effectively deliver managed services to meet the business and customers requirements.
In a first part, BS15000 defines high level requirements for a management system that includes policies and a framework to enable the effective management and implementation of all IT services. It then gives recommendation using the Plan-Do- Check-Act methodology for planning and implementing service management.
•
Planning service management (Plan); Implementing service management and providing the services (Do); Monitoring, measuring and reviewing (Check); Continuous Improvement (Act).
• • •
BS15000 then provides recommendations concerning the planning and the implementation of the new service. This is to ensure that new services and changes to services are deliverable and manageable at the right cost and service quality.
4) Microsoft Operations Framework : According to Sallé (2004), MOF “provides technical guidance that enables organizations to achieve mission-critical system reliability; availability; supportability and manageability of IT solutions built with Microsoft products and technologies.” The MOF guidance addresses the people, process, technology, and management issues to support the distributed and complex IT environment.
Relationship between different Frameworks
The different frameworks and standards serve different roles within the IT Management domain but these frameworks complement each-other. All these frameworks are tools to assist the organization to manage the very important IT related functions and services, so as to limit risk and increase the potential benefit from the IT investment. Literature reveals that some organizations are in favor of implementing multiple frameworks in their organizations than just one framework. And there is certainly value in this approach, to use the ITIL framework in conjunction with other frameworks to obtain a more complete IT Service Management solution. It is clear that some of these approaches do overlap, as some have a wider scope than others.
Figure 2.2 Relation between IT Governance and ITSM
Conclusion : This chapter has not only described IT Service Management and the ITIL framework, but has also highlighted their role in improving the quality of IT Services. The review of the literature has uncovered a vast amount of information with regards to the role of service management in particular the integration of people, processes, products and services. The literature also uncovered the benefits that organizations can look forward to as well as some challenges that the IT managers in these organizations may face when they implement process improvement strategies. From the material presented it is clear that at the end of the day it is about results, no organization is going to follow a strategy which does not provide a return on investment. This is why many organizations are embracing the IT Service Management concept, because they are getting results. Management will be quick to follow a trail of processes that are benefiting the business.
Chapter 3 Company Profile
Pangea3 Legal Database Systems is the established leader in Legal Process Outsourcing (LPO) service to International corporations and Law firms. It is serving more than 100 Fortune 1000 companies and Am law 200 firms.
History of Company
Pangea3 Legal Database Systems was founded in 2004, It has grown up to become the largest pureplay LPO company globally. Pangea3 became part of a Thomson Reutors, the world?s leading provider of intelligent Information to legal and business professionals. Pangea3 is headquartered in New York City, USA and Mumbai, India, with operations in Mumbai, Delhi and Dallas, TX.
People and Processes
Like leading corporations throughout the world, Pangea3 ensures accuracy and efficiency using statistical methods, such as Six Sigma and Lean, project playbooks, and constant communication with clients and outside counsel.
Technology and Security
At Pangea3, data and physical security and confidentiality is paramount. They complete all legal services in our ISO 27001:2005 Information Security and Security Management Systems-certified facilities. Also, as certified by TÜV SÜD South Asia (one of the world?s leading testing and assessment companies), we implement rigorous physical and logical controls, a top-notch security management team and information security procedures that ensure the availability, confidentiality and integrity of your data. In addition to the security measures deployed at the network level, Pangea3 enforce policies to restrict access to removable media where required. Their communication and collaboration tools for messaging, e-mail and VoIP calls support Blowfish/AES encryption. Pangea3 can encrypt all intermediate and final work products to prevent access outside the intended work group. These security measures make us one of the safest LPO companies in the world.
Executive Team
Sanjay Kamlani Co-Chief Executive Officer
David Perla Co-Chief Executive Officer
Mohan Ayyangar Chief Operating Officer & Chief Technology Officer
Naveen Gupta Chief Finance Officer
Sajeev Kutty Assistant Vice President Information Technology
Greg McPolin Vice President and Managing Director, Global Litigation Solutions
Jonathan Goldstein Vice President and Managing Director, Legal Solutions
Adam Schair Vice President, Marketing and Communications
Lulu Khandeshi Vice President and Head of Human Resources & L&D
Awards
? ? Voted Best LPO in the 2011 New York Law Journal Reader Rankings Awarded LPO of the Year by India Business Law Journal and also ranked as a Top 5 Legal Process Outsourcing (LPO) provider in each of their award categories: Best Overall LPOs, IP Services, Legal Support, Contract Services, Litigation Support, and Corporate Services, 2009. Top 100 Fastest-Growing Private Company in America, 2009 Inc. 500|5000 List. Top 10 Company in the Business Products and Services Category, 2009 Inc. 500|5000 List Top 10 Company in the NY, NJ & PA region, 2009 Inc. 500|5000 List. Top 50 Best Managed Global Outsourcing Vendor by Brown-Wilson Group?s Black Book of Outsourcing, 2009. Top 5 Legal Outsourcing Vendor by Brown-Wilson Group?s Black Book of Outsourcing, 2009. #1 Provider of Corporate Governance, Compliance, Due Diligence and Risk Services by the Brown-Wilson Group?s Black Book of Outsourcing, 2009. Recognized as an exclusive LPO Participant to the General Counsel Roundtable's Preferred Pricing Program. Recognized as a leading intellectual property outsourcing services provider by Valuenotes, 2008. Ranked Top Legal Outsourcing Vendor by the Brown-Wilson Group?s Black Book of Outsourcing, 2007. Recognized by Time Magazine as an Industry Leader in Legal Outsourcing Services, 2007. Recognized as a leading legal outsourcing provider by Valuenotes, 2007. Received the Market Leader Award for Legal Process Outsourcing by Frost & Sullivan, 2006
? ? ? ? ? ? ? ? ? ? ? ?
Chapter 4 Collection of Data
Data collection was done by means of an questionnaire which was distributed to Pangea3 IT team post implementation of ITIL.
4.1 Data Presentation
Questionnaire
1) Did your IT department participate in Tenet?s ITIL project?
SELECT
If your answer to previous question was YES, Please proceed to next question. If your answer is NO, Please provide some reasons as to why not. Thank you for your time. Staff Training 2) How many staff from your institution attended the ITIL Foundation training? 3) How many staff passed Foundation examination? the SELECT SELECT SELECT SELECT SELECT SELECT SELECT
4) How many staff from your institution attended the ITIL Practitioners training? 5) How many staff passed Practitioners examination? the
6) How many staff from your institution attended the ITIL Managers training? 7) How many staff passed the Managers examination? 8) Is there sufficient time and budget allowed for training of staff?
Implemented Processes 9) For each of the ITIL processes/functions provide the following information:
(a) Was this process implemented in your organization? (b) Do the IT staff clearly understand this process? (c) Is there a regular review of the activities associated with this process?
(d) What electronic tools are used? (e) Are these tools fully utilised?
Process/Function
Implemented
Understandi ng
Reviews
Tools
Utilisation
Service Desk Incident Management Problem Management Configuration Management Change Management Release Management Service Level Management Capacity Management Availability Management Financial Management Service Management
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Select Select Select Select Select Select Select Select Select Select Select
Services 10. Is there a Service Catalogue that describes the services offered by your IT organization? 11. Are there Service Level Agreements (SLA) in place that follows a defined structure? agreements with external suppliers (Underpinning contracts) 12. Are documented and reflected in the SLAs? 13. 14. 15. 16. Have all SLAs been accepted (signed off) by customers/business representatives? Is there an adequate Service Improvement Plan (SIP) that can be followed when SLAs are seriously breached? Does the SLA structure include features such as reliability, security, service hours, support, response times, turnaround times, performance criteria? Are regular service review meetings held to discuss current and future requirements of the IT organization? Select Select Select Select Select Select Select
4.2 Data Interpretation
The chapter included a definition of the concepts of ITSM; it considered the service industry as a whole, also the role that ITSM plays in the organization. The ITIL framework was discussed briefly as well as its processes and procedures. This chapter will provide the insights into the workings of ITIL, in particular, the ITIL service management approach, a framework that is rapidly gaining popularity all over the world. The focus is on service support and service delivery within the ITIL framework.
ITSM Background IT Service Management evolved starting in the late 1980s promoting a quality approach to achieving business effectiveness and efficiency in the use of information systems (Sallé, 2004, p. 10). IT departments have moved away from being technology providers into being service providers and this has made it necessary to change the perspective of how IT is managed. IT Service Management puts the services delivered by the IT department at the Centre of IT management. This means that the entire IT department has to work like a well-oiled machine, bringing an integration of the people, processes and technology together to deliver the high quality service that the users and customers can be proud of. Over the years, various ITSM frameworks have been defined to help the organizations move along the transition of IT Service Management.
Figure 4.1 Evolution of IT Management methodologies
Back in the 1980s, IT management was not a topic much talked about, the focus then was on IT operations. But as IT systems became widely used and the developments became more complex, organizations started looking at the concepts of systems management. The OGC from the British central government saw the need to maintain control over IT support structures to achieve efficiency, and so in the late 1980s they established a framework as a new approach to IT Service Management with the purpose of ensuring better use of IT services and resources now known as the ITIL framework . ITIL rapidly became the de facto standard for IT management. The first ITIL version became an instant success, firstly in the UK and then slowly other countries started to notice the benefits. With the global acceptance of ITIL as the number one framework for best practice in IT Service Management, came the first formal standard for ITIL processes, known as the BS15000. The standard allowed for organizations to become formally certified against the new standard. BS15000 compliance is all about having the right processes in place and being able to prove it. This would bring competitive advantage to any organization that became certified.
New developments in ITIL have been the release of ITIL version 3 in May 2007 which has made improvements to the version 2 library. The other significant development is the release of ISO/IEC 20000 international standard of IT Service Management. This standard is derived from the British BS15000 standard and is closely coordinated with the IT Infrastructure Library (ITIL) as a Best Practice recommendation for Service Support and Service Delivery. To achieve ISO/IEC 20000 certification, organizations must successfully undergo a third-party audit by an accredited assessment body. The accreditation is based on an organization demonstrating its competence to carry out specific compliance tasks and the certification based on the evidence related to technology, processes, systems, and people interrelations. The next section will explore the ITIL framework in more detail, starting with the methodology of the framework. The different processes within the framework are identified and their functions explained.
ITIL/ITSM Methodology
ITIL is all about processes, frameworks and best practices. This process is an approach to IT Service Management that places emphasis on the importance and value of coordination and control of the process across all the various functions and systems to manage IT services. ITIL consists of a series of publications giving guidance on the provision of Quality IT Services, and on the Processes and facilities needed to support them (OGC, 2000). The two mostly used books on version 2 are the Service Delivery and Service Support books which this research is primarily based on. The methodology encompasses all the processes in the Service Support and Service Delivery.
Service Desk The OGC (2000) define Service Desk as the “Single Point of Contact between the IT service provider and the users”. A Service Desk is a function rather than a process and typically manages Incidents and Service Requests, and also handles communication with the users. It provides an interface for other activities such as Change Management, Problem Management, Configuration Management, Release Management. The Service Desk handles the activities related to the many ITIL processes. Some of the responsibilities of the Service Desk function are; log an incident by categorizing it, diagnose it and prioritize it. It then attempts to solve the incident (this is the first line support) and if a solution is not immediately available then the incident will be escalated to the appropriate group or technical support. The last activity is to close all incidents by following the best practices of Incident Management. Benefits of the Service Desk may include • • • • • Improved user service, perception and satisfaction; Increased user accessibility via the single point of contact; Improved quality and faster response to user requests; More effective and efficient use of support resources; Better management information to make decision on support. Management, Service Level Management and IT Service Continuity
Incident Management
OGC (2006) defines Incident Management as a process which primary objective is to restore the IT Service to the customers as quickly as possible and with minimal impact to the business operation. A temporary work-around is identified in order to maximize availability. The Incident Management process starts with logging and tracking all incidents via the Service Desk and maintaining meaningful records. Incidents are categorized as follows: hardware, software,
networks, information requests, password changes, new users, service extension requests.
Incidents are tracked by an Incident Management System, like REMEDY Service Desk (BMC:http://www.bmc.com/), HEAT Helpdesk System (Front Range Solutions Inc.:
www.frontrange.com) or an in-house system which will track the incident categories and workflows based on the organizational needs. Incident M a n a g e m e n t w o r k s w i t h Problem
Management to pass along information that will assist in resolving problems or to alert that new problems may be arising (Shannon, 2007).
Benefits of Incident Management include: • Reduced business impact of Incidents by timely resolution, thereby increasing effectiveness; • Improved m o n i t o r i n g , a l l o w i n g performance against Service Level Agreements (SLAs) to be accurately measured; • Better staff utilization, leading to greater efficiency; • Improved User and Customer satisfaction.
Problem Management
Problem Management ensures that data is properly recorded and maintained regularly and that known errors are recorded in the organization?s Configuration Management Database (CMDB) (Cognizant Academy, 2004). Benefits of Problem Management are • • • • • • • Improved IT Service quality and management; Increased user productivity; Improved support personnel productivity; Improved IT Service reputation; Enhanced management and operational knowledge and learning; Improved incident recording; Higher first-line resolution rate.
Configuration Management Configuration Management deals with the physical and logical perspective of the IT infrastructure and the IT services being provided. Configuration Management (CM) is a methodology for collecting, revising, storing, and retrieving information about a company's IT assets, their configurations, and the relationship between those assets. ITIL recommends that this information be managed by means of a Configuration Management Database (Shannon, 2007). The OGC (2000) defines a CMDB as a federated, controlled repository for assets that are essential for running the business. The CMDB is made up of Configuration Items (CIs) which can be hardware, software, documentation, and services – anything that IT is responsible for. Defining the relationships between CIs is one of the issues that distinguish Configuration Management from asset management. Benefits of Configuration Management are • • • • • • • • • Providing accurate information on CIs and their documentation; Controlling valuable CIs; Facilitating adherence to legal obligations; Helping with financial and expenditure planning; Making software Changes visible; Contributing to contingency planning; Supporting and improving Release Management; Improving security by controlling the versions of CIs in use; Providing Problem Management with data on trends.
Change Management Change Management is a process of controlling changes to the infrastructure or any aspects of services, in a controlled manner, enabling approved changes with minimum disruptions. (Shannon, 2007). The Change Management process is initiated when an IT staff member submits a request for change (RFC). The RFC describes the desired outcome, usually in business-relevant terms. The
diagram in Figure 3.5 shows the process flow of Change Management as described in OGC (2000).
Some of the benefits of Change Management are • • • • •
Better alignment of IT services to business requirements; Increased visibility and communication of changes to both business and service- support staff; A reduced adverse impact of changes on the quality of services and on SLAs; Fewer changes that have to be backed-out, along with an increased ability to do this more easily when necessary; Improved Problem and Availability Management through the use of valuable
management information relating to changes accumulated through the Change.
Release Management Release Management offers a systematic framework for large or critical hardware rollouts, major software rollouts or bundled sets of changes. It takes into account all the aspects of a release from initial release policy and planning through to development, testing and controlled implementation (OGC, 2000). It is a process that protects the „live? or production environment by following a plan for the releases. For a large rollout of either software or hardware, once the quality assurance
department has done all its work in the approval of the implemented change, and then Release Management takes over. Release Management is responsible for coordinating, scheduling and testing the release packages. Release Management is driven by Service Level Management based on the
agreements that the IT department has with the other business units, agreements about the available software and hardware. Release Management is also linked to Change Management because it is driven by the changes. It generates the following databases; a Definitive Software Library (DSL) which is a definitive store of all the authorized versions of software in the organization and also a Definitive Hardware Library (DHL) which is the definitive store which stocks the hardware of the organization as well as the spare parts, like the laptops, power supplies, memory modules, network cards, etc. The details of these software and hardware libraries will be updated in the CMDB (Shannon, 2007).
Benefits of Release Management include • • • • • A greater success rate and consistency in the release of hardware and software; Minimization of the disruption of the service to the business as the release process protects the „live? environment; Stable test and live environments; Better use of User resources; Better expectation setting within the organization on publication of a Release schedule in advance.
Figure 4.1 Service Delivery
Service Level Management
Service Level Management is responsible for designing and negotiating service level agreements with the customers of the Service Desk. It aims to ensure a satisfactory quality of IT service provision by setting agreed targets between the IT department and customer. A process of monitoring, reporting and reviewing of actual service levels highlights any problem areas and facilitates continuous service improvement (OGC,2001).
Some benefits of a Service Level Management process include • • • • IT Services are designed to meet Service Level Requirements; Improved relationships with satisfied Customers; There are specific targets to aim for and against which service quality can be measured, monitored and reported – „if you aim at nothing that is usually what you hit?; Service monitoring allows weak areas to be identified, so that remedial action can be taken.
Availability Management
Availability Management is the process concerned with the design, implementation, measurement and management of IT services which ensures that all IT systems and services are functioning as required and that availability is sustained in a reliable and cost-effective way. With the supply and provision of information companies need to consider security management as well to prevent unauthorized use of information (Cognizant Academy). All ITIL processes are linked in some way or another to the IT availability process, which means that Availability Management interfaces with all the other processes. Incident Management and Problem Management provide a key input to ensure the appropriate corrective actions are being progressed. It also supports the Service Level Management process in providing measurements and reporting to support service reviews (OGC, 2001).
Some Benefits of Availability Management include • Optimal use of the capability of the IT Infrastructure according the requirements; • Single point of accountability; • • Cost justification of investments; Improvement of Business continuity. agreed
IT Service Continuity Management IT Service Continuity Management is the process that ensures that major failures of technical equipment or facilities associated with IT Service provision are managed efficiently and service levels are restored back to an acceptable level within agreed timeframes (HPDC, 2006, p. 306). It focuses on all IT services that are needed by providing a framework for developing IT infrastructure recovery plans in support of the critical business processes to keep them running. IT Service Continuity involves the elements of Business Impact Analysis and Disaster Recovery Planning. Business Impact Analysis is conducted with the customers in order to verify which major systems must be recovered and also to help determine the effects of an interruption of those systems.
Some Benefits of IT Service Continuity Management include • It supports the Business Continuity Management process and delivers therequired IT supporting Infrastructure; • Positive marketing of contingency capabilities; • Organizational credibility; and • Competitive advantage through the demonstration of the contingency capabilities.
Capacity Management
Capacity Management is the process which aims at aligning IT service level provision to the current and future business needs. It is concerned with optimizing the usage of existing IT resources as well as ensuring new resources are made available in a timely and efficient manner. Capacity Management is involved in Incident resolution and Problem Identification for those difficulties relating to capacity issues. Capacity Management process involves, monitoring of performance of IT services and the infrastructure that support those services, recommending tuning activities that would make the best use of the resources, understanding the current demands on IT resources and then making forecasts for future requirements, and finally producing a capacity plan which will be used by the IT department to meet the SLAs. Capacity Management also links with the other ITIL processes in order to improve those processes. It links with Financial Management for the budgeting, accounting, and charging purposes. It links with Availability Management for the availability metrics which are frequently captured and stored by Capacity Management and included in the Capacity Plan. It also links Service Level Management by controlling the SLAs and helping to negotiate appropriate SLAs with the business units
Financial Management for IT Services
Financial Management of IT Services is the process which provides essential management information on IT asset and service costs. Through a process of budgeting and accounting true costs are revealed and the value of IT to the business can be demonstrated. The scope of IT Financial Management is IT budgeting, IT accounting and charging, although many of the activities involved are often managed by the financial division within an organization. Budgeting is a process of predicting and controlling the expenditure within the organization, while IT accounting is the process which enables the IT organization to account for where money is spent on running the department and lastly, charging is the process of billing customers for services.
Other Segments of ITIL Framework
IT Security Management IT Security Management is the process that ensures the confidentiality, integrity and availability of an organization?s assets, information, data and IT services. IT security management usually has a wider scope than the IT service provider (OGC, 2006). IT Security Management in the ITIL framework is a book on its own and not part of either service support or service delivery because it can be integrated with all ITSM processes where security issues are involved. This process provides common terminology and well understood concepts so that the people in the organization can clearly understand the reasons behind the security policies and procedures that the IT department has documented. It also highlights the risks to the organization should these policies not be followed.
ICT Infrastructure Management The ICT Infrastructure Management„s goal is to use proven, repeatable processes to provide a stable operating environment for all IT functions. The four areas that make up this service are: Network Service Management, Operations Management, Computer Installation and Acceptance and Systems Management.
Application Management Application M a n a g e m e n t describes a n approach to the Software Development
Lifecycle. It covers creating the application specifications; designing the application; writing and testing the code; deploying the application; routine operation of the application; and, finally, reviewing the application once it is in operation to determine ways to improve its efficiency and cut costs. Applications Management expands on the issues of business change with emphasis on clear requirement definition and implementation of the solution to meet business needs .
4.3 Data Analysis
This chapter serves as the backbone of the theory required to identify the current state of ITSM/ITIL implementation in pangea3. The knowledge gained here will be used to identify the gap between where higher education is presently positioned and where it should be compared to the ITIL processes. It includes a discussion of the following key concepts:
? ? ? ? Role of Information Technology in the business (IT/ITES) Business Value of IT IT Strategic Technologies for the Future Alignment of business and IT strategy in Higher Education
These key concepts are important in this study as they will show how the education sector is embracing the ITSM strategy, and how some of the new technologies in the IT field are being handled by the institutions in their IT departments.
Role of Information Technology in Business (IT/ITES)
A review of literature reveals that there has been an increase in interest in technology in many IT/ITES industries. Some of the Roles that IT can play in any organization are mentioned below IT can help the organization to facilitate better communication, information sharing becomes easy and the business processes are streamlined which adds great value to the business. • With an ever-growing need for information, there is a requirement for increased data quality that is complete and up-to-date. This information is essential to the day-to-day operation of the business. • The web is the medium through which users actively communicate and provide service. Web Portals and SharePoint sites are playing an ever-increasing role in supporting organizational processes and a number of success factors play a role.
IT can be used to assist and accomplish other specific business roles in higher education institutions; these include those of being an infrastructure driver, collaborations agent, and an enabler of globalization (mobility). These are discussed in more detail below. Collaborations – IT facilitates better collaboration between the departments and between the organization and external suppliers. Online collaborations help enhance the planning, decisionmaking and day-to-day operations of the employees Mobility – The use of smart phones like Blackberries, iPods, iPhones etc. has really enhanced they way people communicate. There are added benefits for both the students and employees in
higher education. For the students, these can be used to download course material, research material and for SMS notifications. For employees, it is a great tool to improve communication, for project collaboration and document sharing.
Business Value of IT
Even though less than half of today's businesses are developing business value and Return on Investment (ROI) to justify IT spending, that trend is changing quickly. Going forward, IT departments must develop business value justification and ROI to fund new IT projects. This is demonstrated by increasing pressure on IT managers to justify IT investments via traditional internal functions such as increasing IT staff time on innovation versus operations .ROI is an interesting debate because businesses tend to see any IT project as a cost. IT managers have to constantly sell ideas to Top Management and to the Board because they talk a different language to IT, they want to see as much savings as possible.
IT Strategic Technologies for the Future
In the context of international developments, the review of IT/ITES industries in I n d i a would not be complete without a look at some top technologies and trends which industry as well as IT/ITES services are faced with in the near future. These trends may be seen as challenges by some but also as great opportunities by other organizations to help them in their quest for the advancement of organizational goals and objectives.
Process Implementation
Process Implementation, was designed to determine which of the ITIL Service Processes were covered by each institution in the adoption of ITIL best practice. The question allowed for multiple responses. As shown in Table below, the Service Desk is the process that was selected first by most of the respondents with Incident Management coming in at number 2. The numbers 1 to 11 in the table represent the processes which are listed on the left hand side. They are there to show the order of the processes being implemented.
ITIL Process
1. Service Desk 2. Incident Management 3. Problem Management 4. Change Management 5. Release Management 6. Service Level Management 7. Configuration Management 8. Availability Management 9. Capacity Management 10. Financial Management 11. IT Service Continuity and Business continuity Management
Process Implementation status
100% 100% 100% 100% 100% 100% 100% 100% 100% 100% In Process
Table :ITIL Process Implementation
This section concentrated on the technical side of the ITIL Process function. The questions were based on a basic list of those measurement metric questions that relate to direct and indirect, tangible and intangible business benefits that can be realized.
A standard ITIL maturity assessment analyzes each of the following process areas: ? Service Support processes include Service Desk, Incident Management, Change Management, Configuration Management, Problem Management and Release Management. ? The service support processes are intended to help organization to gain control of the incident lifecycle, from when an incident first develops until a system change or a new release permanently fixes it. (OGC, 2000). ? Service Delivery processes include Availability Management, Capacity
Management, Availability Management, Financial Management, Service Level Management, and IT Service Continuity Management. ? Service delivery covers the processes required for the planning and delivery of quality IT services, and looks at the longer-term processes associated with improving the quality of IT services delivered (OGC, 2001).
Extent of Implementation of ITIL Processes
In order to rank the implementation progress of the ITIL processes, a series of questions were asked depending on whether the process was implemented or certain procedures were in place in that institution.
Service Desk The Service Desk is the primary point of contact for customers and users with the IT department on a day-to-day basis and is crucial in delivering a quality service to the client. Question 5 of the questionnaire asks the respondents to select one or more of the following options in table 5.7 below, that apply to the role of the Service Desk in their institutions:
The role of the Service Desk Service Desk doesn?t play a role Call Logging And Prioritization 1st Line Support 2nd Line Support Call Closure Service Level Tracking – Incident Tracking
Count Percentage 2 4 4 2 3 4 33% 67% 67% 33% 50% 67% 67% 50%
Service Level Escalation - Escalation of incidents 4 User satisfaction questionnaire
Table : Role of the Service Desk
3
From the data gathered about the Service Desk function, 67% of the respondents have indicated that the following 4 functions are the primary roles that the Service Desk plays in their institutions: ? ? ? ? Call logging & Prioritization ; 1st Line Support ; Service level tracking ; Service level Escalation.
The table below, Table 5.8 sums up the extent of the implementation of each process from the series of questions which were asked and depending on whether the process was implemented or certain procedures were in place in that institution. These are the responses from questions, 7 – 16 of the questionnaire.
ITIL Service Support Function/Process Service Desk Incident Management • Are incidents resolved quickly and with minimal impact to the business?
Yes
No
Don?t Know
4 (67%)
1 (17%)
1 (17%)
Problem Management • • Has the impact of Problems been reduced since the implementation of a formal process Has the cost to Users been reduced? 2 (33%) 2 (33%) 2 (33%) 2 (33%) 2 (33%) 2 (33%)
Configuration Management Change Management • Is there a formal process for assessing impact on other services when making changes? • Are all changes reviewed prior to implementation? Release Management • Is there provision for testing the releases before implementing in the live environment? Service Level Management • Is SLA reporting in place to measure if the SLA is being met? • If SLA reporting is in place, are you in a position to meet the service levels agreed upon? Availability Management • Is availability management cost effective in your environment? Capacity Management • Is there an increased ability to demonstrate cost effectiveness? • Is there a Capacity Management plan that is reviewed regularly with resources allocated accordingly? Financial Management • Does the business believe the IT financial management process is effective? • Are customers satisfied with costs and charges of IT services? IT Service Continuity Management • Is there awareness throughout the Institution of the Business and IT Continuity Plans? 2 (33%) 0 (17%) 2 (33%) 1 (17%) 4 (67%) 4 (67%)
2 (33%) 1 (17%)
2 (33%) 3 (50%)
2 (33%) 2 (33%)
2 (33%)
1 (17%)
3 (50%)
1 (17%) 1 (17%)
2 (33%) 1 (17%)
3 (50%) 4 (67%)
2 (33%)
1 (17%)
3 (50%)
1 (17%)
1 (17%)
4 (67%)
1 (17%)
1 (17%)
4 (67%)
1 (17%)
3 (50%)
The results depicted in above table can be interpreted as follows:
For Incident Management:
Incident Management
17% 17% 66% Yes No Don't Know
67% of the respondents agreed that incidents are being resolved quickly and with minimal impact to the business, while 17% did not agree and another 17% were not sure.
For Problem Management:
Problem Management
33% 34% Yes No Don't Know 33%
It was an even 33% when asked if the impact of problems has been reduced since the implementation of a formal process; and if the cost to users has been reduced. This result means that it is not possible to get a clear answer because each institution is different and they results may vary depending on how far the implementation of the process is.
For Change Management:
Change Management
33%
34% Yes No Don't Know 33%
33% of the respondents said there was a formal process for assessing the impact on other services when making changes, while 33% said there was no formal process. Another 33% were not sure.Only 17% of the respondents agreed that all the changes were being reviewed prior to implementation, while 50% said no and 33 % were not sure.
For Release Management:
Release Management
33% 50% Yes No 17% Don't Know
When asked if there was provision for testing the releases before implementation in a live environment, 33% of the respondents agreed, while 17% said no, the majority of the respondents, 50% were not sure if there was provision made.
For Service Level Management:
Service Level Management
17% 50% 33% Yes No Don't Know
Only 17% of the respondents said that there was SLA reporting to measure if the SLA was being met, 33% said reporting was not implemented while 50% were not sure if there was SLA reporting. For the respondents who had SLA reporting in place, the next question asked was if SLA reporting was in a position to meet the service levels which were agreed upon?17% said the IT department was in a position to meet the service levels while 17% said no and 67% were not sure.
For Availability Management:
Availability Management
33% 50% Yes No Don't Know 17%
When asked if Availability Management was cost effective in their institutions, 33% agreed that it was, while 17% said no and 50% of the respondents were not sure. This again comes back to the question of measure. It will depend on how far the process has been implemented before the outputs are measured.
For Capacity Management:
Capacity Management
17% 17% 66% Yes No Don't Know
17% of the respondents agreed that there was an increased ability to demonstrate cost effectiveness when the Capacity Management process was implemented, while 17% said no and 67% were not sure.When asked if there was a Capacity Management plan that is reviewed regularly with resources allocated accordingly, 17% of the respondents said there was a Capacity Management plan in place, while another 17% said there was no plan and 67% of the respondents did not know if the plan existed.
For Financial Management:
Financial Management
34% 66% 0% Yes No Don't Know
When the respondents were asked if they thought that the business believed the IT Financial Management process was effective, some of the responses that came back revealed that, 33% thought the business believed in the effectiveness of the Financial Management process, and another 67% were not sure.When asked if their customers were satisfied with the costs and charges of IT services,17% of the respondents agreed that their customers were satisfied with the costs and charges, while another 17% said their customers were not satisfied, and 67% were not sure.
ITIL Training and Certification
The questionnaire enquired about the extent of ITIL training and certification undertaken. As shown in Figure 5.4, 83% of the respondents agreed that it is beneficial to have IT staff certified in ITIL. The respondents were invited to motivate or explain why they thought it was beneficial to be certified, below are the responses given: • • The awareness created seems to stimulate creative thinking and co-operation from staff. Training IT staff in ITIL allows everyone to understand best practices, processes, and concepts. It also creates awareness and a culture for adopting best practices. • More staff members are putting a lot of effort to understand the principles of ITIL. More are getting used to the terms and hence the requirements of ITIL standards. There is an improvement especially with the way that ICT staff members conduct themselves at work. The attitude has changed dramatically.
•
They have a much better understanding of the importance of the quality of the service delivery they providing.
•
The greater understanding of ITIL is starting to get the staff to think in terms of providing a service and not just running an application or infrastructure etc.
17% of the respondents did not believe it was beneficial to get all the IT staff ITIL certified and they did not give reasons, but one respondent said they only got certified in late August 2008, and were not yet experienced enough to answer.
Benefits of ITIL
Question 17 of the questionnaire asked the respondents on their overall impression of how ITIL best practice framework has improved IT Service Management in their institutions. Table 5.9 below shows the different views or perceptions of the respondents while figure 5.5 is the graphical representation. 50% of them said that ITIL had improved somewhat their ITSM strategy, while 17% said service improved considerably another 17% said the service has remained the same and another 17% said they were uncertain. In all of the mixed reviews, none of the respondents said the service had declined since the implementation of ITIL.
Order Improved considerably Improved somewhat Has remained about the same Has declined considerably Uncertain 1 2 3 4 5 Table 5.9 Overall impression of ITIL
Count 1 3 1 0 1
Percentage 16.67% 50% 16.67% 0% 16.67%
Chapter 5 Findings
5.1 Questionnaire Result The analysis below is from the questionnaire that was sent out by the ISO Audit Team, , in their meeting on the 19th and 20th July 2011. A Special Interest Group for Service Management was created with the task to investigate aspects of Service Management. This Questionnaire on ITIL is the result of many months of research into the kinds of questions needed in order to assess or measure the level of ITIL maturity in Pangea3. The questionnaire was divided into the following sections: ? ? ? ? ITIL Staff Training
Implemented ITIL Processes
Services
Benefits of ITIL
ITIL Staff Training
Foundation Level 12% of the respondents achieved a 100% in their Foundation exams, 18% achieved 60-
80% pass rate, 24% received in the range of 21-60 % pass rate and the rest 47%
received 0-20% pass rate. These results are of concern as the overall pass rate is 36%.
Practitioner Level 24% of the respondents achieved a 100% in their Practitioners exams, 6% achieved 6080% pass rate, 18% received in the range of 21-60 % pass rate and the rest 56% received 020% pass rate. These results are very low because most of the universities have not attended the course or written the exam, so the overall pass rate is 32%. Managers Level 6% of the respondents achieved a 100% in their Managers exams, 6% achieved 6080% pass rate, 18% received in the range of 21-60 % pass rate and the rest 71% received 020% pass rate. The same reason for the low results here is that most of the universities have not attended the course or written the exam, so the overall pass rate is 18%.
Implemented ITIL Processes
The processes that were implemented first as reported by the questionnaire participants are the Service Desk (59%) and Incident Management (47%) which typically are the first processes that many organizations address. This is followed by Change Management (24%) and Service Level Management (24%). The low number of respondents that chose Service Level Management at number 4 is worrying because the organizations need to engage with the business and align IT services with business demand. 18% of the respondents chose Problem Management at position 5 while Configuration Management came in at position 6 with 18% of the respondents choosing to implement it later in the process. This may be because many organizations fail to present a valid
business case for Configuration Management but with an effective CMDB, the impact of changes and releases on each process is identified. Capacity Management (6%) and Release Management (6%) are positioned at the bottom of the list of processes implemented. Capacity is often forgotten but it not only covers resource Capacity Management but also service and business Capacity Management. Release
Management is on the also at the bottom, this could be because many organizations focus their ITIL efforts on Infrastructure initially and don't include applications support. Availability Management (6%) is also at the bottom, this could be because it is dependent on the type of services that are being supported. The availability of services is one of the most important things to both our customers and end-users so it is surprising that more organizations are not focused on putting effort into implementing this process.
Figure below is a graphic representation of the processes/functions implemented.
Benefits of ITIL
Stakeholder Business Benefit Cost savings Creation of competitive advantage Common approach to service levels Quality of service delivery Understanding of business processes Improved IT uptime Better support from business on IT spend IT service delivery is more measurable A clear definition of activities in the ICT Division and the values embraced by the staff Business is made to understand what ICT is all about by the values unpacked by ITIL
User
Improved productivity Improved relationships with ICT staff Improved service Being reliable, expect from IT based on SLA Better service offered More feedback provided Can find out status of their problem effective and approachable Improved level of efficiency Increased level of confidence in IT as department Know what to Minimized service interruptions Better utilization of all IT facilities Better understanding of the level of service to be provided - 3 Being supportive to actual needs Building good team relationships Developing a common approach to service levels Improved relationships between IT and all stakeholders Consistency in the execution of support tasks Better control of IT changes Having a standard which is indoctrinated to all ICT staff Understand customer expectations - the importance of having SLAs Systematic approach to resolution of all ICT challenges
IT organization
Chapter 6 Conclusion
Post implantation of ITIL Pangea3 network infrastructure is found one of more secure network amongst IT industry, as described below. Pangea3 has instituted a robust security framework which ensures the institution of processes and measures to ensure the secure receipt, storage, processing, and transmission of information through physical, data, network, and personnel security enabled with continuity solutions to ensure uninterrupted services in the event of any disruptions. All our facilities are fully audited and certified for ISO 27001:2005. We address data and information security requirements at all of our facilities by ensuring that stringent controls are in place for data, physical, and information security and has deployed software, hardware tools and methodologies to secure and protect the confidentiality of client information and data. The below gives an overview of our IT infrastructure. To this end, the researcher set out to resolve the main problem of the study: How the Pangea3 implemented the ITIL Framework to improve the quality of IT service delivery and support? In order to help resolve the main problem, sub-problems were developed and addressed in chapter 2 to 5 by means of a literature study and questionnaires. sub-problems identified were: • • • What is involved in IT Service Management? What is the situation of ITSM in Higher Education in South Africa? What are the recommendations for an effective framework solution? The
By answering the sub-problems, the main problem is answered. The reason that many organizations do not realize the full potential of ITIL implementation is because it is not correctly implemented. It should be part of IT Governance where IT strategy is aligned with the business strategy. The literature study revealed that ITSM has evolved over the years, and continues to do so at a rapid rate. ITSM has a major role to play in the success of organizations today. ITSM is critical in today?s business as it includes the entire organization and beyond. The resultant output from the research was that of a better understanding of the ITSM solution.
Like all management strategies, the philosophy of ITSM is more similar to a journey than a destination. What's more, it is a journey that is never complete. The implementation
of ITIL at the Pangea3 had seen huge improvements in the quality of IT service being delivered. The Pangea3 or any other organization must therefore implement ITIL to its full potential and this can only be done with the proper combination of people, processes and technology. The people should have the right skills, appropriate training and the right service culture. The processes should be effectively and efficiently managed. The
organization should have a good IT infrastructure in terms of tools and technology.
Chapter 7 Suggestions/Recommendations
The following recommendations are offered :
Many organizations today depend on IT to survive and this has led to more complex systems and applications that are used within organizations which make for a very complex business-processing environment. There is also the constant threat of changing and emerging technologies which organizations need to be aware of. ITIL Service processes can be applied to the business to counter these challenges and threats. The solution needs to deliver IT business value across the organization. Rodriguez (2007) states that this is done by fully aligning the IT service delivery with the goals of the business and the processes on which the business operates. In order to successfully implement ITIL, an understanding of the process life cycle is required. From the literature study and the results of the questionnaires, the following criteria were identified for the selection of suitable ITSM/ITIL best practices for use in organizations. The following steps have been adapted. It is the recommended checklist to run before an implementation of the ITIL process. The first step for the IT department is to have a clear vision for what it wishes to accomplish and where it wants to go that is to determine goals. The second step is to get Top Management support. The success of any project depends on the cooperation of all parties involved, from Top Management right down to the clerks in the administration offices. Lack of commitment from senior executives has been shown to be a limit to successful implementation. The third step is to communicate with and get buy-in from the business and the IT staff. The main problem here is to communicate the effects that the changes will have on the organization and the organizational structure. The affected areas need to ensure that they can carry on with their business operations with minimal disruptions.
The forth step is to choose the approach. The researcher recommends choosing the practical approach. There is a much more practical approach to implementing ITIL which offers a much better efficiency and effectiveness of the ITIL adoption. This approach first looks at the needs of the organization and then integrates and automates ITIL processes. The fifth step is to determine the biggest opportunity for value, or where this will immediately benefit the business, and start there. What the researcher recommends is to treat the ITIL implementation as a project and then start by developing the processes first. The organization should start with Incident Management and Change Management so they know what they are capturing and have the capability to measure it with an ITIL framework then in place. The sixth step is to understand the current key performance indicators; this is done by benchmarking the activities of the IT department to determine how well it is performing against the recommendations of the ITIL framework. A Maturity Level Assessment tool
can help measure the maturity of an organization?s ITIL processes against the ITIL guidelines and provides recommendations on how to improve existing processes. This provides valuable information concerning the strengths and weaknesses in an organization?s Service Management operation. The seventh step is to develop simple metrics to calculate and communicate improvements in services. Once the maturity level assessment is done, the goal is to end up with a close representation as possible of what exactly exist. Only then can an organization begin to identify improvement opportunities. These opportunities were identified from the answers that the respondents gave when rating each of the elements of the ITIL processes.
The eighth step is to think long-term goals for the IT department and make sure that the processes are integrated. To better understand how these processes integrate, consider this example life cycle of an Incident, taken from the OGC Service Delivery book:
The ninth step is the Communication and Awareness Campaign. The purpose of an awareness campaign is to ensure a clear focus on the objectives and goals of all the process improvement efforts undertaken, which is the ITIL implementation. This awareness campaign could be in a form of various presentations across the organizations. This could be organized by departments.
Chapter 8
APPENDIX
Abbreviations
? ? ? ? OGC – Office of Government Commerce IT – Information Technology ITIL – Information Technology Infrastructure Library ITSM – Information Technology Service Management
BIBLIOGRAPHY
Web References ?http://www.pangea3.com ?http://www.wikipedia.org ?http://www.itil-officialsite.com ?http://itil.co.uk
Book References
? ? ? ? Pangea3 Reports IT Security Information Security ITIL for Beginners
doc_348385791.docx