INCIDENT MANAGEMENT- Part One

INCIDENT MANAGEMENT- Part One

Here we are with one of the most important topic of IT Operations Management. Incident management is the most visible component to the business.

Let us define the Incident first.

Incident can be defined as an unplanned disruption to Service or a reduction in quality of Service. Any failure of a Configuration Item that has not impacted the service yet is also categorized as Incident. Process of dealing with Incident is Incident Management.

The Incident management process is targeted to-

• Restore the normal services at fast as possible.
• Minimize negative impact on business operations

In the above lines few very important terms has been used understanding which is very important.

What is Configuration Item

A configuration Item is a component of a system that is treated as a self contained unit                 for the purpose of Identification and change management. A CI may be a primitive system building block (e.g. code module) or an aggregate of other CIs. For example, a PC may be designated as CI but in a support environment that requires more control, different part of PC like monitor, HDD etc may be designated as CI.

What is Normal Service

Normal Service Operation may be defined as Service Operation that is within the limits of SLA.

Incident Management should be designed so that it offers below Values to Business: 

• Ability to detect and Resolve Incidents => Higher Availability and Lower Downtime
• Align IT Activities with business priorities so that it can identify those priorities and allocate the resources.
• Ability to identify potential service improvements
• Identify other requirements like added services, trainings etc by analyzing the incidents.

Important points to be considered while designing Incident management:

Know Your Services

List down all the services a disruption or potential disruption to which shall be qualified as Incident. Just for example, failure of a Server that is not in production need to be considered for incident management.

Know the Criticality & Impact of services

Every service has different level of criticality and impact on business and hence it must be defined clearly. E.g. failure of a PC of a VIP may have high criticality but impacts only one user while failure of a Server may result into impact on a large number of users. Definitely later incident needs faster recovery than the former one.

Define the Severity

On the basis of criticality and impact, severity of incident is defined. A sample matrix of Criticality, impact and Severity is shown below

Ceriticality	Impact	Severity
High	High	Major Incident
High	Medium	High or Sev 1
High	low	Medium or Sev2
Medium	High	High or Sev 1
Medium	Medium	Medium or Sev2
Medium	low	Low or Sev 3
Low	High	Medium or Sev2
Low	Medium	Low or Sev 3
Low	low	Low or Sev 3

Define Timelines

Now that we have categorized the different levels of incident, each severity category must have a target time for resolution. These time targets must be realistic and aligned to business requirement. Smaller time frame means more number of resources with high capabilities (which generally means high cost too) needs to be aligned. If timelines are not defined properly, it may result into inefficient services.

For example, take a case where timelines for End User PC resolution is 30 Minutes. In almost every environment, number of low severity incidents is generally high as compared to high severity case. Now if the timelines for such cases is small, we’ll end up employing higher number of resources. If money saved by smaller time is suppose 10$ but to ensure these timelines, we end up spending 20$, it is definitely an inefficient use of resource. Same is true for the reverse situation.

Keep reading for more information on Incident management.

ITIL : Alert Management -II

Dear Readers,

As promised yesterday, today we are going to understand the responses to Alert Notifications. But before we start that, let us have a look at Event Management Flow.

In the actual implementations, the alert response depends upon the type of design, process implementation and the requirements at the ground. A good number of standard responses is available and any combination of these responses can be used while responding.

For Example, suppose an event of login of authorized users occurs at the server. Now as per configuration, this event may be logged or may be left without any action. In some setups there may not be any action required and in case of some highly sensitive and security focused setups, these events may needs to be recorded for future analysis.

Some of the important Event response options are-

Event Logging

An event occurred can be recorded for analysis and future reference purposes. But, this decision again depends on few factors like availability of space, retention period, Event types etc. A normal successful login event may be excluded from recording if numbers of such events are very high, are considered less significant and management agrees to do so.

Auto Response

Some of the well analyzed and understood events may be configured for auto response. One such response may be restart of a service by a specific set of IDs. A restart includes a series of event like service stop and then start of service. Hence Auto response may be configured to no action for normal proceeding of entire activity and log an incident in case restart doesn't complete. Another example may be auto locking of accounts after an specified number of unsuccessful attempts.

Escalation

An alert is generated if human intervention is required. Such escalations are mostly configured to reach at help desk which in turns assign this alert of appropriate function.

Ticket Logging

Those events which represent a failure, disruption to service or a need for change, appropriate ticket like Incident, Problem or Change may be logged.

We’ll discuss about selection of correct ticket type will be discussed in the posts on Incident, Problem and Change Management processes.

ITIL V3 : Event Management

Dear Readers,

From today, we are starting the study of Service Operation Processes. There are 5 processes covered under Service Operations.

Event Management:
monitor all events and take proactive action to ensure normal operation.

Incident Management:
Reactive action to resolve any disruption to services.

Request Fulfillment: 
A small change to operations which has no impact on existing operations. 

Problem Management:
Finding RCA. Resolving the causes of event. Update known error database. This may be proactive or reactive.

Access Management:
Ensuring that only authorized users can access the services.

EVENT MANAGEMENT

We can define an event as an occurrence that has potential to impact or cause deviation to the services.

Event management is a proactive approach to insure least deviation or disruption to services as agreed in SLA.

                         

Active monitoring of all the key configuration items, services and components through an automatic tool is the building block to effective event management and hence valuable service operation.

Whatever we do in service life cycle is ultimately aimed to generating value to business. Event management is also no exception but the value generated by event management is mostly indirect because it focuses on early detection of incidents.

                        

Event management in integration with other processes like capacity management can help in early responses that help in avoiding major deviations resulting in to an effective and efficient service management. An effective event management can also help to reduce the cost involved in highly trained technical resources by reducing the number and replacing them with less skilled resources.

                    

Below mentioned are the major steps of event management-

Event occurrence: 
It occurs continuously with every action withing your server, application, router, Firewall, database and all other components of your infrastructure.

Event notification: 
Notifications are generated against the event (mostly using open standard like SNMP)

Event detection: 
Notification is detected by a management tool to understand the meaning of event.

Event filtering: 
It may or may not be possible. This actually tries to categorize the notification.

Event significance: 
The event may be informational(no exception)or warning (approaching threshold) are an actual exception.

Event correlation : 
This is done by a correlation engine that analyses all the events and provide a meaningful information.

Trigger: 
The result of correlation may initiate  a response known as trigger which may in form of incident, change etc.

Response selection : 
Response may be selected according to the trigger. We will discuss it in more detail in my next post.

Review action: 
Actions are reviewed for trend analysis an to generate other meaningful information.

Close event : 
This is the formal closer of event.

Keep reading for more on Service Operation Management.

Happy Reading!!!! Cheers!!

4 P of Service Strategy

Perspective, Position, Plans and Patterns: 4Ps of Strategy

In my earlier Posts, we had discussed about the ITIL lifecycle and understood that Service Strategy lies at the core of Lifecycle.

Remember, all those efforts we put in the service is only intended to provide value to customer. Service Strategy at the core actually defines a unique approach to ensure better value to customer which “Better Fit for the Purpose” and “Better Fit for the Use”. We’ll come to this word Better which is the key to success.

The value you provide to customer consistently becomes normal over a period of time. Also, the business environment keeps changing and the value you provide today may not be useful in changed scenario. Customer always want improvement with no or very low increase in cost. Market is competitive and you need to be innovative to deal with such situations. To keep yourself relevant, you need to have some distinct capabilities that can offer better value to customer. The keyword is “Better”.

There are some problems that you always need to consider while preparing the Service Strategy. One is the rapid changes in the condition in which business is operating. If you cannot cope up with changing demands, you cannot survive. Second problem is need of focus on Operational Efficiency. Even the best plan is bound to fail if it doesn't focus on efficiency. Third problem is value capture. Suppose you developed a unique service that helps your customer a lot in its business hence you captured the value. Later, observing this many other Service Providers worked in that area and offered similar of better solution. Now, you lost your distinctiveness and hence wouldn't be able to capture value.

Let’s take a closure look to Service strategy.

While making Service strategy, you need to have a clear Vision and Direction. This is the First “P” called Perspective. It describes how to interact with Customer and How to Provide the Services. A good Perspective narrows the competing alternatives and shows the distinctiveness.

Providing Value depends on Utility and Warranty. You always need to balance between these two to Position your Services. While strategizing, you need to have clarity if your services will be inclined towards Utility or Warranty. This is going to be you highlight in competition. You may choose to provide higher value services or low cost services. This part of strategy is the 2^nd “P” known as Position. Position is expressed as distinctiveness to the customer.

Now you need to plan how you are going to offer your services. For example, how we are going to ensure higher value services. This is the 3^rd “P” of Service Strategy known as Plan. Plan is the course of action within changing scenarios. This is the plan on how to achieve the Perspective and Position.

Requirements are always dynamic. Suppose you decided to provide low cost Service to you customer. With changing market conditions, you may need to keep taking decision and implement changes to your service plans to ensure that you still provide Low cost services. This is the 4^th “P” know as Pattern. This is the Fundamental way the Organization does things. This is also consistent set of activities to be performed in a defined period of time.

All these four “P”s considered together helps to make a good Service Strategy which can help the service to be relevant and be able to take care of the problems.

Types of Service Providers

      Very often people gets confused in understanding their service providers and matching it with their requirement. Understanding and distinguishing between different service providers is very important. ITIL talks about three types of Service Providers.

Type – I : Internal Service Providers::

Internal Service Provider exists within the organization servicing to single business unit. Different business function of the organizations may be the customer of the IT team.

Internal Service providers are required to operation according to the business requirement. Being part of same organization, they have a better pairing with business. For such a team, the business requirements are narrow and specific. Since these service providers need to respond to very specific need of business, they are mostly dedicated and expected to provide very high service levels. The future of Type 1 service providers totally depends upon the growth of business they serve.

Since they are totally dependent on single business unit, it poses huge risk to the Service Provider. Another issue with such providers is the wastage of capability and capacity.

Type – II: Shared Service Units::

A shared service unit again exists within the organization but they serve to multiple business units. Type –II providers mostly considered as an autonomous Unit.

In this model, scope for the Service unit widens to some extent. Now, their growth prospect is more diverse as it doesn't depend on single business unit. These service units usually charge the business units for their service and hence maintain their own profit, GM and growth. Hence they have competition with external service providers but due to the advantage of being part of same corporate, they are in position to offer lower cost to the business unit.

Alignment of Type-II service providers is bound to be little less as compared to Type –I as they have to design their services to serve multiple business units but they are very much in-sync with overall corporate targets.

Type –III: External Service Providers::

These providers exist out of the organization. Corporates or business units may need External Service providers in multiple cases like-

• Specific capability required that is provided by the Service Provider.
• Competitive Cost.
• Unavailability of Type-I and Type-II Service Providers
• Fixed cost.
• Risk Avoidance…etc

ITIL Concepts: Functions & Processes

Hi Friends,

Two very important concepts in ITIL are Functions and Processes and these are the most misunderstood concepts as well. Beginners in ITIL often get confused with these two terms. Type these terms in any Search Engine and you’ll see so many sites talking about this.

Today we’ll try to resolve this mystery..!!! R you Ready…?

Functions:

“Functions are Units of Organizations specialized to perform certain type of Work and responsible for specific Outcome”.

Functions should relate to processes for an optimum organization.

Example of a function can be Service Desk, Desktop management, Network Management, Capacity management etc.

Functions can be designed or implemented considering the specific requirements.

Functions are divided into four categories-

1. Infrastructure Function: Application Management, Capacity Management, Desktop Support, etc
2. Service Quality Functions: Access Management, Security management, IT Service continuity management etc.
3. Activity Functions: It Operations, Monitoring & Control, Stakeholder Management, Business Relationship, Configuration Management etc
4. Organization Functions: Service Desk, Technical Management, Infrastructure management etc.

Process:

“A process is a set of activities which is designed to accomplish a specific objective”

Remember:

A process can be measured with KPIs (Key Performance Indicator).  Process is supposed to provide some result to customer or stakeholder.

Seems simple and straight till now….right? Let’s take a deeper look

With above definition of process, can we say that People in an organization can follow process to achieve result…right?

Be careful…It is not the process that needs to be followed. Practically, it is procedure and work instruction that is followed by People. Process never tells what to do, when to do and how to do. These are taken care by Procedures and work instructions. Process shows the logic to construct the procedures.

If you don’t understand the process and don’t consider it while designing procedures, there will be inconsistency between procedures. This is one of the big reasons behind failure of processes in many organizations.

At the elementary level, processes are expected to ensure effectiveness and efficiency of the service delivered to customer-

Processes to ensure Efficiency-

• Contract Management: Agree with customer’s requirements
• Operations Management: Deliver what you agreed
• Recovery Management: What to do if anything goes wrong.
• Change Management: Respond to changes in environment, technology and business requirements.

 Processes to ensure Effectiveness-

• Configuration Management: Knowing the items you are using to deliver services.
• Risk management: Hurdles and Opportunities (opportunities? Yes we’ll discuss later in my upcoming posts) in delivering what is agreed.

Above processes can be divided into sub processes...

Elementary Process	Sub Process (Described as process in ITIL V3)
Contract Management	Service Catalog Management
	Service Portfolio Management
	SLM (Service Level)
Operations Management	Event Management
	Monitoring & Control
	Request Fulfilment (Service Requests)
Recovery management	Incident Management
Configuration Management	Asset Management
	Configuration Management
Change Management	Change management
	Release & Deployment Management
	Service Validation & testing
	Transition Management
Risk Management	Problem Management
	Improvement Processes
	Service Measurement and Reporting

Great…So this is the resolution to the mystery… I have tried my best to clarify this concept. Please write to me if you have any query.

Utility and Warranty: The Value Enablers

Dear Friends,

This blog about ITIL concepts has become and integral part of my life and I really missed it last three days. There were some personal commitments and I could not make it. Anyways, let’s move ahead.

In my last post, we discussed what ITIL says about Value creation for the customer with the combination of Utility and Warranty. What if we want to increase the value for customer? Simple…!!! Increase any of these and you enjoy the increase in Value….right? NO…Remember, alone utility and warranty are insufficient. Hence we need to increase both in order to achieve higher Value for customer.

Ensuring Utility is quite easier to understand. You only need to ensure that you take proper understanding of the customer requirement (Coffee or Cold Drink) and provide that. Although  it may not be that simple.

How do we ensure Warranty? There are certain pointers for that.

1.       Availability: Service is available to the user when he needs it (in an agreed manner). This is the most visible aspect. Hence Availability management is the most critical aspect of value creation in Service Delivery.

2.       Capacity: Service with required quality is able to support up to an agreed level of demand. Suppose a service has been created to support 100 concurrent users. Everything is fine up to 50 concurrent users but slowness is observed if users increases. It means that although the service is available, its capacity is not sufficient.

Capacity becomes important where Utility arises from sharing of resources. Hence Capacity management is critical.

3.       Continuity: This ensured that Services are continued even in case of disruption or failures. Another important aspect of the continuity ensures that services backs to normalcy within the agreed timelines in case of any failure. Continuity is assured with redundancy. E.g. using cluster of servers.

4.       Security: It assures the secure utilization of services. Security supports the previous three aspects of warranty.

So…How do we create value? If we want to create value by providing services to customer, we definitely need to have Capability and we need to have Resources. Resources and capabilities are assets used to create value.

Resources are the direct inputs and Capabilities are the Organization’s ability to coordinate, control, manage and deploy resources to produce value. Management, Organization, Knowledge, People etc are used to transform resources into value.

Capabilities => Management      Organization      Process             Knowledge         People

Resources => Financial Capital    Infrastructure    Applications       Information        People

Did you observed something? “People” is the part of Capability and Resources both. Why? Because of its skills it is part of capability and because of its ability to produce results, it s part of resource. Clear? Not yet? Let’s take an example-

Suppose you are given with the process to make toys by hands. You can have document on method to make a toy but to make that toy; you need money, infrastructure and a person to make it. Similarly if you have money, infra etc; you need to know the process (method) to make the toy. Now “People” with knowledge of making toys may act as capability (knowledge & method) and Resource (hands) both. Hope this example clarifies the concept.

Cheers and Happy reading.

Service: Game of Utility & Warranty

What is Service

A Service is a means of delivering value to customer by facilitating outcomes customers want to achieve without the ownership of specific Cost & Risk.

A customer may or may not be having expertise in a field where he needs some outcomes for example; A Software Company with huge Datacenter may need an insurance of its datacenter devices against any hazard. Cost of replacing all devices and setting up the Datacenter by itself is going to cost very high and the associated risk will also be very high (due to lack of experience) which the company may not want to own. Hence it will seek service from an insurance company.

Let us return to the definition of Service again. It talks about delivering value. Hey! What is that? I can deliver value to my Customer through my Services if Customer can get benefited from my Service. But how to ensure that? Wait…It’s simple…Only 2 things you need to take care-

• Is my service actually what customer needs? You cannot help your customer with a cup of tea if he is feeling thirsty and looking for cold drink. This criteria we call “FIT for PURPOSE”
•  Is my Service available when my customer needs? My Customer needs Cold Drink and I have it but not at the time he was feeling thirsty but hours after that. This simply meant that I had the required service in my kitty but still I could not help my customer. So…Service Must be “FIT for USE”.

Means.....Right Service at Right time in right form create Value for Customer

We call Fit for Purpose as Utility

&

Fit for Use as Warranty

Utility: 

This is what Customer gets. The attributes of Services that has positive effect on task associated with desired outcome.

Warranty: 

How it is delivered. Availability of Positive effect when it is needed.

As Utility is expected to improve the positive effect of a task, we can see that it actually improved the probability of getting better results i.e. Performance Average.

As Warranty ensures that desires performance will be available when needed, it actually reduces Variation in the performance.

Both Utility & Warranty togather results into better performance average with least deviation i.e. Value created for customer.

Cheers..!!!

ITIL Volumes and Processes

My today's post is an extension to the yesterday's discussion. Today we’ll take a closure look towards each part of Service Life Cycle and its processes.

I.                    Service Strategy: Think WHY to do before HOW to do

Service Strategy is the first volume of ITIL which guides us how to design, develop and implement service Management so that it becomes the capability and an asset of organization.  Service strategy ensures that organization can handle the cost and risk associated with the Service Portfolio. Service Strategy is also aimed for Operational Effectiveness and Distinctive Performance.

Major Processes coming under Service Strategy are-

a.       Financial Management: How to allocate budget to keep it aligned with Organization’s Goal.

b.      Service Portfolio Management: Portfolio of Services.

II.                  Service Design: HOW to turn strategy into Capability

This volume of ITIL guides us about Design and Development of Service and Service Management Processes. Service design converts Strategic Objectives into Portfolios of Services and Service Assets.

Major Processes of Service Design are-

•  Capacity Management : Plan capacity so that it can provide desired Output.
•  Availability management: Ensure Services are available to business.
•  IT Service Continuity Management: Ensure Services can be resumes within acceptable time.
• Supplier Management: Suppliers meets the expectation
• Service Level Management: All Service Level Requirements are met.

III.                Service Transition:  Turn Capability into Service

This part of ITIL volumes guides us about Development & Improvement of capabilities for Transitioning new and changed Services into production (or Operation). This is actually realization of designed services.

Major processes of Service Transition are-

• Configuration Management: Managing all Configuration Items.
• Change Management: Implement the required changes.
• Release Management: Changes released to Production.

IV.                Service Operation: Business as Usual

Service Operation as per ITIL focuses on practices for managing the operation of Services. It ensures effectiveness and efficiency of Service Delivery.

Major Service Operation Processes are-

• Event Management: Manage the event happening during the operation.
• Incident Management: Handle degradation or disruption to the Services due to know issues.
• Problem Management: Root Cause Analysis of the cause of issue to prevent future incidents.
• Service Request Fulfillment: Fulfill Service Request which are mostly very low risk changes
• Access Management: Grant Access to Authorized and stop Unauthorized users.

V.                  Continuous Service Management: Let’s make it better

This volume of ITIL focuses on improvement of services by combining Principles, Practices and Methods of Quality Management, Change Management and Capability Improvement. It is majorly based on Plan-Do-Check-Act Model (also known as Deming Cycle).

The major process is-

• Service Reporting and Measurement. You cannot improve if you don’t measure it.

      Dear Readers: Today we discussed the meaning of each of five volumes of ITIL and the processes covered. Please let me know if it was able to fulfill your expectations. Your feedback is a valuable resource to improve the contents.

ITIL Processes

ITIL Processes

In my last post, we talked about ISO Groups and Service Delivery Processes. Here we’ll see how ITIL lifecycle is designed and how processes fit into it.

Before we look at ITIL lifecycle and its processes, let’s understand what process is-

“Process may be considered as a closed loop system with multiple activities and feedback system that utilizes feedback for self corrective action.”

Processes and ITIL Framework

ITIL consists of two parts known as ITIL Core and ITIL Complementary Guidance.  ITIL core takes a holistic view towards IT Service Management providing a complete solution which acts as a best practice guidance for providing IT services to Business.

ITIL Complementary Guidance provides guidance specific to Industry Sectors, Organization Types, Operating Models and Technological Architecture.

ITIL Core may be described as below

The processes are arranged between Service Strategy, Service Design, Service Transition, Service operation and Continuous Service Management as under-

Service Strategy

·         Financial Management

Service Design

·         Capacity Management

·         Availability Management

·         IT Service Continuity Management

·         Supplier Management

·         Service level Management

Service Transition

·         Configuration Management

·         Release Management

·         Change management

Service operation

·         Event Management

·         Incident Management

·         Problem Management

·         Request Fulfillment

·         Access Management

Continuous Service Management

·         Service Reporting and Measurement

ITSM and Delivery Processes

          In my last post, we talked about two parts of ISO 20K and ten sections of Part one. Now we’ll take a deep dive into the Part one and its sections.

Part one of ISO 20K is something that is must to have and all specifications of this part must be complied by the Organization to be ISO 20K certified.

Part two is based on best practices and we’ll discuss about it later.

Basics of IT Service Management and Service Delivery Processes

There are four Attributes on which IT Service Management (ITSM) depends. These are People, Processes, Products and Partners.

People: Takes importance of External Suppliers into account.

Product: Talks about Hardware, Software, Tools, Budget, IT Services etc.

People: This is concerned about the skills; the IT Staff.

Process: This ensures service delivery based on the process flow.

An appropriate Managed IT service is one which ensures that all these four attributes are taken into account.

Let’s take a deeper knowledge about Service Management Processes.

There are 5 major groups of processes. Each group consists of one or more processes. These processes and groups may be shown as below-

               

In my next post, we'll see a comparison and relation between ISO Standards and ITIL Framework.