- Conduct the detailed service planning
- How will it be supported?
- How will it be tested?
- How will future development occur?
Service design is complete when we have a plan:
- Detailed
- Comprehensive
- Effective (not necessarily efficient)
- Agreed upon by stakeholders
Key takeaway: detailed blueprint of the service, including:
- Components of the service
- Identify if resources will be shared with another existing service
- Test plan
- Support plan
- Future development plan
- To provide guidance on the design and development of both the services and the service management practices
- To ensure the services meet the current and future needs of the business
- Coordinate Design Activities - Use required resources as efficiently and effectively as possible
- Policies and Standards
- Produce policies that are subordinate to the Service Strategy policies
- Should be developed alongside existing local policies in the organization
- Forward-compatible design - Ensure new or changed services may be developed or improved in the future easily
- Plans - Produce or maintain plans/infrastructures/documentation for IT service design
- Costs - Control the long-term costs associated with service provisioning
- Service Management System - Efficient and effective method to manage a given service
- Security and Resilience - There are always trade-offs.
- Efficiency of effort - reduce the requirements for upgrades to a given service
- Skills and capabilities - develop among personnel, functions, and processes
- Service solutions - services being designed or changed using a structured approach
- MIS and tools
- Service Portfolio
- Service Knowledge Management System
- Configuration Management System
- Technology and management architecture
- Technical aspects of IT infrastructure
- Align the mangagement strcuture with the existing business processes; business needs come before technology
- Processes - all 26 must be designed properly
- Measurement methods and metrics - develop the list of metrics that will need to be measured (what, how, and how often?)
- People - provide, use, or benefit from the service
- Processes - consider all 26 processes during design of a service
- Products - services, technology, tools
- Partners - people and organizations that help provide service (manufacturues, suppliers, vendors, etc.)
- Key output of Service Design phase
- Part of the formal migration from Service Design to Service Transition
- Blueprint to guide Service Transition
- Detailed requirements for operation and continual improvement
- For Service Retirement - Verifies there are no outstanding dependencies
Parts of the SDP
- Business Requirements - Why do we need this service?
- Functional Requirements - Is the service fit for purpose? (utility)
- Operational Requirements - Is the service fit for use? (warranty)
- Service Level Requirements - Details the desired level of warranty.
- Used to negotiate Service Level Agreements to specific quality and service targets to achieve
- Design Topology - Definition of the service (hardware, software, documentation, processes, metrics, reports)
- Organizational Readiness Assessment - Builds on top 5 requirements, determines ability to adequately support the service.
- Finance, tech, resources, employee skill sets, capabilities of suppliers
- Service Transition Plan - How to build, test, and deploy a new or changed service.
- Acceptance Criteria - What defines success?
- Service Program - Draws all parts together into phasing and timelines for transition, operations, and Continual Service Improvement.
No service can move from Design to Transition without a formally accepted SDP.
Ensures the objectives of the Service Design phase are met. It is a single point of coordination for all processes and activities in the phase.
- Monitory activies for consistency
- Ensure SDPs conform to standards
- Manage migration of services to Service Transition
- Ensure design conforms to needs
- Improve processes through process owners
- Review and improve processes and activities
- Create and maintain framework for activities
- Guide and support new services
- Manage the progress
- Utility and warranty requirements are addressed
Design Coordinator's challenges
- Must resolve conflicting demands for shared resources
- Must ensure quality of SDPs
- Must meet customer's expectations
A service catalog is a list and definition of all services available.
- Manage structure and contents of catalog
- Ensure catalog is correct
- Check any changes to the catalog
- Ensure access to the proper people
- Should be widely available (usually)
Service descriptions
- concise
- speaks to service, not an application
- written in plain language
Configuration Management System (CMS)
- Provides overview and lists important features
- Contains detailed info on the components of services
- Service catalog can be derived from the CMS
Simple service catalog - maxtrix of available services
Service | Students | Instructors | Sales | Payroll |
---|---|---|---|---|
Web browsing | x | x | x | x |
x | x | x | x | |
Paycheck printing | x | |||
IT Service Desk | x | x | x | x |
Business or customer service catalog - identifies business processes supported by the services (details can include service hours, SLA info, escalation paths, etc.)
Process A | Service 1, Service 2 |
Process B | Service 2, Service 3, Service 4 |
Process C | Service 4 |
Technical or supporting service catalog - covers infrastructure, applications, and outsourced services
Process A | Service 1, Service 2 |
Process B | Service 2, Service 3, Service 4 |
Process C | Service 4 |
Service 1 | Supporting Services 1 & 3 |
Service 2 | Supporting Services 1, 2, & 3 |
Service 3 | Supporting Services 2, 3, & 4 |
Service 4 | Supporting Services 3 & 4 |
Alternate Views: Three-View - split by user-facing, business-business, and technical/supporting
Ensures all current and planned IT services are delivered to agreed-upon targets
- What metrics are we collecting and comparing our performance to?
- What utility and warranty were promised?
- Are targets measureable, achievable, and relevant?
SLM Cycle
- Negotiate
- Agree
- Monitor
- Report
- Review
Three Key SLM Documents
- Service Level Agreement (SLA)
- Formal written agreement between IT provider and customer with key targets and responsibilities of both parties
- Not a contract
- Operational Level Agreement (OLA)
- Formal written agreement between two parts of the IT provider
- Internal, not customer-facing
- Underpinning Contract (UC)
- Legally binding agreement
- Negotiated by supplier management
Service Reviews
- Monthly - service manager and customer management
- Quarterly - service owner and customer's equivalent
- Annually - top-level management
SLA Charts
- Red, amber, green (RAG) - color-coded metrics
- Stoplight chart
Service Improvement Plan
- Formal plan for implementing improvements (yellows and reds)
- Fed back into Continual Service Improvement (CSI) phase
Service Level Agreement Structures
- Service-based structure - each service has an SLA regardless of number of users
- Customer-based structure - each customer has its own SLA regardless of the number of services
- Multilayer structure - corporate layer, customer layer, and service layer SLAs
- Most common type
SLA Types
- Type I - between internal provider and internal customers
- Type II - Between type I service provider and type II service provider in the same organization
- Type III - Contractural SLA as an appendix to a business contract
Ensure the capacity of IT services and infrastrcutre meets the agreed capacity and performance-related requirements in a cost-effective and timely manner. Concerned with meeting current and future needs.
3 Subprocesses
-
Business Capacity Management
- Aligns CM to business plans
- Translates requirements into services and infrastrucutre
- Coordinates with Business Relationship management
-
Service Capacity Management
- Ensures services underpin the business processes and outcomes
- End-to-end performance of services and workloads
- Coordinates with Service Portfolio management
-
Component Capacity Mangagement
- Ensures appropriate understanding of techincal components
- Data analysis techniques for maximizing value
- Coordinates with CM
-
Reactive Activities - Monitoring performance and responding to specific performance issues
-
Proactive Activities - Use data to make changes to prevent performance issues
- Optimize performance, find new technologies, and produce/maintain the capacity plan
Demand Management
- Service providers don't build to peak capacity
- Level the peaks through business practice changes
- Understand patterns of demand
- Constraints on high-demand periods could be financial or physical
Capacity Plan - byproduct of CM process
- Current and historic use levels and performance
- Forecasts capacity changes
- Lists assumptions
- List of recommendations with costs
Importance of Capacity Plan
- IT Director uses it to make decisions
- Balances supply vs demand and cost vs resources
- Can my current infrastructure support a new service?
Ensures IT availability meets the agreed-upon, current and future availability needs of the business in a cost effective and timely manner.
4 Aspects of Availability (ARMS)
- Availability - Does the service perform its function as required?
- Reliability - How long can it function without interruption/breaking?
- Adding redundancy and resiliancy helps reliability.
- Maintainability - How quickly and effectively can it get back to normal after a failure?
- Serviceability - Can a supplier provide their contractual targets for A, R, and M?
- Maintain oversight that third parties are doing their duty.
Two types of availability
- Service availbility - end-to-end service experienced by end user
- Component availability - each individual piece that together provides the end-to-end experience
Customer Satisfaction is derived from service availability (measured in SLAs) and meeting the targets in the service catalog.
- Under-promise and over-deliver
When Things Break
- How you react to failure is important.
- Things will break so be honest.
- Take swift action to get it back online.
Primary Focus Area
- Service availability, not component availability
- End-to-end experience is more important than individual components
- Identify critical business services and make sure your SLA targets them
Be Proactive - Prevent issues before they happen
- Identify weakest links and bottlenecks
- Change early because changes cost exponentially more as services are in operation
Reactive Functions - monitoring current availability during service operations. (Help desk)
Proactive Functions - analyze reliability and maintainability to take actions to provent future issues.
- Ensure infrastructure is budgeted and planned
- Find new components with better reliability and maintainability
- Produce and maintain availability plan
Risk should be identified, analyzed, and managed.
Risk Identification
- Look over all resources and capabilities that enable services
- Single points of failure
- Poor skills
- Unreliable sources
Risk Analysis
- Analyze and measure vulnerabilities identified
- Determine their impact
- Prioritize them
- Indentify the vital business function
- Understand what is necessary and what is "nice to have"
Risk Management (three options)
- Remove or avoid (do something different)
- Mitigate (add redundancy)
- Accept (risk is low enough, not worth worrying about)
A matrix that shows what services are affected by what components
- Procedure to identify single points of failure using Boolean logic.
- Useful for identifying challenges and issues, but doesn't provide a solution
A post-mortem using incident data
- Mean Time Between Failures (MTBF)
- How long on average can a certain component run before a failure will occur?
- Measures uptime and reliability
- Mean Time to Resore Services (MTRS)
- How long can a service be restored after a failure?
- Measures downtime and maintainability
- Mean Time Between System Incidents (MTBSI)
- How often are services disrupted?
- Measures overall reliability
MTBSI | |
MTRS | MTBF |
Downtime's 5 Steps
- Detect the incident
- Diagnose the fault or root cause
- Repair the issue
- Recover the component
- Restore the service
Overall Goal: Improve MTBF
- Auto-detect issues
- Run diagnostics
- Pre-position spare components
- Configuration guides
- Restoration checklists
- Measure services from the end-user perspective in %
- Percentages only measure uptime vs downtime, not amount of effort on your end.
Support the business continuity management (BCM) arragements by managing risks and disaster recovery.
- Risk analysis focuses on likely events
- ITSCM looks at unlikely but conceivable events
Initiation
- Agree on a policy
- Set the scope
- For a project
- Get the resources
Requirements and Strategy
- Conduct business impact analysis with customer
- Determine critical business services
- Consider possible events (disaster, terrorism/cyber attack, staff illness/loss)
- Develop a plan for the events
Implementation
- How will we execute the plan?
- Risk mitigation steps
- Publish and test your plan
Ongoing Operation
- Keep the plan updated
- Train the staff on the plan and test periodically (ISO 22301)
Aligns IT security with business security
The CIA Triad
-
Confidentiality (data is available on a need-to-know basis)
-
Integrity (data/services are complete and accurate)
-
Availability (customer accesses the data they are authorized to)
-
Relevant to Availability Mangagement
-
Plan in Service Design
-
Test in Service Transition
-
Monitor during Service Operation
Information security is important when you outsource
Ensure good service from the right suppliers
- Follow contract management's policy
- Produce an enforceable supplier policy
- Maintain a Supplier Contractor Management Information System (SCMIS)
- Categorize suppliers and contracts
- Undertake risk assessments on contracts
- Negotiate/manage contracts
- Manage performance of suppliers
- Ensure subcontractors are managed openly by prime supplier
Suppliers
- Strategic suppliers - involve senior managers and sharing long-term plans
- Tactical suppliers - commercial activity and business interaction
- Operational suppliers - supply operational services
- Commodity suppliers - provision of low-value products
- Which of the following should be elements of the service design package (SDP)?
Service level requirements (SLRs), a plan for the transition of the service, criteria for deeming tests to be successful, and an assessment of teh readiness of the organization to use the service. - Which of the following is NOT a Capacity Management subprocess?
- Continuity Capacity Management
- Business Capacity Management
- Component Capacity Mangement
- Service Capacity Management
- What is NOT a purpose of Availability Management?
- To ensure business continuity plans are negotiated
- To ensure that service availability matches the targets in the service level agreement (SLA)
- To consider how quickly a service can be returned to its agreed-upon functionality
- To assess the impact of changes on teh availability plan
- Which process is concerned with managing the risks to services?
- Service Portfolio Mangement
- Availability Management
- Service Catalog Management
- Design Coordination
- What process would be most likely to provide expertise in resolving issues regarding the performance of services and components?
Capacity Management - Which one of the followin is an objective of Design Coordination?
To review, measure, and improve the performance of all Service Design activities and processes - Which of the following statements about the Supplier Management process is correct?
Supplier Management maintains information in a supplier and contracat management information system - Which of the following areas would be assisted by the use of appropriate technology?
Hardware, Software, Environmental, and Process design - Which of the following is NOT a recognized layer in a multilayer Service Level Agreement?
- Customer layer
- Service layer
- Corporate layer
- Configuration layer
- What are the 4 Ps of Service Design?
People, processes, products, and partners - Which is NOT a responsibility of Service Catalog Management?
- Ensuring that all live services are recorded in the Service Catalog
- Ensuring that the contents of the Service Catalog are accurate and up to date
- Ensuring that the SLAs are kept up to date
- Ensuring that it includes all services that are being transitioned or have been transitioned into the live environment
- Which process is responsible for reviewing operational level agreements?
Service Level Management - Which of the following is the BEST description of a service level agreement?
Written agreement between the service provider and the customer defining key targets and the responsibilities of both parties - Which organizational roles or people should be able to read the information security policy?
All customers, users, and IT staff - When considering the 4 Ps of Service Design, what is the BEST description of the 4 Ps listed below?
Four major areas to be considered during service design