ITIL TRAINING “Flash-Cards”

Note: This is a set of “flash-cards” put together to help you study for the ITIL
Certification exam. The information was taken from existing material,
presentations and sample tests. Please use in conjunction with the attached
slides. Hope it helps!

• ITIL = Best practices for “IT Service Management”

• “IT Service Management” monitors the “IT Service Process”
• Describes goals, activities, inputs and outputs of processes
• Not a “Standard” – only best practices – Library of books to hold these practices
• Standards will vary from organization to organization to create “Best Practices”
• “Open Approach” framework that provides “Guidance”
• Allows for significant “Cost Reduction”
• ITIL Fundamentals deals with “IT Service Management”
• “IT Service Management” aligns IT Services with the needs of the business and its
customers, continuously improves the quality of IT Services and reduces the long term
costs of IT Services.
• IT Services are specific functions provided such as e-mail, printing, Internet, etc.
• “System Management” configures and manages computer resources
• IT INFRASTRUCTURE: All components employed to deliver IT Services (HW, SW,
people, documentation and physical facilities
• “IT Service Management” is divided into two (2) main processes – SERVICE SUPPORT
PROCESS and SERVICE DELIVERY PROCESS. A third division has now been created
from Service Delivery called SECURITY MANAGEMENT
• Each process is sub-divided further into MANAGEMENT areas
• A CUSTOMER is the person paying for the IT Service
• Customer Relationship Management is the process to liaison with customers
• Users are the persons using the IT Service
• Process Owner (WHAT) responsible for the goals and results of the process
• Process Manager (HOW) responsible for the design and structure of the process
• Process Operatives (WHO) responsible for conducting defined activities in the process
• DEMING QUALITY CYCLE: Plan, Do, Check, Act.
• SPOC = Single Point of Contact – function of the Service Desk
• Configuration Items – (CIs) – Any component subject to Change Control under the
control of the CMDB
• CI level: The degree of detail that defines an individual CI
• CMDB = Configuration Management Database – Tracks and records all CIs –
Relationships
• Scope: The amount of CIs tracked in the CMDB
• Depth: Level of decomposition that will be done from a high level CI to its lowest level
component CI. (Ex. Record PCs vs. recording their components – results in a “deeper”
CMDB
• Attributes: The unique details of a CI
• Relationships: Describes the unique details of a CI
• Baseline: A snapshot that allows for a rebuild or back-out procedure
• SERVICE SUPPORT PROCESS:
o Service Desk (a function not a process)
o Incident Management
o Problem Management
o Configuration Management
o Change Management
o Release Management
• Service Desk: is a FUNCTION not a process that acts as a SPOC to handle incidents and
requests effectively and efficiently. Part of Configuration Management and is the liaison
between users and the providers of the Service
• Service Desk Activities: Receive and record all calls from users, initial incident
assessment, monitors incidents to meet expectations, keeps users informed, and provides
management information
• Service Desk Models:
o Local: Located with the users that it serves in only one location
o Central: Supports multiple geographic locations from a single point
o Virtual: May be located at multiple geographic locations, but appears to users as a
single entity. All locations have access to all information – 24X7 – “Follow the
sun” coverage
• Service Request: MINOR requests that do NOT require investigation and where
knowledge engineering (KE) is available, ex: re-setting passwords, creating e-mail
account, etc. The change must be easily made under previously, well-defined, strict
procedures.
• CONFIGURATION MANAGEMENT: Provides a logical model of the IT Infrastructure,
controls the IT Infrastructure by recording relationships and attributes in the CMDB. It is
NOT Asset Management. It controls CIs, Incidents, Problems, Change and Release
Management. It is responsible for planning, identification of CIs, Control of CIs, status
accounting, verification and audit of the CMDB records and ensures that the CMDB is
always updated
• CONFIGURATION MANAGER: Has specific functions in CHANGE MANAGEMENT,
which are:
o Initial recording of the RFC
o Updates change record – every step of progress
o Informs users on a regular basis
o Issues new RFCs when necessary
o Closes RFC and updates final record (PIR)
• Incident: anything that causes or may cause interruption in service and is not a part of the
operation of a service
• Incident Management: Provide continuity by restoring normal services as soon as
possible and accumulate meaningful information related to the incident
• Impact: Degree to which services are interrupted
• Urgency: How urgent normal operation must be restored
• Prioritization: A value given to an incident to indicate its relative importance to other
incidents. Determined by looking at impact and urgency
• Expected Effort: Amount of resources, time and cost needed to restore normal operation
• Escalation: Mechanism to facilitate timely resolution of interruptions
• Functional Escalation: Escalation within the technical arena
• Hierarchical Escalation: Escalation through management
• The role of SERVICE DESK in INCIDENT MANAGEMENT:
o Primary role, records and updates incidents, keeps users informed and updated
and is the SPOC
o Owns, monitors, tracks and communicates incidents
o Detection and Recording – issues incident tracking number
o Classification and Support – categorization and prioritization based on impact and
urgency
o Investigation and Diagnosis – analyze and attempt resolution
o Resolution and Recovery
o Closure – confirms and records resolution with user
• Problem: unknown root cause of an issue with multiple incidents
• Known error: When the root cause of an incident has been determined
• Work around: Temporary solution
• Known error database: Database in which solutions to known errors are kept
• PROBLEM MANAGEMENT: Analyzes all incidents, but does NOT investigates all
incidents. Designed to reduce the adverse impact of incidents and problems on the
business and to prevent recurrence of incidents related to errors within the IT
Infrastructure.
o Controls Problems and Errors
o Assists in the handling of major incidents
o Performs Root-cause analysis
o Resolves problems effectively
o Proactive in the prevention of problems
o Completes major problem reviews
o Uses lessons learned
o Identify, record, classify/categorize, diagnosis/investigate, resolve/close problems
o Record, categorize, develop solution, submit RFC, confirm solutions
• Problem Control: Identification, recording, classification, diagnosis, resolution and
closure
• Error Control: Identification, recording, assessment, resolution, recording, RFC, closure
• Interrelationships within Problem Management: Incident, problem, known error, RFC,
closure
• Change: Any action that results in the change in status of a CI
• Request for Change (RFC): Details a requested change
• Standard Change: Pre-approved, recurring and well known change
• Minor Change: Minimal impact and requires few resources
• Significant Change: Significant impact and/or requires significant resources
• Major Change: Major impact and/or requires major resources – typically impacts multiple
parts of the organization
• Urgent change: Immediate change required – testing is optional
• CAB – Change Advisory Board: Group of IT representatives with decision authority
responsible for reviewing the technical and business aspects of proposed changes (high
impact RFCs)
• CAB Emergency Committee: Also known as IT Emergency Committee (ITEC) - Subset
of CAB in an emergency meeting to review urgent, high impact changes
• Management Board: Management group that approves major changes
• Forward Schedule of Changes: Schedule of approved changes
• CHANGE MANAGEMENT: To minimize the occurrence of change-related incidents
o Acceptance and filtering of RFCs – Approve / Reject
o Classification – Assigns priorities based on Impact and Urgency
o Change Approval – Change Manager / CAB / Management Board
o Change building, testing, implementation
o Post implementation review – Solution Confirmation
• CHANGE MANAGER: Coordinates implementation of Changes (RFCs) and issues the
final PIR.
• Release: Collection of authorized changes that are tested and introduced into production
together. Implementation of RFCs (Fixes /Enhancements)
• Release Policy: Rules for release implementation
• Release Unit: Portion of the IT Infrastructure normally released together (Fix-Pack for
example)
• Full Release: All (CIs) components updated
• Delta Release: Only makes changes to certain (CIs) components
• Package Release: Combination of full and delta releases, or a set of HW and/or SW
release units introduced into production together – Reduces frequency of changes
• DSL – Definitive Software Library: Secured physical library where quality controlled
versions of all software CIs are stored – Tracked in the CMDB
• DHS – Definitive Hardware Store: Physical storage for hardware spare parts whih are
equivalent to those currently in production
• RELEASE MANAGEMENT: Ensures success of large scale changes and works closely
with the change manager to maintain CMDB accuracy.
o Interacts with CMDB and DSL
o Updates Configuration Management with details
o Functions in three distinct environments:
 Development Environment: Apply release policy, plan for release, develop
or buy software (confirm, plan, design, develop)
 Control and Test Environment: Build and configure, test release, release
acceptance, plan for roll-out, communicate, train, and prepare for roll-out
(build, configure, test, plan, communicate expectations)
 Production (Live) Environment: Distribute and install release
• Service Delivery Process:
o Service Level Management
 Availability Management – Availability Management
 Capacity Management – Capacity Management
 Continuity – IT Service Continuity Management
 Cost – Financial Management of IT Services
o Primary interface between Service Delivery Process and the customer – negotiates
with the customer
o Measures and reports
o Balances customer requirements with the capabilities and cost constrains of the
provider
 o Proactively improves IT Services within imposed cost constrains
o Aligns IT Services with business objectives
o Maintains and improves IT Service quality trough a constant cycle of agreeing,
monitoring, reporting and reviewing IT achievements
o Produces, maintains and reviews the Service Catalog
• (SLA) - Service Level Agreement: Between the IT Service provider and customer that
defines expectations and requirements by both parties:
o Customer-based: One customer, multiple services
o Service-based: Multiple customers, one service
• SLA Structures: types of SLAs that exists
• (OLA) – Operational Level Agreement: between the IT Services provider and an
INTERNAL department that supports them
• (UC) – Underpinning Contract: with and EXTERNAL organization who plays a role in
delivery of IT Services to the IT service provider’s customer
• Service Level Requirements: List of specific requirements from the customer that goes
into the SLA
• Service Catalog: A menu of the services provided by an IT service provider
• Service Improvement Program: Project undertaken by the service level management that
focuses on customer satisfaction in IT service delivery
• Multi-level SLA structure:
o Corporate level – generic issues that apply to every customer within the
organization
o Customer level – all issues that relate to a specific customer group
o Service level – all issues that relate to a specific service being used by a customer
• Components of a SLA:
o Service Deliverables
o Response times
o Targets
o Hours of service
o Critical business periods and exceptions
o Customer responsibilities
o Provider responsibilities
o Review dates
o Results review
• Availability Management: Optimize the capability of the IT infrastructure and supporting
organizations to deliver a cost effective and sustained level of availability to satisfy
business objectives
o Deliver sustained, cost-effective services
o Collect, analyze, and report availability data
o Proactively develop strategies for future requirements
o Determine requirements
o Create a plan
o Implement and monitor the plan
o Monitor external suppliers against the SLA and UC
o Minimizing un-availability
o Implements security policies developed by Security Management
• Availability: % of the service hours that a service is available
• Reliability: Freedom from operational failure
• Maintainability: Ability to be restored to an operational state
o Corrective: Repair AFTER disruption
o Preventive: Repair or maintenance to PREVENT disruption
o Inspective: Prevention of disruption
• Serviceability: Ability to get service when needed, even when third party is involved to
provide service
• Resilience: Ability for service to function even though not all components are functioning
correctly
• Security: Ensures that services are used by the proper people in the proper way
o Confidentiality
o Integrity
o Availability
• (AMDB) – Availability Management Database: records availability data and produces
performance metrics
• Incident Life Cycle: as it relates to availability –
o DOWNTIME: Meantime to repair
o UPTIME: Meantime between failures and/or meantime between system incidents
o Availability is calculated against unplanned outages
• Capacity Management: Ensures that IT resources meet the needs of the evolving business
in a cost effective manner, understands the current capacity performance and knows the
capacity status of individual components. It has overall responsibility for performance,
and is focal point for IT performance and capacity issues
o Business Capacity Management: Current and future needs of the business
o Service Capacity Management: Monitors performance within the SLA guidelines
o Resource Capacity Management: Focuses on individual resources and emerging
technologies
• Capacity Planning: Current and future needs of the business
• Modeling: Predicts future consumption (trend analysis)
• Application sizing: Estimates requirements to support new and changing applications
before they are introduced into the environment
• Demand Management: Arranges with users to use certain services only outside peak
periods
• Performance Management: Ensures the best use of current capacity is being utilized
• Workload Management: Monitoring workloads
• Continuity Management: Ensures that the required IT technical and service facilities can
be recovered within required and agreed upon business time scales
o Concerned with significant outages
o Reduce the impact of disaster or major outages
o Prevent loss of customer confidence
• Business Continuity Management: Anticipation and preparation for disaster recovery
(business function)
• IT Service Continuity: Focused on continuity of IT services
• Crisis: When service is unavailable for periods longer than defined in the SLA
• Risk: Likelihood of business disruption and the loss from that disruption
• Risk Analysis: Assets, threats, vulnerabilities
• Risk Management: Countermeasures –
o Prevention & Protection
o Recovery & Restoration
• Recovery or Countermeasure options:
o Do nothing (not good for critical services)
o Manual back-up or workaround (minimal use of technology)
o Reciprocal arrangement (organizations back each other up during emergencies)
o Gradual recovery – Cold Standby – empty room with power to install equipment
o Intermediate recovery – Warm Standby – 24-72 hours – equipped room –
frequently outsourced
o Immediate recovery – Hot Standby – 0-24 hours – mirrored data equipment – can
be outsourced
• Disaster Recovery Plan
o Should be tested initially, annually and each time the plan changes
o Invoked by senior management
o The biggest challenge is that this type of plan can be costly for something that
may never happen
• IT Financial Management: Monitor and fully account for all expenditures, make costs
apparent, and enable allocation of service costs by justifying proper charges to customers
• Direct costs: Costs related to a specific group or customer
• Indirect costs: Costs related to several customers
• Fixed costs: Costs that don’t change
• Variable costs: Costs that do change depending on situation and/or use
• Capital costs: Equipment, servers, routers, etc.
• Operational costs: Day to day operations
• Cost model: Framework for recording costs of an IT service provision. Allows specific
charging
• Budgeting & Accounting: Ensures that correct finance is available and not over-spent.
Predicts costs, accounts for expenditures
• Charging: Recover costs from customer – requires cost model
• Security Management: Protection of any IT function or data from unauthorized access,
minimize security exposure or vulnerability, reduce impact of security breaches, and
develop security policies that can be implemented by Availability Management.