1.

How does ITIL help to reduce costs and minimize total cost of ownership (TCO)
for IT investments?
IT investments and staff always find that they break their work timelines. This happens
since the unscheduled work always takes priority over the work that is planned. ITIL can
help an organization stop this continuous cycle and can therefore, help employees
focus on the Total Cost of Ownership (TCO) and other activities in their department.
2. Who decides the categorization of a proposed change within an ITIL compliant
Change Management process?
It is the task of Change Manager
A Change Manager will plays a key role in ensuring that the projects (change initiatives)
meet their objectives within timelines and said budgets by increasing employee
adoption and usage. This person will focus on the people’s side of change, including
changes to business processes, systems and technology, job roles and organization
structures.
3. After a Change has been implemented, an evaluation is performed. What is this
evaluation called?
It is known as Post Implementation Review (PIR)
PIR is an assessment and review of the complete working solution. It will be performed
after a period of live running, sometimes after the project is completed.
The Post Implementation Review is used to evaluate the effectiveness of system
development after the system has been in production for a specific period (usually 6
months). It is a free-form report, and not all sections are relevant or necessary to the
final product. A description of the Post Implementation Review Report is always
attached.
4. What ITIL process ensures that the organization is aware of new and changing
technology?
Capacity Management is responsible for ensuring that the organization is aware of new
and changing technology. It is the discipline that checks and verifies that IT
infrastructure is provided at the right time in the right volume at a right price with utmost
efficiency.
This involves input from many areas of the business to identify what services are (or will
be) required, what IT infrastructure is required to support these services, what level of
Contingency will be needed, and what will be the cost of this infrastructure.
5. Suppose a Service Level Manager requires confirmation wherein the internal
Service Desk can answer a certain percentage of calls within 10 seconds. In what
document would the Service Desk’s agreement to this requirement be recorded?
An operational level agreement (OLA) is a contract that defines how various IT groups
within a company plan to deliver a service or set of services. OLAs are designed to
address and solve the problem of IT silos by setting forth a specific set of criteria and
defining a specific set of IT services to be performed by each department.
It should be noted that the term Service Level Agreement (SLA) is used in many
companies while discussing agreements between two internal groups. However,
according to Information Technology Infrastructure Library (ITIL) framework for best
practices, this type of internal contract should is better known as an Operational Level
Agreement.
6. What two Service Management processes will most likely use risk analysis and
management methodology?
The two service management processes are- Availability Management and IT Service
Continuity Management
ITIL Availability Management aims at defining, analyzing, planning, measuring and
improving all aspects of the availability of IT services. Availability Management is
responsible for ensuring that all IT infrastructure, processes, tools, roles, etc are
appropriate for the agreed availability targets.
IT Service Continuity Management (ITSCM) aims at managing risks that could seriously
impact IT services. ITSCM ensures that the IT service provider can always provide
minimum agreed Service Levels, by reducing the risk from disaster events to an
acceptable level and planning for the recovery of IT services. ITSCM should be
designed to support Business Continuity Management.
7. Explain Service portfolio, Service catalogue and service pipeline.
Service portfolio – Defines services provided by service provider across all Market and
all customers. The objective of ITIL Service Portfolio Management is to manage the
service portfolio. Service Portfolio Management ensures that the service provider has
the right mix of services to meet required business outcomes at an appropriate level of
investment.
Service Catalogue is the sub set of Service portfolio. Services ready to be offered to
customers is listed in service catalogue. An IT service catalog, sometimes called an IT
service portfolio, is a list of available technology resources and offerings within an
organization.
Service Pipeline consists of services under development. It is a great opportunity to
view the direction of a service provider’s growth as it discusses and includes the future
services that are currently under development by the service provider.
8. What is the difference between ITIL v3 and v2?

 The ITIL v2 library was organized in seven core books:

(i) Service Support,
(ii) Service Delivery,
(iii) ICT Infrastructure Management,
(iv) Planning to Implement Service Management,
(v) Application Management,
(vi) The Business Perspective and
(vii) Security Management
On the other hand, ITIL v3 is now organized into just five books:
(i) Service Strategy,
(ii) Service Design,
(iii) Service Transition,
 (iv) Service Operation and
(v) Continual Service Improvement
Basically the V2 process areas have been logically grouped into a phased
lifecycle approach
 In contrast to ITIL v2, ITIL v3 clearly defines the roles and responsibilities in
each process and reasons the role of communication in the entire lifecycle.

9. What are the different knowledge management systems?

Different knowledge management systems are:-

 CMIS (Capacity Management information system) – A Capacity Management

Information System or CMIS is a collection of IT infrastructure usage, capacity
and performance information that is gathered in a consistent manner and stored
in one or more databases. It is a single book of record for all usage, capacity,
and performance data, complete with associated business, application and
service statistics. Any IT staffer who needs access to capacity management
data can potentially use a CMIS.
 AMIS (Availability management information system) – A virtual repository of
all Availability Management data, usually stored in multiple physical locations.

 KEDB (Known error database) – A Known Error is a problem that has a

documented root cause and a Work around. Known Errors are managed
throughout their lifecycle by the Problem Management process. The details of
each Known Error are recorded in a Known Error Record stored in the Known
Error Database (KEDB).

 CMDB (Configuration management database)– A configuration management

database(CMDB) is a database that contains all relevant information about the
components of the information system used in an organization’s IT services and
the relationships between those components. A CMDB provides an organized
view of data and a means of examining that data from any desired perspective.
Within this context, components of an information system are referred to as
configuration items (CI). A CI can be any conceivable IT component, including
software, hardware, documentation, and personnel as well as any combination
of them. The processes of configuration management specify, control, and track
configuration items and any changes made to them in a comprehensive and
systematic fashion.

 DML (Definitive media library)– A Definitive Media Library (DML) is a secure

compound in which the definitive, authorized versions of software package
configuration items (CIs) are stored and protected. A DML consists of one or
more software libraries or file-storage areas referred to as repositories.

 SKMS (Service knowledge management system) – ITIL Knowledge

Management aims at gathering, analyzing, storing and sharing knowledge and
information within an organization. The primary purpose of Knowledge
 Management is to improve efficiency by reducing the need to rediscover
knowledge

10. What are the ITIL based models adopted by an organization.

 Microsoft MOF: Microsoft Operations Framework (MOF) is a series of 23

documents that guide IT professionals through the processes of creating,
implementing and managing efficient and cost-effective services.
 Hewlett – Packard (HP ITSM Reference Model):– This model is a significant
tool useful in presenting and describing the several IT Management processes,
inter-process relationships, and business linkages that IT needs to put in place
for successful development, deployment and support of services in the e-world.
 IBM (IT Process Model ):– IBM Process and Service Models software is an
industry template that enables you to define common business processes and
services across the enterprise. The software consists of a set of best practice
business process models and service definitions to support core system renewal
and integration projects.

11. What is the relation between Availability, Availability service time and
downtime?
Availability % = (Available service time –downtime) / Available service time
to ensure that all the IT services are available and are functioning correctly whenever
customers and users want to use them in the framework of the SLAs in force.
12. What is ISO/IEC 27002?
ISO/IEC 27002:2013 gives guidelines for organizational information security standards
and information security management practices including selection, implementation and
management of controls, taking into consideration the organization’s information
security risk environment(s).
It is designed to be used by organizations that intend to:

 Select controls within the process of implementing an Information Security

Management System based on ISO/IEC 27001;
 Implement commonly accepted information security controls, and
 Develop their independent information security management guidelines.

13. What is Plan-Do-Check-Act (PDSA) cycle?

The PDSA Cycle is a systematic series of steps for gaining valuable learning and
knowledge for the continual improvement of a product or process. Also known as the
Deming Wheel, or Deming Cycle, the concept and application was first introduced to Dr.
Deming by his mentor, Walter Shewhart of the famous Bell Laboratories in New York.
The four phases in the Plan-Do-Check-Act Cycle involve:

 Plan: Identifying and analyzing the problem.

 Do: Developing and testing a potential solution.
  Check: Measuring how effective the test solution was, and analyzing whether it
could be improved in any way.
 Act: Implementing the improved solution fully.

14. What type of information is captured in an information security policy?

Information security policies are the documented business and technical rules for
protecting an organization from information security risk faced by its business and
technical infrastructure. These written policy documents provide a high-level description
of the various controls, which the organization will use to manage its information
security risks.
The information security policy documents are also considered to be a formal
declaration of management’s intent to protect its information asset from relevant risks.
In specific cases, the policies are supported by information security procedures that
identify key activities required to implement relevant information security policies.
15. What is a balanced scorecard? Balanced scorecard is a strategic planning
and management system that is used extensively in business and industry,
government, and nonprofit organizations worldwide to align business activities to
the vision and strategy of the organization, improve internal and external
communications, and monitor organization performance against strategic goals.
Balanced scorecard is a strategic planning and management system that is used
extensively in business and industry, government, and nonprofit organizations
worldwide to align business activities to the vision and strategy of the organization,
improve internal and external communications, and monitor organization performance
against strategic goals.
16. What is a Service Request?
Service requests are a formal request submitted by a user for some type of service,
software, or hardware. A Service request generally refers to something the user wants
and/or needs but does not already have, such as a printer or laptop. Service requests
often involve items that are already approved. For instance, if it is a company policy that
all employees get access to the cloud-based CRM system, and someone from the
marketing department sends a service request for access to the CRM, this does not
need any additional approval. The IT help desk can simply fulfill this request.
17. What type of information is stored in a CMDB?
CMDB contains contents that are intended to hold a collection of IT assets commonly
referred to as configuration items (CI) as well as descriptive relationships between such
assets. When populated, the repository becomes a means of understanding how critical
assets such as information systems are composed, what are their upstream sources or
dependencies, and what are their downstream targets.
18. Is there a trade-off between return and risk?
According to modern portfolio theory, there is a trade-off between risk and return. All
other factors being equal, if a particular investment incurs a higher risk of financial loss
for prospective investors, those investors must be able to expect a higher return in order
to be attracted to the higher risk.
In majority of cases, even though there is no promise of higher returns on risky assets,
so the higher risk just tends to scare off potential investors, keeping the returns on a
given investment low. The only investments that can really try to promise higher returns
for higher risk are bonds, and even then the higher returns won’t be generated if the
issuing organization goes default.
19. What is the difference between end-users and customers?
End-User – An end user or end customer directly receives the service or employs the
product. End users are not the only customers as there may be intermediate entities like
purchasing departments, whose expectations or needs must be carried forward through
a series of service contracts or requirement definitions.
Customer– A customer may or may not have the ability to choose between different
products and suppliers. For instance- In monopoly situations like local telephone and
cable television services, there are scenarios when end users do not make the
purchasing decision. It may include Clients of social service agencies or court-appointed
lawyers or employees of an organization where the purchasing department makes the
choices.
20. How is IT Service Continuity Management (ITSCM) related to Business
Continuity Planning (BCP)?
IT Service Continuity is a subset of Business Continuity Planning (BCP) and
encompasses IT disaster recovery planning and wider IT resilience planning. It also
incorporates those elements of IT infrastructure and services that relate to
communications such as (voice) telephony and data communications.
It is a systematic process to prevent, predict and manage Information and
Communications Technology (ICT) disruption and incidents, which have the potential to
disrupt ICT services and should result in a more resilient IT service capability aligned to
wider organizational requirements.