Beruflich Dokumente
Kultur Dokumente
Triple P
To let the philosophy work, we need:
People Customers, Users, IT Staff & Top Management Processes ITIL Products Tools and IT technology
3
IT Process
Objective Activities
Result
Operational Level
Department X
Department Y
Department Z
Input Process
Output
Time Scale
5
Service Delivery
Security Management
Service Mgt. 2
Case Studies
Service Support
Service Mgt. 1
ITIL Practitioners :
-Configuration Management -Service Desk -Problem Management -Change Management -Capacity Management -Availability Management -Financial Management For IT Services -Service Level management
+ Exam
IT
Business
GAP
9
Supplier UCS
IT
OLAs
Business
SLAs
GAP
GAP
10
Supplier UCS
IT
OLAs
Business
SLAs
GAP $ Charging
11
Profit
Supplier UCS
IT
OLAs
Business
SLAs
GAP $ Charging
12
Profit
Supplier UCS
IT
OLAs
Business
SLAs
Suppliers
GAP $ Charging
Pricing
$
13
15
Planning Identification/ verification Register & Recoding of CI s Status Accounting Controlling & Updating Auditing
Detail (Attributes)
CMDB
Scope (Category)
DB
Virus Scanners
Backup os
Security
18
Baseline
Configuration Baseline Configuration of a product or system established at a specific moment in time, which captures both the structure and details of the product or system A snapshot or a position, which is recorded. Although the position may be updated later, the baseline remains unchanged and available as a reference of the original state and as a comparison against the current position
19
Status of CIs
Life Cycle of a CI
Scope of the CMDB
20
Terminology
Incident Any event / interruption, which is not part of the standard operation of a Service or causes a reduction in the quality of that service Work-Around Method/ temporary solution of avoiding an Incident, so that the normal standard operation can continue Service Request Every Incident not being a failure in the IT Infrastructure (=Password redefinition)
23
Users
Prioritization
* High * Medium * Low
CMDB
Categorization
- Hardware - Software 24
Routing Incidents
1st Line-Support 2nd Line-Support 3rd Line-Support
25
26
Terminology
Problem When the root cause (=underlying cause) of one or more incidents is not known Known Error A condition that exists after the successful diagnosis of the root cause of an Incident or Incidents, when it is confirmed that a CI is at fault. (We can remove the error by implementing a change)
27
Desk
Problem Management
1
Problem Control
2
Error Control
Classification
Error Assessment
RFC
Successful completion
29
Identify trends/ trend analysis Problem identification & diagnosis Delivering (2nd) & 3rd line support 30
31
Terminology
Change The addition of , the modification of , or the removal of , approved and supported CI s or baseline CI s Request for Change Form use to record details of a request for a change to any CI; can be submitted from each single ITIL Process Forward Schedule of Changes Schedule that contains details of all the Changes authorized for implementation and their proposed implementation dates. It also shows the dependency of each change!!!
32
Impact of a Change
Standard
The change may be executed without contacting the Change Manager (Manual with standard Changes)
Category 1
Small Business impact on the Services. The Change Manager is entitled to authorize this RFC
Category 2
Medium Business Impact on the services. The RFC must be discussed in the CAB. The Change Manager requests advice on authorization and planning
Category 3
Large Business Impact on the services. Management is involved in the decision process
33
Priority of a Change
Urgent Change necessary immediately, approval by CAB/Emergency Committee (CAB/CEC) High Change needed as soon as possible Medium Change will solve annoying errors or missing functionalities (can be scheduled) Low Change leads to minor improvements (which is not contractually necessarily)
34
Project
RFC s
Verification
Built Phase
Roll Out Back-Out Implementatio n Authorization /Refusal for Implementation by the Change Manager
P.I.R
A
A A
R Financial Manager
Incident Manager
37
Clarification
38
39
DSL
Linked with CMDB Distribution Logical Storage
40
DHS
One or More Physical File Storages
41
Form of Releases
Full, Package And Delta Release
Version Numbering
42
To determine the right Capacity, against the right costs and justifiable considerations of IT resources. So that the agreed Service Levels with business are achieved at the right time and at the right moment.
43
Modelling
Trend analysis Simulation modelling Baseline models
45
All services are sufficient, reliable and proper maintained, incl. CI s Where CI s are not supported by the Internal IT Organization, then there must be appropriate underpinning contracts with suppliers Request for Change s must be submitted to prevent future loss of IT service(s)
46
Terminology
Availability = MTBF (Mean Time Between Failures= Up Time) Maintainability = MTTR (Mean Time To Repair =Down Time) Serviceability = MTTR (Mean Time To Repair =Down Time) Reliability =MTBSI (Mean Time Between System Incidents) Resilience (Redundancy) Security = (Confidentiality, Integrity & Availability)
48
T Unavailable=Downtime A M iv T a m i T B e l R F a b = l S A e e v = U r a p v it ii l m c a e
R W I T M e I T s M B t E S o I r = e R e l e ib / i a
49
AST
51
Availability Formula
In Series
Network Printer Print Server
In Parallel
Avail = 90%
Disk Y
Avail = 90%
Avail = 80%
Disk Z
Avail = 80% Available = 1 - Not Available = 1 - both down = 1 - (Y Down) x (Z Down) = 1- 0.1 * 0.2 = 0.98 or 98%
52
Security Management
The Process of managing a appropriate level of security on information and IT Services Protection of Security in a more structural an organized manner Managing and Controlling Security procedures
53
54
Confidentiality Availability Safeguarding of the accuracy and completen Ensuring thatProtection ofand Vital IT Servic information Integrity Informa Sensitive
55
Security Definitions(2)
Risks Analysis (Quantitative Process) & Risk Assessment (Qualitative Process); CRAMM Security Policy; why security is done Security Standard; What to do Security Procedures; How to do IT
BS 7799 (Code of practice for Information Security Management) & ISO/IEC 17799 (Document Developed in the UK initially by the heads of six commercial Organizations, is not a Cookbook for Security)
56
Security Lifecycle
57
Security Policy Security Organization Asset Classification and Control Personnel Security Physical & environmental Security
Communications & Operations Management
Access Control Systems development & Maintenance Business Continuity Management Compliance
59
Security Activities
Assess (Analyze) Risk; Prerequisite to implement any
security measures
Manage Risk reactively; Quick action, Counter-measures Develop Security Policy; document that is easy to read &
assimulate
Benefits
Corporate Management Receive Assurance Business Continuity is assured Risk Assessment is Enforced Management attention is focused on Value Everyone thinks differently about Information
61
Challenges
Expensive and no Benefits The Ostrich Approach, or ITll never happen
2me! You can not protect against all the threats Lack of Senior Management interest Entropy Rules; Security degrades over time!, Maintaining
security at the agreed level is an imperative
Reporting
1. 2. 3. 4. 5. Risk Assessment Reports Security Breaches with details of:
type of Breaches How caused CounterCounter-measures in place (and why failed) Actions taken, and to what effect Recommendations for action to avoid repetition
1. 2. 3.
Reduce Time of
Recovery
Reduce Costs
Survival
64
Implementation
65
Training
Assurance
66
Recovery Options
Cold Standby
Gradual Recovery
Warm Standby
Intermediate Recovery
HOT Standby
Immediate Recovery
68
69
Business IT Requirements
Charges
Charges
Base IT decisions on cost-effective costassessments, in such a way that it is measured service by service
72
Charging
Customers paying the full costs of the IT services provided in a fair manner ( what you use is what you pay for ) Ensure that customers are aware of the costs they spent on IT Services and influence customer behavior by advising them how to spend their IT Funds Make formal evaluations of IT services and plan for investments, based on cost recovery and business benefits
73
Pricing
Recover of costs Cost price plus Going Rate Market prices Fixed Price
74
&
Supply of IT services
How???:
Know the requirements of the business Know the capabilities of the IT Organization
75
2
IMPLEMENT SLAs
4
PERIODIC REVIEW MANAGE THE ONGOING PROCESS
3
78
Contracts:
nternal OLAs (s) IT Catalogue Service Departments IT Organization Supplier Customer UC s SLA
79
Delivery Availability Reliability Throughput Transaction response times Batch turnaround times Contingency & Security Charging
82
Exam Preparation
83
BREAK A LEG!!!!!!!
84