Recently i obtained the ITIL 4 Foundation certification. In this blog i will write in brief about my learning on the topic.
As you might be knowing, ITIL is a framework for service management. ITIL is the most widely used ITSM framework in the entire world. Most large companies have built their IT service management systems and processes around the ideas and concepts of ITIL framework. Currently we are in the 4th Industrial revolution, where fusion of technologies has blurred the lines between physical and digital realms. Technologies such as Cloud computing, IoT, Machine Learning, Blockchain, Self driving cars etc. have transformed our world economies and our lives.
ITIL 4 is not considered as ITIL version 4, instead it means ITIL for the 4th Industrial revolution. ITIL 4 Foundation will introduce readers to the management of the modern IT-enabled services, provide them with an understanding of the common language and key concepts and show them how they can improve their work and the work of their organization with ITIL 4 guidance.
Service management is defined as a set of specialized organizational
capabilities for enabling value to customers in the form of services. More and more organizations recognize that value is co-created through an active
collaboration between providers and consumers, as well as other organizations that are part of the relevant service relationships. Those organizations that deliver services are referred to as service providers. Those to whom services are delivered are referred to as service consumers. By the way, an organization is a person or a group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives.
Service Consumer Roles can be classified as customer, user and sponsor. A customer is one who defines requirements for services and takes responsibility for outcomes from service consumption. A person who uses the services is a user. While a person who authorizes the budget for service consumption is a sponsor. By the way, a service is a means of enabling value co-creation by facilitating outcomes that customers want to achieve, without the customer having to manage specific costs and risks. The term outcome refers to a result for a stakeholder enabled by one or more outputs.
In order to create value, service providers have to provide more than just the service. Service Relationship is a co-operation between a service provider and service consumer that includes service provision, service consumption and service relationship management. The term service provision refers to the activities performed by an organization to provide the services. Service consumption points to the activities performed by the organization/or a person to consume the services. Finally the term, service relationship management refers to the activities that the service provider and service consumer perform together to enable value co-creation to occur based upon the service offerings.
In this section we will look into the different relationships involved in providing any single service. For example, a facility organization can rent office space to an IT organization. IT organization can also provide IT services to the facility organization in addition to its other customer organizations. The customer organization inturn provides services to its users. Interactions between organizations are more likely a network or ecosystem rather than the simple sequence of interaction between organizations as shown below.
The above service relationship model depicts the sequence of service relationships between the various organizations involved in our example.
Costs and Risks
Costs refer to the amount of money spent on a specific activity or a resource. Costs can also be expressed in non-financial terms like man-hours or Full time equivalent (FTE). A service provider aims to reduce or remove costs for you when providing a service. For example, when a person who rarely makes a call or uses internet purchases a mobile connection service, a package that involves minimum charges on calls and internet connection would provide more value.
Risk is a possible event that could cause harm, loss or make it more difficult to achieve objectives. A service provider’s goal should be to reduce risk for the consumer. Risk is potentially imposed on consumers by the service. Consumers should contribute to reducing the risk by taking some mitigating actions like communicating the needs and constraints to the service provider. Even here value can be co-created or risks can be reduced by mutual co-operation. However, risks can either be avoided, accepted, transferred or mitigated and cannot be eliminated completely.
Utility and Warranty
Utility is the functionality offered by a product or service to meet a particular need. In short, it means “Fit for Purpose”. While, warranty is the assurance that a product or service will meet agreed requirements. In short, it means “Fit for Use”. A service should have both utility and warranty in order to be successful. Warranty addresses areas such a availability, capacity, security levels and continuity w.r.t to a service infrastructure.
Four Dimensions of Service Management
As shown in the below picture, the value at the center is co-created through the various products and services. When a service provider creates a product or service to a customer, the service provider will look at it in 4 perspectives or dimensions. The perspectives are Organizations & people, Information & technology, Partners & suppliers and Value streams & processes. The external factors ,i.e, PESTLE in clockwise order starting with Political factors need to be considered when building your services as they might have an impact.
The first dimension of Organizations & people focuses on how are we going to setup the organization, how is it going to function, what kind of culture it is going to have, how do we take care of the people so that people can deliver the products and services to create value to the customer.
The second dimension of Information & technology stresses on points like, is it compatible with the current architecture, does it raise any regulatory, compliance or information security control issues, will it continue to be viable in the foreseeable future, does it align with the service provider / service consumer strategy, does the organization have the right skills to support and maintain the technology ,i.e, with or without automation, does it have additional capabilities that can be leveraged for other products and services, does it introduce new risks and constraints to the organization, risk tolerance.
Partners & suppliers do not fit under the dimension one, the reason being Organization & people is internally focused to the organization, while partners & suppliers is externally focused. Partners are more closely tied to the organization business while suppliers are more commodity based. Every organization relies on other partners & suppliers and is based on goals, culture and business environment of the organization.
Value streams & processes defines the activities, workflows, controls and procedures needed to achieve the agreed upon objectives. The definition of Value stream is, a series of steps an organization undertakes to create and deliver products and services to service consumers. This combines all of the organization’s value chain activities. Process is a set of interrelated or interacting activities that transforms inputs into outputs. A well defined process can improve productivity, be optimized and will be automated. This dimension is more concerned about delivering a product or service to a consumer by executing certain processes that is part of a value stream.
Service Value System
Service Value System (SVS) describes how all the components of the organization work together as a system to enable value co-creation. The purpose is to ensure that the organization continually co-creates value with all stakeholders through the use and management of products and services. As shown in the below picture, the SVS consists of three parts namely the opportunity/demand as input, value as output, the central part with the Service value chain-Governance-Practices-Guiding principles-Continual improvement. In simple words, the idea of service value system is to take something in, add value, and put it out on the other side
Opportunity, demand and Value
Opportunities represent options or possibilities to add value for stakeholders or otherwise improve the organization. For example: create a new product or service and bring them to market to add value. The other input ,i.e, the demand is the need or desire for products and services among internal and external consumers. The output ,i.e, the Value is the outcome of the service value system that enables creation of many different types of value for a wide group of stakeholders.
Governance is the means by which an organization is directed and controlled. ITIL being a best practice provides a framework for governance. For example, you may come up with activities, process and procedures to handle something like change management within your organization. You will build the activities and procedures around the governance so that they are inline with the governance that is part of the high level of your organization.
Guiding principle is a recommendation that guides an organization in all circumstances. Though the approach to service management may differ with organizations, the guiding principles should be the same. Guiding principles encourage and support organizations in continual improvement across all levels of the organization. Of the seven guiding principles, consider which of the guiding principles are relevant to your situation. The seven guiding principles are as follows;
- Focus on Value
Everything the organization does should link back, directly or indirectly, to value for itself, its customers and other stakeholders.
- Start Where You Are
Don’t start over without first considering what is already available to be leveraged. By figuring out the existing steps, you will get to know what useful steps to be taken forward and non-useful steps to be left out. All of this is done by measuring what you have. Measurement should be used to support the analysis of what has been observed rather than to replace it.
- Progress Iteratively with Feedback
Working in a time boxed and iterative manner with embedded feedback loops allows for greater flexibility, faster responses to needs, the ability to respond to failure earlier, and an overall improvement in quality.
- Collaborate and Promote Visibility
Collaboration is about working together and promotes visibility. Collaborate and promote visibility is about, making sure the information is getting up to the right people, at the right level, to make the right decisions.
- Think and Work Holistically
A holistic approach to service management requires an understanding of how all the parts of an organization work together in an integrated way. Collaboration is one of the key points here. Automation can help you to work more holistically. Automation of Service desk can be provided as an example.
- Keep it Simple and Practical
Outcome based thinking should be used to produce practical solutions which deliver valuable outcomes using the minimum number of steps. Having a holistic view of the organization’s work and starting with an uncomplicated approach are important. By keeping it simple, it makes things easier to understand, more likely to be adopted, and is the best route to achieve the quick wins.
- Optimize and Automate
Optimization is to make something as effective and useful as it makes sense to do. While, automation is using technology to perform a step or series of steps correctly and consistently with limited or no human intervention. The point here is to simplify and optimize before automating. Make use of the other guiding principles when applying this one.
Service Value Chain
The central part of the service value system is the service value chain that consists of Plan, Improve, Engage, Design and transition, Obtain/build, deliver and support activities as depicted in the below picture. The below picture does not depict a linear sequence of events. However, in ITIL v3 we had the service life cycle that had a linear sequence of actions starting with the service strategy, service design, service transition, service operation and continual service improvement. In ITIL 4, we normally start with engage but we always don’t have to. Based on this, we will touch upon other activities within the service value chain that can interact with each other in any order.
Ensures a shared understanding of the vision, current status, and improvement direction for all four dimensions of ITSM and all products and services across the organization. Inputs to the plan process can be from the organization’s governance body, engage process, improve process, design & transition and obtain/build. All the information is used to plan the updated service roadmap. Outputs can either go to the engage, improve or design & transition process.
Ensures continual improvement of products, services, and practices across all value chain activities and the four dimensions of service management. Inputs to the improve activity can be from the deliver & support process, engage process and all other value chain activities. Outputs can be directed towards all value chain activities.
The purpose is to provide good understanding of internal / external stakeholder needs, continual engagement, transparency and maintain good relationships with all stakeholders. Inputs to the engage activity can be from the plan, deliver and support process, customers, partners & suppliers and all other value chain activities. The outputs from engage can go to the customer, any of the value chain activities.
- Design & Transition
The purpose is to ensure that products and services continually meet stakeholder expectations for quality, costs, and time to market.
There are a lot of inputs from the plan, engage, improve and the other value chain activities. The output from the activity will be fed to obtain/build, engage, deliver & support and to all the other value chain activities.
This activity ensures that service components are available when and where they are needed, and that they meet agreed upon specifications. There are a lot of inputs from the plan, engage, external & internal partner & suppliers, all other value chain activities. The output goes to design & transition and/or delivery & support, other value chain activities.
- Deliver and Support
This activity ensures that services are delivered and supported according to agreed specifications and stakeholder expectations. People in IT support are part of the deliver and support. The inputs to this process can be from the design & transition, engage, obtain/build, improve. The outputs are the services delivered to customers and users. Other outputs are fed to engage, improve, design & transition and obtain/build.
As depicted in the lowest part of the SVS picture above , continual improvement is a part of the 34 ITIL practices that comes under the practices activity which is just above the continual improvement activity in the picture. Since continual improvement is that important, it has been separately mentioned. The purpose of continual improvement practice is to align the organization’s practices and services with changing business needs through the ongoing identification and improvement of services, service components, practices, or any element involved in the efficient and effective management of products and services.
Continual Improvement Model is a seven step methodology that provides a framework for improvement operations with organizations.
As shown in the above picture, the model starts with the step1 “What is the vision?”, the subsequent steps follow and the final step ,i.e, step7 would be “How do we keep the momentum going?”. However we restart it once again with the step1 as continual improvement is an ongoing process that never stops. This may continue until we have the best product or service possible.
- What is the vision?
The vision for the organization is going to come from the top leadership. By understanding the vision, we can drill it down to our specific case and get to know the status of all the improvements, who is going to help whom and how it is going to affect the organization as a whole.
- Where are we now?
The success of an improvement initiative depends upon the starting point and the impact of the initiative. It is difficult to track and measure effectiveness of any improvement initiative if you never determined where you started from. So it is important to create an objective baseline or a starting point metric.
- Where do we want to be?
From the baseline we got to know the current status, so we need to know our next step. Gap analysis looks at our overall vision, where we currently are, and where we want to be over some amount of time. Based on this analysis using KPI and Critical Success Factor(CSF) metrics, we will get to know what the gap/delta is. Set the goals based on this.
- How do we get there?
In this step we are going to create an improvement plan. The plan may be simple and direct or a complex one. Break the complex plan into manageable chunks and check progress after each iteration.
- Take Action
Here we put the plans into motion. The waterfall or agile method can be used to execute your plans and depends on the situation on which you want to use. Measuring the progress, managing the risk, ensuring visibility are important.
- Did we get there?
In this step we check the progress that can be either positive or negative. Our current state, i.e, “where are we today?” is compared against the original baseline of step2. Based on the new baseline we need to determine the next steps.
- How do we keep the momentum going?
If we meet the goal we need not stop there, as we need to keep improving. In case we did not meet the goals, we need to get back, readjust and figure out on how to meet the goals. If we meet the goals, it is important to attempt to continue the improvement gains across the organization.
As mentioned in the earlier section there are 34 ITIL practices. Since the section is huge, i will be explaining the details under a separate heading. Practice is a set of organized resources, designed for performing work or accomplishing an objective. Each practice supports multiple value chain activities. The 34 practices are divided into three categories as follows.
General Management Practices
There are 14 general management practices. These general management principles/practices have been adopted/adapted for service management for more general business management domains.
- Continual Improvement
When working on continual improvement, the methods/models/techniques like Lean, Multi-phase projects, Balanced scorecard, Agile, Maturing assessments, Devops, SWOT analysis will be helpful. One more helpful tool, Continual Improvement Register (CIR) is a database of structured document to track and manage improvement ideas from identification through to final action. All value chain activities are subject to continual improvement as we are always trying to improve our activities and processes. Refer to the earlier section for more information on the topic.
- Information Security Management
This is to protect the information needed by the organization to conduct its business. The primary focus is on the balanced protection of Confidentiality, Integrity, Availability, Authentication, Non-repudiation of data.
- Relationship Management
The purpose is to establish and nurture the links between the organization and its stakeholders at strategic and tactical levels. This is done by identifying, analyzing, monitoring and doing continual improvement of those relationships between various stakeholders.
- Supplier Management
The purpose of supplier management is to ensure that the organization’s suppliers and their performance are managed appropriately to support the provision of seamless and quality products, services and components.
NOTE : The following practices are mentioned for awareness only and will not be part of the test.
- Architecture Management – Provides an understanding of all the different elements that make up an organization and how those elements interrelate, enabling the organization to effectively achieve its current and future objectives.
- Knowledge Management – Provides an understanding of all the different elements/data that make up an organization and how those elements interrelate to generate wisdom needed to make decisions.
- Measurement and Reporting – This practice supports good decision making and continual improvement by decreasing levels of uncertainty. Example : Baseline.
- Organization Change Management – Ensures that changes in an organization are smoothly and successfully implemented and that lasting benefits are achieved by managing the human aspects of change.
- Portfolio Management – Ensures an organization has the right mix of programs, projects, products and services to execute its strategy within its funding and resource constraints.
- Project Management – Ensures that all of an organization’s projects are delivered successfully. PMP & Prince2 are the methodologies available.
- Risk Management – Ensures that an organization understands and effectively handles risk either through avoidance, mitigation, transfer or acceptance.
- Service Financial Management – Supports the organization’s strategies and plans for service management by ensuring that the organization’s financial resources and investments are being used effectively.
- Strategy Management – Here the top management formulates the goals of the organization and adopts the courses of action and allocation of resources necessary for achieving those goals.
- Workforce and Talent Management – Ensures that an organization has the right people with the appropriate skills and knowledge and in the correct roles to support its business objectives.
Service Management Practices
Service Management Practices have been developed in the service management and IT service management industries over the past decades. In ITIL 4 there are 17 service management practices.
- Change Control
This is all about maximizing the number of successful IT changes by ensuring that risks have been properly assessed, authorizing changes to proceed, and managing the change schedule. As you know, change is the addition, modification or removal of anything that could have a direct or indirect effect on IT services. Changes are of three type namely; standard, normal and emergency changes. A standard change is pre-authorized, low risk and well understood (ex: password reset). A normal change requires some level of authorization, is planned and scheduled in advance (ex:server upgrade). Emergency change has an expedited assessment and authorization process so that it is introduced as soon as possible (ex: file server crash).
- Incident Management
The purpose of incident management is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible. As you know, incident is an unplanned interruption to a service or reduction in the quality of service. Every incident must be logged, updated, managed to the agreed upon target resolution times and prioritized. Incident management requires a high level of collaboration within and between the teams.
- Problem Management
This reduces the likelihood and impact of incidents by identifying actual and potential causes of incidents and managing workarounds and known errors. As you know, a problem is a cause or potential cause of one or more incidents. While, a known error is a problem that has been analyzed and has not been resolved. Workaround is a solution that reduces or eliminates the impact of an incident or problem for which a full resolution is not yet available. To summarize, in problem management we find the things that happen again and again and solve the root cause.
- Service Desk
The purpose of this practice is to capture demand for incident resolution and service requests. It should also be the single point of contact for your service provider for all of its users. Once the issue/request is received by the service desk, the workflow is to acknowledge, classify, own and act. There are 4 types, namely’; local, centralized, virtual and follow the sun. A local service desk is located within or close to the users that it serves. A centralized service desk uses a single centralized location to serve all users. It is efficient and cost effective compared to the local service desk. A virtual service desk allows agents to work from multiple, geographically dispersed locations giving the impression of a centralized service desk. In follow the sun, two or more geographically dispersed service desks are combined to provide 24hr follow the sun coverage.
- Service Level Management (SLM)
The purpose of this practice is to set clear business based targets for service performance so that the delivery of a service can be properly assessed, monitored and managed against those targets. All of the service levels will be written down in a service level agreement (SLA). SLA can be defined as a documented agreement between a service provider and a customer, that identifies services required and the expected level of service. SLA should be written in a simple language and should be easy to understand. Other than SLA, things like initial listening, customer feedback, business metrics, operational metrics (ex: server uptime) etc can go into the SLM. SLM affects all the value chain activities.
- Service Request Management (SRM)
This supports the agreed quality of a service by handling all predefined, user initiated service requests in an effective and user friendly manner. Service Request (SR) is a request from a user or user’s authorized representative that initiates a service action that has been agreed as a normal part of service delivery. SRs can have simple/complex workflows, but make sure to test, optimize and then automate the steps involved. To summarize, SRM is all about making sure the users are getting what they need so that they can operate at peak efficiency (ex: provision a resource, increase capacity etc).
- IT Asset Management
The purpose is to plan and manage the full life cycle of all IT assets, to help the organization : maximize value, control costs, manage risks, support decision making about purchase/re-use/retirement of assets, meet regulatory and contractual requirements. IT Asset can be defined as any valuable component that can contribute to the delivery of an IT product or service.
- Monitoring and Event Management
The purpose is to systematically observe a service or service component, and record, report selected changes of state identified as events. Event is any change of state that has significance for the management of a configuration item (CI) or IT service (ex: successful login, failed login).
- Release Management
The purpose is to make new and changed services and features available for use.
- Service Configuration Management
Here the purpose is to ensure that accurate and reliable information about the configuration of services, and the CIs that support them, is available when and where it is needed. Where configuration item (CI) is any component that needs to be managed in order to deliver an IT service (ex:server, desktop etc).
NOTE : The following practices are mentioned for awareness only and will not be part of the test.
- Availability Management – This ensures services deliver agreed levels of availability to meet the needs of customers and users.
- Business Analysis – This helps to analyze a business or some element of the business, to define its needs and recommend solutions to address those needs, or to solve a problem. This helps to create value.
- Capacity and Performance Management – This ensures services achieve agreed upon and expected performance, satisfying current and future demand in a cost effective way.
- Service Catalog Management – This provides a single source of consistent information on all services and service offerings, and ensures that it is available to the relevant audience. The idea of service catalog management is to tell people what is coming, what is to be taken away and what is currently available.
- Service Continuity Management – This ensures that the availability and performance of a service is maintained at a sufficient level in the event of a disaster.
- Service Design – This is about the practice of designing products and services that are fit for purpose, fit for use, and that can be delivered by the organization and its ecosystem.
- Service Validation and Testing – This ensures that new or changed products and services meet defined requirements.
Technical Management Practices
These have been adapted from technology management domains for service management purposes by expanding or shifting their focus from technology solutions to IT services. In ITIL 4 there are only 3 technology management solutions covered.
- Deployment Management
The purpose is to move new or changed hardware, software, documentation, processes or any other components to live environments. In ITIL 4, release and deployment management are two different things. Release is more about approvals, while deployment is about moving change to the live environment.
NOTE : The following practices are mentioned for awareness only and will not be part of the test.
- Infrastructure and Platform Management – This is responsible for overseeing the infrastructure and platforms used by an organization. Normally, this is people who are inside your Network/Security OC.
- Software Development and Management – This ensures that application meets internal and external stakeholder needs, in terms of functionality, reliability, maintainability, compliance and auditability.
Further Reading :