Board Filter Refinement

If we have multiple boards in a project, tasks and stories from one board can appear in another board’s backlog if proper board filters are not set. Additionally, to create a board that only displays work items you want included, you can use filters based on a JQL query.

In the above Scrum board setting, the filter query is set to display only the work items that has the sprint section with some value. Since the board filter is set as above, you can view only the work items within the SP Sprint 1 backlog as the sprint section in each work item is set to SP Sprint 1.

In the same project, you have one more board called Kanbanx ,i.e., Scrum project (SP). The kanban board filter query is set to filter only work items with the labels section set to test.

As you can see in the screenshot below, on the kanban board we can get to see only the work item/s set to the value of test with the sprint section empty.

Advanced Automation Rules

The picture below depicts the branching rule in Jira automation. For any newly created subtask in the project, if the summary contains the letter X, the description field of the work item will be edited to include the text “Notes by Sampath”. The same is depicted in the next picture below.

In the below picture, you can see the subtask with X in the summary part.

However, if the description section does not contain the letter X, then the description will be edited to include the text “General notes:” as shown below.

The last branch rule in the above description update is about adding the Labels as scrum to any subtask that has empty labels.

Another helpful feature in Jira automation is the Multiple work item events. Using this feature, you can trigger the workflow at multiple events of work item without using branches, that can be really helpful in some cases.

Custom Dashboard

In this section on the dashboard, i will introduce you to the usage of a Workload Pie Chart to display the per-person effort of a scrum team. This is an inbuilt Jira feature. Let us say the sprint starts on 3rd and ends on the 16th of September. The JQL filter that we need to create would be as follows. Remember to make the appropriate settings under Filter details so that the data is visible to the concerned person or group.

From the gadget section under Dashboards, select the Workload Pie Chart gadget. You can configure the gadget as follows by selecting the above filter, Statistic Type needs to be set to Assignee, Time field to report on needs to be set to Time Spent. Select the refresh interval appropriately and click on save.

Once you click on the Save button, you will be able to see the following pie chart. Two users have logged the hours in the sprint and hence the respective hours is getting displayed. If more members of the team login in the hours on their subtasks, their efforts will also be displayed.

Further Reading:

• Jira Data Visualization: A Guide to Effective Dashboards
• Essential Jira Automation Rules for Scrum Teams
• Navigating Jira : From Basics to Advanced
• Jira Service Management Forms: Enhancing User Experience
• Integrating Service and Software Workflows on a Single Kanban Board

Security Principles

In this first section of essential cybersecurity practices, i have briefed upon the topics of security concepts of information assurance, risk management process, security controls and governance elements.

Security Concepts

The basic security model that was mentioned in one of my earlier blogs too was the CIA triad, which stands for confidentiality, integrity, and availability. Confidentiality involves protecting data from unauthorized access. Integrity ensures that data has not been altered in an unauthorized manner. Lastly, availability ensures that data is accessible to authorized users when and where it is needed.

Threat Actors

In the realm of cybersecurity, threat actors encompass a range of entities. These may include insiders, external individuals seeking vulnerabilities, non-political cyber criminals, political entities like terrorists, and information gatherers, along with technological elements such as free-running bots that may be affiliated with any of the aforementioned groups.

Risk Management Process

In the context of risk management, steps involved in identifying, assessing and prioritizing risks as well as different ways to manage the risks are discussed.

Risk identification is the process of identifying potential risks to an organization’s operations, assets, individuals, or other organizations. This involves identifying and documenting the risks that could impact the organization and its information systems.

Risk assessment is the process of analyzing and evaluating the identified risks to determine their potential impact and likelihood. This involves assessing the risks based on their potential impact, likelihood, and other factors, such as the organization’s risk tolerance and the effectiveness of existing security controls.

Risk treatment is the process of selecting and implementing appropriate controls to manage the identified risks. This involves deciding whether to accept, avoid, reduce, or transfer the risks, and then implementing the appropriate controls to manage the risks. The goal of risk treatment is to reduce the overall risk to an acceptable level.

Security Controls

The various types of security controls include physical control or physical hardware devices, technical controls or logical controls, administrative controls or managerial control aimed at people within the organization.

Governance Elements

The various governance elements necessary for effective information security management are procedures, policies, standards and regulations.

Procedures are the detailed steps to complete a task that support departmental or organizational policies. Policies are put in place by organizational governance to provide guidance to all activities to ensure that the organization supports industry standards and regulations. Standards are often used by governance teams to provide a framework to introduce policies and procedures in support of regulations. Regulations are commonly issued in the form of laws, usually from the government and typically carry financial penalties for non-compliance.

Incident Response, Business Continuity and Disaster Recovery

In this section, the focus is mainly on the availability part of the CIA triad and the importance of maintaining availability for business operations. Maintaining business operations during or after an incident, event, breach, intrusion, exploit or zero day is accomplished through the
implementation of Incident Response (IR), Business Continuity (BC), and/or Disaster Recovery (DR) plan. This is one of the essential cybersecurity practices that plays a vital role in providing interruption free service.

Incident Response

Incident Response is a plan that responds to abnormal operating conditions to keep the business operating. It involves four main components: Preparation, Detection and Analysis, Containment, Eradication and Recovery, and Post-Incident Activity. Incident Response teams are typically a cross-functional group of individuals who represent the management, technical and functional areas of responsibility most directly impacted by a security incident. The team is responsible for determining the amount and scope of damage and whether any confidential information was compromised, implementing recovery procedures to restore security and recover from incident-related damage, and supervising implementation of future measures to improve security and prevent the recurrence of incident.

Business Continuity

Business Continuity is a plan that focuses on maintaining essential business functions during and after a disruption. It includes a list of the BCP team members, immediate response procedures and checklists, notification systems and call trees, guidance for management, contact numbers for critical members of the supply chain, and how/when to enact the plan.

Disaster Recovery

Disaster Recovery (DR) plan is concerned with restoring IT and communications back to full operations after a disruption. DR planning takes over from where business continuity efforts conclude. The goal of DR is to restore normal operations as quickly as possible after a disaster or other disruptive event. The DR plan includes an executive summary providing a high-level overview of the plan, department-specific plans, technical guides for IT personnel responsible for implementing and maintaining critical backup systems, full copies of the plan for critical disaster recovery team members, and checklists for certain individuals.

Access Control Concepts

Access control is the process of managing who has access to what information or resources in an organization. It involves three elements: subjects (who), objects (what), and rules (how and when). Access controls can be physical or logical. They are used to prevent unauthorized access, enforce the principle of least privilege, and protect the confidentiality, integrity, and availability of information.

Defense in depth is an information security strategy that involves implementing multiple layers of security controls to protect against a variety of threats. Privileged Access Management can help reduce risk by limiting administrative access to only when it is needed. User provisioning is the process of creating, modifying, disabling, or deleting user accounts in an organization’s information systems. Proper user provisioning is an important aspect of access control and can help ensure the confidentiality, integrity, and availability of an organization’s information.

Physical access controls are security measures that are designed to prevent unauthorized access to physical locations, facilities, and equipment. These controls are an important aspect of access control and can help prevent theft, vandalism, and other physical security threats. Examples of physical access controls include fences, mantraps/turnstiles, motion detectors, swipe cards etc.

Logical access controls are security measures that are designed to prevent unauthorized access to information and computer systems. Typically, organizations implement these controls through software to restrict access to specific files, applications, or other resources based on user roles, permissions, or other criteria. Examples of logical access controls include discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC).

Network Security

Computer networking refers to the practice of connecting two or more computers together to share data, information, or resources. There are many types of networks, such as LAN, WAN, WLAN, VPN, etc., each with its own characteristics and requirements. Devices found on a network can include hubs, switches, routers, firewalls, servers, endpoints/end user devices and many more. Other important network terms include ports, protocols, ethernet, Wi-Fi, IP address, and MAC address. The OSI and TCP/IP models are two common models used to describe network architecture. When setting up and maintaining a network, it’s crucial to consider network security. You can use measures like firewalls, antivirus software, and access controls to safeguard against common threats, including spoofing, DoS/DDoS, viruses, worms, and Trojans.

Network Threats and Attacks

This refers to malicious activities that aim to disrupt or damage computer networks and the devices connected to them. Common types of network attacks include DoS/DDoS attacks, which overwhelm a network with traffic, and man-in-the-middle attacks, which intercept and modify network traffic. Other types of attacks include spoofing, in which an attacker impersonates a legitimate user or device, and phishing, in which an attacker tricks a user into revealing sensitive information. Viruses, worms, and Trojans, among other malware, can compromise network security. To protect against these threats, network administrators can use a variety of security measures, such as firewalls, Antivirus, Intrusion Prevention System and access controls. It is important to stay vigilant and up-to-date with the latest security practices to ensure the safety and integrity of computer networks.

Network Security Infrastructure

Network security infrastructure refers to the collection of hardware, software, and protocols used to protect computer networks from unauthorized access, attacks, and other security threats. It encompasses physical security measures such as power, HVAC, and fire suppression systems in data centres, as well as cloud security measures such as service models (SaaS, IaaS, PaaS) and deployment models (public, private, community, hybrid). Network design terminology, such as network segmentation, VLANs, VPNs, defense in depth, zero trust, and network access control, is also an important part of network security infrastructure. As mentioned in the earlier section, this infrastructure includes devices such as firewalls, intrusion detection and prevention systems, and access control systems, as well as security protocols such as SSL/TLS, IPsec, etc., By implementing a comprehensive network security infrastructure, organizations can help ensure the confidentiality, integrity, and availability of their networks and the data they contain.

Security Operations

In this last topic on essential cybersecurity practices, i will be taking up the topics of data security, system hardening, security policies and security awareness training.

Data Security

Data security is the practice of safeguarding data from unauthorized access, use, disclosure, disruption, modification, or destruction. It involves implementing various security measures to ensure the confidentiality, integrity, and availability of data. This involves categorizing and labeling sensitive data, setting retention periods, and ensuring its secure disposal when no longer required. Data security demands constant monitoring(Ingress & Egress), testing, and updates to address evolving threats and vulnerabilities.

System Hardening

System hardening reduces the attack surface by applying secure configurations to hardware, communication systems, and software, including operating systems, web servers, application servers, and applications. It involves implementing security controls and risk mitigation strategies to minimize the vulnerabilities and weaknesses of a system. The elements of configuration management, such as inventory, baselines, updates, and patches, make this possible. System hardening follows industry guidelines and benchmarks, like those from the Center for Internet Security (CIS). The goal of system hardening is to make a system more secure and less susceptible to cyber attacks.

Best Practice Security Policies

Best practice security policies ensure data and system confidentiality, integrity, and availability through guidelines and procedures. These policies include data handling, password protection, acceptable use, bring your own device (BYOD), privacy, and change management. Data handling policies ensure the appropriate use of data, while password policies establish guidelines for the appropriate use of passwords. Acceptable use policies define asset, device, and data usage, while BYOD policies set rules for personal device use. Privacy policies safeguard personal data, while change management policies oversee transitions from the present to the future state. These policies adhere to industry standards and best practices, requiring continual monitoring and updates to address evolving threats and vulnerabilities.

Securing Awareness Training

Security awareness training educates stakeholders about information security and safeguarding data and systems from cyber threats. Typically, three types of training are there, namely; education, training, and awareness. Education provides a basic understanding of security concepts and policies, while training focuses on specific skills and procedures. Awareness aims to keep security top of mind and encourage employees to report suspicious activity. You can tailor the training to the security topic(s), organization, position, and/or individual. Security awareness training aims to diminish internal threats by enhancing employee and other stakeholder security awareness. It’s vital in an organization’s security strategy, requiring continuous monitoring and updates for emerging threats and vulnerabilities.

I hope that you find this blog on essential cybersecurity practices useful.

Further Reference :

• Cybersecurity : A Quick reference guide
• IT Security Vulnerabilities and Exploitation
• Understanding Data Center and Service Desk Operations
• Enterprise IT Infrastructure & Support
• Introduction to Virtualization and Cloud computing

General Terms

These are the words used to describe workplace events, specific activities and their consequences, and the materials to do tasks. Since these words are short, there is no need of lengthy explaination. Here i would like to list out a few of the workplace terms along with their meaning.

棚卸　tanaoroshi

This is one of the frequently used words in factories & warehouses for taking stock of product count, checking the quality of products. The term when applied to everyday work, provides a clear picture of inefficient areas, tasks that need to be prioritised, and so on. The other word for this is visualizing tasks and workloads.

たたき台　Tatakidai

The term tatakidai refers to the tool/metal base on which blacksmiths pound hot metal to shape it. At work, the same word tatakidai is used to denote a draft, prototype, or a rough blueprint. The draft will serve as the foundation for further work in order to finalise a plan.

終日　shuujitsu

This term is commonly used at work to denote working hours or the time between clocking in and out.

五月雨式　samidareshiki

The word samidareshiki refers to “Early summer/May rain” that is intermittent. The same word is used to describe a situation in which you contact someone constantly. Usually a word of apology will go along this word in a sentence.

虎の巻　Toranomaki

This term can be traced back to an ancient Chinese text of military tactics. Because the secrets of tactics were mentioned in the Tiger volume of the book, it came to be known as Tora no maki, or the Tiger scroll. Nowadays, the Tiger scroll is an idiom that implies “Key” or “Book of knowledge”. The master text for a specific topic is known as the “Tora no Maki,” which refers to the traditional Japanese technique of writing texts on long scrolls. It is common to see the word Tora no maki at workplace or on the title of books. The word is commonly used for a text book, answer book, reference book, work handbook, guide book, and so on.

Business Practice Terms

These terms indicate a set of ideas, guidelines or ethics in order to bring about improvements in communication flow, risk assesment, problem resolution, quality and efficiency.

報連相　hourensou

In a workplace, having effective communication is vital to building relationships with trust, and for this reason hourensou is exemplified.
Hou-Ren-Sou is an abbreviation of three words: houkoku, renraku, and soudan – reporting, informing, and consulting. Funny enough, it sounds the same as the Japanese word for “spinach”. This method is employed by the great majority of organisations and is strongly embedded in the country’s working culture.

危険予知活動　kiken-yochi-katsudo

Kiken Yochi Katsudo translates to Hazarad Awareness Activities. It refers to the proactive process of identifying potential hazards or risks due to unsafe conditions or actions before they occur so that accidents or incidents at workplace can be prevented.

横展開　yokotenkai　|　水平展開　suiheitenkai

Yokotenkai or Suiheitenkai translates to “best practice sharing”. It is an essential part of long term success in a lean culture. Achieve a result, and then share the results, learn from it & adopt it wherever applicable, and immediately recreate and multiply the success.

ポカヨケ　pokayoke

Poka Yoke means “Mistake proofing” or avoiding inadverdent errors. It is utilised in both the manufacturing and service industries. Its purpose is to eliminate product/process defects by preventing, correcting, or drawing attention to human errors as they occur.

5S

Seiri, Seiton, Seiso, Seiketsu, and Shitsuke are the five Japanese words that stand for Sort, Set, Shine, Standardise, and Sustain. The essence of 5S can be summarized as : “Only what is needed, in its proper place, clean and ready for use”. Its simplicity, practical applicability, and visual nature makes it an easy methodology for all types of companies from manufacturing plants to offices.

Katakana Terms

Katakana is typically used to write foreign words and the names of foreign individuals and places. However, katakana is sometimes used to write words that can also be written in hiragana or kanji. This is to emphazise the kanji words or to bring about rhythm in a sentence. The following are some words that are commonly used at work in casual chat or in meetings.

テーマ・ネタ　Topic

This refers to the topic of discussion.

オンスケ　Onschedule　｜　リスケ　Reschedule

The original words in english are on schedule and reschedule. On schedule means the meeting or plan is on schedule. If a schedule change is required, the term reschedule will be used.

クレーム　Complaint

This refers to an opinion or requirement from a customer in case of dissatisfaction w.r.t a defective product or bad service. The customer can demand either improvements or necessary actions.

イラスト　Illustration

The original english word is illustration. An illustration is a visual portrayal of a text, concept, or process that is intended for use in print and digitally produced media.

エビデンス　evidence

The english meaning of this word is proof. At a Japanese workplace this term is used to keep a record of interactions such as meetings, correspondence, and so on that can be retrieved later on.

ブレスト　brainstorming

The English word brainstorming refers to a group creativity process for product planning, new business start-up, team development, and other purposes. Here, efforts are made to collect a list of ideas spontaneously given by its participants.

ヒヤリング　hearing

At Japanese workplace, this term refers to the process of obtaining information through meetings or other formal interactions.

Reference :

• Handy Japanese Proverbs & Idioms
• Popular Japanese Proverbs and Idioms on Self-Development
• Good to know rules for those employed in Japan
• Japanese Workplace Etiquette
• Japanese Work Culture

Introduction

As you might be knowing, ITIL is a framework for service management. ITIL is the most widely used ITSM framework in the entire world. Most large companies have built their IT service management systems and processes around the ideas and concepts of ITIL framework. Currently we are in the 4th Industrial revolution, where fusion of technologies has blurred the lines between physical and digital realms. Technologies such as Cloud computing, IoT, Machine Learning, Blockchain, Self driving cars etc. have transformed our world economies and our lives.

ITIL 4 is not considered as ITIL version 4, instead it means ITIL for the 4th Industrial revolution. ITIL 4 Foundation will introduce readers to the management of the modern IT-enabled services, provide them with an understanding of the common language and key concepts and show them how they can improve their work and the work of their organization with ITIL 4 guidance.

Service Management

Service management is defined as a set of specialized organizational
capabilities for enabling value to customers in the form of services. More and more organizations recognize that value is co-created through an active
collaboration between providers and consumers, as well as other organizations that are part of the relevant service relationships. Those organizations that deliver services are referred to as service providers. Those to whom services are delivered are referred to as service consumers. By the way, an organization is a person or a group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives.

Service Consumer Roles can be classified as customer, user and sponsor. A customer is one who defines requirements for services and takes responsibility for outcomes from service consumption. A person who uses the services is a user. While a person who authorizes the budget for service consumption is a sponsor. By the way, a service is a means of enabling value co-creation by facilitating outcomes that customers want to achieve, without the customer having to manage specific costs and risks. The term outcome refers to a result for a stakeholder enabled by one or more outputs.

Service Relationship

In order to create value, service providers have to provide more than just the service. Service Relationship is a co-operation between a service provider and service consumer that includes service provision, service consumption and service relationship management. The term service provision refers to the activities performed by an organization to provide the services. Service consumption points to the activities performed by the organization/or a person to consume the services. Finally the term, service relationship management refers to the activities that the service provider and service consumer perform together to enable value co-creation to occur based upon the service offerings.

In this section we will look into the different relationships involved in providing any single service. For example, a facility organization can rent office space to an IT organization. IT organization can also provide IT services to the facility organization in addition to its other customer organizations. The customer organization inturn provides services to its users. Interactions between organizations are more likely a network or ecosystem rather than the simple sequence of interaction between organizations as shown below.

The above service relationship model depicts the sequence of service relationships between the various organizations involved in our example.

Costs and Risks

Costs refer to the amount of money spent on a specific activity or a resource. Costs can also be expressed in non-financial terms like man-hours or Full time equivalent (FTE). A service provider aims to reduce or remove costs for you when providing a service. For example, when a person who rarely makes a call or uses internet purchases a mobile connection service, a package that involves minimum charges on calls and internet connection would provide more value.

Risk is a possible event that could cause harm, loss or make it more difficult to achieve objectives. A service provider’s goal should be to reduce risk for the consumer. Risk is potentially imposed on consumers by the service. Consumers should contribute to reducing the risk by taking some mitigating actions like communicating the needs and constraints to the service provider. Even here value can be co-created or risks can be reduced by mutual co-operation. However, risks can either be avoided, accepted, transferred or mitigated and cannot be eliminated completely.

Utility and Warranty

Utility is the functionality offered by a product or service to meet a particular need. In short, it means “Fit for Purpose”. While, warranty is the assurance that a product or service will meet agreed requirements. In short, it means “Fit for Use”. A service should have both utility and warranty in order to be successful. Warranty addresses areas such a availability, capacity, security levels and continuity w.r.t to a service infrastructure.

Four Dimensions of Service Management

As shown in the below picture, the value at the center is co-created through the various products and services. When a service provider creates a product or service to a customer, the service provider will look at it in 4 perspectives or dimensions. The perspectives are Organizations & people, Information & technology, Partners & suppliers and Value streams & processes. The external factors ,i.e, PESTLE in clockwise order starting with Political factors need to be considered when building your services as they might have an impact.

The first dimension of Organizations & people focuses on how are we going to setup the organization, how is it going to function, what kind of culture it is going to have, how do we take care of the people so that people can deliver the products and services to create value to the customer.

The second dimension of Information & technology stresses on points like, is it compatible with the current architecture, does it raise any regulatory, compliance or information security control issues, will it continue to be viable in the foreseeable future, does it align with the service provider / service consumer strategy, does the organization have the right skills to support and maintain the technology ,i.e, with or without automation, does it have additional capabilities that can be leveraged for other products and services, does it introduce new risks and constraints to the organization, risk tolerance.

Partners & suppliers do not fit under the dimension one, the reason being Organization & people is internally focused to the organization, while partners & suppliers is externally focused. Partners are more closely tied to the organization business while suppliers are more commodity based. Every organization relies on other partners & suppliers and is based on goals, culture and business environment of the organization.

Value streams & processes defines the activities, workflows, controls and procedures needed to achieve the agreed upon objectives. The definition of Value stream is, a series of steps an organization undertakes to create and deliver products and services to service consumers. This combines all of the organization’s value chain activities. Process is a set of interrelated or interacting activities that transforms inputs into outputs. A well defined process can improve productivity, be optimized and will be automated. This dimension is more concerned about delivering a product or service to a consumer by executing certain processes that is part of a value stream.

Service Value System

Service Value System (SVS) describes how all the components of the organization work together as a system to enable value co-creation. The purpose is to ensure that the organization continually co-creates value with all stakeholders through the use and management of products and services. As shown in the below picture, the SVS consists of three parts namely the opportunity/demand as input, value as output, the central part with the Service value chain-Governance-Practices-Guiding principles-Continual improvement. In simple words, the idea of service value system is to take something in, add value, and put it out on the other side

Opportunity, demand and Value

Opportunities represent options or possibilities to add value for stakeholders or otherwise improve the organization. For example: create a new product or service and bring them to market to add value. The other input ,i.e, the demand is the need or desire for products and services among internal and external consumers. The output ,i.e, the Value is the outcome of the service value system that enables creation of many different types of value for a wide group of stakeholders.

Governance

Governance is the means by which an organization is directed and controlled. ITIL being a best practice provides a framework for governance. For example, you may come up with activities, process and procedures to handle something like change management within your organization. You will build the activities and procedures around the governance so that they are inline with the governance that is part of the high level of your organization.

Guiding principles

Guiding principle is a recommendation that guides an organization in all circumstances. Though the approach to service management may differ with organizations, the guiding principles should be the same. Guiding principles encourage and support organizations in continual improvement across all levels of the organization. Of the seven guiding principles, consider which of the guiding principles are relevant to your situation. The seven guiding principles are as follows;

• Focus on Value

Everything the organization does should link back, directly or indirectly, to value for itself, its customers and other stakeholders.

• Start Where You Are

Don’t start over without first considering what is already available to be leveraged. By figuring out the existing steps, you will get to know what useful steps to be taken forward and non-useful steps to be left out. All of this is done by measuring what you have. Measurement should be used to support the analysis of what has been observed rather than to replace it.

• Progress Iteratively with Feedback

Working in a time boxed and iterative manner with embedded feedback loops allows for greater flexibility, faster responses to needs, the ability to respond to failure earlier, and an overall improvement in quality.

• Collaborate and Promote Visibility

Collaboration is about working together and promotes visibility. Collaborate and promote visibility is about, making sure the information is getting up to the right people, at the right level, to make the right decisions.

• Think and Work Holistically

A holistic approach to service management requires an understanding of how all the parts of an organization work together in an integrated way. Collaboration is one of the key points here. Automation can help you to work more holistically. Automation of Service desk can be provided as an example.

• Keep it Simple and Practical

Outcome based thinking should be used to produce practical solutions which deliver valuable outcomes using the minimum number of steps. Having a holistic view of the organization’s work and starting with an uncomplicated approach are important. By keeping it simple, it makes things easier to understand, more likely to be adopted, and is the best route to achieve the quick wins.

• Optimize and Automate

Optimization is to make something as effective and useful as it makes sense to do. While, automation is using technology to perform a step or series of steps correctly and consistently with limited or no human intervention. The point here is to simplify and optimize before automating. Make use of the other guiding principles when applying this one.

Service Value Chain

The central part of the service value system is the service value chain that consists of Plan, Improve, Engage, Design and transition, Obtain/build, deliver and support activities as depicted in the below picture. The below picture does not depict a linear sequence of events. However, in ITIL v3 we had the service life cycle that had a linear sequence of actions starting with the service strategy, service design, service transition, service operation and continual service improvement. In ITIL 4, we normally start with engage but we always don’t have to. Based on this, we will touch upon other activities within the service value chain that can interact with each other in any order.

• Plan

Ensures a shared understanding of the vision, current status, and improvement direction for all four dimensions of ITSM and all products and services across the organization. Inputs to the plan process can be from the organization’s governance body, engage process, improve process, design & transition and obtain/build. All the information is used to plan the updated service roadmap. Outputs can either go to the engage, improve or design & transition process.

• Improve

Ensures continual improvement of products, services, and practices across all value chain activities and the four dimensions of service management. Inputs to the improve activity can be from the deliver & support process, engage process and all other value chain activities. Outputs can be directed towards all value chain activities.

• Engage

The purpose is to provide good understanding of internal / external stakeholder needs, continual engagement, transparency and maintain good relationships with all stakeholders. Inputs to the engage activity can be from the plan, deliver and support process, customers, partners & suppliers and all other value chain activities. The outputs from engage can go to the customer, any of the value chain activities.

• Design & Transition

The purpose is to ensure that products and services continually meet stakeholder expectations for quality, costs, and time to market.
There are a lot of inputs from the plan, engage, improve and the other value chain activities. The output from the activity will be fed to obtain/build, engage, deliver & support and to all the other value chain activities.

• Obtain/Build

This activity ensures that service components are available when and where they are needed, and that they meet agreed upon specifications. There are a lot of inputs from the plan, engage, external & internal partner & suppliers, all other value chain activities. The output goes to design & transition and/or delivery & support, other value chain activities.

• Deliver and Support

This activity ensures that services are delivered and supported according to agreed specifications and stakeholder expectations. People in IT support are part of the deliver and support. The inputs to this process can be from the design & transition, engage, obtain/build, improve. The outputs are the services delivered to customers and users. Other outputs are fed to engage, improve, design & transition and obtain/build.

Continual Improvement

As depicted in the lowest part of the SVS picture above , continual improvement is a part of the 34 ITIL practices that comes under the practices activity which is just above the continual improvement activity in the picture. Since continual improvement is that important, it has been separately mentioned. The purpose of continual improvement practice is to align the organization’s practices and services with changing business needs through the ongoing identification and improvement of services, service components, practices, or any element involved in the efficient and effective management of products and services.

Continual Improvement Model is a seven step methodology that provides a framework for improvement operations with organizations.

As shown in the above picture, the model starts with the step1 “What is the vision?”, the subsequent steps follow and the final step ,i.e, step7 would be “How do we keep the momentum going?”. However we restart it once again with the step1 as continual improvement is an ongoing process that never stops. This may continue until we have the best product or service possible.

• What is the vision?

The vision for the organization is going to come from the top leadership. By understanding the vision, we can drill it down to our specific case and get to know the status of all the improvements, who is going to help whom and how it is going to affect the organization as a whole.

• Where are we now?

The success of an improvement initiative depends upon the starting point and the impact of the initiative. It is difficult to track and measure effectiveness of any improvement initiative if you never determined where you started from. So it is important to create an objective baseline or a starting point metric.

• Where do we want to be?

From the baseline we got to know the current status, so we need to know our next step. Gap analysis looks at our overall vision, where we currently are, and where we want to be over some amount of time. Based on this analysis using KPI and Critical Success Factor(CSF) metrics, we will get to know what the gap/delta is. Set the goals based on this.

• How do we get there?

In this step we are going to create an improvement plan. The plan may be simple and direct or a complex one. Break the complex plan into manageable chunks and check progress after each iteration.

• Take Action

Here we put the plans into motion. The waterfall or agile method can be used to execute your plans and depends on the situation on which you want to use. Measuring the progress, managing the risk, ensuring visibility are important.

• Did we get there?

In this step we check the progress that can be either positive or negative. Our current state, i.e, “where are we today?” is compared against the original baseline of step2. Based on the new baseline we need to determine the next steps.

• How do we keep the momentum going?

If we meet the goal we need not stop there, as we need to keep improving. In case we did not meet the goals, we need to get back, readjust and figure out on how to meet the goals. If we meet the goals, it is important to attempt to continue the improvement gains across the organization.

Practices

As mentioned in the earlier section there are 34 ITIL practices. Since the section is huge, i will be explaining the details under a separate heading. Practice is a set of organized resources, designed for performing work or accomplishing an objective. Each practice supports multiple value chain activities. The 34 practices are divided into three categories as follows.

General Management Practices

There are 14 general management practices. These general management principles/practices have been adopted/adapted for service management for more general business management domains.

• Continual Improvement

When working on continual improvement, the methods/models/techniques like Lean, Multi-phase projects, Balanced scorecard, Agile, Maturing assessments, Devops, SWOT analysis will be helpful. One more helpful tool, Continual Improvement Register (CIR) is a database of structured document to track and manage improvement ideas from identification through to final action. All value chain activities are subject to continual improvement as we are always trying to improve our activities and processes. Refer to the earlier section for more information on the topic.

• Information Security Management

This is to protect the information needed by the organization to conduct its business. The primary focus is on the balanced protection of Confidentiality, Integrity, Availability, Authentication, Non-repudiation of data.

• Relationship Management

The purpose is to establish and nurture the links between the organization and its stakeholders at strategic and tactical levels. This is done by identifying, analyzing, monitoring and doing continual improvement of those relationships between various stakeholders.

• Supplier Management

The purpose of supplier management is to ensure that the organization’s suppliers and their performance are managed appropriately to support the provision of seamless and quality products, services and components.

NOTE : The following practices are mentioned for awareness only and will not be part of the test.

• Architecture Management – Provides an understanding of all the different elements that make up an organization and how those elements interrelate, enabling the organization to effectively achieve its current and future objectives.
• Knowledge Management – Provides an understanding of all the different elements/data that make up an organization and how those elements interrelate to generate wisdom needed to make decisions.
• Measurement and Reporting – This practice supports good decision making and continual improvement by decreasing levels of uncertainty. Example : Baseline.
• Organization Change Management – Ensures that changes in an organization are smoothly and successfully implemented and that lasting benefits are achieved by managing the human aspects of change.
• Portfolio Management – Ensures an organization has the right mix of programs, projects, products and services to execute its strategy within its funding and resource constraints.
• Project Management – Ensures that all of an organization’s projects are delivered successfully. PMP & Prince2 are the methodologies available.
• Risk Management – Ensures that an organization understands and effectively handles risk either through avoidance, mitigation, transfer or acceptance.
• Service Financial Management – Supports the organization’s strategies and plans for service management by ensuring that the organization’s financial resources and investments are being used effectively.
• Strategy Management – Here the top management formulates the goals of the organization and adopts the courses of action and allocation of resources necessary for achieving those goals.
• Workforce and Talent Management – Ensures that an organization has the right people with the appropriate skills and knowledge and in the correct roles to support its business objectives.

Service Management Practices

Service Management Practices have been developed in the service management and IT service management industries over the past decades. In ITIL 4 there are 17 service management practices.

• Change Control

This is all about maximizing the number of successful IT changes by ensuring that risks have been properly assessed, authorizing changes to proceed, and managing the change schedule. As you know, change is the addition, modification or removal of anything that could have a direct or indirect effect on IT services. Changes are of three type namely; standard, normal and emergency changes. A standard change is pre-authorized, low risk and well understood (ex: password reset). A normal change requires some level of authorization, is planned and scheduled in advance (ex:server upgrade). Emergency change has an expedited assessment and authorization process so that it is introduced as soon as possible (ex: file server crash).

• Incident Management

The purpose of incident management is to minimize the negative impact of incidents by restoring normal service operation as quickly as possible. As you know, incident is an unplanned interruption to a service or reduction in the quality of service. Every incident must be logged, updated, managed to the agreed upon target resolution times and prioritized. Incident management requires a high level of collaboration within and between the teams.

• Problem Management

This reduces the likelihood and impact of incidents by identifying actual and potential causes of incidents and managing workarounds and known errors. As you know, a problem is a cause or potential cause of one or more incidents. While, a known error is a problem that has been analyzed and has not been resolved. Workaround is a solution that reduces or eliminates the impact of an incident or problem for which a full resolution is not yet available. To summarize, in problem management we find the things that happen again and again and solve the root cause.

• Service Desk

The purpose of this practice is to capture demand for incident resolution and service requests. It should also be the single point of contact for your service provider for all of its users. Once the issue/request is received by the service desk, the workflow is to acknowledge, classify, own and act. There are 4 types, namely’; local, centralized, virtual and follow the sun. A local service desk is located within or close to the users that it serves. A centralized service desk uses a single centralized location to serve all users. It is efficient and cost effective compared to the local service desk. A virtual service desk allows agents to work from multiple, geographically dispersed locations giving the impression of a centralized service desk. In follow the sun, two or more geographically dispersed service desks are combined to provide 24hr follow the sun coverage.

• Service Level Management (SLM)

The purpose of this practice is to set clear business based targets for service performance so that the delivery of a service can be properly assessed, monitored and managed against those targets. All of the service levels will be written down in a service level agreement (SLA). SLA can be defined as a documented agreement between a service provider and a customer, that identifies services required and the expected level of service. SLA should be written in a simple language and should be easy to understand. Other than SLA, things like initial listening, customer feedback, business metrics, operational metrics (ex: server uptime) etc can go into the SLM. SLM affects all the value chain activities.

• Service Request Management (SRM)

This supports the agreed quality of a service by handling all predefined, user initiated service requests in an effective and user friendly manner. Service Request (SR) is a request from a user or user’s authorized representative that initiates a service action that has been agreed as a normal part of service delivery. SRs can have simple/complex workflows, but make sure to test, optimize and then automate the steps involved. To summarize, SRM is all about making sure the users are getting what they need so that they can operate at peak efficiency (ex: provision a resource, increase capacity etc).

• IT Asset Management

The purpose is to plan and manage the full life cycle of all IT assets, to help the organization : maximize value, control costs, manage risks, support decision making about purchase/re-use/retirement of assets, meet regulatory and contractual requirements. IT Asset can be defined as any valuable component that can contribute to the delivery of an IT product or service.

• Monitoring and Event Management

The purpose is to systematically observe a service or service component, and record, report selected changes of state identified as events. Event is any change of state that has significance for the management of a configuration item (CI) or IT service (ex: successful login, failed login).

• Release Management

The purpose is to make new and changed services and features available for use.

• Service Configuration Management

Here the purpose is to ensure that accurate and reliable information about the configuration of services, and the CIs that support them, is available when and where it is needed. Where configuration item (CI) is any component that needs to be managed in order to deliver an IT service (ex:server, desktop etc).

NOTE : The following practices are mentioned for awareness only and will not be part of the test.

• Availability Management – This ensures services deliver agreed levels of availability to meet the needs of customers and users.
• Business Analysis – This helps to analyze a business or some element of the business, to define its needs and recommend solutions to address those needs, or to solve a problem. This helps to create value.
• Capacity and Performance Management – This ensures services achieve agreed upon and expected performance, satisfying current and future demand in a cost effective way.
• Service Catalog Management – This provides a single source of consistent information on all services and service offerings, and ensures that it is available to the relevant audience. The idea of service catalog management is to tell people what is coming, what is to be taken away and what is currently available.
• Service Continuity Management – This ensures that the availability and performance of a service is maintained at a sufficient level in the event of a disaster.
• Service Design – This is about the practice of designing products and services that are fit for purpose, fit for use, and that can be delivered by the organization and its ecosystem.
• Service Validation and Testing – This ensures that new or changed products and services meet defined requirements.

Technical Management Practices

These have been adapted from technology management domains for service management purposes by expanding or shifting their focus from technology solutions to IT services. In ITIL 4 there are only 3 technology management solutions covered.

• Deployment Management

The purpose is to move new or changed hardware, software, documentation, processes or any other components to live environments. In ITIL 4, release and deployment management are two different things. Release is more about approvals, while deployment is about moving change to the live environment.

NOTE : The following practices are mentioned for awareness only and will not be part of the test.

• Infrastructure and Platform Management – This is responsible for overseeing the infrastructure and platforms used by an organization. Normally, this is people who are inside your Network/Security OC.
• Software Development and Management – This ensures that application meets internal and external stakeholder needs, in terms of functionality, reliability, maintainability, compliance and auditability.

Further Reading :

• Understanding Data Center and Service Desk Operations
• ITSM and System Management Tools : A Basic Guide
• Enterprise IT Infrastructure & Support
• Towards Human Error Zero through KY
• Lean and Six Sigma in brief

Business manner is the basic necessity in-order to work smoothly in a society or a workplace environment. So if the foundation of business manner is strong, trust with others can be built easily leading to a good workplace environment. If a person is highly skilled it doesn’t mean that he/she will be assigned a job or project immediately, only after the foundation of trust is built he will be assigned a proper job. The trust factor here comes from a proper display of business manner which is based on the human skills like pro-activeness, judgemental power and expressiveness. The main thing expected out of a person in the business world is maintaining good people relations which is dependent upon the expressiveness of the person ,i.e, proper judgement of situations and proactively reacting to it.

So, in Japan a person who has gained the trust and has sufficient skill set will be called a true professional or a capable business man.

Important requirements for a working professional

Relationship

Good relationships start with good people skills,i.e, how well you collaborate, communicate and deal with conflict.
There are several characteristics that make up good, healthy working relationship:

・Trust
This is the foundation of every good relationship. When you trust your team and colleagues, you form a powerful bond that helps you to work and communicate more effectively. If you trust the people you work with, you can be open and honest in your thoughts and actions, and you don’t have to waste time and energy “watching your back.”

・Mutual Respect
When you respect the people who you work with, you value their input and ideas, and they value yours. Working together, you can develop solutions based on your collective insight, wisdom and creativity.

・Mindfulness
This means taking responsibility for your words and actions. Those who are mindful are careful and attend to what they say, and they don’t let their own negative emotions impact the people around them.

・Open Communication
We communicate all day, whether we’re sending emails and IMs, or meeting face to face. The better and more effectively you communicate with those around you, the richer your relationships will be. All good relationships depend on open, honest communication.

Understanding Business manner is about knowing the ‘activity model’ of social ethics or people relationship. Here, one needs to identify the morals and associated people relations with one’s heart. It is most important to connect the heart with human relationships which forms the core of business manner understanding. The word heart refers to concern and consideration.

Find below a couple of examples related to right attitude w.r.t human relationship and applying heart w.r.t human relationship:

1) No matter how close a person is to his colleague or senior at workplace, he needs to behave with the basic workplace etiquette in mind.
2) A newly appointed manager regarding whom there is negative feedback from various sources, should not be dealt with based one others feedback but with one’s viewpoint.

Manner

This is one of the basics of good business manner. To be considerate and have concern towards your subordinates and superiors. When this thoughtful behavior reverberates in your coworker’s heart it leads to smooth interactions and a pleasant working environment.Also the considerate nature always reflects in one’s bowing posture,business card exchange or in other behavioral attitude towards a client. So we can conclude that, when considerate nature reflects in a form or posture we have business manner put into practice.

Find below few examples of various instances which can be referred to as basic skills or core values of business manners in Japan:

・Greeting Manners

• Greeting everyone with a loud voice in the mornings when one enters the office.
• When leaving office in the evening one needs to wish the senior who is still working.

・Posture Manners
The three basic postures are shown in the figure below:

1. Eshaku – The body is bent 15 degrees in this posture and used to greet a subordinate or senior in the office in the morning and evening. Also can be 　a used as a casual way of greeting anyone at office in a day.
2. Keirei – The best situation to use this posture of bending the body 30 degrees is after introducing ourselves during customer visits.
3. Sai-keirei – The best case of using this posture of bending the body 45 degrees is while seeing off the customers which expresses gratitude.

・Manners when going out on a client Visit

• The appointment date and time should be prioritized as per client need.
• When client enters the meeting room, one needs to getup from one’s seat and greet. Later on introduce self(in case of first meeting) and hand over   the business card followed by the Keirei posture.In case of receiving the business card as well the same flow should be followed ending with the Sai-keirei posture which shows deep gratitude towards the client.

・Manners when client visits us

• In case of guiding client inside an elevator, one needs to enter first and press the open button and destination floor button and guide the client inside. However in cases wherein there are people already inside the elevator, one needs to hold the door with one hand and guide the client inside first and later enter. While getting off the elevator one needs to press the open button and guide the client outside first and later move out of the elevator.
• It is a good practice to knock the door of meeting room before entering. Also in case of door which opens on the inside of the room one needs to enter first and invite the clients inside. However in case of door which opens outside, one needs to hold the door and show the client inside first and later enter the room.

・Seating Manners
Seating manners are also too important in Japanese business. Refer to the various instances as displayed in the below figure.

The Senior most person will be given the seat farthest from the door in a meeting room while the junior most will be seated near to the door. In case of a taxi, senior most employee will be given the seat behind the driver while the junior most employee will be seated on the passenger seat next to the driver. In a train or aeroplane, senior most person will be given the seat next to the window in the direction of motion. Finally the position in a elevator will be behind the junior most person who will operate the panel. The 1,2,3,4,5 numbers in the below picture refer to the employees from the senior most to the junior most position in the order.

Communication style

All good relationships are dependent on how much we respect the other person’s thinking or values and his position. This considerate nature is the starting step in building a satisfactory communication.Lets get to know more about the considerate nature communication style used to connect with people.

Understanding the connection between communication style and relationships

“To make or mar depends on the telling” is the translation of a famous Japanese proverb. This simply means that, people may or may not get offended by the way you speak and mentioning “i didn’t mean that” might be too late to say once one is offended. However, if one is considerate and gentle towards others feelings even the unsaid things can be understood leading to a communication style which touches the other person’s heart. This considerate nature improves people relationships resulting in strong bonds and high efficiency within teams at workplace.

• Points to be taken care of when listening to others
  1) Make agreeable responses in order to make the person feel at ease
  2) Look the person in eye while making the agreeable response
  3) Listen to the person till the end of his conversation without interrupting
• Points to be taken care of when talking to others
  1) Use respectful words as much as possible even while speaking to a colleague or coworker
  2) When asked about a topic which one is not well versed about, avoid creating false impressions and convey your true knowledge
  3) Do not deny a person’s opinion outright.

Knowledge of the basic Keigo/ Honorifics

Keigo is the verbal expression of one’s respect towards the other person’s position or standpoint. We can say that keigo is the basic human skill required because incase our respect towards a person doesn’t match in words there is an imbalance which needs to be addressed to with high priority. There are some rules to use the Keigo which we will learn in this section.

Keigo consists of following types, which uses different expressions for different situations;

1. Honorific language (Sonkeigo)
   Sonkeigo, or the respectful form, is used to show respect to someone of higher position. This can be somebody in the same company of higher rank or a client for example.
2. Humble language (Kenjougo)
   When referring to him or herself in business, the Japanese will use a form called Kenjougo.The form essentially tries to show respect by deliberately referring to oneself lower than the listener (who typically are of higher rank or position).
3. Polite language (Teineigo)
   Teineigo is perhaps the easiest and the most commonly used by everybody (including native Japanese speakers). This is because the Teineigo is usually the first form of Keigo that is taught to students learning the Japanese language.

Below picture gives a pictorial representation of the above forms;

Refer below the Keigo list of various verbs;

Basic knowledge of situation based communication style

A true professional or a capable business person chooses different communication style for situations like reporting or explanation, requests, trouble resolution etc. The main motive here is the same as point number one above ,i.e, relating communication style to relationships. Planning of communication techniques based on positive response from the audience in-order to develop good relationships.

・Reporting
The purpose of reporting is to provide information. There are various types here like business reporting, management reporting, office reporting etc. The basic idea in all the reporting types is to communicate the information as it is in a simple and understandable way. The main point here is to start from the conclusion or summary and elaborate on that thereby giving priority to the superior’s time. This is the true quality of a considerate business person.

・Explanation
The purpose of explanation is to make the audience understand your point. Instances like explanation of new features of a product to the customer, explaining one’s point of view in a meeting, explaining the work procedure to one’s team etc are a few cases which requires explanation from a business perspective. The important thing here is to use simple words and be specific so that the other party can understand your viewpoint easily.

・Requesting
Where every one in the team is involved in their routine work, in addition to that if we need cooperation from the team on another task at hand we need to make a request. The way to request is, first ask about the status of the current work and express one’s understanding regarding the same.On top of that explain about the new task on hand and check the team’s co-operation on get involved.So the gist is to first understand the other person’s current status and get a frank reply regarding cooperation on the new task at hand. This is the way to make a request in-order for the other party to get involved wholeheartedly.

・Grievance Redressal
Whenever there are claims or complaints from the clients, first thing is to accept it and take the responsibility. The next important thing is to rebuild the confidence of one’s organization by wiping off the distrust factor. This is the main purpose behind grievance redressal. In most of the cases whenever there is a complaint we can see people replying as “not a problem with our product” or put the blame on handling the product etc. Here the first thing is to apologize followed by expression of gratitude towards instructions from the customer. By this way of communication we are trying to rebuild the confidence of customer w.r.t our company.

Socializing activities

Of the many socializing activities of a business person in Japan greeting colleagues and customers during end and start of the year, wining and dining with the customers, sending gifts to seniors to express gratitude, thanking a person who was of help are some of the instances during which consideration towards the other person are expressed.

The socializing activities mentioned here are w.r.t to work or business. Hence the person representing the company will be required to show a dignified behavior or business manner. The polite greeting towards the end or start of the year, hospitality shown through corporate entertainment, the gratitude shown by sending summer gifts(chuugen) or winter gifts(seibo) to seniors, the words of concern expressed during visit to a sick coworker or client are all dignified ways of showing one’s heartfelt considerate nature.

Other necessary skills

Information handling

Information gathering, organizing and communicating form the main components of business information cycle. Information here comprises of vital data which may be used for business related activities. The motto of information handling is to have fast access to precise information.

Though clients are the main source of information, we have occasions like business get together parties and pan-industry social events wherein important information can be gathered w.r.t to new business etc. The business manner to be displayed here is to listen patiently to the person providing information in-order to extract the precise information which we want.

The main intention behind organizing information is easy and quick access when needed. Information like business cards, sales or development documents etc are vital data relating to business, when handled properly is a proof that one is seriously involved in one’s work. Also the information managed by us should not be limited to us but must be actively utilized by all concerned in-order to maximize the gains. So organizing of information is vital.

Communicating the actual information in a proper way is of prime importance. The information provided here should be of value to the customer as well. Hence the routine gathering and organizing of information is vital to sharing the needed information to the customer. Also the information limited to us will be of little value when compared to information shared within the team thereby increasing the efficiency of the team. Information like business related documents, problem points etc can be of real help to anyone in the team.

Document management

It is common at workplace to communicate information in writing when the same can be done through a call like an order or notice. The reason behind this can be thought of as to keep a record of transactions, to communicate the point precisely, to communicate the information to multiple people at a time etc.

Communication in writing,i.e, documentation can be broadly divided into internal and external documents.The internal documentation or the document circulated within the company should prioritize on the efficiency aspect rather than politeness. Whereas an external document to be sent to a client should follow a specific format and must consist of polite words. Here we are following a writing format which keeps the recipient in high esteem.

The format above shows the layout of an internal document like a notice and the below format picture depicts an external document like a letter sent to a client.

One more section which falls under this section of necessary skill is meetings, regarding which we had discussed earlier in the situation based communication style and seating manners part.

To sum it up, i have tried my maximum to write in simple words regarding workplace practices expected out of a professional in Japan. I hope you find it useful!

Sources :
ビジナス実務マナー検定 受験ガイド(Business Practice Manner Test Guidebook), Work Experience

The most common cause of workplace accidents or industrial accidents is often attributed to human error such as operational error, judgmental error, and job-related error, all of which are caused by human characteristics. Human behavioral characteristics, such as mistakes and carelessness, are called “human characteristics,” and errors caused by human characteristics are called “human errors.”One more major effect of human error is that it leads to interruption of services to customer, resulting in loss of trust and/or compensation for damages.

Work is always accompanied by issues related to human error, and unsafe behavior accounts for about 90% of all accidents, including those caused by inexperienced and unskilled workers.Most of the human errors are said to be associated with psychological factors affecting human behavior like carelessness and assumption based work.

Specific safety methods were developed so that workplaces can take steps on preemptive action for safety which includes hazard prediction training and pointing and calling. Activities incorporating these methods in a unified manner are called hazard prediction activities and will result in improved customer satisfaction.

Below points need to be kept in mind while doing any work;
• Take appropriate measures beforehand in order to counter risk after identification.
• Recheck at each of the important stages of work.
• Do the things that are obvious and need to be done.
• Human error reduction through Team work and communication.

Human Error and Hiyari Hatto

Human Error : An inappropriate or undesirable human behavior or decision that reduces, or has the potential for reducing, effectiveness, safety, or system performance resulting in trouble, accident or escalations.

Undesirable or inappropriate human behavior can be anything concerned with human nature like misjudgement, mishearing, verbal slip-up, misunderstand, carelessness. Even risk taking factors like rule violation wherein difficulty to abide, probability that it is ok to violate as others are doing can also be categorized as inappropriate behavior.

Hiyari Hatto (HH) : An inappropriate or undesirable human behavior or decision that reduces, or has the potential for reducing, effectiveness, safety, or system performance but didn’t result in trouble, accident or escalations.

Hiyari Hatto is a Japanese term. It means Experience of Almost Accident situation. Hiyari Hatto (HH) is a System to
• Identify the possible danger through Team members experience
• Develop the countermeasure utilizing their expertise and
• Implement the same in consultation with Team members supervisor

It is a pro-active exercise but not post mortem after accident.

What is HEZ Activity/Campaign

Each and every individual human being is irreplaceable. The HEZ(Human Error Zero) Campaign aims for zero accidents in the workplace resulting in increased customer satisfaction.The Campaign builds on the three principles of zero accidents, preemptive action, and participation to implement the KY activity in order to prevent human errors and bring about increased customer satisfaction.

The three principles

The following are the three basic principles.

The principle of zero accidents
“Zero accidents” means to achieve an accident free workplace (not only no fatal accidents or accidents causing absent from work, but also no accidents, including industrial accidents, occupational illness, or other accidents) by detecting, understanding, and solving all hazards (problems) in everybody’s daily life as well as potential hazards existing in workplaces and work and should be implemented 100%.

The principle of preemptive action
“Preemptive action” means to prevent all accidents and industrial accidents by detecting, understanding, and solving all hazards (problems) in everybody’s daily life as well as potential hazards existing in workplaces and work in order to create a brighter and more vigorous workplace with zero accidents and zero diseases as an ultimate goal.

Here the basic understanding is that, counter measures need to be developed for hiyari hatto which may lead to accidents or trouble. On the other hand, unsafe actions which may lead to hiyari hatto should also be identified beforehand and appropriate counter measures be taken. Also in situation where accident has happened already, the causes need to be found out in order to avoid re-occurrence.

As per Heinrich’s findings for every accident that causes a major injury, there are 29 accidents that cause minor injuries and 300 accidents that cause no injuries or “near misses.” He felt that because accidents share many common root causes, addressing the commonplace accidents will help eliminate major injuries or fatalities down the road. Heinrich also believed from his findings that 85 to 95% of all workplace accidents stem from unsafe actions by individuals.

The principle of participation
“Participation” means to make a concerted effort by managers, supervisors, staff, and workers to detect, understand, and solve potential hazards (problems) existing in workplaces and work. It requires the voluntary effort and commitment of all those involved in actions for problem-solving.

Hazard Prediction Activity(KY Katsudo)
*KY Katsudo (K: kiken (hazard), Y: yochi (prediction), Katsudo: Activity)

Hazard Prediction(KY) Activity is a brainstorming drill to discuss, mutually consider and understand all potential human error factors in advance. The potential human errors can rise out of human trait like carelessness (misjudgement, mishearing etc) and risk taking activities like rule violation(follow the crowd, assumption based work etc). The purpose of KY activity is to detect possible human errors beforehand or even in the case of human error should not result in affecting customer services. This activity is used in the promotion of HEZ campaign.

Here you can find a sample of KY Activity chart used during the brainstorming drill, just before start of work.

HE Preventive Measures

In order to tackle accidents caused by human error the following three preventive measures must be ensured:

Hardware (equipment, facilities, and other tools)
It is important to push ahead with safety and health measures in terms of Fail Safe or Fool Proof hardware (facilities, machinery, working environment, and raw materials) for the prevention of accidents caused by human error.

Software (human beings as well as hardware)
In addition to the above measures, it is necessary to improve the working environment including the relationship between workers and hardware as well as work from the perspective of a man-machine system. Here necessary procedure document should be created with checklist sections for the creation, implementation and confirm operations. An environment wherein 4S is implemented would be the best.

Humanware
Humanware incorporates the safety and health management of both hardware and software. Effective humanware hazard prediction activities incorporate countermeasures against human error and include the Health KY, the hazard prediction training (KYT), pointing and calling and the Hiyari hatto.

All the three,i.e., Hardware, Software and Humanware countermeasure put together will result in achieving the goals of HEZ campaign.

HEZ Activity in detail

Here i will take you through the specific actions which must be performed in-order to create a Human Error Zero environment.

(1) HEZ training to all the employees of a company

Appropriate HEZ training to all the employees at different levels of a company needs to be provided. This can go a great way in creating awareness and reduce the Human error at work and eventually make it reach the ideal zero figure.

(2) Strict adherence to the code of conduct at work

While any work is done with the elementary action items being put into practice, the must be adhered to rules should be kept in mind and is known as the code of conduct at work. In any organization, the code of conduct will be released and distributed as either a booklet or a card along with a briefing session regarding the same. The code of conduct document will contain the code of conduct items, concrete examples relating to code of conduct and the definition of terminologies.

The elementary action items are nothing but the consolidated number items of any organization based on the past occurrences of operation error or accidents and is the compilation of preventive measures with respect to the same. A few of the elementary action items are KY drill before start of work, work to be executed as per the procedure document, pointing and calling at each of the important points, contact concerned authority in case of ambiguity or insecurity or abnormality after stopping the work etc.,

(3) Hiyari Hatto activity

In order to target zero HE, the potential accident causing condition should be grasped in advance and procedure should be established to report as many as such cases to the management as possible. Also let’s ensure that countermeasures are taken to all HH in-order to make work place safer, pleasant and easy to work. The below flow chart shows a sample pictorial representation of the HH activity work flow.

(4) Pointing and Calling in every day activity

This activity involves pointing at target objects by stretching your arm and stating out loud, “Such and such is OK” at important points in the work in order to proceed with work safely and correctly. Pointing and calling are methods for raising the consciousness level of workers and confirming that conditions are regular and clear, increasing the accuracy and safety of work.By raising the consciousness level, accidents resulting out of human characteristics of carelessness like misjudgement, mishearing etc., can be avoided.

A few illustrations of the pointing and calling are as follows;
Eg 1) email address confirmation before sending a email – abc@xyz.com address Yoshi!
Eg 2) Cabinet confirmation before leaving your work desk at break time – 1/2/3 desk cabinet/s locked Yoshi!
Eg 3) Tidiness confirmation after finishing work at the end of day – clear desk Yoshi!
Eg 4) Avoiding forgetfulness before moving out –  possess a/b/c Yoshi!

The results of proof testing conducted by the Railway Technical Research Institute in 1994 showed that the rate of work-related errors decreased to less than one-sixth when conducting pointing and calling as compared with doing nothing.

(5) Hazard Prediction Training(KYT) at workplace

Hazard prediction training called ” Kiken-Yochi Training ” (KYT) in Japanese can be defined as a role-play based training method, in which staff members first observe photos/videos or illustrations of everyday scenes in a workplace, and then those scenes are discussed within a group for detection of potential hazards, countermeasures against hazardous issues , and, finally, slogans or messages are created and directed at risk avoidance (ensuring of safety). It was invented in 1974 in Japan for prevention of occupational accidents, and, since the late 1970s, has spread from the manufacturing industry to the entire industrial world. A systematic review reported that KYT reduced the occupational accident rate significantly. Thereafter, KYT was introduced into safety education programs across industries, leading to a significant reduction in accidents.

The KYT Basic 4-Round Method forms the foundation for this activity. Participants openly discuss the hidden hazards depicted in the illustrations of the workplace and work conditions and solve problems by proceeding through the four rounds step by step.

Round 1: What are the hidden hazards? (Understanding the actual situation)
Round 2: These are the danger points. (Investigating the reality)
Round 3: What would you do? (Establishing countermeasures)
Round 4: These are the danger points. (Setting targets)

The KYT method increases the motivation of workers to practice in teams. It uses meetings to sharpen awareness of what constitutes danger. Workers share information on hazards and improve their problem solving capabilities by working on finding solutions in meetings. And they improve their powers of concentration by practicing pointing and calling activities in all of the important points in the work.

In order to maintain long term consistency in the implementation of KYT learnings, the following points should be kept in mind and executed during everyday activities.
1) Sensitivity towards the hazard points
2) Rise the concentration level through pointing and calling
3) Improve problem resolution through KY activity
4) Fire up the motivation through KY activity
5) Display teamwork in detection, understanding and resolution of problems during KY activity
6) Think the problems as your own

(6) Morning and Evening Assembly

In order to perform any task safely and avoid human errors one more important component would be to actively take part in the morning and evening assembly sessions. Other than being an integral part for the execution of everyday activities, here we can find various teams sharing their experiences which may include accident reporting, hiyari hatto incidents, new learnings etc. and thus serves as a place for self development.

KY cycle is a structure wherein Health and safety is integrated as part of everyday activities which includes the morning and evening assembly sessions. Here we can find the various safety techniques included in every work performed as well. Each KY cycle is divided into 3 parts ,i.e, safety measures taken before work, while doing work and after work activities and promotion of human error zero activity is done.

The above picture gives you the description of KY cycle of every day work and relates to every work performed in a day.

(7) Repetition & Reporting

Sometimes the output of our work may differ from the instructions received which was not cross checked. Also there may be times when we may have been asked about the status of work which was not reported. These two are instances wherein the repetition of the instruction received in the former case and reporting of the work status in the latter case are not adhered to.

Repetition(Before start of work)
This is a way of making sure the instruction is received correctly by repeating the instruction contents loudly. So we can get started with the work avoiding any potential human errors with respect to receiving instructions.

Reporting(After work)
This is a way to inform about the progress of work with respect to the instruction received. By this was both the receiving and instructing side can fell safe about the proper progress or completion of work.

(8) 4S(seiri, seiton, seiso, seiketsu)

4S is a workplace organization method abbreviated from the Japanese words seri for “Sort”, seiton for “Set in order”, seiso for “Systematic cleaning” and seiketsu for “Standardize”. Organizing the workplace leads to a safe and healthy environment.

• Sorting — separating the needed from the unneeded. Sorting activities aim to eliminate unneeded items from the work area and to perform an initial cleaning.

• Set in order — a place for everything and everything in its place, clean and ready for use. Simplifying arranges the workplace to ensure safety and efficiency.

• Systematic Cleaning — cleaning for inspection. Systematic daily cleaning and inspection of work areas and equipment help you understand current conditions and determine if corrective action is required.

• Standardize — developing common methods for consistency. Standardizing assures that everyone knows what is expected .It aims to make abnormal conditions noticeable and to document agreements to ensure consistency and sustainability.

The 3 main pillars of the HEZ activity

Implementation of the HEZ Campaign requires three important pillars: the positive attitude of the top management, the complete management of the safety and health system by line managers and supervisors, and the promotion of voluntary activities in the workplace. The HEZ Campaign depends on the mutual relationships and assistance of these three pillars.

1) The positive attitude of the top management
The starting point of safety and health activity is a tough attitude held by top management towards zero accidents and zero diseases.The campaign starts with a determined commitment by the senior management to respect every single worker and ensure no injuries.

2) The complete management of the safety and health system by line managers and supervisors
In order to promote safety and health in the workplace, it is essential for line managers and supervisors to lead by example by integrating safety and health activities into day-to-day work, making safety and health part of the line management.

3) The activation of voluntary activities in the workplace
Human error plays a part in most workplace accidents, and each and every employee needs to be fully aware that responsibility cannot be shifted to others. Employees must engage in small group activities for zero accidents with the awareness that their existence is irreplaceable for their families and dependents and safety and health is their own and their co-worker’s own problem.

Conclusion

The philosophy of the HEZ Activity is to respect human life. Specific safety methods are developed so that workplaces can take steps on preemptive action for safety. Activities incorporating these methods in a unified manner are called hazard prediction(KY) activities. As the system is operated by human beings, so, to make it function properly, it requires the motivation and enthusiasm of all of the people involved in it, namely the top management, the line managers, and the team members.

Sources:
危険予知訓練(KY Training), experience

ISO refers to International Organization for Standardization. It is headquartered in Geneva, Switzerland and is a non-governmental organization. A total of 163 countries are affiliated with the organization. In order to smoothen international transactions with respect to any product or service, concerned authorities from different countries come together to define a set of standards so that same quality and level of a deliverable can be maintained anywhere in the world.

The ISO membership is one organization per country. Majority of the ISO members are a part of the country’s government organization or have been entrusted the responsibility by the government organization of a country.
There are three types of membership types with different privileges as follows;

• Regular Member – Has all the privileges starting from participating in development of standards, taking part in policy making, selling publications and ISO standards with copyrights or with ISO title and logo and finally to be part of the ISO management group. Most of the countries in the world are regular members.

• Correspondence Member – Has all the privileges except, being part of the ISO management group, which is not allowed. A few countries are with this kind of membership.

• Paid Member – Has the privilege for only taking part in the development of standards. As few as three to four countries in the world are with this kind of membership.

The standard organizations is Japan are JISC(Japan Industrial Standards Committee), JAB(Japan Accreditation Board) etc., based on the type of businesses and represent Japan at the ISO. The websites of JIS and JAB provide a detailed information on the various standards released by the respective organizations.

Development of Standards

There are 5 stages in the development of standards;

• Working Draft(WD) development – Vague idea suggested by different groups about a standard to be developed.

• Committee Draft(CD) development – The working draft will be analyzed further by a committee to check for the acceptability world over.

• Draft International Standard(DIS) development and circulation– Once the draft reaches this stage we have a draft standard which can be circulated with other member countries for voting during which suggestions and other feedbacks can be expected and appropriate updations are done. This process usually takes a long time period of one to two years depending upon the completeness of the draft. The ‘OK’ vote should be received from all the participating countries to arrive at the final draft.

• Final Draft International Standard(FDIS) circulation– The DIS will be circulated with all the participating countries for a final confirmation and review before the release.

• Release of International Standard – With the approval of the FDIS by the participating countries, the International Standard with be released.

The ISO can be classified into the following two categories mainly;

1) Standards applicable to objects (pictorial symbols, dimensions)
A few examples are as follows;
ISO 7010/JIS 8210     Emergency exit symbol(Japan design used world over)
ISO/IEC 7810               Card sizes
ISO 68                           Nut size etc.,

2) Standards applicable to management systems
A few examples are as follows;
ISO 9001                      Quality Management System
ISO 14001                    Environment Management System
ISO 27001                    Information Security Management System etc.,

Management System standards and certification

A management system is the way in which an organization manages the inter-related parts of its business in order to achieve its objectives. These objectives can relate to a number of different topics, including product or service quality, operational efficiency, environmental performance, health and safety in the workplace and many more.

The level of complexity of the system will depend on each organization’s specific context. For some organizations, especially smaller ones, it may simply mean having strong leadership from the business owner, providing a clear definition of what is expected from each individual employee and how they contribute to the organization’s overall objectives, without the need for extensive documentation. More complex businesses operating, for example, in highly regulated sectors, may need extensive documentation and regulation in order to fulfil their legal obligations and meet their organizational objectives.

ISO management system standards (MSS) help organizations improve their performance by specifying repeatable steps that organizations consciously implement to achieve their goals and objectives, and to create an organizational culture that reflexively engages in a continuous cycle of self-evaluation, correction and improvement of operations and processes through heightened employee awareness and management leadership and commitment.

There are various management system standards based on industry types and businesses. The type of ISO standard to be implemented entirely depends upon the client requirements or internal risk reduction requirements of a company. Considering Japan in our study, the following three are the major ISO certification standard sought after by most of the companies in Japan.

• ISO 9001
ISO 9001 sets out the criteria for a quality management system and is the only standard in the family that can be certified to (although this is not a requirement). It can be used by any organization, large or small, regardless of its field of activity.

This standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement. Using ISO 9001 helps ensure that customers get consistent, good quality products and services, which in turn brings many business benefits.

• ISO 14001
ISO 14001 specifies the requirements for an environmental management system that an organization can use to enhance its environmental performance. ISO 14001 is intended for use by an organization seeking to manage its environmental responsibilities in a systematic manner that contributes to the environmental pillar of sustainability.

ISO 14001 is applicable to any organization, regardless of size, type and nature, and applies to the environmental aspects of its activities, products and services that the organization determines it can either control or influence considering a life cycle perspective. ISO 14001 does not state specific environmental performance criteria.

• ISO/IEC 27001
ISO/IEC 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

The logos of the above three management systems certified by the JQA(Japan) are as follows;

The ISO management system standards (MSS) is revised once every five years. Though the time period specified is 5 years once, the update may happen based on convenience and state of affairs. For example in case of ISO 9001, the last update happened in 2015 and is named as ISO 9001 : 2015 version. The previous version to 2015 was ISO 9001 : 2008.

In case of an organization wishing to certify to a certain management system (For ex: ISO 14001), the readiness of an organization to the system will first be checked by the JQA(Japan Quality Association) organization. JQA is a body to provide testing and certification service for the various ISO standards as part of quality management system activity.Thus we can say that as JQA checks for the conformity to the various standards and provides the ceritifcation, they have to work in close co-ordination with the various Standards organizations like the JAB, JISC etc.,

The IAF or International Accreditation Forum develops a single worldwide program of conformity assessment which reduces risk for business and its customers by assuring them that accredited certificates may be relied upon. Accreditation assures users of the competence and impartiality of the body accredited. IAF members, i.e., the certifying bodies of member countries(JAB/JISC.. incase of Japan) or registration bodies issue certificates attesting that an organization’s management, products or personnel comply with ISO standard.

Merits of ISO certification

Certification can be a useful tool to add credibility, by demonstrating that your product or service meets the expectations of your customers. For some industries, certification is a legal or contractual requirement. The following points describe the actual merits behind ISO certification.,

1) To gain the trust of customers
In order to demonstrate that a product exported to foreign countries or sold in the domestic market meets a certain level of quality, is safe to the environment and maintains the confidentiality of user data, a 3rd party certifying authority like the ISO is used as a tool.

2) Gaps or Problem identification from a 3rd Party perspective
In case of audit done by an internal party, the seriousness compared to a certifying external body will not be there. So, when the audit is done by a 3rd party body like the ISO, issues or gaps unable to be identified or overlooked by the organization can be certainly expected. Also the auditing ISO personnel will be auditing from a customer’s position so issues unidentified from the customer viewpoint may be also found out.

3) Continuous improvement
Organizations which get certified with the ISO Management System Standards, will have a review yearly once by the concerned ISO authorities. At the end of each yearly audit, the auditors suggest the organization improvement plans with respect to the problems identified. As a result of these continued yearly audits, continued improvement of the organization can be brought about.

The PDCA cycle is the most used methodology to implement a continuous improvement system in a company or organization. The PDCA methodology describes the four essential steps that should be carried out systematically to achieve continuous improvement, defined as a continuous way to improve the quality of products and processes (decrease failures, increase effectiveness and efficiency, problem solving, avoid potential risks etc., ).

The PDCA/Deming Cycle is composed for four cyclic steps as above, so that once we have finished with the final stage we have to start again with the first one, and repeat the cycle again. Doing that in a company, the activities are reevaluated periodically to incorporate new enhancements. The application of this methodology is primarily intended to be used for companies and organizations, but you can also use it in any other situation.

One special characteristic of ISO Management Standard System is the Internal Audit. The internal audit is basically used to check(PDCA) whether the management system built by the organization is functioning properly or not. Also in case of suggestion for changes, a trial period to verify the development of the new process is established. If the improvement does not achieve the initial expectations we will have to modify the process again to obtain the desired objectives.

In other words internal audit is used,
1) To check for the management system functionality.
2) To Identify problems or improvement points.
3) By the concerned manager to implement the audit suggestions in management system improvement.

The internal audit is an indispensable activity as part of the continuous improvement of an organization.

The management systems specify the requirements but do not mention “how to” attain those requirements. So, it is upto the organizations to decide how to attain and to what level based on their targets with respect to the continuous improvement plan. This can be a set of lower level targets before targeting the higher level expectancy of the management system.

Management systems of the future

One of the main changes in the new version of ISO 9001:2015 is the adoption of the High-Level Structure (HLS). That sounds innovative, but it is important because this High-Level Structure means that in the future, all management system standards will be aligned. The core text in the High-Level Structure will be used in every management system standard whether it be for quality, work health and safety, the environment, food safety or another discipline. This common factor also applies to the text of requirements description wherever applicable.  Also, common terminologies will be used in every management system with the same definition.

This common structure is possible because basic concepts such as management, customer requirements, planning, performance, control, monitoring, measurement, auditing, corrective action, and nonconformity are common to all management system standards. Whilst the standards have always had common elements, they have been described and organized differently, making effective integration difficult.

The High-Level Structure will ensure that future management system standards support each other. They will be easier to read and understand, and it will aid greatly in the integration of multiple standards within the one organization. The resulting improved linkages in processes and activities will deliver better value and efficiency.

Conclusion

• In order to smoothen international transactions with respect to any product or service, a set of ISO standards have been set up to maintain the quality and level of a deliverable.
• The ISO standards can be classified as “Standards applicable to Objects” and “Standards applicable to Management systems”.
• The ISO management system is a useful tool to reduce the management risks of each organization.
• The ISO brings about step by step continuous improvement, thus strengthening the organization.
• The common factors as part of future management systems will bring about better integration of multiple standards within an organization resulting in better value and efficiency.

Sources:
Online learning(www.schoo.jp)

Although data center designs are unique, they can generally be classified as internet-facing and enterprise (or internal) data centers. Internet-facing data centers usually support relatively few applications, are typically browser-based, and have many users, typically unknown. In contrast, enterprise data centers service fewer users, but host more applications that vary from off-the-shelf to custom applications.

The main purpose of a data centre design is to run core business or mission critical applications and store operational data as well as providing Disaster Recover (DR) facilities. Typical applications will be enterprise software systems such as Enterprise Resource Planning (ERP) and Customer Relationship Management (CRM) services. Data center architectures and requirements can differ significantly.
For example, a data center built for a cloud service provider like Amazon EC2 satisfies facility, infrastructure, and security requirements that significantly differ from a completely private data center, such as one built for the Pentagon that is dedicated to securing classified data.

Why data centers are business-critical

Most data center deployments are carried out for the following reasons:
•Availability: Maximizing the availability of IT services to the organization.
•Business continuity: The redundancy, monitoring and infrastructure provided by most data centers means that the potential for business  interruption is very low.
•Lower total cost of ownership: Where an organization has several silos of data, it can combine resources and reduce the amount of separate data servers required.
Staff overhead is reduced as administrative operations are simplified, whilst energy and floor space costs are reduced.
•Agility: Centralizing IT infrastructure within a data center creates greater agility since new deployments do not have to be rolled out to multiple physical locations.

Basically, an effective data center operation is achieved through a balanced investment in the facility and equipment housed. The elements of a data center break down as follows:

Facility – the location and white space or usable space, that is available for IT equipment. Providing round-the-clock access to information makes data centers some of the most energy-consuming facilities in the world. A high emphasis is placed on design to optimize white space and environmental control to keep equipment within manufacturer-specified temperature/humidity range.

Support infrastructure – equipment contributing to securely sustaining the highest level of availability possible.
Some components for supporting infrastructure include:
•Uninterruptible Power Sources (UPS) – battery banks, generators and redundant power sources.
•Environmental Control – computer room air conditioners (CRAC), heating, ventilation, and air conditioning (HVAC) systems, and exhaust systems.
•Physical Security Systems – biometrics and video surveillance systems.

IT equipment – actual equipment for IT operations and storage of the organization’s data. This includes servers, storage hardware, cables and racks, as well as a variety of information security elements, such as firewalls.

Operations staff – to monitor operations and maintain IT and infrastructural equipment around the clock.

Data centers have evolved significantly in recent years, adopting technologies such as virtualization to optimize resource utilization and increase IT flexibility. As enterprise IT needs continue to evolve toward on-demand services, many organizations are moving toward cloud-based services and infrastructure. A focus has also been placed on initiatives to reduce the enormous energy consumption of data centers by incorporating more efficient technologies and practices in data center management. Data centers built to these standards have been coined green data centers.

Data Center Solutions

So, what exactly do data centers offer? What’s so great about them versus doing everything in-house.Below is a list of some of the services offered:
•Colocation Services
A colocation data center lies on the opposite spectrum of the in-house data center. Colocation facilities are third party organizations that are multi-tenant accessible, meaning that multiple businesses of any size or industry may house their equipment within the data center. Customers are able to select from a variety of solutions to accommodate the specific requirements for their business.

•Cloud Services like Iaas, Paas, Saas

•Disaster Recovery
This is a flexible and scalable service to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions,as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity.

•Managed Services
Managed hosting service provider is a company or individual that remotely manages a customer’s IT infrastructure.Many small and medium sized businesses tend to use the services of a managed service provider for web servers and website management.

Managed providers will each specialize in a different area of IT. Some may be experts in managed colocation services whereas others are more focused on business connectivity and cloud services.

•High Availability
High availability in the data center refers to systems and components that are continuously operational for a long time. It typically means the systems have been thoroughly tested, are regularly maintained and have redundant components installed to ensure continuous operation.

These services and much more are managed professionally by IT administrators who stay up-to-date with the latest technology and ultimately help a data center’s overall efficiency.

Data center administrators have a long to-do list when it comes to infrastructure monitoring. From server and equipment monitoring — and in some cases, mainframe monitoring — it’s a practice that’s often difficult to juggle, especially if you work in a large data center. But monitoring is an essential task. By obtaining the data you need, you can increase security and scalability, efficiently automate and better align resources with capacity needs.

Instead of scrambling to fix a problem after it occurs, data center admins should strive to be proactive, anticipating issues before end users even notice. But that can be difficult to do without the right data center monitoring tools and strategy.Trends such as mobility, virtualization adoption, new and increasing compliance and governance requirements, and the need to modernize existing infrastructure add further complication to managing the IT environment.

To make information across the enterprise readily available requires an enterprise infrastructure that is managed as an integrated whole. The go to ITSM tool(Example:Opsmart, Remedy etc.,) should provide a flexible, scalable, and open solution.Also the tool should align ITSM resources to support customer business objectives.These services create a centralized operations and support center, providing the customer a cohesive approach to integrate process optimization, systems development and support, and network and service desk management across the business enterprise.

Moving Forward

Due to the cloudification of data centers, current situation is such that it is no longer reserved for any specific type of organizations any longer; they’ve become accessible to almost anyone. Even if in-house IT operations are conceivable for small or large companies, wise IT administrators are choosing to outsource some portions of IT management. In the long run, it saves time, money, and manpower and it’s much less of a headache.

Service Desk Operations

Operations staff have direct responsibility for the availability of computer services; nonetheless, they also have direct contact with users and decision makers. One part of the Operations ,i.e,the service desk also known as the “help desk” is the single point of contact for users to report incidents. Without the service desk, users will contact support staff without the limitations of structure or prioritization. This means that a high-priority incident may be ignored while the staff handles a low-priority incident.

IT Infrastructure Library, ITIL is a set of best practices for an effective IT Service management, ITSM is followed across companies of all sizes.
ITIL enables businesses to handle IT issues and service requests efficiently by assigning clear roles and responsibilities. It helps individuals and organizations to realize business growth and transformation.

ITIL Service Life cycle

ITIL service lifecycle consists of five stages. Each stage has a set of ITIL processes and it is significant to understand the purpose of each process before implementing. However, companies may selectively implement few processes that are necessary.

• Service strategy – Service strategy involves clear understanding of customer’s and market’s needs. This advocates a long-term market driven approach to deliver IT support. Service strategy include strategy management for IT services, service portfolio management, demand management, financial management for IT services and business relationship management that focuses on customer satisfaction.

• Service design – This is an holistic approach to design a support service. The right service design approach translates to higher customer satisfaction and usability. Some of the ITIL service design processes include service level agreement, service catalog management, availability management and IT service continuity management.

• Service Transition – This stage ensures changes in service lifecycle are handled with minimum risk and impact so that there is minimal or no downtime. Some of the processes here include change management, release management, configuration management database, knowledge management.

• Service Operation – ITIL service operation ensures seamless service in day to day business activities. Actual delivery and consumption of services happen during this stage. This has a direct impact on the productivity of end users. Typical processes include incident management, request fulfillment, problem management.

• Continual Service Improvement – CSI aims for process review and improvement throughout the service lifecycle. This is applicable to all service stages including strategy, design, transition and operation. Metrics definition and performance review happen at this stage which help companies to revisit existing process.

Incident Management

ITIL defines an incident as an unplanned interruption to or quality reduction of an IT service. The service level agreements (SLA) defines the agreed-upon service level between the provider and the customer. Incident management focuses solely on handling and escalating incidents to the next level as they occur to restore defined service levels. Incident management does not deal with root cause analysis or problem resolution. The main goal is to take user incidents from a reported stage to a closed stage.

The below figure depicts a sample incident management flow.

The Alerts and incident calls may be related in cases where the incidents result in Alerts on the monitoring tool. However, Alert may occur on tool independently and follows the flow 1 – 3 – 4 – 5 and finally closure of the ticket raised w.r.t to the Alert generated on tool.

The other case is when the Client or user calls up regarding a service disruption issue or a service enhancement support. In such cases, the flow 1 or 2 – 3 – 4 – 5 – 6 is followed. Here as well, once the issue is resolved the concerned ticket is closed.

Operational incident management requires several key pieces:
1.A service level agreement between the provider and the customer that defines incident priorities, escalation paths, and response/resolution time frames
2.Incident models, or templates, that allow incidents to be resolved efficiently
3.Categorization of incident types for better data gathering and problem management
4.Agreement on incident statuses, categories, and priorities
5.Establishment of a major incident response process
6.Agreement on incident management role assignment

Incident statuses

Incident statuses mirror the incident process and include:
•New
•Assigned
•In progress
•On hold or pending
•Resolved
•Closed

The new status indicates that the service desk has received the incident but has not assigned it to an agent.
The assigned status means that an incident has been assigned to an individual service desk agent.
The in-progress status indicates that an incident has been assigned to an agent but has not been resolved. The agent is actively working with the user to diagnose and resolve the incident.
The on-hold status indicates that the incident requires some information or response from the user or from a third party. The incident is placed “on hold” so that SLA response deadlines are not exceeded while waiting for a response from the user or vendor.
The resolved status means that the service desk has confirmed that the incident is resolved and that the user’s service has restored to the SLA levels.
The closed status indicates that the incident is resolved and that no further actions can be taken.

Incident management follows incidents through the service desk to track trends in incident categories and time in each status. The final component of incident management is the evaluation of the data gathered. Incident data guides organizations to make decisions that improve the quality of service delivered and decrease the overall volume of incidents reported. Incident management is just one process in the service operation framework.

Sources:
Work Experience, Online Learning

Lean is basically a set of organization processes required to develop a product or service from initial concept to the final delivery to the customer by reducing waste and adding customer defined value. Lean means doing more with less while doing it better.

Why implement Lean

Usually more than 90% of any process is wasted time and activity. In today’s competitive marketplace many companies are continually looking for ways to win the race. Every new product idea must have a solid business case to back it up. Otherwise, management would not allow that project to continue. On several occasions, the fate of a project has rested upon cost versus market value. Lean is all about adding value to the product while eliminating waste.

Lean helps identify eight types of waste:

1.Motion: Unnecessary motion of personnel, equipment or information due to inadequate workspace layout, missing parts or tools and ergonomic issues

2.Transportation: Transporting items or information that is not required to perform the process from one location to another

3.Waiting: Time waiting for parts, tools, supplies or the previous process step

4.Overproduction: Producing more product than what is required to meet current demand

5.Defects: Non-conforming products or services requiring resources to correct

6.Inventory: Inventory or information that is being stored or not being processed likely due to line imbalance or overproduction

7.Unrecognized talent: Failure to effectively engage employees in the process and fully utilize their knowledge and skills

8.Non-value processing: Activity that is not adding value or required to produce a functioning part, product or service

By continually identifying and eliminating waste in our processes, we can lower costs and increase margin. Lean, done properly, enables an organization to be more adaptable to changes in the market and the economy. The development of a continuous improvement company culture is also an outcome of Lean. These organizations will not merely survive; these organizations will grow and given that, create additional jobs.

Lean Principles

The five principles of Lean are as follows;
• Identify customer value
Remove non-value or waste activities from customer perspective.

• Map the value stream
No matter how efficient your process currently is, it most likely can be improved. Any step or operation that does not add value is waste. One method used to discover waste is the Value Stream Map. The Value Stream Map depicts how materials, parts and processes flow through the organization and on to the customer.

Through examination of the map, your team can identify which actions and processes add value and which are wastes. The team can then develop a “future state” map with as many of the non-value added actions and processes excluded.

• Create flow by eliminating waste
As you develop the new value stream, look for ways to change to a pull system where production is based on customer demand without the wait time and eliminate the waste.

• Respond to customer pull
Produce what the customer wants and when.

• Continuous improvement
There must be a commitment from management to provide the proper resources and on-going support to implement a Lean program that will stand the test of time. At the heart of Lean is gradual continuous improvement or Kaizen. An organization cannot expect to implement Lean overnight. It will require time, resources and hard work to build a robust and effective Lean program.

Comparison of traditional and lean process improvements

As can be seen from the above picture, in case of traditional process improvements along the small reduction in Non-value added(NVA) activities there is a certain reduction in Value added(VA) activities as well. But in case of Lean implementation, there is no reduction in Value Added(VA) activities while a huge reduction is NVA is achieved thus reducing the lead time.

Kaizen

Kaizen is a key building block for a robust sustainable Lean initiative. Kaizen philosophy empowers everyone to assume responsibility of their work processes and improve them. With Kaizen, workers at all levels of the organization are engaged in constantly watching for and identifying opportunities for change and improvement. Kaizen is a culture change that supports gradual continuous improvement on a daily basis. When everyone is working to reduce waste and improve processes the organization becomes Lean.

There are various approaches as to how Kaizen is implemented, a couple are listed as follows;

• Daily event: Improvement ideas implemented by everyone everyday.
• Blitz event: Rapid improvement workshop designed to produce results in a few days.

Six Sigma

Six Sigma is a methodology focused on creating breakthrough improvements by managing variation and reducing defects in processes across the enterprise. It is a proven data driven structured process improvement methodology for sustainable business improvement, driven by business and customer expectations. If we can measure process variations that cause defects i.e. unacceptable deviation from the mean or target, we can work towards systematically managing the variation to eliminate defects.

It is extremely important to remember that Six Sigma is not just about product quality where only three products in a million are defective. It is about what is important or critical to the customer, whether internal or external. It is focuses on value in context of the customer and the market.

Six sigma goals

• Reduce process variation
• Shift the process mean to the center ,i.e., move the average process performance to the target

As depicted by the below picture, in case of variation which is out of the customer expectation range or in case the mean is not centered it is considered as defective and the goal would be to reduce the variation and center the mean as per customer expectations.

Six sigma approach

• All work occurs in a system of interconnected processes.
• Variation exists in all processes, whose characteristics can be measured, analyzed, controlled and improved.
• Understanding cause of variation and continuous efforts to achieve stable and predictable process results (i.e., reduce process variation) are of vital importance to business success.
• Reduced variation results is improved customer satisfaction.

Lean Six Sigma DMAIC Methodology

DMAIC is a data-driven quality strategy used to improve processes. It is an integral part of a Six Sigma initiative, but in general can be implemented as a standalone quality improvement procedure or as part of other process improvement initiatives such as lean.

DMAIC is an acronym for the five phases that make up the process:
•Define the problem, improvement activity, opportunity for improvement, the project goals, and customer (internal and external) requirements.
•Measure process performance.
•Analyze the process to determine root causes of variation, poor performance (defects).
•Improve process performance by addressing and eliminating the root causes.
•Control the improved process and future process performance.

The PDCA-Cycle, also called the Deming-Cycle or Shewhart-Cycle, is the classic problem-solving approach in a LEAN environment. PDCA is used for medium sized problems and the Act-phase implies that the PDCA-Cycle should start again in the sense of a continuous improvement process. Basically, DMAIC is a 5-Step PDCA used for large problems where typically a huge amount of data is available.

The funneling effect of DMAIC

The Six Sigma process seeks to improve processes by eliminating variation and defects, the opportunities for variation and defects in the process, and all non-value added activities. The DMAIC process begins with clearly defining the problem by way of a formula, called the ‘Y Statement,’ where the process output “Y” is a function of one or more inputs, or “Xn”: Y = f(X1, X2, X3…Xn)

The DMAIC process is designed to provide a systematic method to reduce the number of key inputs down to a manageable set that have: a) a statistically significant impact on the process output, and b) a definable action plan. This “funneling effect” is illustrated as below.

Sources :
Workplace Learning