ITIL service operation
2nd Level Support
2nd Level Support takes over Incidents which cannot be solved immediately with the means of 1st Level Support. If necessary, it will request external support, e.g. from software or hardware manufacturers. The aim is to restore a failed IT service as quickly as possible. If no solution can be found, the 2nd Level Support passes on the Incident to Problem Management.
3rd Level Support
3rd Level Support is typically located at hardware or software manufacturers (third-party suppliers). Its services are requested by 2nd Level Support if required for solving an Incident. The aim is to restore a failed IT Service as quickly as possible.
Known Error
A Known Error is a problem that has a documented root cause and a Workaround. Known Errors are managed throughout their lifecycle by the Problem Management process. The details of each Known Error are recorded in a Known Error Record stored in the Known Error Database (KEDB). As a rule, Known Errors are identified by Problem Management, but Known Errors may also be suggested by other Service Management disciplines, e.g. Incident Management, or by suppliers.
Problem
A cause of one or more Incidents. The cause is not usually known at the time a Problem Record is created.
Major Incident Team
A dynamically established team of IT managers and technical experts, usually under the leadership of the Incident Manager, formulated to concentrate on the resolution of a Major Incident.
Example list of events
A particular service started on a Server X Internet Link utilization increased from 60% to 70% A network switch went down A user logged into the system A The system B went into 'idle' mode. An application PQR crashed Back up of System Z has completed successfully Which ones are incidents?
Incident Management Report
A report supplying Incident-related information to the other Service Management processes.
Request for Access Rights
A request to grant, change or revoke the right to use a particular service or access certain assets.
User Role
A role as part of a catalogue or hierarchy of all the roles (types of users) in the organization. Access rights are based on the roles that individual users have as part of an organization.
Access Rights
A set of data defining what services a user is allowed to access. This definition is achieved by assigning the user, identified by his User Identity, to one or more User Roles.
User Identity Record
A set of data with all the details identifying a user or person. It is used to grant rights to that user or person
Incident Escalation Rules
A set of rules defining a hierarchy for escalating Incidents, and triggers which lead to escalations. Triggers are usually based on Incident severity and resolution times. See also: Checklist Incident Priority
Three Key Objectives of ITIL
Align IT services to meet the needs of business and customers Improve quality of IT service delivery Reduce the long-term cost of services
Events vs. Incidents
All incidents are events, but not all events are incidents
IT Operations Manager - Process Owner
An IT Operations Manager will be needed to take overall responsibility for a number of Service Operation activities. For instance, this role will ensure that all day-to-day operational activities are carried out in a timely and reliable way.
Incident Model
An Incident Model contains the pre-defined steps that should be taken for dealing with a particular type of Incident. This is a way to ensure that routinely occurring Incidents are handled efficiently and effectively.
Incident
An Incident is defined as an unplanned interruption or reduction in quality of an IT service (a Service Interruption).
Known error.
An incident or problem for which the root cause is known and a temporary workaround or a permanent alternative has been identified. If a business case exists, an RFC will be raised, but—in any event—it remains a known error unless it is permanently fixed by a change.
Major incident.
An incident with a high impact, or potentially high impact, which requires a response that is above and beyond that given to normal incidents. Typically, these incidents require cross-company coordination, management escalation, the mobilization of additional resources, and increased communications.
Incident.
Any event that is not part of the standard operation of a service and causes, or may cause, an interruption to, or a reduction in, the quality of service.
IT Operator
IT Operators are the staff who perform the day-to-day operational activities. Typical responsibilities include: Performing backups, ensuring that scheduled jobs are performed, installing standard equipment in the data center.
• Incident Management Reporting o Process Objective:
ITIL Incident Management Reporting aims to supply Incident-related information to the other Service Management processes, and to ensure that that improvement potentials are derived from past Incidents.
• Incident Management Support o Process Objective:
ITIL Incident Management Support aims to provide and maintain the tools, processes, skills and rules for an effective and efficient handling of Incidents.
• Problem Management Reporting o Process Objective:
ITIL Problem Management Reporting aims to ensure that the other Service Management processes as well as IT Management are informed of outstanding Problems, their processing-status and existing Workarounds (see "Problem Management Report").
Incident Management
Incident Management Support Incident Logging and Categorization Immediate Incident Resolution by 1st Level Support Incident Resolution by 2nd Level Support Handling of Major Incidents Incident Monitoring and Escalation Incident Closure and Evaluation Pro-Active User Information Incident Management Reporting
Access Management
Maintenance of Catalogue of User Roles and Access Profiles Process Objective: To make sure that the catalogue of User Roles and Access Profiles is still appropriate for the services offered to customers, and to prevent unwanted accumulation of access rights. Processing of User Access Requests Process Objective: To process requests to add, change or revoke access rights, and to make sure that only authorized users are granted the right to use a service.
Event Management
Maintenance of Event Monitoring Mechanisms and Rules Event Filtering and 1st Level Correlation 2nd Level Correlation and Response Selection Event Review and Closure
ITIL Service Operation
Nine Processes 1.Event Management 2. Incident Management 3. Request Fulfilment 4. Access Management 5. Problem Management 6. IT Operations Control 7. Facilities Management 8. Application Management 9. Technical Management
IT Operations Control
No sub-processes No KPIs IT Operations Manager - Process Owner IT Operator
Facilities Management
No sub-processes of IT Facilities Management. No main definitions of IT Facilities Management. Facilities Manager - Process Owner
Incident Management: KPIs
Number of repeated Incidents ,Incidents resolved Remotely , Number of Escalations , Number of Incidents, Average Initial Response Time , Incident Resolution Time, First Time Resolution Rate, Resolution within SLA, Incident Resolution Effort
Problem Management
Proactive Problem Identification Problem Categorization and Prioritization Problem Diagnosis and Resolution Problem and Error Control Problem Closure and Evaluation Major Problem Review Problem Management Reporting
Event Review and Closure
Process Objective: To check if Events have been handled appropriately and may be closed. This process also makes sure that Event logs are analyzed in order to identify trends or patterns which suggest corrective action must be taken.
Event Filtering and 1st Level Correlation
Process Objective: To filter out Events which are merely informational and can be ignored, and to communicate any Warning and Exception Events.
Maintenance of Event Monitoring Mechanisms and Rules
Process Objective: To set up and maintain the mechanisms for generating meaningful Events and effective rules for their filtering and correlating.
Request Fulfilment
Request Fulfilment Support Request Logging and Categorization Request Model Execution Request Monitoring and Escalation Request Closure and Evaluation
IT Culture
Technology focused - isolation even between IT groups. Service focused - look at an application end to end but few applications live in isolation. Customer focused - a strategy focused on the customer, internal department just like an outsourced group of services. Business focused - viewed as a partnership
Facilities Manager - Process Owner
The Facilities Manager is responsible for managing the physical environment where the IT infrastructure is located. This includes all aspects of managing the physical environment, for example power and cooling, building access management, and environmental monitoring.
Incident Manager - Process Owner
The Incident Manager is responsible for the effective implementation of the Incident Management process and carries out the corresponding reporting. He represents the first stage of escalation for Incidents, should these not be resolvable within the agreed Service Levels.
Skills Inventory
The Skills Inventory identifies the skills required to deliver IT services (now and in future), as well as the individuals who possess those skills. The Skills Inventory is the basis for developing training plans for individual employees.
Technical Analyst - Process Owner
The Technical Analyst is a Technical Management role which provides technical expertise and support for the management of the IT infrastructure. There is typically one Technical Analyst or team of analysts for every key technology area. This role plays an important part in the technical aspects of designing, testing, operating and improving IT services. It is also responsible for developing the skills required to operate the IT infrastructure.
1st Level Support
The responsibility of 1st Level Support is to register and classify received Incidents and to undertake an immediate effort in order to restore a failed IT service as quickly as possible. If no ad-hoc solution can be achieved, 1st Level Support will transfer the Incident to expert technical support groups (2nd Level Support). 1st Level Support also keeps users informed about their Incidents' status at agreed intervals.
Problem.
The undiagnosed root cause of one or more incidents.
Application Management
There are no sub-processes of Application Management. No KPIs Skills Inventory
Technical Management
There are no sub-processes of Technical Management. There no definitions associated with Technical Management. No KPIs Technical Analyst - Process Owner
• Event Review and Closure Process Objective:
To check if Events have been handled appropriately and may be closed. This process also makes sure that Event logs are analyzed in order to identify trends or patterns which suggest corrective action must be taken.
• Problem and Error Control o Process Objective:
To constantly monitor outstanding Problems with regards to their processing status, so that where necessary corrective measures may be introduced.
• Incident Monitoring and Escalation o Process Objective:
To continuously monitor the processing status of outstanding Incidents, so that counter-measures may be introduced as soon as possible if service levels are likely to be breached.
• Request Monitoring and Escalation o Process Objective:
To continuously monitor the processing status of outstanding Service Requests, so that counter-measures may be introduced as soon as possible if service levels are likely to be breached.
• Problem Closure and Evaluation o Process Objective:
To ensure that - after a successful Problem solution - the Problem Record contains a full historical description, and that related Known Error Records are updated.
• Event Filtering and 1st Level Correlation o Process Objective:
To filter out Events which are merely informational and can be ignored, and to communicate any Warning and Exception Events.
• Request Fulfilment o Process Objective:
To fulfill Service Requests, which in most cases are minor (standard) Changes (e.g. requests to change a password) or requests for information.
• Access Management o Process Objective:
To grant authorized users the right to use a service, while preventing access to non-authorized users. The Access Management processes essentially execute policies defined in Information Security Management. Access Management is sometimes also referred to as Rights Management or Identity Management.
• Problem Diagnosis and Resolution o Process Objective:
To identify the underlying root cause of a Problem and initiate the most appropriate and economical Problem solution. If possible, a temporary Workaround is supplied.
• Proactive Problem Identification o Process Objective:
To improve overall availability of services by proactively identifying Problems. Proactive Problem Management aims to identify and solve Problems and\or provide suitable Workarounds before (further) Incidents recur.
• Pro-Active User Information o Process Objective:
To inform users of service failures as soon as these are known to the Service Desk, so that users are in a position to adjust themselves to interruptions. Proactive user information also aims to reduce the number of inquiries by users. This process is also responsible for distributing other information to users, e.g. security alerts.
2nd Level Correlation and Response Selection Process Objective:
To interpret the meaning of an Event and select a suitable response if required.
• 2nd Level Correlation and Response Selection o Process Objective:
To interpret the meaning of an Event and select a suitable response if required.
• Event Management o Process Objective:
To make sure CIs and services are constantly monitored, and to filter and categorize Events in order to decide on appropriate actions.
• Maintenance of Catalogue of User Roles and Access Profiles o Process Objective:
To make sure that the catalogue of User Roles and Access Profiles is still appropriate for the services offered to customers, and to prevent unwanted accumulation of access rights.
• Incident Management o Process Objective:
To manage the lifecycle of all Incidents. The primary objective of Incident Management is to return the IT service to users as quickly as possible.
• Problem Management o Process Objective:
To manage the lifecycle of all Problems. The primary objectives of Problem Management are to prevent Incidents from happening, and to minimize the impact of incidents that cannot be prevented. Proactive Problem Management analyzes Incident Records, and uses data collected by other IT Service Management processes to identify trends or significant Problems.
• Facilities Management o Process Objective:
To manage the physical environment where the IT infrastructure is located. Facilities Management includes all aspects of managing the physical environment, for example power and cooling, building access management, and environmental monitoring.
• IT Operations Control o Process Objective:
To monitor and control the IT services and their underlying infrastructure. The process IT Operations Control executes day-to-day routine tasks related to the operation of infrastructure components and applications. This includes job scheduling, backup and restore activities, print and output management, and routine maintenance.
• Request Model Execution o Process Objective:
To process a Service Request within the agreed time schedule.
• Processing of User Access Requests o Process Objective:
To process requests to add, change or revoke access rights, and to make sure that only authorized users are granted the right to use a service.
• Request Fulfilment Support o Process Objective:
To provide and maintain the tools, processes, skills and rules for an effective and efficient handling of Service Requests.
• Request Logging and Categorization o Process Objective:
To record and categorize the Service Request with appropriate diligence and check the requester's authorization to submit the request, in order to facilitate a swift and effective processing.
• Incident Logging and Categorization o Process Objective:
To record and prioritize the Incident with appropriate diligence, in order to facilitate a swift and effective resolution.
• Problem Categorization and Prioritization o Process Objective:
To record and prioritize the Problem with appropriate diligence, in order to facilitate a swift and effective resolution.
• Handling of Major Incidents o Process Objective:
To resolve a Major Incident. Major Incidents cause serious interruptions of business activities and must be resolved with greater urgency. The aim is the fast recovery of the service, where necessary by means of a Workaround. If required, specialist support groups or third-party suppliers (3rd Level Support) are involved. If the correction of the root cause is not possible, a Problem Record is created and the error-correction transferred to Problem Management.
• Major Problem Review o Process Objective:
To review the resolution of a Problem in order to prevent recurrence and learn any lessons for the future. Furthermore it is to be verified whether the Problems marked as closed have actually been eliminated.
• • Maintenance of Event Monitoring Mechanisms and Rules o Process Objective:
To set up and maintain the mechanisms for generating meaningful Events and effective rules for their filtering and correlating.
• Immediate Incident Resolution by 1st Level Support o Process Objective:
To solve an Incident (service interruption) within the agreed time schedule. The aim is the fast recovery of the IT service, where necessary with the aid of a Workaround. As soon as it becomes clear that 1st Level Support is not able to resolve the Incident itself or when target times for 1st level resolution are exceeded, the Incident is transferred to a suitable group within 2nd Level Support.
• Incident Resolution by 2nd Level Support o Process Objective:
To solve an Incident (service interruption) within the agreed time schedule. The aim is the fast recovery of the service, where necessary by means of a Workaround. If required, specialist support groups or third-party suppliers (3rd Level Support) are involved. If the correction of the root cause is not possible, a Problem Record is created and the error-correction transferred to Problem Management.
• Incident Closure and Evaluation o Process Objective:
To submit the Incident Record to a final quality control before it is closed. The aim is to make sure that the Incident is actually resolved and that all information required to describe the Incident's life-cycle is supplied in sufficient detail. In addition to this, findings from the resolution of the Incident are to be recorded for future use.
• Request Closure and Evaluation o Process Objective:
To submit the Request Record to a final quality control before it is closed. The aim is to make sure that the Service Request is actually processed and that all information required to describe the request's life-cycle is supplied in sufficient detail. In addition to this, findings from the processing of the request are to be recorded for future use.
Request Fulfilment Objective:
aims to fulfill Service Requests, which in most cases are minor (standard) Changes (e.g. requests to change a password) or requests for information.
Access Management Objective:
aims to grant authorized users the right to use a service, while preventing access to non-authorized users. The Access Management processes essentially execute policies defined in [[IT Security Management|Information Security Management]]. Access Management is sometimes also referred to as ''Rights Management'' or ''Identity Management''
Incident Management Objective:
aims to manage the lifecycle of all Incidents. The primary objective of Incident Management is to return the IT service to users as quickly as possible.
IT Operations Control Objective:
aims to monitor and control the IT services and their underlying infrastructure. The ITIL process IT Operations Control executes day-to-day routine tasks related to the operation of infrastructure components and applications. This includes job scheduling, backup and restore activities, print and output management, and routine maintenance.
ITIL Application Management Objective:
is responsible for managing applications throughout their lifecycle. This process plays an important role in the application-related aspects of designing, testing, operating and improving IT services, as well as in developing the skills required to operate the IT organization's applications. Application Management is an ongoing activity, as opposed to Application Development which is typically a one-time set of activities to construct applications.
Event Management Objective:
is to make sure CIs and services are constantly monitored. ''Event Management'' aims to filter and categorize Events in order to decide on appropriate actions if required.
ITIL Service Operation Objective:
is to make sure that IT services are delivered effectively and efficiently. This includes fulfilling user requests, resolving service failures, fixing problems, as well as carrying out routine operational tasks.
Problem Management Objective:
is to manage the lifecycle of all Problems. The primary objectives of Problem Management are to prevent Incidents from happening, and to minimize the impact of incidents that cannot be prevented. Proactive Problem Management analyzes Incident Records, and uses data collected by other IT Service Management processes to identify trends or significant Problems.
.IT Facilities Management Objective:
is to manage the physical environment where the IT infrastructure is located. IT Facilities Management includes all aspects of managing the physical environment, for example power and cooling, building access management, and environmental monitoring.
• Application Management
o Application Management is responsible for managing applications throughout their lifecycle.
• Technical Management
o Technical Management provides technical expertise and support for the management of the IT infrastructure.
ITIL Technical Management Objective
provides technical expertise and support for the management of the IT infrastructure. Technical Managements plays an important role in the technical aspects of designing, testing, operating and improving IT services, as well as in developing the skills required to operate the IT infrastructure required.
