Review_Draft_APap

advertisement
METHOD ENGINEERING: INTEGRATING IT SERVICE
FRAMEWORKS
Pap, Albert, Utrecht University, Princetonplein 5, 3584 CC Utrecht, The Netherlands,
a.p.pap@students.uu.nl, 3764168, Group 1
Keywords: Method engineering, IT-Governance, Service frameworks, ITIL, Meta Model
1
1
Introduction
IT-Governance is a hot topic for years now due to changing laws such as Sarbanes Oxley (KaarstBrown & Kelly, 2005) that held employees responsible for a sustainable use of information
technology. Other factors that stimulate companies to implement a solid IT-governance is the constant
strive to become more efficient and the reduction of cost through technological means (Weill &
Jeanne, 2004). Companies are still struggling how to implement a good governance structure and
many papers are written on Business – IT alignment such as Henderson & Venkatraman (1993).
Mechanism on how to implement a good structure are given in governance and IT service oriented
methods such as ASL, BISL, Cobit and ITIL (Grembergen, 2004). Most of these methods come from
an industrial background but less academic research has been done. Methods such as ITIL give a
detailed description what roles should be implemented to create a solid IT-governance, but doesn’t
really cover in which order to implement the processes of the method. The reason that is given by
most of these methods is that no situation should be considered equal. Therefore every company
should decide without any guidelines in what order to implement the method. We think that in most
cases the basic implementation order is similar, therefore it’s possible to create a guideline. A group of
researchers in Australia already tried to assess through a survey and case studies what important pieces
are implemented so far by companies (Cater-Steel & Tan, 2007) (Pollard & Steel, 2009) . Also
different maturity models based on CMM give a distinct order to implement the processes of the
different frameworks (Niessink, Clerk, Tijdink, & van Vliet, 2005) (Filipe, 2010).
With all the different IT service methods out there it’s hard to decide which one to use. Also a hybrid
situation is possible where different parts of IT service oriented models are used together within the
same company. For companies it’s important to have a mechanism to objectively evaluate the
different methods. Companies also need to have a mechanism to pick and combine fragments from
different methods. The discipline of method engineering (Brinkkemper, 1996) is used in this paper to
make the ITIL method comparable to other similar methods. Method engineering is defined by Sjaak
Brinkkemper (1996) as following:
”Method engineering is the engineering discipline to design, construct and adapt methods, techniques
and tools for the development of information systems.”
Method will be comparable by creating a meta model (Brinkkemper, Seaki, & Harmsen,1999) that
describes how the method is working. A meta model can be used to objectively compare method
fragments and integrate them into new methods. The main focus of this research will be the creation
of a meta model, that shows in what logical order ITIL can be implemented.
1.1
ITIL
ITIL stands for IT Infrastructure Library and it is developed by the former CCTA (Central Computer
and Communication Agency) which is part of the British government. Currently the standard is
maintained and improved by the British office of commerce and international localized
nongovernmental institutes. According to the official ITIL website (2012) thousands of companies use
2
ITIL such as: Disney, HP, IBM and NASA. At the moment of writing, version 3 is the latest edition
of the method. ITIL is a client method focused on how to arrange the IT service processes, mainly for
managing the technical infrastructure. ITIL has five main service lifecycles: Service Strategy, Service
Design, Service Transition, Service Operations and Continual Service Improvements (Alison, Hanna,
Rudd, Macfarlane, Windebank, & Rance, 2007). All these lifecycles contain different processes that
together add to a total of 27 processes. Table one contains an overview of all ITIL processes.
Service
strategy
Service design
Service transition
Service operation
Continual service
improvement
• Financial
management
• Service
portfolio
management
• Demand
management
• Service catalogue
management
• Service level
management
• Capacity management
• Availability
management
• IT service continuity
management
• Information security
management
• Supplier management
• Service Transition Planning and
Support
• Change Management
• Service Asset and Configuration
Management
• Release and Deployment
Management
• Service Validation and Testing
• Evaluation
• Knowledge Management
• Event Management
• Incident Management
• Request Fulfillment
• Problem Management
• Access Management
• Operational activities
of processes from other
lifecycle phases
•Service Desk
•Monitoring and
control
• CSI Improvement Process
• Service Reporting
• Service Measurement
• Return on investment for
CSI
• Business questions for CSI
• Service Level Management
Table 1: ITIL processes based on the reference Alison et al. (2007)
For more information about ITIL we would recommend the book ”Foundations of ITIL” (Veen &
Bon, 2007) that is used in the education of Windesheim University and Exin. A freely available
alternative is the industrial paper "An introductory overview of ITIL v3" written by Cartlidge, Hanna,
Rudd, Mafarlance, Windebank & Rance (2007). Also different case study material is available where
a sketch is given on how ITIL is used in practice, such as the Disney case (Taylor, 2010). A very
interesting scientific case study made by Spremic, Zmirak, & Kraljevic (2008) shows how ITIL is
implemented within a company.
1.2
Practical example
To get a better understanding of the benefits and the practical implementation process of the ITIL
method, a short case is provided that is based on the experience of the author. A hospital in the
Netherlands with approximately 3000 employees and several locations introduced ITIL in its company
about five years ago. IT was getting a more prominent role in the hospital because patient information
was only going to be stored in a digital format. The hospital also went through many merges that
complicated the IT landscape and governance even more. All the IT projects, support and maintenance
were done in an ad-hoc manner. With so much inefficiency and no control over the IT finances and
processes, a hold was imminent. Therefore a proven and clear method was needed to make everything
more manageable again – the ITIL. A group of external consultants was asked to assist the hospital
with the implementation of ITIL. The consultants formed a project group together with employees
from the hospital that already received basic ITIL training. The project team created a business case to
see what resources are needed for the implementation. After the project was accepted by the hospital
3
board, men started to make an inventarisation of the organizational processes’structure. The company
needs and process structure were used to shape the IT department and IT-infrastructure in a customer
oriented way. This new way was efficient, cheaper and more service oriented. After the fundamental
processes were in place, the implementation was not finished
yet. More processes are still
implemented iteratively and current processes are still being improved. Customers (end users) and
staff still receive ITIL training to get a better understanding of the framework. The implementation of
ITIL resulted in a cost drop of ten thousands of euros annually. A survey done before and after the
project showed that customer satisfaction has dramatically improved about IT services. Because
problems got solved quicker, procedure became more clear and the technical infrastructure became
more robust.
2
Related literature
In the world you see several different industrial methods to organize your IT processes into a service
oriented manner. Different frameworks such as Cobit, ISO 12207/17799 and ITIL are very popular ITGovernance frameworks. Cobit is a really high level framework that has its main focus on auditing
and corporate responsibility (von Solms, 2005). ISO 17799 is oriented to information security
governance (von Solms, 2005). We have chosen to focus on ITIL because it is the most service
oriented method and it gives clear guidelines how to implement the right processes within the
organization (Hardy, 2006). ITIL is also the most popular IT service oriented framework and
worldwide used service method according to Bon, et al.(2007). Two other popular service oriented
techniques are ASL(Application Service Library) and BISL (Business Information Service Library).
Both techniques are complementary to ITIL and could be integrated into one solution according to
industrial research (Meijer, Smalley, & Taylor, 2008) (Meijer, Smalley, Taylor, & Dunwoodie, ITIL
V3 and BiSL: Sound guidance for business IT, 2011) and based on scientific research (Tapia Santana,
2006). However limited research has been done on how to integrate all three methods together and
there is limited scientific research on the matter.
The ASL/BISL method is maintained and improved by the ASL BISL foundation. The organization
works closely with the NEN in the creation of IT standards. ASL is an application management
method that describes how to develop and maintain software in a company. BISL is a method that
helps to implement the right information management processes in the organization. Information
management is mainly the translation of business needs into structured IT solutions while ITIL is
focused more on the maintenance of the technical infrastructure. A clear difference is sketched in the
paper of Tapia (2006). Therefore we use his model to show the difference between the focus areas of
ASL, BISL and ITIL.
Figure 1: Positioning of IT-service frameworks Reference Tapia (2006)
4
3
PDD
The PDD (Product Deliverable Diagram) (van de Weerd & Brinkkemper, 2009) is a meta model style
that is developed to get a clear alignment between the process and the deliverables within the process.
In this case we will create the ITIL implementation process at the left side of the diagram. On the right
side are all the deliverables of this process. For the project implementation steps of ITIL we use a
popular tool “ITIL Process Map v3” as inspiration, due to the lack of other literature on this subject
(Kempter, Kempter & Lea Cox, 2006) . The tool is a best practice application that is also supported by
the ITSMF (ITIL foundation). The tool has ten logical steps to implement ITIL:
“Step 1: ITIL Project Preparation, Step 2: Definition of the IT Service Structure , Step 3: Selection of
ITIL Roles and Role Owners, Step 4: Analysis of As-Is Processes: ITIL-Assessment, Step 5: Definition
of the To-Be Process Structure, Step 6: Definition of Process Interfaces, Step 7: Establishing Process
Control, Step 8: Designing the Processes in Detail, Step 9: Selection and Implementation of
Application Systems, Step 10: ITIL Process Implementation and Training” (Kempter, Kempter, & Lea
Cox, 2006).
All these steps in the tool will be used as the main guideline for the conceptual version of the PDD
model. However the scientific literature and industrial research that was previously mentioned in this
paper will be used to verify each step. The steps taken and verified from the scientific case study
material will result in a final PDD model. In the legend tables every step of the PDD will be
explained. Also details are provided per step to see their coverage in literature. The main deliverable
in the PDD is the service portfolio. Every step influences the portfolio but only the ones that directly
change the portfolio are linked. The PDD can be found on the next page.
5
Prepare ITIL project
Initiate project
PROJECT INITIATION
DOCUMENT
Get resources
1
BUSINESS CASE
1
[Else]
[Approved]
Create education
programm
EDUCATION
PROGRAM
SUPPORT SERVICE
1
Identify and define support
services
Identify and define
business services
1
SERVICE
PORTFOLIO
1..*
Define IT service structure
1
1..*
SERVICE LEVEL
PACKAGE
1
1..*
BUSINESS SERVICE
1..*
1..*
SERVICE DESIGN
PACKAGE
Define service structure
1..*
Define
Defineservice
servicevision
vision
1..*
SERVICE VISION
Select ITIL roles and owners
Select required roles
ROLE
1..*
1..*
Assign owners
Influences
ROLE OWNER
1..*
Describe roles
1..*
ROLE DESCRIPTION
Implement service
structure
1..*
IMPLEMENTATION
PLAN
1..*
[Else]
PROCESS FLOW
DIAGRAM
KPI
Analyze current processes
1..*
Define criteria
Identify flows
Perform benchmark
Determine interaction
1..*
Influences
Influences
1..*
1..*
PROCESS FLOW
TEST
BENCHMARK
1..*
Create SWOT
1..*
Influences
[Complete]
1
1
Influences
SWOT
Implement improvements
Select improvements
Influences
Update
1
1..*
IMPROVEMENT LIST
Implement improvements
Perform benchmark
IMPROVEMENT
DOCUMENT
[Else]
1..*
1
1..*
[Approved]
DETAILED PROCESS
DESCRIPTION
MONITORING
PROCEDURE
Establish control
Determine metrics
Define detailed process
description
1..*
0..*
Influences
SLA
Determine goals
1..*
Define reporting procedure
Influences
Implement tool support
Select tool
Implement tool
0..*
REPORTING
PROCEDURE
TOOL SELECTION
DOCUMENT
TOOL
IMPLEMENTATION
PLAN
1..*
0..*
Influences
Figure 2: PDD model
6
When analyzing this PDD you can instantly pick certain rarities. The first rarity is the use of only
closed concepts. This is done because ITIL is a high level method and every implementation varies
due to the differences between organizations. The second rarity is that the product flow doesn’t go
down all the way through the process. The reasons for this are that an implementation uses several
phases with different deliverables that do not always form one final product. For instance the project
initiation document is used for the project but will never be part of the service portfolio. The same
goes for the implementation plan of a tool and the establishment of controlling procedures.
7
3.1
Roles
Usually a PDD can contain roles that perform a specific activity. For example a project manager could
be writing a project plan. The role of project manager is then added in the lower right corner of that
activity (write project plan), to show that he is responsible to perform this task. All these roles are
described in detail in the method that you are modelling.
The different roles that could perform an activity in the process are not added in the PDD of this paper.
A variety of reasons influenced this choice. To start with, ITIL is a very high level method that doesn’t
give much detail about whom should do what, at least in case of developing documentation and
services. The method of ITIL implementation is also relatively new and has not been thoroughly
described in literature. This makes the adding of roles a matter of guessing and not based on scientific
standards. In a PDD model everything should be backed up by thorough materials. The last reason
why roles cannot be added is because of organizational/situational influences. This means that the
roles in an ITIL project could be really different due to for example: organization size, budget,
products, type of market the company is active in and outsourcing of support. However this chapter
will contain a table that shows all the activities that could contain general roles. For these activities we
will suggest a role that is picked through common sense and experience of the author. The reader
should keep in mind that these results may not be generalized to a specific company.
Activity
Role
Initiate project
Project manager
Get resources
Project manager
Create education program
Project team
Identify and define business services
Process architect that assists the project team
Identify and define support services
IT-Architect or Information manager that assists the project team
Define service structure
Service level manager
Define service vision
Select IT roles and owners
Management board
Project team and management executives in the organization
Implement service structure
Project team
Analyze current processes
Project team
Implement improvements
Project team and business employees
Establish control
Project team, management board and business employees
Implement tool support
Project team, IT-staff, management board and business employees
Table 2: Responsible roles
8
3.2
Attributes
The PDD modeling technique allows that the different concepts contain attributes. This means that a
product could contain different properties. For example a customer wish document could contain a:
date, number and author. These are the properties of a customer wish document.
For similar reasons as the roles, these attributes where not added in the PDD model of this paper even
though different ITIL templates are available on the web (ITSMF site). The ITIL foundation and
authors of different ITIL literature advise to create standards for documents within the company or
adjust the templates found available in other sources. From this we can conclude that documents
cannot be generalized. To overcome this we supply the reader with a table that contains possible
attributes for the concepts (when applicable) of the PDD model. Again these attributes are taken from
online templates (example sites are: http://www.best-management-practice.com/Knowledge-Centre/ ,
http://itsmportal.we-share-it.nl/node/42033, and http://www.myitiltemplates.com/) and experience of
the author but may not be applicable to other companies.
Concept
Project initiation document
Business case
Education program
Service level package
Service design package
Service vision
Role description
Implementation plan
KPIs
Process flow test
Benchmark
Improvement document
Attributes































Project mandate
Project description
Planning
Goals & Problems
Stakeholders
Required resources
Financial analysis
ROI
Planning
Description
Indentified target group
Business process drawings
Service process drawings
Description of services
Description what business processes use the service
Information architecture
Technical architecture
Required resources
Company mission and vision
Company strategy
IT strategy
Responsibilities
Tasks
Description of the role
Impact analysis
Risks
Planning
Change plan
Communication plan
Activity plan
Measurable value







Test set up
Test results
Test plan
Benchmark set up (for example survey)
Benchmark results
Selected improvements
Implementation method
9
SLA
Reporting procedure
Tool selection document
Tool Implementation plan


















Service description
Service levels
Contract agreements
Stakeholders
Responsibilities
Communication plan
Communication method
Stakeholders
Cost - benefit analysis
Tool benchmark
Tool acquisition method (buy, develop)
Technical tests
User opinion
Implementation method
Maintenance plan
Risk analysis
Impact analysis
Planning
Table 3: Concept attributes
10
3.3
Activity table
The activity table (van de Weerd & Brinkkemper, 2009) covers the left side of the PDD model. All
activities in the implementation process are explained. The table also contains an extra column
“Source”. This shows from what literature a certain activity originates.
Activity
Sub
activity
Description
Source
of the
sub
activity
Prepare ITIL
project
Initiate
project
Form a temporary group of people with separate tasks working on a single goal. The
project group is selected by the board for the implementation of ITIL and the project
group is responsible to govern the results required by the organization. (Grit, 2005)
Get resources
Make an analysis about the resources that are available and needed to finish the
project. (Grit, 2005)
Create
education
program
Every member of the project group or staff that will work with ITIL should receive
education to make the project a success (Spremic, Zmirak, & Kraljevic, 2008)
Identify and
define
business
services
Identify all of the business needs that should be supported by information technology.
Because all service solutions and activities should be driven by business needs and
requirements. (Cartlidge, Hanna, Rudd, Mafarlance, Windebank, & Rance, 2007). The
business services should then be defined by the project group to get a good overview
what processes should be supported. “A service strategy cannot be created or exist in
isolation of the over-arching strategy and culture of the organization that the service
provider belongs to.” (Cartlidge, Hanna, Rudd, Mafarlance, Windebank, & Rance,
2007)
Identify all current support processes in place and the services gaps that need to be
filled. “Achieving a deep understanding of customer needs, in terms of what these
needs are, and when and why they occur, also requires a clear understanding of
exactly who is an existing or potential customer of that service provider” (Cartlidge,
Hanna, Rudd, Mafarlance, Windebank, & Rance, 2007). The supporting services in
place should then be defined by the project group to create an understanding of all
supported actions within the organization. (Cartlidge, Hanna, Rudd, Mafarlance,
Windebank, & Rance, 2007)
The project group will create a service architecture and an overview how resources are
allocated across the service portfolio. (Cartlidge, Hanna, Rudd, Mafarlance,
Windebank, & Rance, 2007)
The vision on the supporting services should be defined by the project group to create
an overview of all supported actions desired by the organization. (Cartlidge, Hanna,
Rudd, Mafarlance, Windebank, & Rance, 2007)
The project group should select the responsible roles (such as incident manager) that
are suitable and required by the organization to be filled in to improve the IT-services
(Spremic, Zmirak, & Kraljevic, 2008).
Spremic,
Zmirak, &
Kraljevic,
2008
Spremic,
Zmirak, &
Kraljevic,
2008
Spremic,
Zmirak, &
Kraljevic,
2008
Veen &
Bon, 2007
Define IT
service
structure
Identify and
define
support
services
Define
service
structure
Define
service vision
Select ITIL
roles and
owners
Implement
service
Select
required roles
Assign
owners
Owners should be assigned to bear the responsibility to perform the selected roles
Describe
roles
Define and document all aspects of the roles and processes that will be implemented in
the organization
Implement the first selected roles (process) and services within the organization.
Veen &
Bon, 2007
Veen &
Bon, 2007
Veen &
Bon, 2007
Spremic,
Zmirak, &
Kraljevic,
2008
Spremic,
Zmirak, &
Kraljevic,
2008
Cartlidge,
Hanna,
Rudd,
Mafarlance,
Windebank,
& Rance,
2007
Spremic,
Zmirak, &
11
structure
Analyze
current
processes
Kraljevic,
2008
Define
criteria
Identify flows
Implement
improvements
Perform
benchmark
Create a first benchmark(null value) that captures the current results of the defined
KPIs. This benchmark will be used to compare the results from before and after the
improvement project.
Determine
interaction
Test and determine which interactions exist in and between ITIL processes. The test
also look into the end result of a service. Test these flow by means such as simulations
and customer satisfaction surveys (Cartlidge, Hanna, Rudd, Mafarlance, Windebank, &
Rance, 2007)
Create SWOT
Create a strength and weakness analysis to see what could be improved. The SWOT
uses the results from the benchmark and the flow tests as input for its creation. Also
actions are taken to evaluate which future ITIL processes are required.
Select which activities should be performed to improve the service processes.
Select
improvements
Veen &
Bon, 2007
Veen &
Bon, 2007
Define
reporting
procedure
Define
detailed
process
description
Select tool
Creating a standard procedure for the creation, evaluation, communication and
monitoring of reports about the service results
van Bon, et
al., 2007
After the fundamental processes are in place, start to describe them in more detail. This
should be done in documents such as working procedures
van Bon, et
al., 2007
Select an appropriate tool that helps to automate and support the ITIL processes that
are defined in previous steps
Spremic,
Zmirak, &
Kraljevic,
2008
Implement
tool
The selected tool should be implemented in the organization
Spremic,
Zmirak, &
Kraljevic,
2008
Perform
benchmark
Implement
tool support
Spremic,
Zmirak, &
Kraljevic,
2008
Cartlidge,
Hanna,
Rudd,
Mafarlance,
Windebank,
& Rance,
2007
Spremic,
Zmirak, &
Kraljevic,
2008
Cartlidge,
Hanna,
Rudd,
Mafarlance,
Windebank,
& Rance,
2007
Veen &
Bon, 2007
“Implement corrective action, The knowledge gained is used to optimize, improve and
correct services, processes, and all other supporting activities and technology”
(Cartlidge, Hanna, Rudd, Mafarlance, Windebank, & Rance, 2007)
Create a second benchmark that captures the results of all defined KPIs after the
improvements are implemented. Compare the benchmark with the first one from before
the implementation project. If more improvements are needed start the improvement
process again.
Set up a process and metrics that will continuously monitor and evaluate the
performance of the IT-services
Set a list of targets that should be met now and in the future. Targets should be
negotiated and described in SLA contracts with the business customer.
Implement
improvements
Establish
control
A list of key performance indicators (KPI) that are in line with the companies needs
should be formulated to measure the success of the ITIL processes. These metrics give
you insight in what could be improved within a process. (Spremic, Zmirak, &
Kraljevic, 2008)
Identify which end-to-end flows occur within and between processes to get a clear
understanding of all interactions between processes. (Cartlidge, Hanna, Rudd,
Mafarlance, Windebank, & Rance, 2007).
Determine
metrics
Determine
goals
Veen &
Bon, 2007
Veen &
Bon, 2007
van Bon, et
al., 2007
Table 4: Activity table
12
3.4
Concept table
The concept table (van de Weerd & Brinkkemper, 2009) covers the right side of the PDD model. All
concepts (deliverables - products) that are made in the process are described in the meta model side.
This table explains all concepts used in the PDD.
Concept
Is part of
PROJECT
INITATION
DOCUMENT
BUSINESS CASE
PROJECT
INITATION
DOCUMENT
EDUCATION
PROGRAM
SERVICE
PORTFOLIO
SERVICE
PACKAGE
LEVEL SERVICE
PORTFOLIO
SERVICE DESIGN SERVICE
PACKAGE
LEVEL
PACKAGE
SUPPORT SERVICE SERVICE
LEVEL
PACKAGE
BUSINESS
SERVICE
SERVICE
LEVEL
PACKAGE
SERVICE VISION
SERVICE
PORTFOLIO
Description
Source
“The Project Initiation Documentation bundles the information to
start up a project and initiating project processes in a controlled
project environment” (Shire, 2011)
Spremic,
Zmirak,
Kraljevic, 2008
&
“A business case is a component of the Project Initiation
Spremic,
Zmirak,
Document (PID) and lies at the heart of every project. It is the key Kraljevic, 2008
driver of all projects undertaken. The business cases will contain
justifications for a project such as value for money for what is to be
done and why it should be done now.” (APMG, 2012)
&
Every member of the project group or staff that will work with
ITIL should receive education to make the project a success
(Spremic, Zmirak, & Kraljevic, 2008). The project education
program is a plan that shows how to do so.
A service portfolio is a high level documental overview of all ITservices that are provided to the customer. Every action influences
the service portfolio but only the ones that directly change the
document are linked.
The service level package describes a single service that is part of
the service level portfolio.
&
Spremic,
Zmirak,
Kraljevic, 2008
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
The service design package is a technical overview that shows the Cartlidge, Hanna, Rudd,
necessary architecture to provide the service
Mafarlance, Windebank,
& Rance, 2007
The service support concept is an overview of one current
indentified supporting service.
The business support concept is an overview of one current
indentified business process that requires supporting services.
The service vision contains a strategy how the service portfolio
should evolve. Details such as all service gaps and desires are
described.
A document that describes all roles that will be implemented within
the organization that are selected in the selection process.
Defines the responsible owner(s) to execute a role.
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
Spremic,
Zmirak,
&
Kraljevic, 2008
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
“defines the specific roles and responsibilities associated with the
execution of a successful service strategy ” (Cartlidge, Hanna,
Rudd, Mafarlance, Windebank, & Rance, 2007)
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
IMPLEMENTATION
PLAN
A plan that supports how to implement the first ITIL structure
(roles and processes) within the organization.
Veen & Bon, 2007
KPI
Metrics that shows how well a process performs
Spremic,
Zmirak,
Kraljevic, 2008
PROCESS FLOW
DIAGRAM
BENCHMARK
A diagram that show how a service flows through the organization.
This makes the interaction of roles and activities in and between
processes visible.
A report is created that contains the current results from the KPIs
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
Spremic,
Zmirak,
&
Kraljevic, 2008
PROCESS FLOW
TEST
A report that contains the description of the different flow tests and
the test results.
Cartlidge, Hanna, Rudd,
Mafarlance, Windebank,
& Rance, 2007
ROLE
ROLE OWNER
ROLE
DESCRIPTION
ROLE
DESCRIPTION
SERVICE
DESIGN
PACKAGE
&
13
SWOT
IMPROVEMENT
LIST
“SWOT Analysis is (one of many possible strategic planning tools)
used to evaluate the Strengths, Weakness, Opportunities and
Threats involved in a project, or any other situation requiring a
decision.” (Hay & Castilla, 2006)
IMPROVEMENT Create a list of actions to improve the service portfolio. Use the
DOCUMENT
SWOT as input.
Veen & Bon, 2007
Veen & Bon, 2007
IMPROVEMENT
DOCUMENT
A procedure is created where all selected process improvements
are registered. The procedure also contains the way how to
implement the improvements
Veen & Bon, 2007
MONITORING
PROCEDURE
Create a procedure to constantly monitor and update the
organizational KPIs
Veen & Bon, 2007
SLA
Service level agreement are negotiated targets that should be met
by the IT service department and provided to the customer
The procedure describes how the results of the IT services should
be created, evaluated and communicated to the customer
van Bon, et al., 2007
DETAILED
PROCESS
DESCRIPTION
Add more detailed information to the service design package and
create procedures for the IT staff such as working procedures
van Bon, et al., 2007
TOOL SELECTION
DOCUMENT
The considerations are documented to select a proper tool to
support the ITIL processes
Spremic,
Zmirak,
Kraljevic, 2008
&
TOOL
IMPLEMENTATION
PLAN
A plan is created how to implement the ITIL tool
Spremic,
Zmirak,
Kraljevic, 2008
&
REPORTING
PROCEDURE
van Bon, et al., 2007
Table 5: Concept table
14
3.5
Selecting processes and roles
In the PDD we depicted an overview how to implement ITIL. However it’s still not clear in what order
the processes of ITIL should be implemented. Therefore we will zoom in on step 3 (Selection of ITIL
Roles and Role Owners) of the previous model. For the order in which the processes should be
implemented we selected the previously mentioned maturity model of Filipe (2010) because it is based
on multiple cases and version three of ITIL.
On the left axis of the table you can find all life cycles ITIL version three has. On the upper axis all the
CMMI maturity levels are presented: Initial, Repeatable, Controlled, Managed and Optimizing (Filipe,
2010). The table shows what processes should be implemented when a company has a certain maturity
level.
Life
CMMI
cycles
1
2
Service strategy
Service design
• Service catalogue management
• Service level management
• Supplier management
Service transition
• Service Asset and
Configuration Management
Service operation
• Event Management
• Incident Management
• Request Fulfilment
• Monitoring and control
• Service desk
Continual
service
improvement
3
• Demand management
• Financial management
• Service portfolio management
• Capacity management
• Availability management
• IT service continuity
management
• Service Transition Planning and
Support
• Change Management
• Release and Deployment
Management
• Service Validation and Testing
• Problem Management
• Access Management
4
5
• Information
security
management
• Evaluation
• Knowledge
Management
• Service
Reporting
• Service
Measurement
• CSI
Improve
ment
Process
Table 6: Role selection table reference Filipe (2010)
15
4
Template
To give the reader a better understanding of the deliverables created in the implementation process, we
created an example document (template). The example is a service design package because this is the
most complicated implementation document. For all other types of documents are more standards
available. Where the service portfolio is a strategic (high level) document that contains multiple
service level packages, it’s easier to create it due to the lack of details. The creation of a service
design package requires deeper technical and organizational understanding. The details for the service
design package are based on Cartlidge, Hanna, Rudd, Mafarlance, Windebank, & Rance (2007). Also
materials from previous working experience and several internet sources weere used to compile a final
format (sources can be requested from the author). The table is compiled from many different
materials due to the lack of scientific and industrial research papers. The first table shows what details
a service design package could contain.
Service Design Package
Header
Description
Service details
Contains the name of the service, high level service description, the acceptance document (autographs),
service owner and the contact details.
Detailed service requirements
Contains a more detailed description of all resources and requirements needed to fulfill the service. The
description should contain the following details: Service level requirements (such as uptime),
description of the functionalities, security details, business and supplier constrains, technical constraints,
system links (interaction with other systems), migration details (such as sharing of databases),
operational details (such as backups), User profile authorizations
Blue print for implementation
Contains all the details how to implement the service and what impact this will have. Sections that are
described are: test plan, implementation plan, roll back plan and the architecture documents.
Service relations
Contains an overview of all related services and infrastructure that influences the design package . This
section describes details such as: supplier contracts, infrastructure, other service design packages and
SLA that influence the service but are outside of the scope of this specific design package.
Operational maintenance
Describes who and how operational maintenance of the service is done. Sub sections are: how risks and
issues are managed , monitoring and evaluating of services, resources needed to perform maintenance,
maintenance procedures and documentation
Change and improvement
Contains how new requirements, changes and improvements for this specific service are handled.
Subsections are: continues improvement plan for human resources and procedures, transition and update
strategies, technical change plan, organizational change plan, needed resources to make improvements
and financial analysis
Table 7: Service design package template
16
The details in a service design package can be described through the use of different methods and
instruments. This all depends on the company’s preferences and the specific situation at hand. An
instrument that is more widely used for service level requirements are the many variations of the table
below:
Service
Ordering
Users
Company employees
Customer
Company name
Openings time
8:00 – 17:30
Data storage time
1 week
Days availible
Monday till Friday
Availibility
High
Data integrety
High
Information integrity
Low
Exclusive
Average
Response time issues
Within 2 hours
Response time changes
5 days
Amount of users
25
Amount of usage per year
215
Amount of support requests
40
Availibility percentage
92,5%
Backup saving time
Untill out of service
Table 8: Service specification reference Scmidt (2002)
To comprehend the functionalities and infrastructure of a service, usually companies use models to
back up their descriptions. Companies could use a drawing technique that is developed in-house, but
the market has many alternatives. Methods that could be used for instance are BPM (Business Process
Management), process models (such as swimming lanes) or architectural languages such as
Archimate. An example picture of a service model could be found below. It’s a simplified model that
shows a customer that makes an order at a supplier and what infrastructure supports these activities.
17
Business process layer
Customer
Order
Supplier
Services
Webstore
Email
Infrastructure
Hardware
Software
Databases
Figure 3: Architectural diagram
18
5
Conclusion
ITIL is a broadly used industrial standard for the management of the companies IT-Governance.
However the amount of scientific literature and research on this topic is minimal. Because ITIL is a
wide spread phenomenon it’s important that more scientific research is done on the matter. ITIL is a
complete framework that describes what roles are required for thorough IT-Governance. But ITIL
completely lacks a process how to implement the framework. Even though the situations could differ,
an assisting model with process implementation steps could fill in this gap. Therefore this paper
contains a first effort to do so.
The method is compiled from different sources, so it is very hard to guarantee the quality of the
method. It should be tested in practice first and evaluated through expert reviews. The method should
be gradually improved to increase its quality. Also the situation where ITIL is implemented is very
different. That could make the method not applicable for certain companies. Finally the method is still
very high level and needs more details to make it an extra edition to the ITIL method. A preferred
setup for future research will be a light version for smaller companies, that is also easy to comprehend.
For the bigger companies a detailed version that describes all the efforts of an ITIL implementation
should be available. Science also has many opportunities to assists the industrial field by researching
methods such as ASL, BISL and ITIL.
19
References
Alison, C., Hanna, A., Rudd, C., Macfarlane, I., Windebank, J., & Rance, S. (2007). An introductory
overview of ITIL v3. ITSMF.
APMG. (2011, september 8). Retrieved February 24, 2012, from ITIL official site: ITIL site
http://www.itil-officialsite.com/AboutITIL/WhatisITIL.aspx
APMG. (2012). Retrieved March 1, 2012, from Official Prince2 site: http://www.prince2.com/prince2business-case.asp
Brinkkemper, S. (1996). Method engineering: engineering of information systems development.
Elsevier, Information and software technology, 38 (4),275-280.
Brinkkemper, S., Seaki, M., & Harmsen, F. (1999). META-Moddeling based assembly techniques for
situational method engineering. Elsevier, Information systems volume, 24 (3), 209-228.
Cartlidge, A., Hanna, A., Rudd, C., Mafarlance, I., Windebank, J., & Rance, S. (2007). An
introductory overview of ITIL V3. ITSMF.
Cater-Steel, A., & Tan, W. G. (2007). Implementation of IT Infrastructure Library (ITIL) in Australia:
Progress and success factors. IT Governance International Conference. Toowoomba: University of
Southern Queensland.
Filipe, R. (2010). A Maturity Model for Implementing ITIL v3. 2010 6th World Congress on services.
Lisabon: Technical university of Lisabon.
Grembergen, W. (2004). Strategies for information technology governance. Antwerpen: Idea group
publishing.
Grit, R. (2005). Projectmanagement. Groningen: Wolters Noordhof.
Hardy, G. (2006). Guidance on Aligning COBIT ITIL and ISO 17799. Information system control
journal, Vol. 1 .
Hay, G., & Castilla, G. (2006). Object-Based image anlysis, strengths, weaknesses, opportunities and
threats (swot). International Archives of Photogrammetry, Remote Sensing and Spatial Information
Sciences. Calgary: OBIA.
20
Henderson, J., & Venkatraman, N. (1993). Strategic alignment: Leveraging information technology
for transforming organizations. IBM Systems Journal, 32 (1).
Hong, S., van den Goor, G., & Brinkkemper, S. (1993). A formal approach to the comparison of
object-oriented analysis and design methodologies. Proceeding of the 26th Hawaii International
Conference on System Sciences. Hawaii: IEEE Computer Science Press, 1993.
Kaarst-Brown, M., & Kelly, S. (2005). IT Governance and Sarbanes-Oxley: The latest sales pitch or
real challenges for the IT function? Proceeding of the 38th Hawaii International Conference on
System Sciences. Hawaii: Syracuse University.
Kempter, S., Kempter, A., & Lea Cox, T. (2006). Wikipage. Retrieved February 2012, from IT Process
map: http://en.it-processmaps.com/
Meijer, M., Smalley, M., & Taylor, S. (2008). ITIL v3 and ASL. ASL and BISL foundation.
Meijer, M., Smalley, M., Taylor, S., & Dunwoodie, C. (2011). ITIL V3 and BiSL: Sound guidance for
business IT. ASL and BISL Foundation.
Niessink, F., Clerk, V., Tijdink, T., & van Vliet, H. (2005). The IT Service Capability Maturity Model
version 1. Amsterdam: Vrije Universiteit.
Pollard, C., & Steel, A. (2009). Justifications, strategies and critical succes factors in succesfull ITIL
implementations in U.S. and Australian companies: an exploratory study. Information systems
management, 26 (2), 164-175.
Shire, J. (2011, September 27). Wikipedia. Retrieved March 1, 2012, from Wikipedia:
http://en.wikipedia.org/wiki/Project_initiation_document
Scmidt, V. (2002). IT service management. Haren publishing.
Spremic, M., Zmirak, Z., & Kraljevic, K. (2008). IT and business process performance management:
Case study of ITIL implementation in finance service industry . The conference proceeding of
Information Technology Interfaces, 2008. ITI 2008. 30th International Conference on services (pp.
243-250). Dubrovnik: Office of governance and commerce.
Tapia Santana, R. (2006). IT process architectures for enterprises development: A survey from a
maturity model. Enschede: University of Twente.
21
Taylor, G. (2010). Disney's ITIL journey. APMG.
van Bon, J., de Jong, A., Kolthof, A., Pieper, M., Rozemijer, E., Tjassing, R., et al. (2007). IT service
management an introduction (PP. 4). Amersfoort: Van Hare Publishing.
van de Weerd, I., & Brinkkemper, S. (2009). Meta-Modeling for situational analysis and design
methods. In M. Rahman Sayed, & S. Nessa Syed, Handbook of Research on modern system analysis
and design technologies and applications (pp. 35-54). IGI Global.
Veen, A., & Bon, J. (2007). Foundations of ITIL v3. Van Haren Publishing.
von Solms, B. (2005). Information Security governance: COBIT or ISO 1799 or both.
Elsevier,Computers & Security 24, 99 - 104.
Weill, P., & Jeanne, R. (2004). IT governance on one page. Massachuetes : CISR.
22
Download