Why was ITIL updated?
Since publication of the 2007 editions we have received over 500 suggested changes, plus additional suggestions on roles, process flows, inputs and outputs from both users and trainers. All publications have been through the continual service improvement (CSI) process, and ultimately, this is what makes ITIL what it is – a best-practice framework. We are committed to the principles of ITIL and key to this is CSI. This update is a direct result of feedback from the community that reads, uses and trains from this guidance. We have updated the guidance based on feedback from key stakeholders, and the end result is guidance that is easier to navigate, read, translate, adopt and teach.
The Service Lifecycle
ITIL is organized around a service lifecycle which includes service strategy, service design, service transition, service operation and continual service improvement.
1) Service Strategy
Process Objective: To decide on a strategy to serve customers. Starting from an assessment of customer needs and the market place, the Service Strategy process determines which services the IT organization is to offer and what capabilities need to be developed. Its ultimate goal is to make the IT organization think and act in a strategic manner.
Understanding who the IT customers are, the service offerings that are required to meet the customers’ needs, the IT capabilities and resources that are required to develop these offerings, and the requirements for executing them successfully. Driven by strategy throughout the course of delivery and support for the service, the IT service provider must always try to ensure that the cost of delivery is consistent with the value delivered to the customer.
a- Service Management for IT Services
Process Objective: To assess the service provider’s offerings, capabilities, competitors as well as current and potential market spaces in order to develop a strategy to serve customers. Once the strategy has been defined, Strategy Management for IT Services is also responsible for ensuring the implementation of the strategy.
b- Service Portfolio Management
Service Portfolio Management ensures that the service provider has the right mix of services to meet required business outcomes at an appropriate level of investment.
c-Financial Management for IT Services
Process objective is to manage the service provider’s budgeting, accounting and charging requirements.
d- Demand Management
Demand Management works with Capacity Management to ensure that the service provider has sufficient capacity to meet the required demand.
e- Business Relation Management
Business Relationship Management identifies the needs of existing and potential customers and ensures that appropriate services are developed to meet those needs.
2) Service Design
Process Objective: To design new IT services. The scope of the process includes the design of new services, as well as changes and improvements to existing ones.
Service designensures that new and changed services are designed effectively to meet customer expectations. The technology and architecture required to meet customer needs cost-effectively are an integral part of service design, as are the processes required to manage the services. Service management systems and tools to adequately monitor and support new modified services must be considered, as well as mechanisms for measuring the service levels, the technology, and the efficiency and effectiveness of processes.
a- Design Coordination
Process Objective: To coordinate all service design activities, processes and resources. Design coordination ensures the consistent and effective design of new or changed IT services, service management information systems, architectures, technology, processes, information and metrics.
b-Service Catalogue Management
Process Objective: To ensure that a Service Catalogue is produced and maintained, containing accurate information on all operational services and those being prepared to be run operationally. Service Catalogue Management provides vital information for all other Service Management processes: Service details, current status and the services’ interdependencies.
c-Service Level Management
Process Objective: To negotiate Service Level Agreements with the customers and to design services in accordance with the agreed service level targets. Service Level Management is also responsible for ensuring that all Operational Level Agreements and Underpinning Contracts are appropriate, and to monitor and report on service levels.
d- Risk Management
Process Objective: To identify, assess and control risks. This includes analyzing the value of assets to the business, identifying threats to those assets, and evaluating how vulnerable each asset is to those threats.
e- Capacity Management
Process Objective: To ensure that the capacity of IT services and the IT infrastructure is able to deliver the agreed service level targets in a cost effective and timely manner. Capacity Management considers all resources required to deliver the IT service, and plans for short, medium and long term business requirements.
f- Availibility Management
Process Objective: To define, analyze, plan, measure and improve all aspects of the availability of IT services. Availability Management is responsible for ensuring that all IT infrastructure, processes, tools, roles etc. are appropriate for the agreed availability targets.
g- IT Service Continuity Management
Process Objective: To manage risks that could seriously impact IT services. ITSCM ensures that the IT service provider can always provide minimum agreed Service Levels, by reducing the risk from disaster events to an acceptable level and planning for the recovery of IT services. ITSCM should be designed to support Business Continuity Management.
h- Information Security Management
Process Objective: To ensure the confidentiality, integrity and availability of an organization’s information, data and IT services. Information Security Management usually forms part of an organizational approach to security management which has a wider scope than the IT Service Provider.
i- Compliance Management
Process Objective: To ensure IT services, processes and systems comply with enterprise policies and legal requirements.
j- Architectur Management
Process Objective: To define a blueprint for the future development of the technological landscape, taking into account the service strategy and newly available technologies.
k- Supplier Management
Process Objective: To ensure that all contracts with suppliers support the needs of the business, and that all suppliers meet their contractual commitments.
3) Service Transition
Process Objective: To build and deploy IT services. Service Transition also makes sure that changes to services and Service Management processes are carried out in a coordinated way.
Service transition phase of the lifecycle the design is built, tested and moved into production to enable the business customer to achieve the desired value. This phase addresses managing changes: controlling the assets and configuration items (the underlying components such as hardware, software etc.) associated with the new and changed systems; service validation; and testing and transition planning to ensure that users, support personnel and the production environment have been prepared for the release to production.
a- Change Management
Process Objective: To control the lifecycle of all Changes. The primary objective of Change Management is to enable beneficial Changes to be made, with minimum disruption to IT services.
b- Change Evaluation
Process Objective: To assess major Changes, like the introduction of a new service or a substantial change to an existing service, before those Changes are allowed to proceed to the next phase in their lifecycle.
c- Project Management (Transition Planning and Support)
Process Objective: To plan and coordinate the resources to deploy a major Release within the predicted cost, time and quality estimates.
d- Application Development
Process Objective: To make available applications and systems which provide the required functionality for IT services. This process includes the development and maintenance of custom applications as well as the customization of products from software vendors.
e- Release and Deployment Management
Process Objective: To plan, schedule and control the movement of releases to test and live environments. The primary goal of Release Management is to ensure that the integrity of the live environment is protected and that the correct components are released.
f- Service Validation and Testing
Process Objective: To ensure that deployed Releases and the resulting services meet customer expectations, and to verify that IT operations is able to support the new service.
g-Service Asset and Configuration Management
Process Objective: To maintain information about Configuration Items required to deliver an IT service, including their relationships.
h- Knowledge Management
Process Objective: To gather, analyze, store and share knowledge and information within an organization. The primary purpose of Knowledge Management is to improve efficiency by reducing the need to rediscover knowledge.
4) Service Operation
a- Event Management
Process Objective: To make sure CIs and services are constantly monitored, and to filter and categorize Events in order to decide on appropriate actions.
Process Objective: To manage the lifecycle of all Incidents. The primary objective of Incident Management is to return the IT service to users as quickly as possible.
Process Objective: To fulfill Service Requests, which in most cases are minor (standard) Changes (e.g. requests to change a password) or requests for information.
Process Objective: To grant authorized users the right to use a service, while preventing access to non-authorized users. The Access Management processes essentially execute policies defined in Information Security Management. Access Management is sometimes also referred to as Rights Management or Identity Management.
Process Objective: To manage the lifecycle of all Problems. The primary objectives of Problem Management are to prevent Incidents from happening, and to minimize the impact of incidents that cannot be prevented. Proactive Problem Management analyzes Incident Records, and uses data collected by other IT Service Management processes to identify trends or significant Problems.
f- IT Operations Control
Process Objective: To monitor and control the IT services and their underlying infrastructure. The process IT Operations Control executes day-to-day routine tasks related to the operation of infrastructure components and applications. This includes job scheduling, backup and restore activities, print and output management, and routine maintenance.
Process Objective: To manage the physical environment where the IT infrastructure is located. Facilities Management includes all aspects of managing the physical environment, for example power and cooling, building access management, and environmental monitoring.
Application Management is responsible for managing applications throughout their lifecycle.
Technical Management provides technical expertise and support for the management of the IT infrastructure.
Process Objective: To make sure that IT services are delivered effectively and efficiently. The Service Operation process includes fulfilling user requests, resolving service failures, fixing problems, as well as carrying out routine operational tasks.
Service operation delivers the service on an ongoing basis, overseeing the daily overall health of the service. This includes managing disruptions to service through rapid restoration after incidents; determining the root cause of problems and detecting trends associated with recurring issues; handling daily routine end-user requests; and managing service access.
5) Continual Service Improvement (CSI).
Process Objective: To use methods from quality management in order to learn from past successes and failures. The Continual Service Improvement process aims to continually improve the effectiveness and efficiency of IT processes and services, in line with the concept of continual improvement adopted in ISO 20000.
CSI offers a mechanism for the IT organization to measure and improve the service levels, the technology and the efficiency and effectiveness of processes used in the overall management of services.
Process Objective: To review business services and infrastructure services on a regular basis. The aim of this process is to improve service quality where necessary, and to identify more economical ways of providing a service where possible.
Process Objective: To evaluate processes on a regular basis. This includes identifying areas where the targeted process metrics are not reached, and holding regular benchmarkings, audits, maturity assessments and reviews.
c-Definition of CSI Initiatives
Process Objective: To define specific initiatives aimed at improving services and processes, based on the results of service reviews and process evaluations. The resulting initiatives are either internal initiatives pursued by the service provider on his own behalf, or initiatives which require the customer’s cooperation.
d- Monitoring of CSI Initiatives
Process Objective: To verify if improvement initiatives are proceeding according to plan, and to introduce corrective measures where necessary.