April Theme Articles BS15000: the background to and … · 2008. 3. 7. · £4 April 2004 Issue No....

£4April 2004

Issue No. 66

BS15000: the backgroundto and implications of3 articles which help to explain

IT ServiceContinuity“Know the Unknowns”

Keeping theIT BalancingAct on theTight Rope

PLUS all the usual features coveringindustry news, gossip and events

The Top FiveMistakesA practical guide to

improving IT service delivery

April Theme Articles

2 servicetalk Issue No. 66 April 2004

All communications to:itSMF, Webbs Court, 8 Holmes Road,Earley, Reading RG6 7BHTel: 0118 926 0888Fax: 0870 706 1531Email: [email protected]: Malcolm ButtonProduced & Printed by:Graham Burn ProductionsThe Atrium, 17 SeIworthy, Furzton,Milton Keynes MK4 1HATel/Fax: 01908 526219Email: [email protected]: Direct Logistics Ltd

The views expressed in servicetalk do not necessarily reflectthose of the Editor or the itSMIF

© servicetalk Material within this publication may notbe reproduced in whole or in part without the expresspermission of the itSMF.

Subscription Rates:Members FreeNon-Members £4.00Annual (UK) £18 per annumAnnual (Overseas) £24 per annumAdvertising Rates:Full colour (disc supplied to our specification)

Members Non-MembersFull Page £450 (+ VAT) £650 (+ VAT)Half Page £275 (+ VAT) £425 (+ VAT)Quarter Page £150 (+ VAT) £250 (+ VAT)

Series discounts available

What is the itSMF?The IT Service Management Forum Ltd. (itSMF) is the only internationallyrecognised and independent organisation dedicated to IT Service Management. It isa not-for-profit organisation, wholly owned and principally operated by itsmembership. The itSMF is a major influence on, and contributor to, Industry ‘BestPractice’ and Standards worldwide, working in partnership with the OGC (the UKGovernment advisory body), the British Standards Institution (BSI), the DistributedManagement Task Force (DMTF), the Information Systems Examination Board(ISEB) and the Examination Institute of the Netherlands (EXIN).

The aims of the itSMF� To develop and promote industry best practice in service management� To engender professionalism within service management personnel� To provide a vehicle for helping members improve service performance� To provide members with a relevant forum in which to exchange information

and share experiences with their peers on both sides of the industry

What services do we offer?Among the services we offer are:� opportunity to participate in setting best practice;� reduced entry to seminars/exhibitions;� discounts on book sales;� products/services catalogues;� consultancy;� regional discussion groups;� reference sites.

itSMF officers and staffChairman – Mark Hall; Vice Chairman – Ken Goff; Treasurer – Mary Fishleigh;Chief Executive Officer – Aidan Lawes; Events Manager – Maxine McMahon;Membership Services Manager – John McDermott; Marketing Manager – Kim May;Membership Administrator –Michelle Darby; Events Administrator – Jenny BoggProject Manager – Chris Lang; Book Sales – Sharon Shaw; Book-keeper – Sarah Nieto

Chief Executive Officer’s RemarksService Management is high on the agenda forCIOs and IT Directors around the globe, which isevidenced by the continued growth in itSMFchapters. Increasingly, those new to the ITSMphilosophy are asking, “Is it worth it? Will therebe a real return on an investment in ITSM?” Inmany ways, it seems inappropriate to try to justifyservice management in isolation. Enterprisesshould be looking at total IT investment returns –and that means complete life-cycle management.Before investing in any new development,enterprises should understand the full cost ofdevelopment plus an acceptable operational cost for a defined service quality overthe expected operational life of the development. It is only from these figures thatthey can make a business decision as to whether the value derived justifies theexpenditure.

However, the sad truth is that enterprises haven’t taken a true end-to-end view andhence, for many, a specific investment in service management is necessary.Intuitively, those who understand the subject find the argument to be almost self-evident; successful service improvement programmes drive up the quality ofdelivered service, and often reduce operating costs at the same time. And certainlythe lot of the service provider is vastly improved as they move from whipping boyto a position of respect. But how do you convince the sceptics or those who wanthard financial figures?

In order to try to provide some empirical answers, we have been engaged in someresearch work, through an independent agency, with a number of organisationsthat have successfully implemented “best practice” solutions. The aim is notmerely to quantify some of the benefits achieved, but also to understand how suchquantification might be modelled. Progress is slower than we had hoped, becauseit appears that many organisations aren’t measuring and articulating the benefitsin hard business terms. We will publish the findings in due course, with the firsttranche by the end of April, but meantime if you have information in this spacethat you are willing to share, we’d be delighted to hear from you. �

The Journal of the IT ServiceManagement Forum it SMF

ContentsitSMF and Best Practice: Survey Conclusions 3

Seminar Report:Sailing with ITIL in a Sea of Strategies 7

Planning to Achieve BS15000 9

Institute Page 12

BS15000 Training & Qualification 13

Letters Page 15

People on the Move 15

BS15000: Past, Present & Future 16

Regional Reports 19

Conference Details & Registration Form 22

Ask the Experts 25

itSMF Vendors 28

IT Physician Heal Thyself 29

SLAs: An Evolutionary Daze 30

The Top Five Mistakes 32

Keeping the IT Balancing Acton the Tight Rope 35

IT Service Continuity: “Know the Unknowns” 38

Axios Systems Achieve BS15000 40

International News 42

servicetalk Data Information 42

Diary 2004 43

Seminar Announcements 44

Issue No. 66 April 2004 servicetalk 3

itSMF and ITIL Best PracticeAre we getting the message?David BarkerQube Holdings Ltd

Over the last year 600 servicetalk readershave been interviewed, representing over550 companies. In all over 20,000questions have been asked and over 600hours spent interviewing readers such asyourselves.

So what have been the key messages,what has been learnt and what should bedone about it? These questions apply tothe itSMF as much as they do to you aspractitioners of ITIL best practice.

So what collectively havewe learnt?In essence there are 4 key areas oflearning:� What ITIL Best Practice activities are

happening and what you would likefrom the itSMF in support.

� The differences in understanding as towhat the itSMF can do in support ofyour activities and what services ithas to offer.

� Your views of the itSMF as anorganisation and whether it offersvalue for money.

� Your needs of the itSMF as anorganisation and overall what moreyou would like from it.

What is happening in ITILBest Practice?The overriding initiatives undertakenover the last 12 months have been as

shown in Figure 1 above whilst in termsof those which are continuing during thenext 12 months are shown in Figure 2.

Thus the level of ITIL Best Practiceactivity has been and will continue to behigh. Although the priorities appear to bechanging slightly it should be noted thatover 61% of you are continuing toimplement activity into this coming year.But what is this telling us? How does thisinformation help? Well, many have beenasking the itSMF to give informationmore specific to their sector. Indeed, whenseparated out there are many priority

Sector Last 1 Months – Prioritised 1- 12 where 1 is the highest volume of implementation and 12 is the lowestBusiness Clubs & Comms Finance Govern- Pharma- Retail Utilities Services Charity & IT & Ins. ment ceuticals

Service Desk 4 1 2 4 1 4 2 1Incident Management 3 2 4 3 2 2 3 4Problem Management 2 3 3 2 4 4 5 1Change Management 1 3 1 1 2 1 1 1Configuration Management 7 11 8 7 6 8 6 4Release Management 8 3 12 6 9 8 9 10Service Level Management 6 7 5 8 11 2 3 4Availability Management 12 11 11 11 6 10 10 10Capacity Management 11 7 8 9 10 10 12 12IT Service Cont./ DR 5 7 7 5 5 6 8 8Financial Management 9 3 10 11 12 10 11 4IT Security 9 7 6 9 8 6 7 8

Chart 1: Ranking of Activity by Sector

differences between sectors. (See Chart 1below).

Whilst there is little difference in the topfour initiatives, significant variationoccurs as you move down the list. Thiscan be shown by the following examples:Service Level AgreementsPharmaceuticals (2) vs Government (11)Financial ManagementGovernment (12) vs Utilities (4)

This information might be helpful if youare looking to implement an initiative andwish for some comparative industry

�

Figure 1

Figure 2


�

information. It also gives a sense of‘flavour of the month’ in each sector aspriorities and issues clearly vary betweenthem.

In terms of coming activity, it is alsouseful to know what activities arecontinuing by sector, as well as thesupport for any implementation plans youmight have for the coming year (seeChart 2 above).

As with the previous chart there aresignificant variations when you move outof the top four initiatives.Release ManagementGovernment (3)vs Communications/IT (12)Service DeskRetail (8)vs Financial Services ( 2)

Well if that is what you are doing, whathelp do you want from the itSMF? Thetruth is that the overriding request hasbeen for specific and detailed casestudies. There is a huge pent up demandacross servicetalk readers for case studies.Indeed out of the 600 interviews, 180 ofyou said you would be willing tocomplete a case study in the next year.

In order to move this forward the itSMFhas commissioned Qube to contact you tosee who could actually complete a casestudy and so far 101 of you have agreedto be interviewed once your projects arecompleted. Due to the protracted natureof project completion, the itSMF intendto publish anonymous case study dataover the course of this year in servicetalk,as and when you are interviewed.

This will lead to more detailed case

Sector Next 12 Months – Prioritised 1- 12 where 1 is the highest volume of implementation and 12 is the lowestBusiness Clubs & Comms Finance Govern- Pharma- Retail Utilities Services Charity & IT & Ins. ment ceuticals

Service Desk 2 2 2 2 4 6 8 1Incident Management 6 2 4 5 7 2 3 1Problem Management 7 7 3 10 2 4 3 7Change Management 2 7 1 3 1 1 1 1Configuration Management 1 7 8 1 4 4 2 10Release Management 9 7 12 5 3 6 8 10Service Level Management 2 2 5 4 6 2 3 7Availability Management 9 2 11 8 10 11 8 7Capacity Management 8 1 8 9 11 9 6 1IT Service Cont./ 2 11 7 5 8 6 7 1Financial Management 11 11 10 12 12 9 12 1IT Security 11 2 6 11 9 11 11 10

Chart 2: Ranking of Activities by Sector

studies becoming available in due course.In addition to case studies, there havealso been a variety of additional requests,for example:� More research into the specific

activities such as release management,configuration management etc.

� An e-mail newsletter� More communication between

members – perhaps a forum?

However, one of the areas of possiblesupport that has not been specificallyasked for, but would appear to be of helpto the readership, is the issue of customerservice improvement measurement.

Currently 74% of all initiativescompleted were designed to improvecustomer service. This was by far thelargest reason for implementing ITILBest Practice initiatives. What isinteresting however is that of this 74%:

73% have got some measures in place

of which

78% have measures clearly defined

of which

66% have a timeframe

Therefore:73% x 78% x 66% = 38%

have clearly defined measures in placewith a specific timeframe for results.

Clearly, with such an important output asimproved customer service, and with somany of you saying this is the reason forimplementing ITIL Best Practice, theseresults are at best worrying.

Although not directly requested, the

itSMF is reviewing ways in which itmight be able to offer support and advicein the accurate measurement of serviceimprovement.

In addition, the management team will bereviewing all the above requests foradditional service and will assess howthey fit into the current portfolio of whatis offered.

What about your understanding ofwhat we can offer you?In all, 16 “service” offerings wereidentified that the itSMF provides to itsmembers. Interviewees were asked whichthey were aware of.

They were also asked which they hadactually used in the last 12 months andwhich they were likely to use in the next12. The results are shown overleaf onpage 6.

An interesting exercise for the itSMF.Perhaps you want to try it yourself.Which are you aware of?

The itSMF view was that beforeexpanding their range of services theymust first drive up the awareness of whatis offered and then check as to the usage.It is clear this needs to be done asawareness is only above 50% in 3 out ofthe 16 services the itSMF offers. Thequestion is will awareness drive upusage? This is hard to tell. However,before this can be assessed there must beclarity in the range of services offered tomembers as many members commentedthat they simply weren’t aware of whatthe itSMF had to offer!

To this end the itSMF have produced a

�

�


Service Awareness Used Going to UseConference & Exhibitions 83% 29% 19%Seminar Programmes 80% 24% 19%Service Talk 67% 27% 21%Regional Groups 50% 13% 10%Contribution to Best Practice 43% 7% 4%Web Discussion Forum 41% 10% 8%Web Products/Service Catalogues 40% 10% 8%Bookshop 39% 9% 7%Market Research 38% 8% 5%Web Chat 30% 5% 4%Self Assessment Questionnaire 28% 7% 4%Web Guide to Vendor Services 26% 7% 5%Publication Opportunities 24% 3% 2%Members Database Services 22% 4% 4%Access an Expert 21% 4% 3%Discount Affiliate Products 21% 4% 4%

handbook which was distributed to over800 people at their conference. A further100+ people have requested a copy of thehandbook and each new member isissued with a copy in their welcome pack.The handbook covers all the itSMFservices and explains the benefits.

So what do you think of usat the itSMF?Well, currently of those interviewed, 91%

of you are already members. In terms ofwhether the existing members wouldrenew, 91%, said they would, 91% saidthey would recommend the itSMF toothers and 87% said the itSMF offersvalue for money.

Although the itSMF is delighted withthese results, it is striving to achieve evenhigher scores through improvedcommunication and delivery of its

services. It is also constantly looking atways to improve servicetalk to increaseits relevance and your readership of it.Currently, 71% said servicetalk wasrelevant to them and 72% always or oftenread it. The itSMF would like to improvethis so any suggestions are always verywelcome as it is your magazine, nottheirs!

Finally, what are your needs of theitSMF as an organisation and whatmore would you like from them?Well, clearly from all that you have toldus, the itSMF is currently activelystriving to improve its communication toyou and explore new services which itcould provide. As was previously statedany views or ideas you have to movethese forward are always gratefullyreceived.

In a final phase of improvement theitSMF is currently undertaking a strategicreview of its whole operation, looking atthe next two years’ direction. It is hopedthis will ensure continued success for youand the itSMF into the future. �


Seminar Report“Sailing with ITIL in a Sea of Strategies”

Held at Stoke – 5th February 2004Joanne Laker

House of Commons

My job title is Performance ReportingOfficer and within my organisation theestablishment of ITIL best practice isstill in its infancy. My aim was to look toour future and, once ITIL has been fullyimplemented, explore ways ofdeveloping performance measurement.

This was the first itSMF seminar I hadattended and I was impressed by twothings. Firstly, the quality of thespeakers’ presentations was of a veryhigh standard. Without exception theywere all confident and knowledgeablewithin their respective fields and alsodisplayed a wider understanding of the

relationships between ITIL and othermeasurement methodologies. Secondly,the agenda was logically structuredbecause the topic of BS15000certification was covered first beforelooking at the more comprehensivemethodologies such as BalancedScorecard, Sixth Sigma and CobiT. Toconclude, Steve Ingall from Fox ITprovided an absorbing overviewexamining the implications of introducingthese measurement frameworks in abusiness and how they relate to businessstrategy and service excellence.

During the panel forum at the end of the

IndividualIvanska Radka

(Severomoravska Energetika AS)Serge Thorn (Serono International SA)

Geoff Thirlwall (Bossman Swan)Simon Lloyd Evans

(New Zealand Police)Erik Stevens (J.D Edwards)Eileen Keddie (Consignit)

Katrin Gorma (D&B International)Wendy Stewart

(British Sky Broadcasting)Jon Salter (Neural Technologies)

David Phelps (Wandara Consulting)Rupert Prall (MBNA International Bank)Juergen Reetz (Netplan Reetz & Partner)

Sharon Hampton (Itnet plc)Natalia Iglesias (Einsa Multimedia)Dave Rudd (Harcourt Education)

Dave Oldham (Norfolkline)Steve Perkins (Chorus)

Alain Cadorette (Novell)Greg Hibbert (Fibernet)

Tim Wilson (Wilson Computing)Mark Fenton (Saudi Business Machines)

Stephen Aspinall

Individual (cont.)Mark Lang

(Eclipse Networking Limited)Christian Fronteras (Netential Limited)

Padraic Tallon (FETAC)Atif Mahmood (Bradford Met Council)Dave Sutton (Keynote Housing Group)

Sole TraderDavid Salter (Port162 Ltd)

Phil Hector (Konick Limited)Irzan Ahmad (Vertinets Consulting)

Julie GoddardShane Hiller (Shapen IT)

Simon Anderson(Maltings IT Consultancy)Jan Boons (ADIT BVBA)

David Spencer (BC Care Limited)Matthew Clayton

(General Systems Development)

Corporate 5Herbert Smith

Larfarge AggregatesHammonds

Corporate 5 (cont.)University of Nottingham

United UtilitesIntelligent Finance

Frontrange SolutionsIntergralis Ltd

Lynx TechnologyEdexel

Cable and WirelessUniversity of Huddersfield

CSF Group PlcOmnicom Praha

Corporate 10Scottish Enterprise

University Hospital of North StaffsBUPA

Vendor 5Think SolutionsDecision Focus

ItheonTectonic Ltd

LRQA

New itSMF Members

day there was a consensus of opinion thatITIL is the first step and foundation toestablishing processes within anorganisation. BS15000 certification is arelatively quick means of assessingprocess maturity and effectiveness andthe other methodologies of the BalanceScorecard, Sixth Sigma and CobiTprovide the means for more detailed andin-depth analysis.

Overall I felt that this was an extremelybeneficial seminar because lookingbeyond ITIL itself and its context withinbusiness strategies and best practices isessential to its evolution. �

itSMFMember

itSMFMember


April Theme Article BS15000

Planning To AchieveBS15000Tony BrooksPrincipal ConsultantFox IT

This article is about what has to bedone to achieve a specific andmeasurable quality standard: it isn’tabout using a project management tooland nor is it about the well-understoodstages of a typical project althoughthat would be a sensible approach toadopt. Instead, it is an attempt toidentify some of the fundamental issuesthat need to be considered as part ofthe planning process. It discusses somegeneric quality related issues and anumber of standard-specific issues butI will not go through each process indetail: the most fundamental point tounderstand is the scoping requirementof the scheme and the approach thatyou will need to adopt.

To start with, a few words about the roleof quality standards. The purpose of astandard is to establish a generallyrecognised level of achievement. As such,in a commercial environment certificationcan be understood to be part of a legaltrade description if it is quoted andidentified clearly, or even if only“compliance” or “conformance” isclaimed, and it is important to ensure thatany claims made or inferred in this wayare not misleading to clients.

This is why it is important to be very

clear about the role of a quality standard,the reasons for obtaining one and the waythat it will be used or interpreted byclients and suppliers. The ISO9000quality standard is a broad based standardand serves suppliers in various industrysectors well. It is primarily managementfocussed, being concerned to ensure thatdefined processes are followed andevidenced rather than ensuring that “bestpractice” processes are defined in the firstplace.

A Functionally Based Standard

As a functionally based standard,BS15000 is different: it is specific to theIT Service Management industry anddescribes an industry consensus on whatconstitutes a quality service and, as aresult, is becoming commonly specifiedas a contract requirement. The BS15000Certification Scheme is managed by theitSMF, which means that the officialBS15000 Certificates are issued byauditors on behalf of the itSMF and willfeature the itSMF scheme logo. This doesnot detract from ISO9000 butcomplements it.

This means that in order to achieveBS15000 Certification, an organisationhas not only to conform to overall

management quality standards todemonstrate appropriate managementcontrols, but also needs to demonstrateindustry best practice which is basedaround the ITIL guidelines. If anorganisation is already ISO9000 certified,then much of the managementrequirement is likely to be met but youshouldn’t assume that to be the case.

BS15000 — and the Meaning ofBest Practice

So the question is, what does bestpractice mean in relation to BS15000?While all of the ITIL processes arecovered, it is a mistake to think that ITILalone will be enough. BS 15000 is moreextensive than the ITIL processes. It isalso worth pointing out that the ServiceDesk is not identified as an auditable area– the concentration is on the processeswherever they are operated and this is animportant scoping issue. Apart fromprocess best practice, there are alsomanagement control areas to consider. Sothat we are clear about what has to beincluded in the scope, planning andeventual audit, the table at the foot of thepage shows the specific auditable areas.

Now that we have a starting point weneed to understand the scoping

Managerial AreasOverall management system� Management responsibility� Documentation requirements� Competence, awareness and training

Planning and implementing service management� Plan service management� Implement service management� Monitor, measuring and reviewing� Continuous improvement

Planning and implementing new or changed services

Functional AreasService Level ManagementService ReportingAvailability & Service Continuity ManagementBudgeting and Accounting for IT ServicesCapacity ManagementInformation Security ManagementBusiness Relationship Management SupplierRelationship Management Incident ManagementProblem ManagementConfiguration ManagementChange ManagementRelease Processes

�



requirements of BS15000. Put simply, theCertificate can only be issued to a singlelegal entity and it follows that to achievethe Certificate, an organisation must beable to demonstrate that it is responsiblefor delivering all of the processes definedby the scheme. While some limitedexceptions are possible, they will besubject to specific agreement with theauditing body (and confirmation with theitSMF), and are likely to be restricted toprocesses covered by external contract.Where an exception is allowed it will beidentified on the Certificate when issued,this is similar to the approach taken underISO9000: 2000. As an example, it may bepossible to exclude resource capacitymanagement but not all aspects of theprocess i.e. service and business capacitymanagement.

How Self-Assessment Operates ByDetermination of Standards

Let’s now consider some specifics: it isimportant to be realistic about what youare trying to achieve: in that respect it isimportant to discover where you are nowby establishing a baseline. There are twomain options for this: self-assessmentagainst an appropriate workbook orexternal assessment. Whichever youchoose, you have to be sure that theresults will be realistic, objective and “fitfor purpose”– you will need to be carefulnot to end up with an outcome which isinaccurate or incomplete, because thework done at this stage will befundamental in defining the timescale forthe standards project. I describe theassessment as being “fit for purpose”because the baseline must give you acomprehensive view: not only thetraditional view of process maturityassessment but also an assessment of theextent to which suitable audit evidenceand managerial controls exists.

The difficulty at this stage is to determinewhat constitutes conformance to thestandard. The assessment of ITILprocesses is mature and should presentno difficulty, however, the additionalprocesses may be less clearly understoodand may not be as easy to define anddemonstrate: in practice, it may provedifficult to identify where they areperformed and who is responsible forthem in the first place. As an example,consider Supplier Management: the

objective of this process within thestandard is to “manage third partysuppliers to ensure the provision of seam-less, quality services”. To achieve thisaspect, you must understand and docu-ment the full service delivery chain andthis includes sub-contracted suppliers. Toassess a baseline we must determine astandard against which to be assessed.

The All-Important Selection of aRegistered Certification Body

While the assessment is going on, youshould select a Registered CertificationBody (RCB) – this is your auditingpartner and establishing this relationshipat an early point is vital to the success ofthe project. The sooner that you canselect an RCB, the sooner you can defineand agree the scope of the standardsproject. This is vital if you areconsidering an exception clause in theaudit scope, as you must be certain thatthe scope is valid. You must be careful atthis stage to be clear that your RCB isofficially registered with the itSMF andthat you are going to be certificated underthe official scheme.

You do have to be careful to distinguishbetween the role of an auditing body andthat of an implementation partner: theauditor cannot help directly withimplementation of any aspect of thescheme and you should be cautious ofany claim to provide an end-to-endservice. Equally, while implementationpartners can advise on any aspect of theproject, they are not authoritative as faras the audit stage is concerned.

The assessment should give you a seriesof improvement recommendations and,as long as the terms of reference for theassessment were properly defined, thoseimprovements should give you a roadmapthrough to an auditable standard ofperformance. The roadmap will identifyimprovement dependencies, groupings,and priorities and should link theimprovements to identifiable areas of thestandard. You may find that somerecommendations can be achievedthrough fine-tuning in some areas whileothers involve more substantial work: thisis where you need to start detailed projectplanning. It is probable that there will bework packages that can be handled asprojects and that different projects can be

linked: this naturally takes you into aprogramme of improvement, ie a CSIP.

Projects need to be resourced: the successpotential of your certification project willbe improved if you get this stage right. Itis no secret that projects are often seen tohave failed because objectives werepoorly defined, expectations wereunrealistic or resources were inadequate:you need to avoid these common failings.You must also remember that the generalaudit requirement of three monthsrecords is likely to be required and willneed to be established as evidence ofcompliance. This might be an appropriatepoint to think about integrating theBS15000 project with other qualityinitiatives eg Six Sigma, BalancedScorecard etc. These integrate well withprocess based organisations and canprovide a significant contribution to theevidence required during the Certificationaudit.

The Role of Management Mustn’tBe Forgotten

As a final word, do not overlook themanagement requirements. It is temptingto focus on the processes alone becausewe understand them and evidence can begathered relatively easily but themanagement requirements are central tosuccess. These areas can be hard to assessbut they are fundamental in establishing aculture of quality management byillustrating sustained commitment. Theseareas will be responsible for maintainingand improving standards over time,which will be critical to maintaining theCertificate. This is best demonstrated byidentifying an overall “owner” for theCertification programme, perhaps anexisting Quality Manager (QM), and anoverall Service Delivery Manager(SDM). Each role has specificresponsibilities: the QM for providingobjective internal quality audit serviceswhile the SDM for the process element ofservice provision.

Achieving a defined standard ofperformance is never easy and shouldn’tbe so. The points that I have raised willhopefully help to ease the path but therewill be work to be done, even if you arealready implementing ITIL-basedsolutions, but it will be worth making thejourney. �



Your Institute – The Way ForwardMonday 9th February 2004

Sean LewisSysop

A landmark date for the Institute ofService Management (ISM), as the firstever “members-only” event took place.The event was attended by around 20members of the ISM which given thatthis was our first ever event of this typewas felt to be a respectable number.Certainly no complaints could be made asto the input from the attendees, as a greatdeal of discussion and debate took placewith very positive results.

Colin Rudd, in his role as president, tookthe chair for the event and guided theattendees through the event agenda. Tostart the event with some positive newsattendees were briefed on the developingagreement between the BCS and the ISMfor each to become a trusted partner ofthe other. While still only in the earlystages of agreement, with a lot of thedetail still to be fleshed out, this shouldmean that membership of oneorganisation will be accepted as evidenceto support the membership requirementsof the other, reducing administrationoverheads of both the individual and theorganisation and will also lead to a closerworking relationship between the BCSand the ISM in the future.

The future direction of the ISM was thenopened to the floor using the businessplans as a reference, which generatedsome good ideas and suggestions fromthe assembled group. A popular choice ofdiscussion (as always) are the applicationform(s) that the Institute uses and thiswas picked up by the group. The feelingof the group discussion was that theforms do require a commitment of timeand effort to complete, even with theability to use the reduced format formwith a current CV. This commitment wasfelt to be important as it created the“baseline” in terms of the experience and

skills of the individual and was animportant means of helping and beingable to give advice on the members’development and driving the CPDprocess. The outcome was a consensus offeeling that it was a case of short-termpain for a long-term gain.

The Institute’s CPD scheme is certainlyone of the most popular benefits of theInstitute for its members as was shown bythe interest in this area. Discussions onhow the Institute was developing thisscheme led to some good ideas andsuggestions being generated on how theInstitute can further develop the CPDscheme as well as the mentoring. As aresult of these discussions and ideas it islikely that the next Institute event will usethis as its theme, so watch this space andthe web site for further information.

The Institute is involving itself with e-skills UK on the development andupdating of the skills framework for theinformation age (SFIA) alongside otherprofessional bodies. It is hoped that thiswill mean that the specific roles and skillsof service management are identified andincluded into this framework. Thisframework will in turn influence thequalification areas like NVQ’s, B/TECand higher education qualifications.

It was suggested at the event that theInstitute needs a “strap line” in order tohelp promote itself and its purpose and afew suggestions were made withoutunfortunately firing the imagination ofthe event attendees, so it was suggested

that a larger audience may be able togenerate some better ideas. Therefore ifanyone does have any ideas for Institutestrap lines please send them to us viaemail to [email protected] with thesubject of “ISM strap line”. We may beable to offer the best suggestion a smallprize, as well as the recognition of beinga suitably clever individual.

Advertising the ISM and promoting itsbenefits to the wider business communitywas also a large subject of discussion. Itwas agreed that we need to target therecruitment and human resource elementsof the business community in addition tothose already involved in the main fieldof Service Management. A campaign totackle this issue is being planned, but itwas also suggested that some form oftargeted advertising outside of servicetalkinto associated trade press and journalsmay also reap some rewards. If anyreaders of this article are involved with oraware of any publications that you thinkwould be suitable then please send us therelevant names and contact details andwe will follow these suggested leads. Anysuggestions via email please [email protected] with “AdvertisingISM” as the subject line.

The future of these events was discussedby the group and it was felt that holdingthese events quarterly was about right interms of the time gap and that schedulingthe events to take place from 4pm toaround 8pm was also about right. Thenext two events should then take placearound May and August time, and furtherannouncements will be made closer to thetime as the dates, venues and topics forthese are further firmed-up.

For the full list of current members seethe web site www.iosm.com. �

Institute New MembersName Organisation StatusBarry Corless Sysop MemberMichelle Hales Homebase Member

Christian Nissen Post Denmark A/S

(Royal Mail Denmark) FellowRonnie Coles Nuffield Hospitals Practitioner

Jonathan Traer-Clark Icore Ltd Member

Name Organisation StatusNeil Battell Fox IT MemberNeil McCarthy Gartmore Investment

Management Member

Phillip Ives Yell MemberJeremy Nuttall Schlumbergersema Practitioner

Brian Broadhurst Fox IT Ltd Member


itSMF announces BS15000Training and QualificationIan WhyteBishops Beech LtdVice Chair of the itSMF Certification Committee

itSMF are the owners of the BS15000Certification Scheme and arecommitted to the further developmentand promotion of BS15000.

There has already been significant world-wide interest in the Scheme, and coupledwith that there has been considerabledemand for training courses. In responseto this, and to support further the take-upof BS15000, the itSMF havecommissioned courses aimed at threedistinct audiences:� external auditors working with

Registered Certification Bodies(RCBs)

� internal auditors with organisationsseeking to adopt BS15000

� consultants giving advice toorganisations preparing for BS15000

Training ObjectivesThe objectives of the training are toensure that delegates are sufficientlyknowledgeable about BS15000 so that, inthe case of external auditors, they willadd value to audits which they arecarrying out against the standardwhereas, in the case of internal auditorsand consultants, they can help organis-ations make preparations for adoption ofthe standard, eventual audit, certificationand ongoing compliance with it.

The training will also prepare delegatesfor an examination held at the end of thecourse, success in which results in theaward of an itSMF BS15000qualification.

The details of the qualification structureare still being worked out but onepossibility is that there could be threelevels of award – one for itSMF BS15000Auditors, one for itSMF BS15000Internal Auditors and one for itSMFBS15000 Consultants with the particularaward depending on the course attended

and the delegate’s supportingqualifications and experience.

Training OptionsThe training options being madeavailable are a two-day course and athree-day course, the choice dependingon the objectives of the delegate.

The two-day course is specifically forexternal auditors currently qualified toaudit against ISO9000 (specifically in theIT sector) or BS7799-2:2002 andassumes a thorough knowledge of audittechniques. It is primarily focussed onorientating existing auditors to therequirements of BS15000.

The three-day course is aimed at internalauditors preparing to adopt BS15000, andconsultants wishing to give advice in thisarea. This training is more general thanthe two-day option and whilst knowledgeof audit techniques is helpful, it is notcurrently a pre-requisite.

ITIL qualifications, whilst obviouslyhelpful, are not a pre-requisite for eitheroption. There are of course manysimilarities between ITIL and BS15000but the emphasis of BS15000 issomewhat different and it containsseveral areas which are not addressed inITIL, hence the need for a more focussedapproach.

The SyllabusThe syllabus for the two-day externalauditor course is intended to cover areassuch as:� The background to BS15000, where it

came from, similarities with ITIL� The itSMF Certification Scheme, the

role of the RCB, Scheme regulationsand operation in practice

� BS15000 terminology, the processobjectives and interfaces betweenthem

� Application of the requirements of thestandard in the real world

� Scoping issues such as what type oforganisational structure is likely tomeet the requirements, what degree ofoutsourcing is allowable, dealing withmultiple locations, etc

� An overview of typical ServiceManagement tools in use

� A BS15000 Auditor examination

The three-day training for internalauditors and consultants will cover theabove, although the emphasis is changedslightly, and will also address areas suchas:� Starting off the project� What is involved in planning to meet

the requirements of BS15000� Techniques for conducting a gap

analysis against BS15000, to establishwhere we are now and how to get towhere we want to be

� The importance of staff andmanagement commitment to theproject – not just at the start butthroughout and continuing into thefuture

� The relationship between theorganisation and the RegisteredCertification Body

� Where consultancy stops andcertification starts

� Planning and preparing for theBS15000 audit

� Ensuring the standard continues to bemet into the future

� A BS15000 Internal Auditor/Consultant examination

Dates for public courses will be notifiedin servicetalk and on bothwww.itsmf.com andwww.bs15000certification.com.

In-house courses can also be arranged,and further details can be found byfollowing the links on these sites. �




Firstly, I’d like to complement you onthe last issue – it looked different and itfelt different. I was particularlyimpressed by the inclusion of thechallenging article by Neil McBridefrom De Montfort University. Withsuch a provocative argument it wouldbe fantastic if you could include aregular letters page allowing feedback.I submit the following in optimisticanticipation.

This article attempts to shake the veryfoundations of Service Management,confronting its reason for existing andadvocating (if I’m reading it correctly) areturn to the chaotic and anarchistic dayswhere finding high systems availability,business alignment, cost control andprompt quality service were as likely asdiscovering WMD in Iraq or the Beagle 2on Mars. It will make every ServiceManager step back and think – but notfor long.

Perhaps De Montfort University users arelaid back and can wait until the ITServices Department ponder andhypothesise over innovative ways todeliver services but today’s businessescan’t. The demand for 24x7 IT servicesfrom ever more complex applications andinfrastructure requires a high degree ofdiscipline and best practice. The authorsuggests that best practice and standardsstifle innovation – this is not the case. Ifanything, the adoption of SM promotes itby providing more time and resources tobe focused on service improvements.What most IT organisations want is to betrusted by the business, to be seen as“value added” and not as a cost. Thissimply can’t be achieved in today’s worldwithout continually improving reliability,customer satisfaction and earning respect.This opens doors and promotescollaboration between the Business andIT. Indeed, after time the barriersbetween them disperse and IT become afully paid up member of the business,

contributing equally to the desires andobjectives of the company.

There is also another issue to consider –some aspects of infrastructure arebecoming commodity. As UtilityComputing gains acceptance, sections ofinfrastructure will be honed down to thepoint where they will be treated, as Neilsays, just like a telephone. There isabsolutely no point in waisting timetrying to work out how to get acompetitive advantage from thesecomponents. But Service Managementmust nevertheless be applied irrespectiveof whether these services are in-house oroutsourced.

So is Service Management a Strategy?Absolutely. Without getting bogged downin semantics a strategy is to executeagainst a plan in order to achieve aspecific goal. So you can take your pickon what business goal SM may fit into(reducing bottom line costs, customersatisfaction, e-commerce services).

Can Service Management provide acompetitive edge? Yes. The theory thatSM’s value or “ITIL/BS 15000compliance” will become valuelessbecause everyone will have it issimplistic in the extreme. Given that itcould take several years to achievecompliance those that have it or are welldown the road will already be enjoyingits benefits. Also consider what willhappen if the big players in the B2Bsupply chain demanded BS15000 orBS7799 certification. Many pundits

would argue this is coming soon as moreand more companies review theirsuppliers for IT stability and security. Inthe US, the Sarbanes Oxley Act, areaction to corporate scandals is forcingcompanies to review fiscal, IT and ethicalprocedures. Cobit and ITIL have neverbeen in such demand to help ensurecorporate compliance. Imagine yourcustomer base disappearing overnightbecause you could not prove you had aIT service continuity plan or because youcould not guarantee you had theprocedures to deal with a denial orservice attack. If you can’t provecontinued operations in adverseconditions why should your customer putthemselves at risk.

On a softer issue customer service fromIT is an underestimated but significantworkforce morale booster. It serves toemulate and contribute to the company’sculture. Happier staff are more positiveand more productive. Consider theopposite – “If IT can’t give me a reliableservice why should I be so concernedabout the quality of my work, I onlymake this widget that goes somewhere onthe undercarriage of a large commercialaircraft”.

Is there a need for innovation? Of course,but this runs happily alongside ServiceManagement disciplines. Service LevelManagement and Service ImprovementPrograms act as the feeds for innovationand the introduction and maintenance ofvalue added services. Change andRelease Management will ensure thatthey are delivered to the business in thecorrect manner without riskingcontinuing operations.

[Ed. We are delighted to receive and printresponses to articles, etc published in themagazine. We have attempted to have a letterspage in the past and will continue to do so – itmerely requires some provocative and thought-provoking articles and some willingcorrespondents! We try to encourage and providethe former – over to you!!!]

servicetalkfeedback/letter

Alan DrewettHead of European Technology

Bausch & Lomb

People on the MoveFox IT are delighted to announce that Richard Stinton has joined as Business Development Manager for HP Openview fromBMC Patrol and Mark O’Neil has joined as a Senior Consultant from the Post Office and CSC Prism Alliance.

A previous Student of the Year and Service Manager of the Year, Geoff Thirlwall, has left Diageo to start his own consultancypractice, Bossman Swan.

16 servicetalk Issue No. 66 April 200416 servicetalk Issue No. 66 April 2004

BS15000: Past,Present and FutureDr. Jenny DugmoreConnectSphereChair, BSI Service Management Group

� Planning and implementing servicemanagement processes

� Planning and implementing new orchanged services

� The 13 processes shown in Figure 1

The standard is in two parts. BS15000-1is a formal Specification that defineswhat is required for service managementprocesses to reach best practicestandards. It is against Part 1 that auditsare performed. BS15000-2 is asupporting Code of Practice thatdescribes best practices and by doing soexplains the requirements of Part 1. It isnot itself part of the requirements.The standard is part of the BS15000series, which includes a Self-AssessmentWorkbook and a Management Guide toService Management.

The origins of BS15000The standard was produced by the BSI’sService Management Group. This groupconsists of industry experts representinga range of organisations and professionalbodies, with practical understanding ofservice management.

This BSI group started work in the dim

and distant 80’s, initially producing acode of practice covering four coreprocesses. This was replaced in 1998 by asecond edition covering the 13 processesshown in Figure 1.

At this stage attention was directed toproducing the standard now referred to asBS15000. The first edition of BS15000was published in 2000. At the same timethe group also published the IT ServiceManagement – A Self-AssessmentWorkbook (PD 0015). The workbook isused to check the quality of servicemanagement processes.

As well as the BSI group manyorganisations have been involved inreview and testing the BS15000 series.Thanks for this work are due to theorganisations in Figure 2.

The role of “Early Adopters”It was agreed that the BS15000 seriesshould be tested before a certification

The first BS15000 auditsThe first successful BS15000 audits,done under the official itSMFcertification scheme, have beencompleted.Moving to ISOThe BSI has accepted the businesscase for BS15000 to become anInternational standard. This change issubject to agreement by othernational standards bodies and ifagreed is expected to take 18 months.

What is this “BS15000”?BS15000 is the world’s first standardspecifically aimed at ServiceManagement. It is published by theBritish Standards Institution. Thestandard defines the features of servicemanagement processes that are essentialfor delivery of high quality services.BS15000 is based on the knowledge andexperience of experts working in servicemanagement.

BS15000 covers:� Scope of service management� Terms and definitions� Requirements for a “Plan-Do-Check-

Act” management system


Issue No. 66 April 2004 servicetalk 17Issue No. 66 April 2004 servicetalk 17

scheme was developed. This was donewith the support of the “Early Adopters”,16 organisations who provided valuablefeedback based on actual use ofBS15000.

The Early Adopters views can besummarised as:� Realistic as a broad minimum� Fair, understandable and consistent� More specific than ISO 9000� Provides a suitable benchmark

During this test stage feedback was alsosolicited from professional auditors,quality expert, operational servicedelivery managers and practitioners.Following improvements based on thefeedback the BS15000 series was re-published in 2002.

A Management SystemThe major improvement was the additionof the “Plan-Do-Check-Act”methodology. This aligned BS15000 withmanagement system standards such as

ISO 9000. This is shown in Figure 3.“Plan-Do-Check-Act” crosses all servicemanagement process. In practical termsthis means that BS15000 requires morethan a high standard for individualprocesses.

It is also essential to have seniormanagement commitment, servicemanagement plans and policies, clearprocess ownership, for the individualprocesses to be integrated, and withinterfaces clearly defined and wellunderstood.

At this stage a Managers’ Guide toService Management was published. Itincludes practical details such as the

symptoms and causes of inadequateservice management. It helps managersunderstand the benefits of implementingthe processes.

The Self-Assessment Workbook was alsoupdated to keep in step with the BS15000standard.

Who is the standard for?The standard is of use to all serviceproviders, but in particular IT serviceproviders. As BS15000 is process basedthe requirements are independent oforganisational form, and can be used bylarge and small organisations, across allsectors. It applies to commercial serviceorganisations as well as in-house serviceproviders.

BS15000 business benefitsMany companies are using BS15000 notonly for their own benefit but also to helpqualify and choose suppliers and partnerorganisations.

Is BS15000 right for your organisation?Will it bring you business benefits?BS15000 is not a panacea for all qualityissues but can bring a wide range ofbusiness benefits, even when servicemanagement processes fall far short ofBS15000’s requirements.

The benefits include:� Alignment of business strategy and IT

services� A framework for existing service

improvement programmes and assistsin building the business cases for newprogrammes

� Shows how your service reallycompares to best practices and best inbreed service providers

� Helps management by requiringownership and responsibility at alllevels

� Common inter-enterprise operationalprocesses, giving easier managementacross a diverse environment, withinter-changeability of staff andservice providers

� Reduced risk and thus reduced cost inusing external service arrangements

� Assists with major organisationalchanges, such as mergers, byproviding a standard approach acrossthe new organisation

� Reliable, consistent and cost-effectiveservices, giving competitiveadvantage

� Improve overall reputation andperception of IS.

� Shift the balance towards proactiveprocesses

� Improves inter-departmentalrelationships by giving clarity on“who does what” and common goals

� A framework for staff training� Framework for automation of service

management

In a Gartner research note (GartnerStrategic Planning, SPA-13-3434,Research Note, S. Mingay, M. Govekar, 4March 2002) the standard was reportedas a major step toward IT ServiceDelivery becoming mature and stablewith a level of cross enterpriseconsistency.

Gartner also predicted that internationalrecognition or an international equivalentwas needed for the standard to achievefull potential. This is now happening,with active take-up of BS15000 outsidethe UK and support for BS15000 tobecome an international standard.

BS15000 and ITILFollowing a concordat between the BSI,Office of Government Commerce anditSMF, BS15000 and ITIL were aligned.The alignment of BS15000 and ITILdoes not mean you have to choose one –they are not interchangeable and servedifferent purposes:� ITIL sets out the best practices that, if

adopted, would assist an organisationto achieve the quality of servicemanagement required by BS15000.

� BS15000 sets the standards thatservice management processes shouldaim for, and objectively tests that bestpractices really have been adopted.

�

18 servicetalk Issue No. 66 April 200418 servicetalk Issue No. 66 April 2004

The relationship between the two sets ofpublications is shown in Figure 4.

The others?Increased maturity in the service industryhas seen an explosion in the productionand use of best practice advice, capabilityand maturity models and standards. Thisincludes not only ITIL but many others:TQM, Six Sigma, CobiT, EFQM, eSCM,ISO12207, BS8600, ISO15505, COPC-

2000, ISO15288, to name just some.There are many examples of proprietary

material. Useful ideas andtechniques for service andprocess improvements areavailable from these otherpublications.

Experience has shown that itis beneficial to align servicemanagement improvementsto the initiatives adopted inyour organisation. The keydistinction betweenBS15000 and otherpublications is that BS1500is a management system thatis specific to service

management processes which checks:� are you doing the right things?and� are you doing them correctly?

Some organisations use a ‘bottom up’approach to adopting best practices, thiscan lead to duplication of effort, gaps andoverlaps in processes. Implementing

BS15000 requires a “top down” approachthat checks and eliminates these failings.Applied properly BS15000 will helporganisations achieve significantimprovements without wasting resources

The itSMF Certification SchemeClaims to comply with BS15000 can beindependently verified as part of a formalcertification scheme. The itSMF createdand now manage the official CertificationScheme which provides thisindependence. �

How and where to buy the BS15000seriesThe publications can be obtained fromthe BSI.Visit: http://www.bsi-global.com.itSMF are also a distributor of theBS15000 series.Visit http://www.itSMF.com[And of course members are entitled todiscounts!]Extracts from BS15000 series materialare reproduced with the permission ofBSI under license number 2003DH0285.


�

Regional ReportsitSMF Regional Groups provide a vital link with our members. Their regular

meetings offer the chance to discuss issues of current concern and to networkwith fellow professionals. These reports illustrate the importance of the groups.

London & South EastBeaty TyrrellAbbeySt Valentine’s day often prompts thoughtsof cards and presents, bought or to bebought, and how this might affect ourcurrent relationship. Therefore the themeof ‘Relationships’ was an apt choice forthe seminar held on St Valentine’s eve,13th February 2004, and hosted by Abbeyat their Head Office in Triton Square,London.

Ken Goff (Prudential), Chairman of theRegion opened the event by explainingthat, unlike a seminar day, this was a dayfor the attendees to participate, anopportunity for members to network andexchange experiences and develop ideasbased on the theme of the day –Relationships – What are they? – Whyare they important? – What are yourexperiences?

This was followed by a brief welcomingspeech by Linda Chapman on behalf ofthe hosting organisation Abbey.

Ken returned to the floor to provide anitSMF update, which includedinformation on new itSMF chapters, theMarch Seminar and Annual Conference.

The initial presentation was given by SueSouthern (of Southern Assignments) whointroduced the subject of Customer /Supplier Relationships, coveringmatters such as Relationship Issues, theimportance of Perception Management,the concept of the Balanced Scorecardand the Kano Model. This presentationprompted many questions and led to alively discussion of topics ranging from –Who is the Customer? – through – AreSenior Managers more interested inprojects than Business as Usual Activity?– to – Is there a perception that peopleinvolved in support and delivery activitiesare lesser beings than Project Managers?

Paul Simpson then provided aninteresting insight as to how Abbey hasaddressed the issue of InternalRelationships. The presentation detailedhow different initiatives had beeninstigated within different areas of thecompany in order to foster understandingand improve relationships. The initiativeswere tailored to each of the relationshipareas, as there was an understanding thateach area would have different views,perceptions and expectations. Againdiscussion followed on a variety of topicsincluding the need to promote ITILAwareness outside of ServiceManagement areas in order to gain some‘buy-in’, as well as how internalpresentations, mentoring and learninggames can be used to maintain anappropriate ongoing level of awareness instaff that have undergone formal ITILtraining.

Following lunch Jane Curry (Exel)started the afternoon session by speakingabout Business Relationships. The basisof her presentation was, ‘Do we needRelationship Management and what isthe impact of not having it?’ Jane hasbeen involved in developing an effectivebusiness relationship from a poorfoundation and was able to provide theaudience with details of her experiencesin the areas of appropriatecommunication, hidden agendas andunderstanding the culture of thecompany. The fact that this period isnormally deemed the ‘graveyard’ slotseemed to have slipped the audiencesmind and yet again there followed aperiod of interesting discussion coveringtopics from, how to supply yourcustomers with the appropriate facts, tothe management of OLA’s.

The last session of the day was begun byMike Askew (Atkins Global), whopresented on the topic of Third-PartyRelationships. The presentation detailed

a case study based on multi-partyrelationships and what lessons werelearnt. How, in spite of SLA’s havingbeen agreed with all parties, there canstill be underlying discontent resulting instrained relationships, which needs to becontinually monitored and addressed.Also, how it became evident that ifmembers of the consortium have asimilar service offering, it is not alwayspossible to eradicate the naturalembedded competitiveness that existswithin the individual organisations. Alively floor debate followed coveringissues such as the importance of sharingboth work and rewards, the need toreduce overlap of expertise and theimportance of attaining a workabledynamic within group relationships.

Finally, Ken brought the day’s event to aclose, thanking everyone for theircontribution and thought provokingdiscussion. Roll on St Valentine’s Dayand a better understanding of theimportance of making relationshipswork!

ScottishCaroline DrummondFMSIan French of FMS and the ScottishitSMF Regional Chair welcomedmembers to the event at The Holiday Inn,Glasgow on 16 February 2004. He thenoutlined the format for the day’s eventsand introduced Jon Efford and ZoeArmstrong representatives from Abbeywho were sponsoring the event.

The first part of the meeting took theform of a presentation by first of all IanFrench followed by Ian Whyte (BishopsBeech Consultancy). They presentedaround the topic of IT Reporting toBusiness Teams. Ian French began withsome background information abouthimself and then discussed the mainissues surrounding the collection of


information and presentation of servicereports. The following questions wereused to examine this subject:� What do we need to supply?� Are statistics really any good?� IT meets SLA’s but does it meet the

Business?

Reporting is dependent upon theenvironment in which the companyoperates and the type of services which itoffers. In order for reports to add valuethere should be frequent discussions i.e.monthly or quarterly between thecustomer and supplier to review thesereports. The nature of the reports that areproduced will depend on an agreement,which is usually included in the contract.All meaningful reports will contain amanagement summary which will includefor example the incidents that occurred,steps taken to rectify those incidents, keychanges, plans for the future and servicelevel reporting.

The first step to producing worthwhilestatistics is first of all to establish what itis that you’re trying to do and then lookat how the systems can help to achievethis. Statistics can be measured on bothhard subjects (availability) and softsubjects (training). Unfortunatelystatistics are open to interpretation. Thispresents a problem in that there is a highprobability that these statistics will beinterpreted wrongly. Statistics help tounderstand performance, continuousimprovement and planning.

Service Level Agreements (SLA’s) areoften constructed and agreed in advanceof the service being available. It isimportant to:� Review SLA’s for achievement� Review SLA’s for relevance� Review them in the context of the

impact on the business.

Building a good relationship with acustomer is important, and puttingachievement into context is essential tounderstanding how IT provides addedvalue to the business.

Ian Whyte then took to the floor to talkabout IT reporting in relation to therelevance of measurement and statistics.He covered the following points:� Under the current BS15000 standard,

IT Reporting is a process in its ownright.

� Reports should be fit for purpose.� SMART – Specific, Measurable,

Achievable, Realistic, Time-bound.� Where service fails to satisfy

expectation then a penalty charge mayapply. This should be reviewedclosely prior to entering into anyagreement.

This was an informative presentation thatgenerated discussion and feedback fromthe other attendees.

John McDermott from itSMF provided anupdate from the office of newdevelopments in publications andmentioned the prospect of a new EventsManager post. He then facilitated adiscussion on the issues, which wereraised during the presentation and askedfor some suggestions for future seminartopics. Ian then summarised and thankedthose involved for their efforts inorganising the event.

We then retired to lunch where theHoliday Inn had provided an excellentmeal enjoyed by everyone! The eventprovided useful information for allinvolved and provided an excellentopportunity for networking. Our thanksagain to Abbey for sponsoring the event.

East Anglian & MidlandSarahWhittakerComputacenterFor the January meeting of this regionalgroup we were again welcomed byNorwich Union. Jim Davies our regionalchairman opened the day by welcomingthe 26 members attending and introducedthe agenda for the day.

For the morning myself, Jim, and DaveBackham of Microsoft, ran a facilitatedworkshop around the topic ‘How can weput into practice the guidance in the newpublication, Planning to ImplementService Management?’ I don’t think anyof us could put hand on heart and saywe’d read it from cover to cover! Manyof those present were however finding ituseful to dip into when required as apoint of reference.

We discussed questions such as, Howuseful and relevant is the book? How dowe get the positive involvement ofcolleagues and user-customers? Which ofthe disciplines should we tackle first?

And how ‘pragmatic’ is Appendix E inreality?

These workshops generated so muchmaterial that we plan to refine andcondense it into the discussion topics forthe next group get-together.

In the afternoon each of the 3 groups hada different subject to brainstorm and thenpresent back to the others. These were,Reasons for Implementing ITIL, Howcan we sustain interest in ITIL? AndWhat should you Implement first?Some reasons for implementation high-lighted were, it’s accessible, adaptableand credible within the industry. Thefavourite choice to implement first wasthe Service Catalogue.

We were particularly keen for feedbackon sustaining interest, as this ties in withthe theme of the 2004 conference.Annelise Savill from TSO was able tomake us aware of just how much new andrelevant material they are able to providein order to assist in keeping up with themarket. Their new website www.get-best-practice.co.uk is firmly focused onbusiness success both in ITSM andProject Management. Customers cansubscribe to have access to OGCmaterial, glossaries and information ontraining organisations. Both easy to useand practical, it acts as a usefulspringboard to best practice.

John McDermott was also on hand togive us an itSMF update. Each large ITILbook will have its own pocket guidereleased by March, and the large booksare expected in various languages duringQ2. We were again encouraged to join theInstitute of Service Management, whichoffers professionals within this industrythe opportunity to have their abilitiesproperly recognised. The forthcomingconference will again be held at theBrighton Metropole from 8-10November, and submissions forpresentations are now being requested forthis. John reiterated the fact that this isour forum and if anyone would like tocontact the itSMF with requests for futureseminar topics these would be happilyreceived.

Thanks again to Norwich Union forsponsoring this event. The next regionalmeeting will be held at Marval’sheadquarters in Kettering on 7 April. �


itSM

F Co

nfer

ence

Del

egat

e Bo

okin

g Fo

rmFA

X B

AC

K T

O +

44 (0

) 870

706

153

1B

OO

K O

N L

INE

– w

ww

.itsm

f.com

Pri

ces

(exc

ludi

ng V

AT

):B

ooke

d B

efor

e 30

th A

pril

04B

ooke

d be

fore

31st

Jul

y 04

Boo

ked

afte

r 1st

Aug

ust

04M

embe

rs£7

95£8

45£9

95N

on-m

embe

rs£1

020

£112

0£1

320

Sund

ay n

ight

acc

omm

odat

ion

can

be b

ooke

d at

a c

ost o

f £5

2.50

sin

gle

and

£93.

50 w

ith

part

ner.

(P

rice

s ex

clud

e V

AT

)

Ple

ase

indi

cate

the

num

ber

of S

ingl

e an

d/or

Dou

ble

room

s yo

u re

quir

e fo

r S

unda

y ni

ght

____

____

____

___

For

enam

e___

____

____

____

____

_Su

rnam

e __

____

____

____

____

__Jo

b T

itle

___

____

____

____

____

__E

mai

l: _

____

____

____

____

____

___

Par

tner

s N

ame

____

____

____

____

___

For

enam

e___

____

____

____

____

_Su

rnam

e __

____

____

____

____

__Jo

b T

itle

___

____

____

____

____

__E

mai

l: _

____

____

____

____

____

___

Par

tner

s N

ame

____

____

____

____

___

For

enam

e___

____

____

____

____

_Su

rnam

e __

____

____

____

____

__Jo

b T

itle

___

____

____

____

____

__E

mai

l: _

____

____

____

____

____

___

Par

tner

s N

ame

____

____

____

____

___

For

enam

e___

____

____

____

____

_Su

rnam

e __

____

____

____

____

__Jo

b T

itle

___

____

____

____

____

__E

mai

l: _

____

____

____

____

____

___

Par

tner

s N

ame

____

____

____

____

___

For

enam

e___

____

____

____

____

_Su

rnam

e __

____

____

____

____

__Jo

b T

itle

___

____

____

____

____

__E

mai

l: _

____

____

____

____

____

___

Par

tner

s N

ame

____

____

____

____

___

Com

pany

___

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

__

Add

ress

___

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

___

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

__

Pos

t C

ode:

___

____

____

____

____

_

Mai

n co

ntac

t N

ame:

__

____

____

____

____

____

____

____

____

_ e

mai

l __

____

____

____

____

____

____

____

__ T

el N

o. _

____

____

____

____

____

____

Fax

No

____

____

____

____

____

____

____

(Ple

ase

tick

app

ropr

iate

met

hod

of p

aym

ent)

Che

que

for

£ __

____

____

enc

lose

d �

P

leas

e se

nd a

n in

voic

e qu

otin

g P

urch

ase

Ord

er N

o __

____

____

____

____

____

_ �

a

ddre

ss (

if a

lter

nativ

e to

abo

ve p

leas

e st

ate)

Ple

ase

mak

e ch

eque

s pa

yabl

e to

IT

SMF

Ltd

.

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

____

___

Ple

ase

Deb

it m

y cr

edit

/deb

it c

ard:

expi

ry d

ate:

__

__/_

___

issu

e no

: __

__

card

hold

er’s

nam

e __

____

____

____

____

____

____

_

We

acce

pt V

isa/

Mas

terc

ard/

Del

ta/S

wit

ch p

aym

ents

onl

y

Sig

natu

re:

____

____

____

____

____

____

____

____

____

____

____

____

____

____

__D

ate:

___

____

____

____

____

____

____

____

____

____

____

_

Ret

urn

your

boo

king

by

post

to:

itSM

F, W

ebbs

Cou

rt, 8

Hol

mes

Roa

d, E

arle

y, R

eadi

ng, B

erks

hire

RG

6 7B

HF

acsi

mile

:+

44 (

0) 8

70 7

06 1

531

Em

ail t

o:ev

ents

@it

smf.

com

For

any

enqu

irie

s pl

ease

con

tact

the

offi

ce v

ia th

e ab

ove

or b

y te

leph

one

on +

44 (

0) 1

18 9

2608

88C

ance

llati

ons:

Not

ice

mus

t be

rec

eive

d in

wri

ting

. 12

wee

ks n

otic

e –

full

refu

nd.

4-12

wee

ks –

50%

ref

und

. L

ess

than

4 w

eeks

– n

o re

fund

. Su

bsti

tuti

ons

may

be

mad

e at

any

tim

e.P

aym

ent

is s

ubje

ct t

o ou

r St

anda

rd T

erm

s an

d C

ondi

tion

s of

30

days

fro

m d

ate

of in

voic

e. W

here

pay

men

t is

not r

ecei

ved

wit

hin

our

30 d

ay p

aym

ent t

erm

s an

d a

book

ing

dead

line

has

bee

n pa

ssed

, an

addi

tion

al c

harg

efo

r th

e di

ffer

ence

bet

wee

n th

e bo

oked

pri

ce a

nd th

e ne

xt b

and

wil

l be

char

ged.

itS

MF

Mem

bers

hips

wil

l not

be

full

y ac

tivat

ed u

ntil

ful

l pay

men

t is

rece

ived

. T

here

fore

any

app

lica

ble

disc

ount

s w

ill b

e at

itSM

F d

iscr

etio

n.


“Broaden your Service Management Horizons”

Service Management SymposiumAN OPPORTUNITY TO NETWORK

18th – 19th May 2004Hellidon Lakes Hotel, Golf & Country Club, Daventry, Northamptonshire

Speakers will be talking about their real-life work experiences

� Service Management – The Business Benefit

� Improving Service Performance

� Change Program in a Global Company

� Outsourcing

� Customer Satisfaction

� Best Practice – A Different Approach

� Service Catalogue

� The benefits and role of the itSMF

� Business Continuity Management Life-Cycle

PRACTICAL WORKSHOPSCapacity Management & Service Desk

For an agenda or further information contact Linda CampbellTel: 0161 432 6001 or email [email protected] can accept payment by MasterCard, Visa, Switch, Solo and Electron cards

Due to rapid expansion we will be recruitinglecturers and consultants to join the team over the next few months.

Please email your CV to [email protected]

Guild House, 51 Yarmouth Road, Norwich NR7 0ETwww.ceceurope.com


Ask the ExpertsQUESTION 1My Service Desk is asking meto estimate the likely volume ofproblems and problem types which willarise following a software release.Given that the size and complexity ofthe release will change with eachrelease, is there a methodology orprocess available to assist me inproviding this information. What otheralternatives are available to help mein assisting the Service Desk?

ANSWER 1-1Colin Rudd, ITEMS LtdThe answer, as always, is it depends. Itdepends on the type of organisation, thequality and maturity of the processesused, the people involved and the qualityof information available. In matureorganisations the processes used aresubject to continuous improvementtherefore there should be an underlyingtrend of incidents and problemsoccurring as the result of softwarereleases.

However, in reality the only real answerto this question is to look back at pastexperience, and analyse what hashappened during and subsequent toprevious software releases, butunfortunately it’s not an exact science.However, if the Service Managementprocesses are mature and provide theright sort of information a lot can beachieved.

By regular analysis of the statistics fromprevious releases on a “service byservice” or “application by application”basis, the characteristics of each type ofrelease of each service or application canbe deduced, for example:� Every time we have a major release of

“Service Z” we experience a 30%increase in the number of ServiceDesk incidents for that service duringthe first week after the release

� Every time we have a minor release of“Application A” we notice very littleincrease the volume of incidents forthat application

However, as was previously stated in thebest organisations where the Problem

Management, Release Management andChange Management processes areanalysing measurements and metrics, thesituation is not a static one. The processeswould be working together to learn frompast experience and proactively improverelease by release, through betterdevelopment, testing, training,documentation etc.

ANSWER 1-2Sean Lewis, SysopProblem Management leaps to mind as aprocess that would help you to identifyand highlight these issues, particularlybased on problems detected in pastreleases. Even without problemmanagement having already performedan analysis of the Incident recordsfollowing previous releases, you maywish to do this as an exercise and may beable to generate some insights into thetype, volume and nature of problems youexperience with software releases. As it is your Service Desk who arehighlighting this, it would be a good ideato involve them in this and if possible“own” this activity. This informationwhile not perfect from day 1 will bemore meaningful in terms of your ownorganisation as compared to an industry“norm”. This would form your initialmeasurement on which you can furtherrefine and improve this information andyour own metric and reporting/analysison in the future. Be prepared for some ofthese issues to be based on breakdown ofprocedure as well as development errorsas this is a common area where releasescan be seen to generate problems from.

QUESTION 2Having passed the Foundation exam,how do I know that I’m ready to takethe Managers Certificate?

ANSWER 2-1David Johnston, DAJex LtdTry this mock exam question:“Configuration Management is a goodthing. Discuss.” If you can produce (in 35 minutes, longhand, closed book) a cogent and

informed answer which shows that youunderstand not just the theory and basicconcepts but can also show anappreciation of the practical issues facingthose who are to implement or operatethe function, then you are probably ready. Don’t forget that your answer should setout arguments for and against and comeup with a conclusion. As an aside, myview is that it is “A Good Thing” – butthere are a few respected players in theworld of Service Management (mostlyJohnny-Come-Latelys, I would add) whosay that true Configuration Managementis too ambitious, “get Asset Managementright first”, they bleat. “Have a bit ofvision, have faith and read the GoodBook”, I respond. Perhaps the hereticswould like to engage in a debate on theletters page?? I digress. Back to thequestion. Don’t forget that your answer shouldshow that you understand all the sub-processes and interfaces. It shouldalso form the basis of a business case –containing benefits, possible problems,options and an appreciation of the costsand resources involved. You should alsoaddress the cultural issues of acceptanceand the organisational changes that couldbe involved. Most importantly youshould say how ConfigurationManagement will benefit the businessgoals and improve customer service. Worth mentioning also the issues thatcould arise if you have outsourcedInfrastructure Management and parts ofService Management – how will thisaffect the situation? I seem to remember that back in the early90’s when Red Badges were blue all thequestions on my exam paper were a bitlike this one. These days the questionsare much more specific and based on acase study. Not really any easier orharder, just more explicitly designed tobring out the practical application andmanagement angle of ServiceManagement. If you are confident that you could dothis for all the disciplines then you couldbe heading for a distinction or the much-

�


coveted Student of The Year award. Ifthe question seems daunting – then doyour research. Read the books, trawl theinternet for white papers, but mostimportantly – understand how youdo Service Management in your ownorganisation. Be a nuisance. Find outabout the Business and ServiceContinuity recovery strategies. Visit theService Desk. Talk to the ProblemManager. Read your SLAs. Have a goodplay with your integrated ServiceManagement tool-set – if you haven’t gotone, what problems is that causing? Findout what your Release Managementpolicy is. Dig out all processdocumentation. Speak to the Head ofService Management about the overallStrategy and Framework.

Research BS15000 – is your organisationplanning to seek certification? Get holdof the project plan. Don’t stop there – goon a mission of discovery. Then compare everything you have seenwith what the Good Book says. What arethe strengths and weaknesses that youhave seen? Where are the gaps? Whatdo you think could be done about them? When you have got the bug and areobsessed with Service Management andservice quality then you are ready forgreater things. Go for it. The world ofService Management needs more RedBadges. ANSWER 2-2Colin Rudd, ITEMS LtdCongratulations and I think yourenthusiasm for Service Managementshould be welcomed and encouraged.The first thing you should do is toconsider joining the Institute of ServiceManagement. As you have now obtainedyour Foundation Certificate, if you haveat least one year’s experience in theService Management area, then you canjoin the Institute as a Practitionermember. This enables you to gain all ofthe benefits associated with membershipof the Institute such as:� Use post nominal letters after your

name (FISM, MISM, PISM, AISMand SISM)

� Attend Institute events and workshops� Join, network and consult with like-

minded Service Managementprofessionals

� Be involved in the Institute’s

Continuing Professional Development(CPD) scheme

Members of the Institute will help you todevelop your own CPD plan, geared toyour own skills, knowledge andexperience. Many of the members havefaced a similar dilemma to that which isnow facing you and would be happy toassist you in achieving your ambition ofgaining the Manager’s Certificate. Manyof the members already have theManager’s Certificate, some havingpassed it years ago and some having onlyrecently achieved it, any of whom wouldbe ideally placed to provide advice andguidance to someone such as yourself.Further information is available from theInstitute’s web site at www.iosm.com.

ANSWER 2-3Sean Lewis, SysopWhen is a person ready to take theManagers Certificate? I could argue thatthe answer to that is, Never! Perhaps abetter way of stating the question mightbe – how can I make sure that I am readyto take the Managers Certificate. The Managers Certificate is based very much on the belief that delegates shouldbe a manager or should have their nextcareer step into management. This initself assumes that the person has a goodunderstanding of management issues,such as people management, projectmanagement, supplier management,financial issues and constraints etc. Thisbackground knowledge of managementissues is an assumed pre-requisite of thecourse itself and the course will draw onthis experience and further develop thecandidates knowledge, but does notexpect to teach these concepts as a part ofthe course itself. Would you feelcomfortable in being able to give apresentation to a CEO or board and feelconfident in being able to speak to themin their own language? One of the biggest dangers with theManagers course is to focus on the twoweeks and two exam days as being thesole limit of commitment to the course. The courses are intensive and are VERYhard work and will probably requiresomething in the region of 6+ weeksworth of study which encompasses thesetwo weeks of Service Support andService Delivery, but the extracommitment of self-study and revision

work also needs to be factored in to theequation. For these two weeks you willneed to be prepared to make sacrifices interms of your social and personal life andhave the capability of spending a seriousamount of time on this commitment. Sodo you have time to give to this amountof study? Refer to the article aboutattending a Managers course, in an earlieredition of servicetalk by Paul Wigzel ifyou doubt this statement. Before attending a Managers coursemake sure that you are ready toparticipate in a knowledgeable way aboutthe SS and SD topics, which meansbrushing the dust off the Foundationcourse you did and maybe even gettinghold of the SS and SD books themselvesand doing some pre-study if you feel thatyour knowledge is a little rusty or weakerthan you would like it to be. Do you feelyou would be able to talk about any ofthe disciplines in a confident andinformed manner? If you are lucky enough to work in anorganisation that has people who havealready gone through the Managers, askthem for their thoughts, advice andexperiences and then ask yourself – Am Iready for this? If the answer is yes to thisand the above then you are probablyready to take the Managers certificate.

QUESTION 3With so many patches / updates beingautomated by the supplier (for exampleWindows XP Updates or AV definitionupdates) how do I decide within whichspecific process(es) the activitiesassociated with the management ofpatches, fixes, bugs, applications and /or infrastructure best fit? Is this simplya function of Release Management orare there other considerations?

ANSWER 3-1Colin Rudd, ITEMS LtdThere are many processes involved in theimplementation of patches to operatingsystems, applications software and anti-virus definitions. The major ones being:� Release Management� Change Management� Configuration Management� Underpinning, technical support,

distribution and implementationprocesses and procedures

It is essential that all of the processes are

�


followed and all of them whereverpossible are automated and integrated.The whole process should be triggered byan incident, problem or a proactivepreventative action. Once the need hasbeen identified a change should be raisedwithin the Change Management process,often this step is an automated link fromeither an incident or a problem.

Once the change has been raised then thechange should be assessed for risk,impact and benefit and if deemednecessary should be authorised forbuilding and testing. This stage of thechange lifecycle relies heavily on thequality and accuracy of the informationcontained within the ConfigurationManagement Database (CMDB). In agood CMDB, relationships betweeninfrastructure components and theirrelative impacts will all be readilyavailable and the assessment activity canbe quickly completed.

For high volume routine or standardchanges “change models” should existthat automate as many aspects of thechange lifecycle as possible. Thesemodels enable these types of change tofast track through the system particularlywhere they are changes that areimplemented on a frequent and regularbasis. Again automated build techniquescan be employed together with pre-assembled “test beds” enabling rapid

testing of changes. Techniques can alsobe developed where the back-out plansfor such changes are also repeatable, butthey also need to be tested on a regularbasis. Once testing has been completedthen final authorisation will be neededfrom Change Management ensuring thateverybody is aware of what is happeningand that all communication,documentation and support is availablefor the new software.

ANSWER 3-2Sean Lewis, SysopAnswer: It depends. There, I’ve said it,so we can get that out of the way right atthe start. Release management inconjunction with Change and Securitymanagement should be able to define aworkable solution for an organisation. The main purpose of this activity that youidentify is risk management in particularin terms of a security hole beingexploited or an unknown error in yourlive environment occurring and causingservice disruptions. I find that there is a large amount of trustplaced in the quality control of thirdparties and suppliers who are providingthis sort of service, in terms of their owncontrols being sufficient that there ownprocesses are robust enough so that apatch/update of this sort will not effectmy live environment in any way. Historytells me that this is not always the case.

Best practice tells me to protect the liveenvironment as far as possible and tomanage risks that could cause disruptionto the best of my ability. With this inmind I would be very wary of allowingupdates to my live environment operateoutside of my change/release controls. Security management in an organisationwill wish to have the ability to ensure thatthese are done on very quick timescalesbut we also then have to be able to testand release these in a controlled manner -maybe in some form of test officefacility. Many vendors are nowproviding tools that can be used tosupport this type of strategy, which isgood news and means that this can becontrolled far more effectively. Some ofthis will be done through a formal releasemechanism whereas some may have to beimplemented under change control oreven during emergency change control,it’s the consideration of your organis-ational structure, approach to riskmanagement and the facilities at yourdisposal which will normally define thewho, why, where and how the necessaryactions are carried out. �

If you want to either:Add your views to the aboveJoin our panel of ExpertsThen contact:John McDermott at the office(t) 0118 926 0888(e) [email protected]

itSMF VendorsClarity Provided and Questions Answered

Chris Bradbrook-ArmitVendor Executive Committee Chairperson

It is not often that the Vendor communityof the itSMF is able to make anannouncement, which is not related totheir own company’s products andservices, but this is a rare occasion whenwe can.

The itSMF Vendor Guidelines have beenproduced by the Vendor ExecutiveCommittee in conjunction with theMarketing Executive Committee andAidan Lawes, the CEO.

The Vendor Guidelines provide answers

to those frequently asked questions fromthe Vendor community of ‘How do we goabout getting a specific service from theitSMF?’ or ‘What services are availableto us?’

Published on the itSMF website theGuidelines cover a multitude of areasincluding:� itSMF Services available to the

Vendor Community� Sponsorship� Participation from both the Vendors

and the itSMF

� Marketing Communications� Vendor Conduct

In recognising that the Vendor Guidelinesare ‘fluid’ and will no doubt evolve andbe refined over time (continuousimprovement), the most up to date andcurrent version will be displayed on theitSMF website.

Please take time out to review thedocument and provide any comments orfeedback through the itSMF office or via([email protected]). �


IT Physician Heal ThyselfandDon’t Let HR Pick Up IT’s Bad Habits?John GibertSouthcourt

Have you five minutes to read this?This is a prelude to the last in the seriesof seven articles on IT Physician HealThyself. It has been put in before thelast article, hopefully to provide a bitof light relief to readers of the series,which many people have found hardreading.

A business manager of a key functionwithin the operational part of the businesswas working at his desk, when a knock atthe door interrupted him. Swingingthrough the door was a smiling, suitedgentleman.

“Hello, I am your new HR AccountManager. It’s a new role and I am pleasedto meet you. I have come to see youtoday and tell you about the innovativeHR services that we are now introducing.You no doubt have seen informationabout them on notice boards – all part ofthe new proactive HR function!”

He was looking at the ceiling as hespoke, clearly practised, word perfect andwithout taking breath. “Now we have aset of new services which we areencouraging our customers to take up,that’s you, you’re one of our customers,yes? OK?”

He had now found a place on the ceilingto focus his eyes as he spoke. “Now thefirst one of these new HR services is theuse of low-cost, hard working peoplefrom Eastern Europe. We have justacquired a load of them and they are welleducated and have shown good attitude.We think that they have the potential toreplace some of the expensivesupervisory and junior management staffacross the company and in particular inyour department.”

The manager looked up and tried to

engage the eyes of the HR accountmanager as he spoke but the ceiling waswinning his attention. “Well, I don’tactually have a problem with my currentsupervisors or junior managers. I havejust managed to get them workingeffectively individually and as a team. Ithas taken me three years and I want toleave them just as they are.”

“Well I am sorry to hear that” replied theHR Account Manager. “You are missinga huge opportunity here to reduce yourlabour costs by 50%; the only alternativeis to outsource the work to Libya, yesLibya – that’s the latest opportunity andis yielding an 80% saving at present, butwe have not got an arrangement lined upyet to do that.”

The HR Account Manager continuedagain, still without taking breath, “Now itis HR policy to improve the efficiency ofthe Human Resource across the company,and I am afraid to say that we will stopsupporting managers who want to use theold high-costs labour resources. We areundertaking a rationalisation programmeto eradicate costs through innovative HRprovision and this service, we call it‘New Resources For Old, nick namedNRFO, is a key plank on our HRstrategy.”

“What do you mean you will stopsupporting managers?” queried themanager, now sitting so far forward thathe almost fell from his chair.

“Well what we mean is that we will stoppaying the staff involved, and you themanagers will have to sort that out withthem.”

The first moment’s silence was broken bythe manager who was now standing upasking, “Is there a downside with this HR

innovation, with what did you call it –NRFO?”

A slight pause for breath and aconsidered moment later, the HRAccount Manager replied. “Not as such –well not as we in HR see it. We just lookupon NRFO as an opportunity fordeveloping the new resources. TheseEastern European people will pick up theEnglish language and customs quickly,and we in HR, feel that within five yearseverybody will be looking back saying –what was the problem?”

The manager walked around his desk toface the HR Account Manager, “It’sgoing to take five years?”

“No less than five, we reckon probablyjust three years” the HR AccountManager was now smiling, he felt that hewas getting his message across and thathe was providing a level of reassurance tothe manager.

The manager leaned over the HRAccount Manager, “But that’s going tocause us problems! It is going to take usthree years to get back to where we aretoday, and what about our services to ourcustomers?”

The HR Account Manager retorted, “Wellit’s for the good of the company – in thelonger term there’s a 150% payback,that’s over 10 years, and NRFO is nowHR policy. ‘No gain without pain’, asthey say, and after all, you are a managerand you get paid a lot of money – to sortout things like this.”

There was a verbal expression ofdisbelief, as the manager recoiled backinto his chair.

The HR account manager carried on in

�


his own excitement, oblivious to themanager now sitting with his head in hishands.

“Now as your HR Account Manager Ineed to tell you about the other HRinnovations we are introducing. Webelieve they will differentiate us from ourcompetitors.”“I need to tell you about the ‘ExtendedMaternity Leave Scheme’ – XMLS – aswe are marketing it, where, if anemployee has any member of their familythat has had a baby, then they can take upto a year off, on half pay, to help.”

“And then there’s the ‘Staff ManagerSwitch Scheme’ – SMSS – as we haveabbreviated it, where members of stafftake over the department for a week andthe manager does the work of the staffmember. This will be very popular.”

“And then there’s the ‘Bring Your Pet ToWork’ scheme, that goes by the title, yes Ican see you have guessed it, haven’t you?– BYPTW. We are doing more than justextending our crèche arrangements. Petswill be with people in their work place.They are so calming at home that we

thought it would bring that calm to ourworking environment.”

“So that’s where we are, they are all HRpolicy, so you will need to know all ofthem in some detail because these are allbeing implemented this week”. But youhave the reassurance of having me asyour own personal HR Account Manager,to help you where I can.”

The HR Account Manager now lookedinto the eyes of the Manager for the firsttime and asked, “So what do you think?”

� � � �

The story is a bit far fetched – of courseit is – but can you draw the parallel withIT and the imposition of unwantedcounterproductive IT innovation on thebusiness? Just as the business is workingsmoothly with one set of informationtechnologies –along comes another set –things don’t work, things workdifferently and people are back to squareone – taking a year to get back wherethey were.

And whose fault is it? The IT industry for

not getting from the IT suppliers what thebusiness needs, which is frequently notthis year’s innovation, but the innovationof three years ago that is now workingwell.

The IT industry is still driven by the needto market IT innovation rather than justfind ways to help the business evolve inits competitive markets.

To do this IT needs to understand itsbusiness and the business processes, farmore than this year’s technologyinnovations. This is where ITIL shouldhelp IT take the Business Perspective andnot its own perspective of the businessworld.

Has anybody heard of HRIL? Our HRcompanions need it in the companyinvolved in the story above. �

This article was written by John Gibert ofSouthcourt as part of the IT PhysicianHelp Thyself articles, as a prelude to thelast in the series of seven articles that willappear in the next edition of servicetalk.Any queries or comments please contacthim at [email protected]

SLAs: An EvolutionThat Might Leave Darwinin a DazeBrian HendrySenior ConsultantAxios Systems

Remember when you first heard aboutService Level Agreements?

It may have been more than a decadeago, when the trade press had firmlydubbed SLAs as the NBT – the NextBig Thing. And no wonder.

For the first time, SLAs offered thealluring possibility of formalising anagreement to guarantee performance of

an IT function, such as networkavailability or desktop performance.

But after an initial buzz, SLAs were nolonger the thing of headlines and thecolumn inches were overtaken by otherIT fashions of the day. One may well ask– what went wrong?

Actually, the fact is that SLAs andmanagement of SLAs (SLM) have been

maturing steadily over the past decade,developing in line with the establishmentof ITIL, the internationally acceptedguidelines for best practice in IT servicemanagement. An increasing number ofcompanies have moved from talkingabout SLAs to actual implementation,across industries ranging from finance tomanufacturing.

What has changed, however, is the nature


of the SLA itself. The Service LevelAgreement of today is a very differentbeast from the SLA of 1993, and here’swhy.

First, let’s appreciate what the SLAactually is. At its core, it is a formalisedagreement between the IT function andthe business it serves. SLAs can bebetween outsourced technology providersand their clients but, quite crucially, theyalso cover the relationship between acompany’s internal IT function and thewider organisation. SLAs are aboutensuring that the IT infrastructure servesthe business function, and as thatinfrastructure has changed, so the SLAhas become a different animal indeed –and the evolution has occurred so quicklyit might leave even Darwin breathless.

From straightforward mainframe systemsconnecting dumb terminals to a hummingcabinet of powerhouse systems locked inthe basement, the corporate ITinfrastructure has rapidly transformedinto a frighteningly complex chain withmany more links…which of coursemeans more points of failure. Thedesktop PC links to a hub on the localarea network, the LAN may link to otherLANs and wide-area networks, includingintranets, extranets and the Internet. Allthe applications, hubs, routers, switchesand servers may make the IT managerthink fondly of the days when dumbterminals walked the earth.

Today the SLAs that we see in companiesare far more wide-ranging than in the olddays, and that’s precisely because IT isn’tlocked in the basement any more.Functionally, IT has moved into astrategic position at the very nucleus ofmodern business. When the end user’ssystem is down, he or she doesn’t carewhether it’s the PC, the local server, thetelecom network, the Web server or someother element that has failed. They justwant their system up again. This meansSLAs of today must be as wide-rangingas the IT function itself, covering not justa single function – such as networkavailability – but the whole gamut ofservices that IT supports.

We Don’t Need That Around HereIf SLAs are so wonderful, why isn’t anintegrated SLM programme already inplace in every business in the world? One

periods such as the end of the month orclose of the financial quarter.

Let’s Look At That AgainIs a company on the road to completeefficiency once it has identified thefunctions to be monitored and setrealistic targets for availability in itsSLA? The answer is no. All of the SLApreparation work will certainly be fornothing unless strict procedures are inplace for reporting and remedial action.Unless a company examines the areas inwhich its SLA is being violated, it can’tstart to look for the causes. It’s only bylooking closely at the areas that arefalling down that a company candiagnose the underlying triggers andreally start its process of continuousimprovement.

If a company wants to get into its stridewith its SLA and develop that culture ofconstant improvement, it must look atthese Service Level Agreements as part ofa deeper alignment of the IT functionwith the business function. Some veryimportant business benefits emerge whenthe IT people and the businessmanagement people have established thatdialogue – budgeting is just one of them.

For example, if management takes adecision that it wants to grow by 20%next year, what chance do you think ithas of achieving that goal if its networkresources are already operating at 90%utilisation? A company that has ServiceLevel Management as part of itscorporate culture will be communicatingits goals to the IT department. Thatmeans that IT can then look ahead,calculate what new people and systemsresources will be needed to provide for20% growth over 12 months, and thecompany can budget accordingly.

Looking back at what’s changed withService Level Agreements over the pastdecade or 15 years, what strikes me mostis how very much broader SLAs havebecome to cater for the maturing role ofthe IT department as a service provider.The IT department isn’t just providingboxes and software and cabling anymore. It has become – and I believe it isbeginning to see itself as – a real serviceprovider, catering to its customers, whoare its colleagues in the rest of theorganisation. �

reason is that IT managers themselvesmay look askance at SLAs, fearing thatthey’re just a sneaky management toolaimed at cutting costs, cutting jobs, orrooting out embarrassing inefficiencies in“the way we do things.” One of the firstthings that we at Axios Systems alwaystry to help companies realise is that SLAscan be empowering for everyone in thecompany. They don’t have to be a bigstick.

On a practical level, implementing anSLA entails looking at the key ITprocesses that must perform to a certainefficiency level for the business to runsmoothly. This process of examinationforges a new, open line of communicationbetween management and IT, becauseboth parties must clearly enunciate whatthe business expects of IT, and what theIT department can realistically deliver.

Some of the “gotchas”that can taint an

SLA implementationare when companies

do not setrealistic goals for

delivery of a service.

The functions that SLAs govern can varyhugely but they may include availabilityof key financial applications, responsetimes for incidents or help desk queries,or timing for delivery of hardwarecomponents. Part of the process ofputting in place a realistic SLA is not justidentifying what functions should bemonitored, but also negotiating whatlevels of availability can realistically beattained.

For instance, when first broaching anSLA, management may demand 100%availability of the accounting package.But following negotiation with IT – andafter hearing how much it will cost to get100% availability all the time –management may realise that 95% iscompletely satisfactory most of the time,and that 100% is needed only for crunch


The Top Five MistakesA practical guide to improving IT service deliveryDerek BrownManaging DirectorAvailable Systems LimitedOne of the biggest challenges for ITdepartments today is delivering highavailability of systems to meet the ever-increasing expectations of customers,both internally and externally. ITenvironments are complex in theirorganisation, approach and infrastructureand have to grow and change at a pace tomatch the rate of business development.Is it any wonder therefore that thingsfrequently go wrong and both sides endup disappointed and disillusioned!

Virtually any issue that has a detrimentaleffect on IT service delivery has animpact on the business as a whole. Frommy 30 years experience in the IT sectorthe top five issues which IT departmentshave to address to negate this impact are:� Poor understanding of the business

and customer relationships� Difficulties managing the quantity and

speed of change required by thebusiness.

� An inappropriate balance betweentechnology and process.

� Communication between developmentand service delivery is ineffective.

� Too much top-down focus on the “fire-fighting spiral” means serviceprotection, recovery and improvementis neglected.

So how do we address these issues?

Poor business understanding andcustomer relationshipsIt never ceases to amaze me how difficultrelationships can be between IT depart-ments and the businesses they serve.Frequently things can be exacerbatedwhen outsourcing is in place. Neverthe-less, even within a company one wondersif they are working on the same team.

IT is such an integral part of everybusiness today that good communicationsbetween the customer and IT areabsolutely crucial. Fostering trust andhonesty is vital as the relationship growsand develops. Some difficult questions

need to be answered honestly:� What efforts do we as IT professionals

make to understand and support thedrivers and challenges faced by ourcustomers?

� What efforts do we make to build anddevelop relationships with ourcustomers?

� How well do we manage customerexpectations so that we don’t const-antly over-promise and under-deliver?

� Do we do enough to deliver metricsthat are meaningful in business terms?Long gone are the days when percent-age availability of the mainframe is ofany value to anyone!

You may say it’s a two-way street; thecustomer has to participate equally inmaintaining and growing the relationship.Of course that’s right but IT can still takethe lead. This can be done by ensuringyour IT function makes this a primaryfocus and has agreed processes in placewhich determine how the relationshipwill operate and what is expected of eachparty. Having this will provide a solidfoundation upon which to deliver serviceand deal properly with the issues that willinevitably arise.

Difficulty managing the quantityand speed of change required bythe businessOf course, the customer wants the newdevelopment at the lowest price and theywant it tomorrow. Relationship andprocesses are again key. Whilst we don’texpect the customer to accept the factthat our development will take “for ever”and cost a “fortune” they have to berealistic enough to know that it won’t bedelivered “yesterday” for “free”.

In a mature relationship expectations willbe realistic on both sides. Obviouslythere will be business-criticaldevelopments where IT has to pull out allthe stops, but this can’t be achieved allthe time. The development workload hasto be prioritised by the business.

With regard to processes, there has to bea solid Application Developmentmethodology with the business playing akey role throughout the life cycle as wellas Release and Change Managementprocesses to control risk effectively.

Inappropriate balance betweentechnology and processIt’s a fact that as techies we are in lovewith technology. After all, without thetechnology where would we be?

However, so many issues arise becauseprocesses have been neglected. Eitherthey have not been developed properly ornot adhered to – or both. The keyprocesses required to run an effective ITdepartment are well covered by ITILdocuments. These are a very useful set ofguidelines and with a pragmatic approachto process development and implement-ation, it is possible to achieve some verygood practice in your IT operations.

Ineffective communicationsbetween development and servicedeliveryApplication Development and Operationsteams often have widely differentagendas. Development is only interestedin delivering on time, within budget andmeeting the functional requirements.Operation’s prime aim is for theimplementation to go cleanly and thesystem to be operable. The mind-setsmay be different but the end-game has tobe the same.

Operations and Development need towork in partnership to design, build anddeliver a solution that:� Takes account of non-functional

requirements as well as functional.� Accounts for the running costs of a

solution as well as the developmentcosts.

� Includes sign-off points throughout thelife cycle.

� Interfaces with Release and Change


Management processes.� Retains development support for a

“warranty” period followingimplementation (ensuring this supportis properly costed and not “thrown in”for free).

Fire Fighting SpiralDelivering consistently reliable service tocustomer is what it’s all about. Hardware,software, processes and people will fail atsome stage or another. However, theeffort put into reducing the risk of failurecan pay dividends. Why not use yourfire-fighting resources as gatekeepers andcheckers instead?

Make sure you have top-level support inthe organisation for service protection,service recovery and service improve-ment by considering the following:Service Protection:� Identify critical components in your IT

infrastructure and configure them tominimise or avoid business impactupon failure.

� Changes cause problems, ensure youhave effective processes to manage

change and risk.� Be proactive in addressing issues that

you know leave your servicevulnerable.

� Ensure ownership and accountabilityare at the heart of everything you do.

� Take time to learn and apply solutionsfrom incidents and problemsencountered.

� Test your procedures on a regular basisto ensure they will stand up to a realcrisis.

� Human behaviour is unpredictable –robust, highly-conformant bestpractice processes and procedures aretherefore vital.

Service Recovery:� Ensure that incidents are detected

either before service is affected or atworst immediately it is affected.

� Quickly implement diagnostic andrecovery skills and techniques todetect the cause and expedite servicerecovery.

� Manage incidents effectively includingwhere necessary escalation andinvocation of Crisis Managementprocedures.

� Keep the customer fully informed ofprogress and manage expectations forservice restoration.

Service Improvement:� Have a management focus on

improving service – continuallyreview your strengths, weaknesses,opportunities and threats.

� Develop and manage a formal serviceimprovement programme with anallocated budget and involve ALLareas of IT as well as a customerrepresentative.

� Measure key performance indicatorsand set realistic, but demandingimprovement targets.

� Have a management system forformally reviewing service andintroducing additional activities to theservice improvement programme.

In conclusion, problems and issues overIT will always be with us but iftechnology, communications andprocesses are correctly aligned it shouldgo a long way to minimising the risks offailure and hopefully producing delightedcustomers! �


�

Keeping the IT BalancingAct on the Tight RopeTim YoungProxima Technology

A great deal is written about the value ofmeasurement, but apart from knowingthat it is necessary, it appears to besomething that we generally needimprovement on. As a result, businessdecisions are made based on empiricalevidence that is either lacking or woollyto say the least. “Gut feel” and “intuition”are very much the order of the day andany moves to put in place a measurementsystem invariably lead to cries of protestabout freedom, trust and creativity. Whileintuition has undoubtedly created someof the world’s most successfulbusinesses, it has probably wreakedhavoc on many more. So the adage—youcan’t improve what you don’t measure—needs to be your mantra if you are tobecome an effective decision maker.

A balanced scorecard is a measurementsystem that provides real insight into thestatus of a business or some part of it.According to Gartner, balancedscorecards are the most widelyrecognised business measurementsystems1. Developed in the 1990s byKaplan and Norton, this approachconverts value drivers—such as customerservice, innovation, operationalefficiency and financial performance—toa series of defined metrics. Companiesrecord and analyse these metrics to helpdetermine if they are achieving strategicgoals, and use this model to ensure eachpotentially conflicting perspective is inbalance. For example, an insurancecompany may increase profitability byoffering incentives to Claims Assessorsfor taking a tough stance on payout, butthey will also quickly find dissatisfactionamong their clients that may lead toattrition. Scorecards help get this balanceright and are a significant breakthroughover more traditional single dimensionapproaches that tend to be based purelyon expense management and businessgrowth. An example of a balancedscorecard is shown in Figure 1 above.

Balanced scorecardsare very relevant to ITservice-levelmanagement (SLM).Not only is this a dataintensive task thatneeds unscrambling,but also our universe isan electronic one inwhich you can easilycapture and analysevast amounts of datato establish truemeaning. Furthermore,IT departments needtools to improveservice quality andreduce costs, but theyalso need tools toarticulate their value interms meaningful totheir colleagues inother departments. Finally corporateexecutives need to understand fullywhere their IT investment is paying off.So what better than to use the defactomanagement measurement system forthis purpose?

A scorecard implementation takes the“less is more” adage to its logicalconclusion to provide a picture of servicequality that is instantly accessible to allparticipants in Service Delivery. From thetechnicians operating the service, theChief Information Officer (CIO)accountable for it, to the end-users whoare the ultimate beneficiaries, everyonehas a common understanding of value—with each viewpoint tailored to specificresponsibilities. This hierarchy isillustrated in Figure 2 overleaf.

At the top-level, sits the CIO accountablefor the service of the overall investmentin IT. Here, interest focuses on thebusiness value of IT and the impact ofany failure or some service improvementactivity. This view requires alignment

between IT services and the businessprocesses they support to allow ITservice quality to be analysed in thecontext of the resultant effect to thebusiness. A vehicle for achieving thisalignment is the scorecard, whichdelivers metrics that chosen at this level,will reflect corporate business strategy inorder to show how IT contributes to theseend goals.

The next level in our hierarchy isoccupied by Service Delivery Managerswho are responsible for quality ofapplication service. Essentially, this partof our scorecard reports service levelagreement (SLA) compliance. This viewalso requires IT services to be alignedwith at least the critical businessprocesses in order sensibly to prioritiseand direct the service provisioning task.Scorecard users at this level may alsoinclude business process owners who areresponsible for the IT-dependant businessprocesses and who need to understandhow IT affects business services, at anygiven moment. Although these business


process owners are not in a position toaddress IT problems, being aware of howIT impacts business service allows themto take steps to minimise disruption. Forexample, a manager of a customerresponse centre can instruct every otheragent to take customer details forsubsequent call-back in the event of asystem slow-down.

At the lowest level in the hierarchy,although playing a critical role none theless, are the technicians responsible forthe constituent parts of the service, forexample, the Database Administrators(DBA) and Systems Administrations. Theview taken here is to clearly understandthe root cause of any problem and thevalue of the scorecard lies very much inthe shared viewpoint. This allowsAdministrators to see situations clearlywhere they are responsible for a rootcause versus simply being affected by itand to take action as appropriate.

The Value Perspectives in theSLM ScorecardIn an SLM scorecard, the internal processperspective shows you the effectivenessof your Information TechnologyInfrastructure Library (ITIL) servicedelivery process.

Organisations that take continuousimprovement seriously and havestandardised on a quality managementprocess—such as Six Sigma—will alsobenefit from having a ready-made recipefor measuring the effectiveness of theseprocesses. Furthermore, these qualitymanagement methods identify adversewaste and report this in meaningful cost

to the business terms (it’s a wonder thatso many people take a negative stancetowards quality management!). For theorganisations using these quality manage-ment processes, the balanced scorecardsimply provides a placeholder for metricsthat are already available, such as processsigma and cost of poor quality. Althoughit somewhat defeats the purpose of theexercise to propose pre-canned metrics,since the metrics ought to reflect strategy,metrics that we would not be surprised tosee in the process perspective include:performance to SLAs, throughput,availability, capacity forecasts, accuracyof capacity forecasts, incident recovery,mean time to fix (MTF) and mean timebetween failure (MTBF).

In order of ease-of-implementation,probably the next perspective is that offinance since there already exists anabundance of well-defined and well-policed metrics. Although matters fiscalare generally well known to uppermanagement, it is a concept that rank andfile employees may have had littleexposure to. Since this is the harshest ofall realities, it can only be a good thingthat it becomes a factor in routinedecision-making—particularly since thisrelates directly to the scorecard user’sarea of responsibility. For example, aDBA aware of the cost of poor quality ofa poorly running database is more likelyto direct attention to this, even though aservice may not actually be in breach.Another aspect of the financialperspective that has a bearing (at least tolonger term planning) is that ofcapitalisation: that is, how manyresources you are consuming to provide a

service. While over capitalisation cannotbe addressed overnight, a downwardtrend in this regard provides a goodindicator of cost savings. Candidatemetrics for the finance perspectiveinclude: billing, consumption, perform-ance to budget, savings, COPQ, penaltypayments, asset depreciation costs, ROI,profitability (by user/customer).

The customer perspective shows theopinions and behaviour of our targetcustomer (or end user). The opinions ofthe end-user customer are significant andoftentimes a perception of reality cancarry more weight than actual events. Soit makes a lot of sense to capture andunderstand this viewpoint. Measuring theuser perspective is not straightforward,but the voice of the customer (VOC) is atechnique that can be deployed to greateffect. VOC is basically a survey, but withadvances in technology, can be deployedon a corporate intranet, kiosk style. Apartfrom measuring user perception, VOCbecomes a huge marketing exercise:when users express their opinion, theyfeel part of the process—providingsomeone actually listens, that is.

Of all the perspectives on our scorecard,probably the most troublesome is that ofinnovation and learning. This perspectivedescribes our capability at achieving therequired results in the other perspectives.This boils down to the skill set of ourworkers, their effectiveness and thecapability of the infrastructure that allowsthem to execute the internal processes tocreate happy customers and achieve thedesired profitability and revenue goals.This perspective is more easilyunderstood with example metrics, whichcould include: rewards and recognition,classes taken, lateral moves, teamwork,“Corporate Citizen”, upgrade activity,efficiency and so on.

SummaryKeeping a balanced scorecard is key toproviding understanding, accountabilityand insight into the overall business. Bymaintaining records of business-relevantmetrics, cross-department employeesachieve one strategic business vision.Having one solid perspective across theorganisation is more effective as comp-ared to many; and using this model seekskeep the IT balancing act in-check. �1 Gartner Inc., “Drivers and Challenges ofCorporate Performance Management” Jan 2004


IT ServiceContinuity –“Know theUnknowns”

Gary DonlonSenior ConsultantJermyn Consulting

Table 1 – Recovery Capability Gap Analysis

Email ERP Payroll Management IntranetInformation

Business impact HIGH HIGH MEDIUM LOW LOWCurrent recoverycapability 3 days 4 hours 1 day 4 hours 3 daysPriority forremedial work HIGH Not req. Not req. MEDIUM1 Not req.

Note 1: A MEDIUM priority for remedial work has been assigned to this ITService since it may be appropriate to reduce recovery capability.

“There are known knowns. These arethings we know that we know. Thereare known unknowns. That is to say,

there are things we know we don’tknow. But, there are also unknown

unknowns. These are things we don’tknow we don’t know.”

Donald Rumsfeld

Well thanks for clearing that one upDonald! In fact, to manage IT ServiceContinuity effectively, an IT Managerneeds to know one of these knownunknowns.

A Known UnknownA common known unknown for many ITManagers is the relative priority of ITServices provided to the business. Oftenthe business itself does not understand:� The dependency placed on IT Services.� The cost that the business would incur

if IT Service was lost.

Why Is This A Problem?The IT Manager is in a difficult positionof having to allocate scarce resources toprovide IT Service Continuity capability,often with little or no input or directionfrom the business. This is becausebusiness managers often assume that ITService Continuity is a problem only forthe IT Manager.

Of course IT Service Continuity shouldbe a shared responsibility between IT andthe business. After all, following ITService loss it is the business managersthat will incur the cost and they willexpect the IT Manager to fix it.

Sharing Responsibility for IT ServiceContinuityIn order to share responsibility effective-ly, the gap between IT and the businessneeds to be bridged. To manage ITService Continuity effectively, it iscritical there is a mutual understanding ofhow IT and the business work together.

This is a broader issue, but in the contextof IT Service Continuity, the IT Managercould set the following objectives:1. To understand the business impacts of

IT Service loss.2. To allocate resources to effectively

mitigate business impacts.

Achieving These ObjectivesAchieving these objectives and a

practical application of the ITIL modelfor IT Service Continuity can beaccomplished by the following FiveSteps to Success.

Step 1 – Measure IT Service LossThe IT Manager needs to work withrepresentatives from the business tomeasure the impact of loss of each ITService, over time. Agree the measure-ment criteria in advance, rememberingthat impacts / losses to the business couldbe incurred qualitatively as well asquantitatively.

Step 2 – Develop recovery policies for ITServicesThe recovery policy is the time duringwhich IT Services must be recoveredbefore the business incurs anunacceptable loss. Each IT Service andthe assets supporting them should be

assigned an appropriate recovery policy.The limitations of available technologiesshould be considered when assigningrecovery policies.

Step 3 – Demonstrate recovery capabilityand identify gapsThe Financial Services Authority andCivil Contingencies Bill both containspecific reference to the need todemonstrate recovery capability. Byimplementing a robust Service continuityprogramme, the IT Manager can developa gap analysis between recovery policiesand current capabilities. A robust ServiceContinuity programme includes:� Documented recovery procedures for

each type of asset.� A recovery-testing programme that

proves technical recoverability.� An alignment between actual or

expected recovery timeframes and therecovery policy.

� Third party contracts and Service LevelAgreements that may assist recovery(e.g. maintenance and disaster recoverycontracts).

� A maintenance system to managechanges in technology, IT Services,business priorities and businessimpacts.

� A Disaster Recovery Plan thatintegrates emergency managementprocedures with IT functional recovery.

Where any of these components aremissing, recovery capability isdiminished. Remedial work to reduce oreliminate the gaps should be prioritisedaccording to the business impacts. Thetable at the foot of the page illustrates therelationship between business impactsand prioritisation of remedial works.

Step 4 – Identify appropriate solutionsDeveloping solutions to close the gapbetween recovery policies and currentcapabilities may require a substantialinvestment in time and money. Often the


cost of the solution is inversely related tothe required recovery timeframe. A widerange of technical and proceduralsolutions is available in the market, andin order to obtain the necessaryresources, the IT Manager needs to builda business case.

The business case is made by comparingthe cost of achieving the recoverypolicies against the benefit of avoidingthe business impacts. This equation isslightly more complex however, since the

organisation’s appetite for risk has abearing on thedecision.

Building IT ServiceContinuity capabilityis not just aboutimplementing thetechnology. Equallyimportant is theorganisation’s abilityto identify when anincident becomes anemergency, and then to

manage the response.

The effective integration of incidentmanagement, emergency managementand resolution procedures underpinsrecovery capability. This is a subjectmatter in its own right and will bediscussed in a future issue of servicetalk.

Step 5 – Implement the solutionsOften, IT operational staff assume thatserious IT Service failure will not happento them, or that they will be able toresolve the problem when it arises. This

apparent complacency is broadlyresponsible for the ineffectiveimplementation of solutions.

To overcome this complacency, the ITManager must increase awarenessregarding the impact of IT Service loss.To achieve this it is useful to assignresponsibility for IT Service Continuityto individuals. Improvements incapability can be measured throughregular performance reviews and a testingprogramme.

In SummaryThe impact of IT Service loss is a knownunknown for many IT Managers. Byfollowing our Five Steps to Success, anIT Manager can be confident that:� A known unknown becomes a known

known!� Recovery capability will be improved.� The likelihood of serious disruption to

IT Services will be reduced.� Resources will be assigned where

needed most.� The level of understanding between IT

and the business will be increased. �

Chart 1 – Cost v Benefit Model


Axios Systems AchieveBS15000 CertificationBrian KerrBS15000 Project DirectorAxios Systems

On 27th February 2004, Axios Systems,the leading international Help Desk & ITService Management solution vendor,became one of the first organisations inthe world successfully to achieveBS15000 accreditation as verified by theofficial IT Service Management Forum(itSMF) BS15000 certification scheme.

BS15000 is the first worldwide standardspecifically aimed at ITSM and is basedon the IT Infrastructure Library (ITIL),the internationally accepted Best Practiceframework. The certification scheme waslaunched last year to provide independentverification against the standard.

This is the story of our certificationprocess; the highs and lows, the internalcommitment and activities required inorder to be a Best Practice success.

Axios Systems and Best Practice – awinning partnership

Since its inception in 1988, AxiosSystems have embraced ITIL and BestPractice methodology and subsequentlydesigned our core solution, assyst, aroundthe ITIL processes. With the introductionof BS15000 as the only recognisedmeasurement of a company’s ITILcompliance, it seemed a logical step thatAxios should set themselves the goal ofbeing one of the first organisations in theworld to achieve certification against thestandard. In achieving this certification,we would demonstrate our commitmentto ITIL and Best Practice and also showthat we practice what we preach.

Embrace across the wholeorganisation – starting at the top

The crucial first step on our BS15000

journey was to ensure Director levelcommitment to the project. Given ourhistorical commitment to ITIL, ourDirectors and other senior members ofstaff embraced the concept andencouraged everyone in the organisationto display the same level of commitmentto the certification process. The next stepwas to appoint a project manager andallocate roles and responsibilities. Thecertification project was then formallylaunched throughout Axios Systems.

Where are we now?

Embarking on our certification journey,the primary approach taken was similarto that of the audit. We had to establishwhere we were, where we needed to beand what we needed to do to close thegap. A useful tool in this exercise was thePD0015 workbook – a self-assessmenttool from British Standards that helped usdetermine our position at that point. Wewere pleased by the positive result of ourinitial self-assessment – but knew therewas still considerable work to be done tomeet the exacting standard!!

Evidence is all-important

In adhering to BS15000, documentationis extremely important as it is regarded asevidence of the provision of qualityService Management. Historical recordsare also used during the process asevidence of the performance of pastService Management activities. Wetherefore built a team to gather alldocumentation relating to ITSM andestablish that which we did not have.Because we operate a policy ofcontinuous improvement, we didn’t haveto create new processes to meet theStandard; we just had to ensure that our

documentation correctly reflected theprocesses and working practises alreadyin place within Axios. This step providedus with a list of tasks that were thenallocated to specific individuals withinthe Project team. Regular reviewmeetings ensured we were maintainingour momentum, staying on track andbuilding our enthusiasm for the project!

Let your tool assyst you

During our BS15000 journey, we foundthat much of the evidence required byBS15000 can be provided through use ofa fully integrated IT Service Managementtool. A key component therefore indemonstrating our conformance to thestandard was our own use of our coresolution, assyst.

Using assyst we were able to demonstratethe recording, tracking, updating andformal closure of Incidents, Problemsand Changes. assyst also contained pre-defined automated workflows andescalation paths depending on thecircumstances of the Incident, Problem orChange being logged.

We were also able to demonstrate therecording and measurement of ServiceLevel Agreements (SLA’s), OperationalLevel Agreements (OLA’s) and SupplierContracts within assyst as well as holdingcomprehensive asset information,including relationships between assets.

Be prepared – readiness is key

We were fortunate to have qualifiedauditors and ITIL qualified ServiceManagers within Axios who couldundertake an internal pre-audit of ourreadiness for the full audit. We used the



results from this pre-audit to plug any gapsidentified and when we were satisfied with theresults booked the final audit through one of theitSMF registered auditors, KPMG.

The audit itself

In scheduling the audit we discovered that the auditlength can vary in terms of the number of daysrequired based on the size of the organisation beingaudited. Our audit took approximately six days intotal to complete.

On arrival, KPMG undertook a Gap Analysisexercise of our documentation against that requiredby the Standard. They also reviewed our supportingrecords and trend analysis reports generated fromassyst, which offered definitive proof that we followour documented processes.

The result of this phase of the audit was a correctiveaction plan for Axios from KPMG; this thankfullywas reasonably short as a result of our ownsuccessful pre-audit activities. We then had toaddress the issues raised in the corrective actionplan and move onto the certification audit stage. Aswith the Gap Analysis stage, the audit generated alist of recommendations, of which none were major.The auditors were then in a position to recommendcertification against the standard.

Success!

Following recommendation that Axios Systems beawarded BS15000 certification, formal sign off wasrequired by a senior partner within KPMG. Ourcertificate confirming our success was issued on27th February 2004. �

Colin Rudd, Chair of the itSMF BS15000Certification Committee said, “The standard is verydemanding in its requirements of IT serviceproviders. It is incredible that Axios have been ableto demonstrate that they have achieved such a highlevel of process maturity so soon. This far exceedsour expectation and we hope that many otherorganisations will follow their excellent example”.

Rudd went on to say “Although the standard andscheme have been developed in Britain the attentionis not confined purely there. The enthusiasm for thisactivity is happening on a global basis, withorganisations in India, Australia, USA and the FarEast also actively working toward the standard andcertification. The fact that Axios have been the firstin Europe to achieve certification under the schemeis a major accomplishment for them anddemonstrates their commitment to service quality.”


servicetalkDeadline Dates

Issue Copy Deadline Advertising

June 2004 Tuesday May 4th Thursday May 6th

August 2004 Tuesday July 6th Thursday July 8th

October 2004 Tuesday September 7th Thursday September 9th

December 2004 Tuesday November 2nd Thursday November 4th

February 2005 Tuesday January 4th Thursday January 6th

Thinking about submitting anarticle?Articles should be between 1200 –1500 words in length, and in PCcompatible format.

File Formats for Photos orGraphicsAny accompanying photographs needto be high resolution files (300dpi).Graphics need to be supported by theseparate original files in which theyare created – not just a copy of theWord document. Ideally these filesshould be created in a high qualityprogramme such as Photoshop (as a300dpi TIF file or JPG file for colourmaterial or BMP file for monomaterial), or in Illustrator (as a highresolution EPS file).

Articles should be emailed [email protected] as anattachment to an accompanying emaildetailing the topic of the article

Advertising ratesAs from February 2004

itSMF Vendor Members Non-Vendor members

1 x Full page £450 £650

1 x Half-page £275 £425

1 x Quarter page £150 £250

A 10% reduction is available if a series of 6 adverts is booked and paid for in advance.Contact [email protected] to book advertising.

International NewsThe spread of itSMF across the globe continues apace, withsignificant development in the Asia Pacific region.

ItalyFebruary saw Italy become the latest country to join thecommunity.

IndiaA business plan has been submitted and is currentlyundergoing minor rework. A number of customer and vendororganisations are committed to bringing the chapter intobeing.

SingaporeWith significant input from EXEL, HP, IBM, SingaporeComputer Society and a number of independent consultants, asteering committee has commenced work on establishing thelegal entity with the aim of launching formally with an eventin August.

ChinaA steering committee comprised of representatives from HP,IBM, half-a dozen user organisations and a governmentagency are formalising the legal entity.

Hong KongA first meeting of interested parties comprising representativesfrom Fujitsu, HK Computer Society, HK Jockey Club, HKMTR, HP & IBM has been held. A steering committee willcommence work on the business plan and chapter formation.Cathay Pacific have since joined the group.

New ZealandFollowing several presentations last year from CEO, AidanLawes, planning meetings for establishing the chapter are beingheld in early April with assistance from Brian Jennings, itSMFAustralia President.

Elsewhere, Brazil’s business plan has been approved and subjectto ratification at the International Board, they will be accepted asan official chapter. Other countries where there are activitiesunderway include Finland, Hungary, Poland and Spain.

By the time this reaches your desk, the first meeting of theInternational Executive Board will have occurred. There aresignificant changes to the International operations under reviewand the next issue will contain full details of the outcome. Withthe growth in chapters, there is now a wide range of conferenceson offer – see the diary for dates. �


Diary 2004Date Meeting Venue Comments

April 6 Institute of Service Management meeting Reading

April 7 Midlands & East Anglia Regional Group Meeting Kettering

April 15 South West & Wales Regional Group tbc

April 21 Scottish Regional Group Meeting tbc

April 22 Northern Regional Group Meeting tbc

May 13 itSMF Seminar: Problem Management Dublin

May 18 BS 15000 Certification committee Reading

May 18-19 itSMF South Africa Conference Indaba Hotel, IT Service Management SafariJohannesburg – the journey to success

May 25 itSMF Portugal – Conference Lisbon

June 3 Management Board Reading

June 3 Northern Regional Group Meeting tbc

June 8 Institute of Service Management meeting Reading

June 10 South West & Wales Regional Group Meeting tbc

June 29 itSMF Seminar: BS15000 Seminar Reading

June 29 Vendors ESC Meeting Reading

July 7 Midlands & East Anglia Regional Group Meeting tbc

July 8 Publications ESC Meeting Reading

July 28 itSMF Seminar: Business Perspective Birmingham

August 2- 4 itSMF Australia Annual Conference Melbourne

September 1 Scottish Regional Group Meeting tba

September 2 Management Board Reading

September 9 South West & Wales Regional Group Meeting tba

September 9 itSMF Canada AnnualConference Toronto

September 16 itSMF Seminar tbc

September 27 itSMF USA Annual Conference Long Beach ITSM: Beyond the Foundation,– 2 October Building the Future

October 6 Midlands & East Anglia Regional Group Meeting tbc

October 7 Publications ESC meeting Reading

November 8 – 10 itSMF 13th Annual UK Conference & Exhibition Brighton “Creating & Maintaining theMetropole Momentum” — Book Early!

November 24 Scottish Regional Group Meeting tba

December 2 Management Board & Council of members Reading

December 7-8 itSMF Germany Annual Conference Hamburg

December 8 itSMF Seminar tbc

December 9 South West & Regional Group Meeting tbc

Forthcoming Seminars“Out of the Darkness in to the Light!”

13 May 2004 Dublin

The itSMF return to Ireland with one of the most problematical (excuse the pun) aspects of Service Support, thatof Problem Management. The ITIL framework appears simple to understand, but is the implementation in reality agreat deal more complex? Without due care a fog can descend, obscuring the lines between Incident and ProblemManagement adding to the swirling mist surrounding that of problem control, error control and proactiveprevention; it is easy to become encased in complete darkness. Is there a magic light bulb? Or do you have to findsome tinder and a spark to find your way out of the darkness, back in to the light?

This seminar will consider and cover some of the following areas:� How to Achieve Problem Solving at the Strategic Level� Ensuring Analysis of the Real Problem and the Cost of Analysing the Wrong One� The Importance of Problem Solving with a Disciplined Approach� Good Problem Managers need to be Good Problem Solvers – Discuss!� Does the Theory Fit the Reality?� Can We Afford to Ignore Proactive Problem Management?

BS 15000 Certification –“From the Horse’s Mouth!”

29 June 2004 Reading

Everyone seems to want to know about BS 15000 and plenty have their own view, but what is the reality? As theitSMF is the owner of the official certification scheme it would seem sensible to hear it as it were, “from thehorse’s mouth”! In this seminar we will dispel any misconceptions and put you and your organisation on the righttrack. We will also listen to your comments about future communication. The final programme has yet to bedecided but is anticipated to include:

� BS15000 The Standard Explained � BS15000 The Certification Scheme� An Auditors Experience � A User Experience

� Benefits and ROI

Please check the website for a list of speakers and associated synopsis.Recent Seminars organised and run by the itSMF have been extremely successful and

so we suggest you consider booking early to avoid disappointment.

Finally, future seminar topics are being considered.Is there a subject matter that is becoming a burning issue?

Please email Jenny at [email protected] with your suggestion.

April Theme Articles BS15000: the background to and … · 2008. 3. 7. · £4 April 2004 Issue No....

Documents

Transcript of April Theme Articles BS15000: the background to and … · 2008. 3. 7. · £4 April 2004 Issue No....