Hide Notes 

Slide 1: Give your business what it wants— implementing continual service improvement with ITIL Version 3 White paper Table of contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 ITIL best practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 Delivering ITIL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Figure 1. HP service management framework . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Running services the business wants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Figure 2. Risks to availability SLA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Fixing IT measurement and management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Figure 3. Percentage of change in incident count by category . . . . . . . . . . . . . . . .6 Figure 4. Example of CIO scorecard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Driving continual service improvement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Table 1. Critical success factors and metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 IT roles, measurement and management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Figure 5. View of the scorecard and dashboard for the director of customer support . . .8 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 For more information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Slide 2: “A significant amount of data is collated and monitored by IT in the daily delivery of quality service to the business; however, only a small subset is of real interest and importance to the business. The majority of data and its meaning are more suited to the internal management needs of IT. The business likes to see a historical representation of the past period’s ‘performance’ that portrays their experience; however, it is more concerned with those historical events that continue to be a threat going forward, and how IT intends to militate against such threats.” —Continual Service Improvement, ITIL Version 3, Office of Government and Commerce (OGC) Introduction The role of information technology (IT) is changing. No longer is the IT department responsible only for technology. As businesses strive to increase efficiency, more and more processes are digitized. In 2006, the MIT Center for Information Systems Research surveyed 103 U.S. and European companies about IT and ITenabled business processes. They found “34 percent of those companies have digitized (all of) their core business processes.”1 For companies like these, work-arounds aren’t an option. Critical business processes are forced to stop when any element of a service is unavailable. And the IT organization is on the front line. Businesses are dependent upon their own IT organization to satisfy corporate governance objectives, deliver competitive advantage and meet increasing customer demand for 24x7 services. IT departments are forced to demonstrate accountability with business resources—in particular, they must improve competitive advantage by driving business effectiveness and efficiency. All the attention now placed on the business value of IT also creates the need to demonstrate service quality. Managing the quality of IT services can unlock increased business effectiveness and drive expense reduction while conforming to corporate governance. This is true regardless of the type or size of the organization. This white paper details why many IT organizations have so far failed to create a culture of continual service improvement and how vanguard organizations use continual service improvement as part of their IT management processes. ITIL best practices Chief information officers (CIOs) want to adopt best practices that will improve the quality of their services. One popular example of a best practice benchmark is the IT Infrastructure Library (ITIL®) developed by the British government to improve IT quality and consistency across their organizations. Over the past 15 years, ITIL has evolved to meet changing business demands. The UK’s Office of government Commerce recently published the third version—ITIL Version 3-set of best practices for service management. Recognizing that a major emphasis needs to be placed on the alignment of IT services with business needs, two of the five volumes are now dedicated to service operations and continual service improvement. These two volumes concentrate on running services that the business wants and continually improving those services to be in line with current or revised business needs. In short, ITIL Version 3 is focused on building an effective interface between the business and the IT department. Only when the IT department understands what the business needs and wants can it benchmark itself and build continual improvement plans that meet business demands. Enterprise Architecture as Strategy, Jeanne Ross, Peter Weill and David Robertson, Harvard Business School Press, 2006, Page 2 1 2
Slide 3: This approach to service management clearly demonstrates how IT departments can effectively benchmark and measure success, and how to manage required improvements. Many IT departments have failed to put in place any system to measure and improve service management, even though it was the first standard recommended to specifically measure the quality of an IT department. ITIL Version 3 standards are designed to help IT departments have a quality culture that is based on a lifecycle such as the Deming Cycle, which advocates a continual improvement methodology. ITIL Version 3 has picked up on International Organization for Standardization/ International Electrotechnical Commission (ISO/IEC) 20000 and has emphasized this need for continual improvement to be a core part of the IT culture. HP recommends the following key elements of a service management system for its Level 1 service management framework: • Governance and strategic management—Defines the strategy of the organization and directs its execution to achieve business goals. Governance includes defining roles, responsibilities and controls, managing the service portfolio, measuring and reporting, and taking actions to resolve any issues identified. Governance enables a service provider to direct and steer the service management system. • Service lifecycle management—Provides end-to-end management of services across their lifecycle and across the resources and capabilities that make up the services. Service lifecycle management includes managing a service catalog, service level agreements, services and underpinning contracts. It enables a service provider to offer consistent and agreed-upon output while balancing time, cost and quality. Delivering ITIL • Resource and capability management—Provides Since the tech bubble burst, IT organizations have paid end-to-end management of individual resources a high price for their culture of isolation. In many cases and capabilities (people, process, technology and they were forced to accept large budget cuts. Those information) across their lifecycle. The service helps cuts were partially due to business adapting to competitive the provider optimize resources, grow capabilities market pressure, but more often cuts were made in and reduce costs within the context of predetermined response to the lack of perceived value from a business service level agreements. perspective. Even though many IT departments had made large investments in tools, data warehouses and • Continual improvement—Identifies, prioritizes and clever dashboards, they were simply unable to communimplements improvements to the service management icate in terms that the business could understand or system. Performance is continually measured and value. They were unable to demonstrate effective manageimprovements are made to services, resources and ment of IT services due to their inability to connect the capabilities to help increase efficiency and effectiveness. people, processes and technology that make up any • Maturity—Measures how reliable, efficient and IT service. effective the service management system is, and how well its building blocks are integrated. The most IT departments failed to communicate with their business mature service management system is closely aligned sponsors because they neglected to meet with the to business objectives and business strategy, supported business and understand how to align IT operations by a continual improvement cycle, and is well with business needs and priorities. organized to provide consistent, predictable, To become valued and productive, IT departments agreed-upon services. need to focus on three areas of operations: • Service metrics (service-level agreements (SLAs) with the business) • Process metrics (show the efficiency and effectiveness of the IT department) • Operational metrics (capacity, performance) In many cases IT jumped to a technology-based solution far too quickly without putting in place a set of operational processes to drive alignment with the business. ITIL Version 3 recommends processes that create alignment and forms the basis for a service management system that helps IT deliver exactly what the business requires. 3
Slide 4: Figure 1. HP service management framework Regulatory environment Maturity Governance porting services Sup Supplier Service lifecycle management Services Customer Resource and capability management Continual improvement Competitive environment By implementing these key elements IT will start to drive its alignment to the business in terms that the business will understand and value. The governance and strategic management element helps determine which areas need focus from a business perspective. Focusing on these areas allows the continual improvement element to generate the correct actions to drive metrics that the business requires. This helps reduce risk, improve quality and reduce costs in the IT department. Running services the business wants An IT department needs to build a service management system that delivers services the business wants, at a price they are prepared to pay. Services need to be managed over their entire lifecycle with IT designing and meeting the initial requirements of the business and then adding or deleting resources according to The first thing to happen once this process is in place changing business demands, and eventually retiring is that IT will start to report in outward-facing terms that the service when it is no longer needed. the business can understand. This makes IT measurement comprehensible to both customers and senior IT managers. To give the business what it wants, IT needs to create a comprehensive service catalog that describes all Second, senior managers will start to report metrics the services available to the business. Each of the IT that demonstrate how IT is a good steward of business services needs to be documented with an SLA that resources. In a world where IT organizations increasingly describes the performance, including capacity levels, have credible competition, a clear view of performance availability, and continuity plans with backup and is a must. recovery objectives. The IT department should have key performance indicators (KPIs) in place that detail IT reporting has not historically created the transparency how quickly it can complete SLAs. These KPIs should customers need and the benchmarking management be agreed upon by IT and its business customer for demands. To remedy this, IT organizations must create all entries in the service catalog. Each SLA is then and manage to concrete goals. They must show that reviewed with its business sponsor(s) on a regular basis their actions truly improve the quality and cost of IT to confirm that the business requirements are still correct. service delivery. IT departments need to show that they The IT department should also identify the current risks are actively working to improve process efficiency and to successful delivery of the specific service and document process effectiveness. This includes demonstrating they actions needed to eliminate or reduce those risks to an are doing the right things in the right way. acceptable level. The diagram shows potential areas of risk to meeting the availability SLA as any area that doesn’t touch the red target line. 4
Slide 5: Figure 2. Risks to availability SLA In many cases the IT department is unable to articulate what the risks are and what their potential impact is to the business. Building a continual improvement culture requires the IT department to evaluate every aspect of its performance (people, process and technology) in an objective manner against the SLA required. While it is possible to perform a self assessment (possibly using the templates available from itSMF websites),2 few if any organizations have an objective scoring mechanism that allows consistent evaluation against SLAs. Without this, it is all but impossible to build a service improvement plan with the correct prioritized actions to achieve the SLA without over-performance that can result in unnecessary spend. We recommend that the IT department go one step further and define the KPIs that it will use to measure its performance of each element of its service management system. This can be used as the balanced scorecard for the IT department and is a strong indicator of the overall health of the IT operation. Fixing IT measurement and management How do you find the metrics that address the concerns management has? The answer involves taking an outward versus an inward perspective to IT business intelligence—starting with service level agreements (SLAs). Many IT departments fail to get clear SLAs determined with their own organization. Partly because they can’t articulate the risk—and business can’t articulate what it wants. IT departments can help solve this problem by creating a data warehouse of historical performance data and delivering a set of IT process-based metrics that report process quality and service quality over time. These analytics help IT managers create process-related dashboards that quickly show which processes are working and which are not. This approach is in clear contrast to tactical console functions. Typically, management used historically based analytics to facilitate process maturity. However, in today’s ever-changing and always-demanding business environment, true “management by exception” is a necessity. To be a successful and valued IT department involves moving away from providing raw data and toward proving your worth by demonstrating a percentage of change to an analytic. 2 itSMF – IT Service Management Forum www.itsmf.com 5
Slide 6: Figure 3. Percentage of change in incident count by category This view stems from control theory where you see which process elements are stable and which are unstable. In the above metric view, the “enquiry” category shows instability. Viewing average resolution times shows the same problem. Focusing attention on this area which lacks stability enables process improvement and helps improve service process quality and cost. Fixing things here could be as simple as training to reduce escalation errors. But this step alone does not help IT completely demonstrate its value to the business. IT must also create process improvement objectives. That way the business can understand the IT department’s plan and the progress made toward it. This can create unity not only with the business, but within IT itself. Along with these steps, the ITIL Version 3 continual service improvement volume provides several additional areas of IT service improvement: • Improvement of each phase of service management • Improvement of the service • Improvement of individual activities • Improvement of overall IT cost effectiveness Unification with IT is facilitated by cascading scorecards. The value created by aligning the IT organization around goals, objectives and measurement is enormous. This change can effectively put IT in the same playbook with management. Imagine, in any sport, the difficulties that arise when players operate from different playbooks— this is the world of IT today. “Once a Balanced Scorecard has been defined at the strategic business unit level, it can then be cascaded down through the organization. For each strategic business level measure and related target, business units can define additional measures and targets that support the strategic goal and target. In addition, action plans and resource allocation decisions can be made with reference to how they contribute to the Strategic Balanced Scorecard.”3 Balanced scorecards are not new—they were developed by Robert S. Kaplan and David P. Norton in the 1980s. However, their application to IT is still relatively new. In this approach, once top IT management shares its strategy and objectives, each subsequent IT management layer can add to the goals and determine how it will assess the processes that it is responsible for managing. Each group determines objectives for metrics that match the critical success factors for each goal. These key performance indicators allow the IT organization to manage to objectives—just like the rest of business. They also enable the business to track IT progress as an interested stakeholder. By using IT objectives to determine a continuous service improvement framework, it becomes possible to find trends and take corrective action to make sure goals are driven back to objectives. By cascading everything together, a common IT playbook is created. This can drive out cross-departmental inefficiency, since common goals are created and shared across the entire IT department. 3 The Continuous Service Improvement Manual Draft, ITIL Version 3, page 129 6
Slide 7: Figure 4. Example of CIO scorecard Table 1. Critical success factors and metrics Critical success factors Ability to detect incidents as early as possible Availability of information about problems and known errors and incidents Ability to track the status of resolutions Integration into the configuration management database to determine relationships between incidents Ability to refer to the history of CIS when performing first-line support Integration into the service level management process Metrics Total numbers of incidents (as a control measure) Mean elapsed time to achieve incident resolution or circumvention broken down by impact code Percentage of incidents handled within agreed response time (incident response-time targets may be specified in SLAs or by impact and urgency codes) Average cost per incident Percentage of incidents closed by the service desk without reference to other levels of support Driving continual service improvement Creating data-marts of process-based metrics helps create continual service improvement. For each of the process categories, ITIL Version 3 has identified a natural set of critical success factors and metrics. For some of these categories, the data is hard Creating a continual service improvement solution to get—for other categories, it’s not. The trick is to develop starts by determining which process analytics (metrics a continuous service improvement plan that will remain and reports) are needed to support the management relevant to the organization as well as its goals and of each IT process. In the language of ITIL Version 3, objectives. To be fair, this means that the plan will change this starts by looking at service strategy, service design, over time as process maturity occurs. This is how regular service transition, and service operations and then at the discrete processes contained within them. For example, assessment can play a continuing and valuable role in providing guidance on appropriate metrics. service operations includes: service access, service desk, event management, incident management, problem management, change management and project management. ITIL Version 3 defines critical success factors, key performance indicators and metrics for each of these. 7
Slide 8: Figure 5. View of the scorecard and dashboard for the director of customer support IT roles, measurement and management Once appropriate measures are created, each functional role needs to build off a set of scorecard dashboard templates. These templates are meant to be starting points and can be easily changed as process maturity occurs. From a sustaining IT perspective, typical roles include the CIO, service desk manager, service level manager, operations manager, incident manager and change manager. The objective here is to eliminate the cumbersome reporting cycle while empowering IT managers to make decisions faster and to give customers a constructive view into IT performance. Although customers may not understand all metrics, they will understand how and why IT is improving or losing ground. Here is an example of the tabbed scorecard dashboard interface. The front tab shows a scorecard (see figure 2) while the service desk, incident management and problem dashboards provide a historical view of key role-based metrics. While the scorecard will show how you are doing against goals, the dashboards will enable drill-downs into details about related factors. Conclusion It’s a new day for IT organizations. They need to clearly demonstrate to themselves and to their customers that they are truly managing their business. The focus is on driving process quality and process cost reduction. Crucial to this is the notion of benchmarking, creating tools that help manage to objectives and aligning IT teams. In this white paper, we described these key elements and explained the steps involved in creating a solution. For more information To learn more about HP software solutions contact your local HP representative or visit www.hp.com/go/software. For more information about HP Service management framework, please visit http://h20219.www2.hp.com/services/cache/52340 6-0-0-225-121.html. HP ITSM Assessments can be found at http://h20219.www2.hp.com/services/cache/268967 -0-0-225-121.html. Find out about HP Operational ITSM Services at http://h20219.www2.hp.com/services/cache/48377 7-0-0-225-121.html. © Copyright 2007, Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. To learn more, visit www.hp.com 4AA1-4844ENW, September 2007