Mmmm... I'm still pretty blank and busy, so I thought what the heck let's use this month's blog for a bit of an update and research on the various ISO/IEC 20000 standards, available and under development.
What's available at this moment:
ISO/IEC 20000-1:2005 ITSM -- Part 1: Specification (16 pages)
ISO/IEC 20000-2:2005 ITSM -- Part 2: Code of practice (34 pages)
Australian equivalents:
AS ISO/IEC 20000.1-2007 ITSM - Specification
AS ISO/IEC 20000.2-2007 ITSM - Code of practice
More ISO standards:
ISO/IEC TR 20000-3:2009 ITSM -- Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 (32 pages)
ISO/IEC TR 20000-4:2010 ITSM -- Part 4: Process reference model (30 pages) "Just released (25/11/2010)!"
ISO/IEC TR 20000-5:2010 ITSM -- Part 5: Exemplar implementation plan for ISO/IEC 20000-1 (38 pages)
All standards are available as downloadable PDFs and cost between CHF 86.00 and CHF 124.00.
It seems unlikely that the new -1, -2, -3, -4, and -5 standards will be adopted by Standards Australia. After all, adding AS to the existing ISO standards doesn't really impact a lot on the contents if these contents stay untouched.
What's in development at this moment:
ISO/IEC FDIS 20000-1:YYYY ITSM -- Part 1: Service management system requirements (26 pages)
ISO/IEC FCD 20000-2:YYYY ITSM -- Part 2: Guidance on the application of service management systems
My question to ISO on when the new ISO/IEC 20000-1 and ISO/IEC 20000-2 standards will be released received the following response:
"We don’t have an exact date. Probably at the beginning of the 2nd quarter 2011.
To be notified of any change in the stage code of standards and other deliverables, you can subscribe to the RSS Feed: http://www.iso.org/iso/rss_feeds"
Other remarks relating to the 20000-X series of standards:
Withdrawn standards (20000 series): None
Project deleted (last 12 months) (20000 series): None
IT Governance standard (okay, I know, it's not a 20000 one!):
Another interesting standard is ISO/IEC 38500:2008 (Corporate governance of information technology). Good reading, but don't expect the world as yet - it's only 15 pages, but it does include some likable models!
Acronyms:
AS, Australian Standard
DIS, Draft International Standard
FCD, Final Committee Draft
FDIS, Final Draft International Standard
IEC, International Electrotechnical Commission
ISO, International Organization for Standardization
ITSM, Information Technology Service Management
JTC, Joint Technical Committee
TC, Technical Committee
TR, Technical Report
TS, Technical Specification
Interesting websites:
http://www.iec.ch
http://www.iso.org
http://www.itil-officialsite.com
http://www.itsmfi.org
More specifically:
http://www.iso.org/iso/standards_development/processes_and_procedures.htm
http://www.iso.org/iso/standards_development/processes_and_procedures/how_are_standards_developed.htm
http://www.iso.org/iso/standards_development/processes_and_procedures/stages_description.htm
http://www.iso.org/iso/standards_development/processes_and_procedures/stages_description/stages_table.htm
Etc.
Tuesday, November 23, 2010
Friday, October 29, 2010
PMI: Writer's Blog Block :-)
Writer's Blog Block :-)
I just noticed that PMI's Project Management has:
5 process groups
9 knowledge areas
42 processes
206 inputs
179 tools & techniques
132 outputs
That’s a whopping 573 items to know for the CAPM/PMP exam! This number is excluding definitions, terminology and acronyms.
I just noticed that PMI's Program Management has:
5 process groups
12 knowledge areas
57 processes
273 inputs
255 tools & techniques
187 outputs
That’s a whopping 789 items to know for the PgMP exam! This number is excluding definitions, terminology and acronyms.
I just noticed that PMI's Portfolio Management has:
2 process groups
2 knowledge areas
14 processes
58 inputs
48 tools & techniques
40 outputs
That’s a whopping 164 items to know for the "undefined" exam! This number is excluding definitions, terminology and acronyms.
Yeah - why not total the whole thing!
12 process groups
23 knowledge areas
113 processes
537 inputs
482 tools & techniques
359 outputs
That’s a whopping 1526 items to know for the key PMI exams on project, program and portfolio level! This number is excluding definitions, terminology and acronyms.
My unscientific and nonacademic conclusion is: Don't become a program manager LOL!
I just noticed that PMI's Project Management has:
5 process groups
9 knowledge areas
42 processes
206 inputs
179 tools & techniques
132 outputs
That’s a whopping 573 items to know for the CAPM/PMP exam! This number is excluding definitions, terminology and acronyms.
I just noticed that PMI's Program Management has:
5 process groups
12 knowledge areas
57 processes
273 inputs
255 tools & techniques
187 outputs
That’s a whopping 789 items to know for the PgMP exam! This number is excluding definitions, terminology and acronyms.
I just noticed that PMI's Portfolio Management has:
2 process groups
2 knowledge areas
14 processes
58 inputs
48 tools & techniques
40 outputs
That’s a whopping 164 items to know for the "undefined" exam! This number is excluding definitions, terminology and acronyms.
Yeah - why not total the whole thing!
12 process groups
23 knowledge areas
113 processes
537 inputs
482 tools & techniques
359 outputs
That’s a whopping 1526 items to know for the key PMI exams on project, program and portfolio level! This number is excluding definitions, terminology and acronyms.
My unscientific and nonacademic conclusion is: Don't become a program manager LOL!
Tuesday, September 28, 2010
EDUCATION: Blended Intelligent Training and Education (BITE)
Blended Intelligent Training and Education (BITE)
Make sure you have at least one "Pan Galactic Gargle Blaster" (Adams, 1952) or preferable as many as possible without ending up in Lala-space (surely a very likely space that's an outcome of "elasticated string-theory" (Pratchett, 2010)), before you even consider the infinitesimal - yes extremely unlikely - possibility of reading on! For those that do: be prepared for the unexpected!
Introduction
I've thought hard and long, about 5.39124(27)x10-44 seconds (that's called Planck time for those that want to do a bit of research on this number) about reading - oops writing - this paper. I have no - I'll repeat - NO - intention to be serious in any shape or form, except for those occasions where seriousness can't be avoided, and I'll do my utmost best to avoid them for the sake of human existence and survival of our species. If you're still reading, then somehow I've caught your attention and it's time to start adding some knowledge transfer into this text, as this text is all about the art and science of transferring knowledge and skills in new and hopefully somewhat challenging and thought provoking ways. Personally I believe that education as we know it, is about to receive its biggest shakeup we've seen (or actually not seen, but should have seen) in the last century or so! Being somewhat sensitive to the many educational "omens" that seem to float in the air around me, and poke me in the back when I'm not paying enough attention to them, the signs are clear: this article wants, no even better, demands to be written.
Past: The era of lemmings!
I guess from the early 1900s until the 1950s/1960s most educational systems would submerge (feel free to read drown/suffocate) their students into a drone, military-style like system, where you would sit, pay attention, somehow absorb the materials and keep your mouth zipped. The teacher/educator/lecturer was Om (The God of all Gods) on his/her throne and "deserved" utmost respect from their loyal students (feel free to read "fear 'motivated' slaves"). Questioning the skills, knowledge and/or attitude of Om would be blasphemy, or at least a "crime" to which death was the only penalty that would lead to your salvation. Yeah, I know, I'm exaggerating just a wee bit, but I hope it's getting the message across. It wasn't all that bad, and I'm sure 'most' students survived their educational journey with quite some knowledge and skills sledge-hammered into their brains, ready to conquer the world. A large chunk of knowledge, skills and attitude transfer was uni-directional (including attributes like values, respect, rights and responsibilities) moving down from Om to its army of trustworthy followers. Surely, some type of resistance was to be nothing more than expected. The time of being a lemming, being drilled for 12 hours a day, was soon to become history, something that happened to others in the past.
Present: Chaos rules!
Future: The student decides!
Why BITE?
What is BITE?
Emotional intelligence (EQ)
ICT's critical role
From teacher to coach/mentor
Engagement is key!
Conclusion
Literature
Online references
Make sure you have at least one "Pan Galactic Gargle Blaster" (Adams, 1952) or preferable as many as possible without ending up in Lala-space (surely a very likely space that's an outcome of "elasticated string-theory" (Pratchett, 2010)), before you even consider the infinitesimal - yes extremely unlikely - possibility of reading on! For those that do: be prepared for the unexpected!
Introduction
I've thought hard and long, about 5.39124(27)x10-44 seconds (that's called Planck time for those that want to do a bit of research on this number) about reading - oops writing - this paper. I have no - I'll repeat - NO - intention to be serious in any shape or form, except for those occasions where seriousness can't be avoided, and I'll do my utmost best to avoid them for the sake of human existence and survival of our species. If you're still reading, then somehow I've caught your attention and it's time to start adding some knowledge transfer into this text, as this text is all about the art and science of transferring knowledge and skills in new and hopefully somewhat challenging and thought provoking ways. Personally I believe that education as we know it, is about to receive its biggest shakeup we've seen (or actually not seen, but should have seen) in the last century or so! Being somewhat sensitive to the many educational "omens" that seem to float in the air around me, and poke me in the back when I'm not paying enough attention to them, the signs are clear: this article wants, no even better, demands to be written.
Past: The era of lemmings!
I guess from the early 1900s until the 1950s/1960s most educational systems would submerge (feel free to read drown/suffocate) their students into a drone, military-style like system, where you would sit, pay attention, somehow absorb the materials and keep your mouth zipped. The teacher/educator/lecturer was Om (The God of all Gods) on his/her throne and "deserved" utmost respect from their loyal students (feel free to read "fear 'motivated' slaves"). Questioning the skills, knowledge and/or attitude of Om would be blasphemy, or at least a "crime" to which death was the only penalty that would lead to your salvation. Yeah, I know, I'm exaggerating just a wee bit, but I hope it's getting the message across. It wasn't all that bad, and I'm sure 'most' students survived their educational journey with quite some knowledge and skills sledge-hammered into their brains, ready to conquer the world. A large chunk of knowledge, skills and attitude transfer was uni-directional (including attributes like values, respect, rights and responsibilities) moving down from Om to its army of trustworthy followers. Surely, some type of resistance was to be nothing more than expected. The time of being a lemming, being drilled for 12 hours a day, was soon to become history, something that happened to others in the past.
Present: Chaos rules!
Future: The student decides!
Why BITE?
What is BITE?
Emotional intelligence (EQ)
ICT's critical role
From teacher to coach/mentor
Engagement is key!
Conclusion
Literature
Online references
Tuesday, August 31, 2010
ITIL: H2I - Chapter the Fifth - Parlez vous francais?
The Hitchhiker’s Guide to ITIL – EXAM Preparation Guide
Each framework, methodology and standard comes with its own peculiar language, and so does the ITIL framework. If you want to speak ITIL, then you first need to learn the language, and please believe me when I say it's not as difficult as learning Japanese when your first language happens to be English (or Dutch like mine).
I also need to say that the "common language" that the ITIL framework provides is probably one of its strongest features and to a large extend this has contributed to its enormous ongoing success and popularity. ITIL is the IT department's Esperanto, and this Esperanto is actually spoken by millions!
You can use the ITIL language when communicating with your direct peers, other internal functions, partners and suppliers and who knows maybe even other alien civilizations (yeah, I would like that). I guess many struggle to see the difference between an incident and a problem, or a problem and a known error. A common reference (or glossary of terms) is exactly what many organizations need to start communicating effectively. Ik bedoel, als ik in Nederlands ga schrijven kunnen jullie mij niet meer volgen, hence I write this text in English - a language used to communicate globally. English is not my first language, nor is ITIL, but both work really well when communicating to a specific targeted audience - like you, my loyal readers and followers.
So, where was I? Ah, yes, ITIL language! For me the ITIL language consists mainly of the various definitions, terminology and acronyms, although I seem to have the nasty habit of also adding my personal mnemonics and phrases. Many organizations are now using mnemonics like PICSAR, VRAMS and SPASMS when talking ITIL, I think that's pretty cool considering I only created them to make it easier for the students to memorize ITIL "stuff" so they could pass the ITIL Foundation exam. Phrases like "ITIL is VITAL!", "Making it better together!", and "Making a difference!" also seem to stick with most students, as they have the potential to influence the current culture and mindset. Yes, communication and language have the potential and power to change the very nature of your culture and subsequent actions.
Anyway, getting back on track, here's a list of definitions, terminology and acronyms commonly used in ITIL-speak:
You'll need to study the various definitions, terminology and acronyms as shown above when preparing for the ITIL v3 Foundation exam. The easiest way to learn about them, is to follow the set of YouTubes I've specially created for this purpose, so I don't believe it's necessary to go into full detail here. What is important is to get a good feeling of which ITIL volume/s the item relates to, and as such I hope the following paragraphs will support you in achieving this.
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=yAQVJIKD2yQ&p=017C0B75EE2FA714&index=40
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=NHCZG60A0JM&p=017C0B75EE2FA714&index=30
Predominantly covered in the following ITIL volume/s: Service Strategy, CSI
YouTube link: http://www.youtube.com/watch?v=Y13BGSObkPU&p=017C0B75EE2FA714&index=22
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=_oFu-3dmzU8&p=017C0B75EE2FA714&index=36
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=BCPpjCvUf7Y&p=017C0B75EE2FA714&index=32
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=0g0LvVTForo&p=017C0B75EE2FA714&index=33
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=JXbrNT0iVk8&p=017C0B75EE2FA714&index=28
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=8rMhBA2D4VU&p=017C0B75EE2FA714&index=34
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=0kwm-SlOX1A&p=017C0B75EE2FA714&index=39
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=NrVkNcS8xGs&p=017C0B75EE2FA714&index=42
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=KHSo3CDVeJM&p=017C0B75EE2FA714&index=41
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=VBEOjTJSQ80&p=017C0B75EE2FA714&index=46
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=k0OI3RvaKuc&p=017C0B75EE2FA714&index=47
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=-KTsV-Yut1M&p=017C0B75EE2FA714&index=27
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=Jfl7z3jqRNs&p=017C0B75EE2FA714&index=44
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=hMngLrTFcis&p=017C0B75EE2FA714&index=50
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=Xc86HkhFCbg&p=017C0B75EE2FA714&index=37
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=MOiP9FB4QPc&p=017C0B75EE2FA714&index=18
Predominantly covered in the following ITIL volume/s: Service Strategy, CSI
YouTube link: http://www.youtube.com/watch?v=QRoH9tKg3ZQ&p=017C0B75EE2FA714&index=23
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=RppFmg6WP_E&p=017C0B75EE2FA714&index=49
Predominantly covered in the following ITIL volume/s: Service Strategy, Service Design
YouTube link: http://www.youtube.com/watch?v=bfsHFPYU-QI&p=017C0B75EE2FA714&index=20
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=P9Ytv72bC5o&p=017C0B75EE2FA714&index=35
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=C-zF6RURFgY&p=017C0B75EE2FA714&index=29
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=dMATi0-iGRM&p=017C0B75EE2FA714&index=31
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=mhy2VvIvBkQ&p=017C0B75EE2FA714&index=26
Predominantly covered in the following ITIL volume/s: Service Strategy, Service Design
YouTube link: http://www.youtube.com/watch?v=_xXuhbcBUfY&p=017C0B75EE2FA714&index=19
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=CXRQ1kpxXn4&p=017C0B75EE2FA714&index=24
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=_WBIun4sB74&p=017C0B75EE2FA714&index=43
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=Wqi3Vrlc8Rw&p=017C0B75EE2FA714&index=38
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=OwBfy5mIU7c&p=017C0B75EE2FA714&index=25
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=pN8AuF5iVNE&p=017C0B75EE2FA714&index=48
Predominantly covered in the following ITIL volume/s: CSI
YouTube link: http://www.youtube.com/watch?v=pSvbkp2zW4w&p=017C0B75EE2FA714&index=21
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=HKlpHIA4nhQ&p=017C0B75EE2FA714&index=17
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=oUCWD3Gqhh4&p=017C0B75EE2FA714&index=45
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
Each framework, methodology and standard comes with its own peculiar language, and so does the ITIL framework. If you want to speak ITIL, then you first need to learn the language, and please believe me when I say it's not as difficult as learning Japanese when your first language happens to be English (or Dutch like mine).
I also need to say that the "common language" that the ITIL framework provides is probably one of its strongest features and to a large extend this has contributed to its enormous ongoing success and popularity. ITIL is the IT department's Esperanto, and this Esperanto is actually spoken by millions!
You can use the ITIL language when communicating with your direct peers, other internal functions, partners and suppliers and who knows maybe even other alien civilizations (yeah, I would like that). I guess many struggle to see the difference between an incident and a problem, or a problem and a known error. A common reference (or glossary of terms) is exactly what many organizations need to start communicating effectively. Ik bedoel, als ik in Nederlands ga schrijven kunnen jullie mij niet meer volgen, hence I write this text in English - a language used to communicate globally. English is not my first language, nor is ITIL, but both work really well when communicating to a specific targeted audience - like you, my loyal readers and followers.
So, where was I? Ah, yes, ITIL language! For me the ITIL language consists mainly of the various definitions, terminology and acronyms, although I seem to have the nasty habit of also adding my personal mnemonics and phrases. Many organizations are now using mnemonics like PICSAR, VRAMS and SPASMS when talking ITIL, I think that's pretty cool considering I only created them to make it easier for the students to memorize ITIL "stuff" so they could pass the ITIL Foundation exam. Phrases like "ITIL is VITAL!", "Making it better together!", and "Making a difference!" also seem to stick with most students, as they have the potential to influence the current culture and mindset. Yes, communication and language have the potential and power to change the very nature of your culture and subsequent actions.
Anyway, getting back on track, here's a list of definitions, terminology and acronyms commonly used in ITIL-speak:
- Alert
- Availability
- Business Case
- Change types
- Configuration Item (CI)
- Configuration Management System
- Contract
- Definitive Media Library (DML)
- Event
- Impact, Urgency and Priority
- Incident
- Known Error
- Known Error Data Base (KEDB)
- Operational Level Agreement (OLA)
- Problem
- Release policy
- Release Unit
- Resources, Capabilities and Assets
- Risk
- Service Assets
- Service Catalog
- Service Change
- Service Design Package
- Service Knowledge Management System (SKMS)
- Service Level Agreement (SLA)
- Service Portfolio
- Service Provider
- Service Request
- Seven R’s of Change Management
- Supplier
- The role of communication in Service Operation
- The role of IT Governance across the Service Lifecycle
- Utility and Warranty
- Workaround
You'll need to study the various definitions, terminology and acronyms as shown above when preparing for the ITIL v3 Foundation exam. The easiest way to learn about them, is to follow the set of YouTubes I've specially created for this purpose, so I don't believe it's necessary to go into full detail here. What is important is to get a good feeling of which ITIL volume/s the item relates to, and as such I hope the following paragraphs will support you in achieving this.
Alert
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=yAQVJIKD2yQ&p=017C0B75EE2FA714&index=40
Availability
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=NHCZG60A0JM&p=017C0B75EE2FA714&index=30
Business Case
Predominantly covered in the following ITIL volume/s: Service Strategy, CSI
YouTube link: http://www.youtube.com/watch?v=Y13BGSObkPU&p=017C0B75EE2FA714&index=22
Change types
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=_oFu-3dmzU8&p=017C0B75EE2FA714&index=36
Configuration Item (CI)
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=BCPpjCvUf7Y&p=017C0B75EE2FA714&index=32
Configuration Management System
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=0g0LvVTForo&p=017C0B75EE2FA714&index=33
Contract
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=JXbrNT0iVk8&p=017C0B75EE2FA714&index=28
Definitive Media Library (DML)
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=8rMhBA2D4VU&p=017C0B75EE2FA714&index=34
Event
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=0kwm-SlOX1A&p=017C0B75EE2FA714&index=39
Impact, Urgency and Priority
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=NrVkNcS8xGs&p=017C0B75EE2FA714&index=42
Incident
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=KHSo3CDVeJM&p=017C0B75EE2FA714&index=41
Known Error
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=VBEOjTJSQ80&p=017C0B75EE2FA714&index=46
Known Error Data Base (KEDB)
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=k0OI3RvaKuc&p=017C0B75EE2FA714&index=47
Operational Level Agreement (OLA)
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=-KTsV-Yut1M&p=017C0B75EE2FA714&index=27
Problem
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=Jfl7z3jqRNs&p=017C0B75EE2FA714&index=44
Release policy
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=hMngLrTFcis&p=017C0B75EE2FA714&index=50
Release Unit
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=Xc86HkhFCbg&p=017C0B75EE2FA714&index=37
Resources, Capabilities and Assets
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=MOiP9FB4QPc&p=017C0B75EE2FA714&index=18
Risk
Predominantly covered in the following ITIL volume/s: Service Strategy, CSI
YouTube link: http://www.youtube.com/watch?v=QRoH9tKg3ZQ&p=017C0B75EE2FA714&index=23
Service Assets
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=RppFmg6WP_E&p=017C0B75EE2FA714&index=49
Service Catalog
Predominantly covered in the following ITIL volume/s: Service Strategy, Service Design
YouTube link: http://www.youtube.com/watch?v=bfsHFPYU-QI&p=017C0B75EE2FA714&index=20
Service Change
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=P9Ytv72bC5o&p=017C0B75EE2FA714&index=35
Service Design Package
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=C-zF6RURFgY&p=017C0B75EE2FA714&index=29
Service Knowledge Management System (SKMS)
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=dMATi0-iGRM&p=017C0B75EE2FA714&index=31
Service Level Agreement (SLA)
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=mhy2VvIvBkQ&p=017C0B75EE2FA714&index=26
Service Portfolio
Predominantly covered in the following ITIL volume/s: Service Strategy, Service Design
YouTube link: http://www.youtube.com/watch?v=_xXuhbcBUfY&p=017C0B75EE2FA714&index=19
Service Provider
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=CXRQ1kpxXn4&p=017C0B75EE2FA714&index=24
Service Request
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=_WBIun4sB74&p=017C0B75EE2FA714&index=43
Seven R’s of Change Management
Predominantly covered in the following ITIL volume/s: Service Transition
YouTube link: http://www.youtube.com/watch?v=Wqi3Vrlc8Rw&p=017C0B75EE2FA714&index=38
Supplier
Predominantly covered in the following ITIL volume/s: Service Design
YouTube link: http://www.youtube.com/watch?v=OwBfy5mIU7c&p=017C0B75EE2FA714&index=25
The role of communication in Service Operation
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=pN8AuF5iVNE&p=017C0B75EE2FA714&index=48
The role of IT Governance across the Service Lifecycle
Predominantly covered in the following ITIL volume/s: CSI
YouTube link: http://www.youtube.com/watch?v=pSvbkp2zW4w&p=017C0B75EE2FA714&index=21
Utility and Warranty
Predominantly covered in the following ITIL volume/s: Service Strategy
YouTube link: http://www.youtube.com/watch?v=HKlpHIA4nhQ&p=017C0B75EE2FA714&index=17
Workaround
Predominantly covered in the following ITIL volume/s: Service Operation
YouTube link: http://www.youtube.com/watch?v=oUCWD3Gqhh4&p=017C0B75EE2FA714&index=45
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
Tuesday, July 27, 2010
CHANGE MANAGEMENT: Sex, Drugs and Rock n Roll
Sex, Drugs and Rock n Roll (SDRR)
When reality becomes somewhat unreal
Well, for what it's worth, I just couldn't come up with an original title, so I went for one that has a higher likelihood of actually attracting some "not-your-average-day-management-article-browsing" readers. I would love to write a real essay on sex, drugs and rock and roll, and one-day I probably will, but not right now. No, this time I feel it's appropriate to highlight change management as part of project management. What is change management? Why do we need it? What's the approach that PMBOK and PRINCE2, as leading project management frameworks, take towards managing change so ultimately project chaos can be avoided or at least reduced to acceptable levels? So I sincerely apologize for altering your reality and not meeting your expectations by discussing SDRR to a level that suits your immediate needs. Please bear with me and things may yet turn out to be more exciting than the eye reveals, or actually your mind reveals, at first glance.
When reality is described by a single word
For some people everyday reality seems to consist of work-eat-sleep-and-multiply, and 'no' I won't go into any specific sequence of aforementioned activities, but believe that drugs and rock n roll may have either a stimulating or inhibiting effect on one or more of these reality-creating components. I told you I would try to keep it a bit exciting, as I would like to meet at least some of your expectations that were set by this article's oh-so promising and inviting title! For many other people, especially those involved in running, managing or supporting projects, everyday reality may well be described by a single word, which is 'CHAOS', utter and complete chaos! I bet some of you are showing the first glimpse of a smile on their face, and are thinking "Yeah - I know where this going!" Come on, it all started so well... New - really cool leading edge - project... lots of commitment, involvement and excitement... lots of promises being made... great schedule... abundance of resources... fantastic team... nice budget... it all seems too good to be true.
When reality starts to sink in
Yeah, we've all been there and we've all gone through the same pain and pleasure of running projects. Initially everything runs according to project management plan, but then these peculiar messages start to penetrate your shield of near project management perfection, such as:
Don't you love it when a plan comes together (Hannibal, The A-Team), and don't you hate it when it doesn't? Well, speaking from experience, when working in project management space better straighten your expectations starting right now: Murphy's law (when things can go wrong - they will go wrong) ensures that project management plans never come together, unless you actively stay right on top of them for 200% of the time!
When Murphy takes over your reality
There are at least two important factors that make Murphy's reality a very real and tangible one. I'm not saying they are the only two factors, but I have all reason to believe they are in the top-5 and they won't be giving away their position any time soon. I believe the first factor to be communication related and the second one to be scope related, although I ultimately believe that scope issues (we're going to talk about scope-creep in more detail) can be avoided by investing enough energy and time in the way we communicate.
Now before I start divulging my communication and scope related secrets and humble opinion, I feel it's appropriate to give you a bit of an idea where and if these topics are covered within the two leading project management frameworks: PMI's PMBOK and OGC's PRINCE2. Although some claim these frameworks are as different as chalk and cheese, I don't share this opinion and actually feel they're quite similar on the inside although they appear to be quite different on the outside. Both frameworks use the concept of a project (management) life-cycle that reflects the project's "natural" evolution.
When different realities turn out to be quite similar
PMI's PMBOK presents 5 so called process groups, which are:
OGC's PRINCE2 presents 7 individual processes, which are:
Surely you're able to pick up the similarities between these two very "different" approaches. Both frameworks also refer to a number of concepts that are important to our understanding of project management. Whereas PMI's PMBOK refers to so called knowledge areas, OGC's PRINCE2 prefers using the terminology themes.
PMBOK's nine knowledge areas:
PRINCE2's seven themes:
I guess however you twist and turn this they do seem quite similar to me, and are even in perfect balance when taking the somewhat unscientific (and that's an understatement) approach of 'dumping' these items on both sides of the scales (5+9 versus 7+7). Yeah, go weird, just add a third framework of 14 items and 3x14 = 42, which as always is the answer to life, the Universe and everything else (read the Hitchhiker's Guide to the Galaxy by Douglas Adams). Where did I get stuck in this text... Oh... yes... communication and scope!
WORK IN PROGRESS - SHOULD BE FINISHED SOON :-)
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
When reality becomes somewhat unreal
Well, for what it's worth, I just couldn't come up with an original title, so I went for one that has a higher likelihood of actually attracting some "not-your-average-day-management-article-browsing" readers. I would love to write a real essay on sex, drugs and rock and roll, and one-day I probably will, but not right now. No, this time I feel it's appropriate to highlight change management as part of project management. What is change management? Why do we need it? What's the approach that PMBOK and PRINCE2, as leading project management frameworks, take towards managing change so ultimately project chaos can be avoided or at least reduced to acceptable levels? So I sincerely apologize for altering your reality and not meeting your expectations by discussing SDRR to a level that suits your immediate needs. Please bear with me and things may yet turn out to be more exciting than the eye reveals, or actually your mind reveals, at first glance.
When reality is described by a single word
For some people everyday reality seems to consist of work-eat-sleep-and-multiply, and 'no' I won't go into any specific sequence of aforementioned activities, but believe that drugs and rock n roll may have either a stimulating or inhibiting effect on one or more of these reality-creating components. I told you I would try to keep it a bit exciting, as I would like to meet at least some of your expectations that were set by this article's oh-so promising and inviting title! For many other people, especially those involved in running, managing or supporting projects, everyday reality may well be described by a single word, which is 'CHAOS', utter and complete chaos! I bet some of you are showing the first glimpse of a smile on their face, and are thinking "Yeah - I know where this going!" Come on, it all started so well... New - really cool leading edge - project... lots of commitment, involvement and excitement... lots of promises being made... great schedule... abundance of resources... fantastic team... nice budget... it all seems too good to be true.
When reality starts to sink in
Yeah, we've all been there and we've all gone through the same pain and pleasure of running projects. Initially everything runs according to project management plan, but then these peculiar messages start to penetrate your shield of near project management perfection, such as:
- Could we move that wall here, rather than having it over there?
- Someone decided to start painting two weeks ahead of schedule!
- The customer approved this extension yesterday? Why didn't anyone inform me?
- What do you mean our key architect just changed jobs?
- When did management decide to cut the budget by 20%?
- No, I can't have this test finished by tomorrow and I don't care that you're behind on your own schedule! Just let me do my work!
- Who decided to use a different supplier? Their components don't have the quality we need to finish this job according to the customer's requirements.
- Why are we three weeks behind schedule and $50,000 over budget? Doesn't anyone here keep anything under control anymore?
- Who decided the team could do overtime? This means we're going to blow our budget bigtime!
- What do you mean the customer decided to delay payments until March?
Don't you love it when a plan comes together (Hannibal, The A-Team), and don't you hate it when it doesn't? Well, speaking from experience, when working in project management space better straighten your expectations starting right now: Murphy's law (when things can go wrong - they will go wrong) ensures that project management plans never come together, unless you actively stay right on top of them for 200% of the time!
When Murphy takes over your reality
There are at least two important factors that make Murphy's reality a very real and tangible one. I'm not saying they are the only two factors, but I have all reason to believe they are in the top-5 and they won't be giving away their position any time soon. I believe the first factor to be communication related and the second one to be scope related, although I ultimately believe that scope issues (we're going to talk about scope-creep in more detail) can be avoided by investing enough energy and time in the way we communicate.
Now before I start divulging my communication and scope related secrets and humble opinion, I feel it's appropriate to give you a bit of an idea where and if these topics are covered within the two leading project management frameworks: PMI's PMBOK and OGC's PRINCE2. Although some claim these frameworks are as different as chalk and cheese, I don't share this opinion and actually feel they're quite similar on the inside although they appear to be quite different on the outside. Both frameworks use the concept of a project (management) life-cycle that reflects the project's "natural" evolution.
When different realities turn out to be quite similar
PMI's PMBOK presents 5 so called process groups, which are:
- Initiating process group
- Planning process group
- Executing process group
- Monitoring and controlling process group
- Closing process group
OGC's PRINCE2 presents 7 individual processes, which are:
- Starting up a project
- Directing a project
- Initiating a project
- Controlling a stage
- Managing product delivery
- Managing a stage boundary
- Closing a project
Surely you're able to pick up the similarities between these two very "different" approaches. Both frameworks also refer to a number of concepts that are important to our understanding of project management. Whereas PMI's PMBOK refers to so called knowledge areas, OGC's PRINCE2 prefers using the terminology themes.
PMBOK's nine knowledge areas:
- Project integration management
- Project scope management
- Project time management
- Project cost management
- Project quality management
- Project human resources management
- Project communications management
- Project risk management
- Project procurement management
PRINCE2's seven themes:
- Business case
- Organization
- Quality
- Plans
- Risk
- Change
- Progress
I guess however you twist and turn this they do seem quite similar to me, and are even in perfect balance when taking the somewhat unscientific (and that's an understatement) approach of 'dumping' these items on both sides of the scales (5+9 versus 7+7). Yeah, go weird, just add a third framework of 14 items and 3x14 = 42, which as always is the answer to life, the Universe and everything else (read the Hitchhiker's Guide to the Galaxy by Douglas Adams). Where did I get stuck in this text... Oh... yes... communication and scope!
WORK IN PROGRESS - SHOULD BE FINISHED SOON :-)
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
Friday, June 4, 2010
ITIL: H2I - Chapter the Fourth - When Squares Become Circles
The Hitchhiker’s Guide to ITIL – EXAM Preparation Guide
Introducing the Service Lifecycle Model
Probably one of the biggest changes made to the ITIL library when comparing it to previous versions is the introduction of the service life-cycle concept. Where earlier versions seemed to be a bit of a service management hotchpotch – this version, labeled ITIL v3 is clearly more structured and guides the reader from service strategy all the way 'down' to service operation, and clearly emphasizes the importance of continual service improvement.
The five volumes that make up the Service Lifecycle are:
As with everything else in our world, things have a beginning and most often also some sort of ending. Where and when ITIL will end (if it ever does) is only known to those with the gift of foresight, but when and where it started is crystal clear. We’ll have to go back to the late 80s, and more precisely we’ll have to go to the United Kingdom to a place called Norfolk.
It all started with the CCTA – the Central Computing and Telecommunications Agency – collecting and publishing “best practices” on how to setup and manage IT environments. The first set of publications was released late 80s and had more than 40 volumes in it. This first set worked pretty well for IT environments as they were used in the late 80s: “mainframes and dumb terminals”. With the rise of the 90s “best practices” in IT started to change and they changed dramatically. PCs, LANs, WANs, distributed computing, the almighty Internet, even mightier e-commerce and outsourcing were new phenomena that just didn’t (to most people) exist in the 80s. In other words, there were many valid reasons to rewrite the ITIL publications as written in the late 80s, and to release a new set of volumes in the late 90s. This new set consisted of 9 loosely connected volumes. With the change from ITIL v1 (late 80s: 40+ volumes) to ITIL v2 (late 90s: 9 volumes) CCTA decided to change their name into OGC: The Office of Government Commerce.
Office of Government Commerce: http://www.ogc.gov.uk
By now, ITIL (Information Technology Infrastructure Library) had gained a lot of popularity and was known and used by many public and private organizations around the world to increase the efficiency and effectiveness of delivering services to their customers. The ITIL v2 model was basically a big square (rectangle) depicting the nine (9) volumes in various states of overlap and synergy. An interesting fact remains that most ITIL courses were constructed around only 2 of the 9 volumes from the ITIL v2 set, hence its full potential was never fully utilized or understood.
When Squares:
The story continues in much the same way when we’re extending the time line from late 90s to late 00s (2007). Because of changes business models, changing technologies, and changing “best practices” ITIL needed to be rewritten again, hence ITIL v3 was born. This time the set only contains 5 core volumes (the ITIL core set), but the main difference compared to the previous two ITIL versions is that ITIL v3 no longer consists of loosely connected volumes, but of tightly connected volumes. It’s almost impossible to read any of the 5 books in isolation, because it’s really just one book cut in 5 digestible pieces – well at least that’s my opinion. I guess OGC cannot sell ITIL as one volume, otherwise it would hardly be a library anymore!
Become Circles:
It's also interesting to note that when ITIL v2 was rewritten, the new version was labeled ITIL v3 Refresh. Unfortunately there are so many typos and inconsistencies in the ITIL v3 Refresh version, that it's currently been 'rewritten' again. The new version is labeled ITIL v3 Refresh Refresh - I wonder why it's not simply called ITIL v3.1 (like CobiT 4.1). Why make things really simple if you can make them really complex and confusing! I believe that adoption rate of any framework is directly related to its simplicity, but then again, who am I?
The Service Lifecycle
The Service Lifecycle is quite an ingenious model, and makes absolute sense. Before you start to do anything you need strategy, direction, focus and yeah - some money too (Service Strategy). What type of services are we going to provide, and do we have the resources and capability to provide them? How do we transform our IT assets into added value to the business?
If we all agree what type of services we want to deliver, then the next step is to ensure the infrastructure will be capable to deliver against the requirements as identified in the strategy. In other words we need to design (and plan for) (Service Design) our new or changed services. We need to plan for capacity, availability, information security, and service continuity (disaster recovery management).
Once we’ve established how we’re going to deliver the new or changed services, and we’ve ensured all capability can be catered for (people, processes, products, and partners), it’s time to handover to that part of the organization who will manage the transition from the “old” infrastructure to the “new” infrastructure (Service Transition). It’s the service transition processes and functions that will manage the full-blown change related processes (and its associated functions), such as Change Management, Service Asset and Configuration Management, and Release and Deployment Management.
Service transition will also need to plan for the handover from project environment to operational/production/live environment. Once the new or changed service is implemented and live it needs maintenance and ongoing support. The operational processes, like Incident Management, Problem Management, and the function Service Desk provide just this type of support (Service Operation).
Many organizations work with the phrase: “If it ain’t broken don’t fix it!” ITIL uses a different type of phrase: “If it ain’t broken, can we still improve it, without breaking it, and doing so in a cost-effective way?” The second phrase is likely to put you in a more competitive advantage, where you’re continuously improving, and your competitor isn’t. In other words, we need to create a culture and structure that supports continual service improvement (Continual Service Improvement). We need to implement and run a continual service improvement process that keeps us on the tip of our toes at all times! All processes, functions and roles in all ITIL books should be open minded towards improving whatever they’re already doing.
ALICE: Our famous hotel chain “Constellation Hotels” is bombarded with questions from their customers who would like to book their accommodation online. Currently bookings can only be made via telephone, fax, or hotel reception (walk-in-facility). How would you progress through the various stages of the Service Lifecycle to add/upgrade services to the current environment? Who is doing what, and why?
Service Lifecycle Structure
The structure of the core five volumes is in the form of a (service) lifecycle. It is iterative and multidimensional (well, that’s what it says in the book). Sounds pretty groovy: multidimensional! The core provides structure, stability and strength to Service Management capabilities with durable principles, methods and tools. The guidance can be adapted and adopted by all organizations, small and large, public and private, commercial and not-for-profit.
The ITIL core consists of the following five publications:
Service Lifecycle Components
The ITIL Library consists of the following components:
ITIL's key online web resources can be found here: http://www.itil-officialsite.com
Service Strategy
Service Strategy Goals:
Service Strategy Objectives:
Service Strategy Business Value:
Service Design
Service Design Goals:
Service Design Objectives:
Service Design Business Value:
Service Transition
Service Transition Goals:
Service Transition Objectives:
Service Transition Business Value:
Service Operation
Service Operation Goals:
Service Operation Objectives:
Service Operation Business Value:
Each stage in the ITIL Service Lifecycle provides value to business.
Continual Service Improvement
Continual Service Improvement Goals:
Continual Service Improvement Objectives:
Continual Service Improvement Business Value:
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office.
Introducing the Service Lifecycle Model
Probably one of the biggest changes made to the ITIL library when comparing it to previous versions is the introduction of the service life-cycle concept. Where earlier versions seemed to be a bit of a service management hotchpotch – this version, labeled ITIL v3 is clearly more structured and guides the reader from service strategy all the way 'down' to service operation, and clearly emphasizes the importance of continual service improvement.
The five volumes that make up the Service Lifecycle are:
- Service Strategy
- Service Design
- Service Transition
- Service Operation
- Continual Service Improvement
As with everything else in our world, things have a beginning and most often also some sort of ending. Where and when ITIL will end (if it ever does) is only known to those with the gift of foresight, but when and where it started is crystal clear. We’ll have to go back to the late 80s, and more precisely we’ll have to go to the United Kingdom to a place called Norfolk.
It all started with the CCTA – the Central Computing and Telecommunications Agency – collecting and publishing “best practices” on how to setup and manage IT environments. The first set of publications was released late 80s and had more than 40 volumes in it. This first set worked pretty well for IT environments as they were used in the late 80s: “mainframes and dumb terminals”. With the rise of the 90s “best practices” in IT started to change and they changed dramatically. PCs, LANs, WANs, distributed computing, the almighty Internet, even mightier e-commerce and outsourcing were new phenomena that just didn’t (to most people) exist in the 80s. In other words, there were many valid reasons to rewrite the ITIL publications as written in the late 80s, and to release a new set of volumes in the late 90s. This new set consisted of 9 loosely connected volumes. With the change from ITIL v1 (late 80s: 40+ volumes) to ITIL v2 (late 90s: 9 volumes) CCTA decided to change their name into OGC: The Office of Government Commerce.
Office of Government Commerce: http://www.ogc.gov.uk
By now, ITIL (Information Technology Infrastructure Library) had gained a lot of popularity and was known and used by many public and private organizations around the world to increase the efficiency and effectiveness of delivering services to their customers. The ITIL v2 model was basically a big square (rectangle) depicting the nine (9) volumes in various states of overlap and synergy. An interesting fact remains that most ITIL courses were constructed around only 2 of the 9 volumes from the ITIL v2 set, hence its full potential was never fully utilized or understood.
When Squares:
The story continues in much the same way when we’re extending the time line from late 90s to late 00s (2007). Because of changes business models, changing technologies, and changing “best practices” ITIL needed to be rewritten again, hence ITIL v3 was born. This time the set only contains 5 core volumes (the ITIL core set), but the main difference compared to the previous two ITIL versions is that ITIL v3 no longer consists of loosely connected volumes, but of tightly connected volumes. It’s almost impossible to read any of the 5 books in isolation, because it’s really just one book cut in 5 digestible pieces – well at least that’s my opinion. I guess OGC cannot sell ITIL as one volume, otherwise it would hardly be a library anymore!
Become Circles:
It's also interesting to note that when ITIL v2 was rewritten, the new version was labeled ITIL v3 Refresh. Unfortunately there are so many typos and inconsistencies in the ITIL v3 Refresh version, that it's currently been 'rewritten' again. The new version is labeled ITIL v3 Refresh Refresh - I wonder why it's not simply called ITIL v3.1 (like CobiT 4.1). Why make things really simple if you can make them really complex and confusing! I believe that adoption rate of any framework is directly related to its simplicity, but then again, who am I?
The Service Lifecycle
The Service Lifecycle is quite an ingenious model, and makes absolute sense. Before you start to do anything you need strategy, direction, focus and yeah - some money too (Service Strategy). What type of services are we going to provide, and do we have the resources and capability to provide them? How do we transform our IT assets into added value to the business?
If we all agree what type of services we want to deliver, then the next step is to ensure the infrastructure will be capable to deliver against the requirements as identified in the strategy. In other words we need to design (and plan for) (Service Design) our new or changed services. We need to plan for capacity, availability, information security, and service continuity (disaster recovery management).
Once we’ve established how we’re going to deliver the new or changed services, and we’ve ensured all capability can be catered for (people, processes, products, and partners), it’s time to handover to that part of the organization who will manage the transition from the “old” infrastructure to the “new” infrastructure (Service Transition). It’s the service transition processes and functions that will manage the full-blown change related processes (and its associated functions), such as Change Management, Service Asset and Configuration Management, and Release and Deployment Management.
Service transition will also need to plan for the handover from project environment to operational/production/live environment. Once the new or changed service is implemented and live it needs maintenance and ongoing support. The operational processes, like Incident Management, Problem Management, and the function Service Desk provide just this type of support (Service Operation).
Many organizations work with the phrase: “If it ain’t broken don’t fix it!” ITIL uses a different type of phrase: “If it ain’t broken, can we still improve it, without breaking it, and doing so in a cost-effective way?” The second phrase is likely to put you in a more competitive advantage, where you’re continuously improving, and your competitor isn’t. In other words, we need to create a culture and structure that supports continual service improvement (Continual Service Improvement). We need to implement and run a continual service improvement process that keeps us on the tip of our toes at all times! All processes, functions and roles in all ITIL books should be open minded towards improving whatever they’re already doing.
ALICE: Our famous hotel chain “Constellation Hotels” is bombarded with questions from their customers who would like to book their accommodation online. Currently bookings can only be made via telephone, fax, or hotel reception (walk-in-facility). How would you progress through the various stages of the Service Lifecycle to add/upgrade services to the current environment? Who is doing what, and why?
Service Lifecycle Structure
The structure of the core five volumes is in the form of a (service) lifecycle. It is iterative and multidimensional (well, that’s what it says in the book). Sounds pretty groovy: multidimensional! The core provides structure, stability and strength to Service Management capabilities with durable principles, methods and tools. The guidance can be adapted and adopted by all organizations, small and large, public and private, commercial and not-for-profit.
The ITIL core consists of the following five publications:
- Service Strategy (most left picture below),
- Service Design,
- Service Transition,
- Service Operation, and
- Continual Service Improvement (most right picture below).
Service Lifecycle Components
The ITIL Library consists of the following components:
- The ITIL core – best practice guidance applicable to all types of organisations who provide services to a business.
- The ITIL complementary guidance – a complementary set of publications with guidance specific to industry sectors, organisation types, operating models and technology architectures.
- The online web resources.
ITIL's key online web resources can be found here: http://www.itil-officialsite.com
Service Strategy
Service Strategy Goals:
- To support the organisation in transforming service management into a strategic asset.
- To provide a clear insight into the relationships between various services, systems, processes, business models, strategies, and objectives.
Service Strategy Objectives:
- What services should we offer, why and to whom?
- Surely we don't want to look like our competitors, so how are we going to differentiate ourselves?
- At when moment in time will the customers perceive our services as to be valuable to their business?
- How do we capture and grow this value?
- What type of business case do we need to prepare for this specific investment?
- How can finance support us to have insight into the costs of delivering services?
- How are we going to define quality? How do we measure it?
- Which of the alternatives is the very best given our specific situation?
- How do resource the services (buy, make, rent, outsource, etc.)
- How do we keep everyone happy (resolve conflicting demands for resources)?
Service Strategy Business Value:
- We actually know what we're going to do
- We know the best order in which to do these things
- We understand the costs and risks of what we're going to do
- We'll make sure we're ready to deliver when push comes to shove
- We'll be different and unique in the things we're doing
- We make sure that the business noses and IT noses point in the same direction (business and IT alignment)
Service Design
Service Design Goals:
- To design new or changed services for introduction into the live environment. Taking into consideration the impact on the overall service, management systems and tools, architectures, technology, service Management processes, measurements and metrics.
Service Design Objectives:
- To ensure that new or changed service is consistent with all other services.
- To ensure that technology architectures and management systems are consistent with the new or changed service.
- To ensure that processes, roles, responsibilities and skills have the capability to operate, support and maintain the new or changed service.
- To ensure that existing measurement methods can provide the required metrics on the new or changed service.
Service Design Business Value:
- Reduced Total Cost of Ownership (TCO)
- Improved quality of service
- Improved consistency of service
- Easier implementation of new or changed services
- Improved service alignment
- More effective service performance
- Improved IT governance
- More effective Service Management and IT processes
- Improved information and decision-making
Service Transition
Service Transition Goals:
- To assist organisations seeking to plan and manage service changes and to deploy service releases into the production environment successfully.
Service Transition Objectives:
- To plan and manage change related resources
- To minimise unpredicted impact
- To increase satisfaction amongst all staff
- To increase proper use of the services
- To provide plans that align customer and business change projects with the Service Transition plans
Service Transition Business Value:
- Improved cost, timing, resource and risk estimation
- More successful change
- Change easier to adopt and follow
- Reuse of assets across projects and services
- Reduced delays from unexpected clashes/dependencies
- Reduced effort spent managing test/pilot environments
- Improved expectation setting
- Increased confidence
- Maintainable and cost-effective services
Service Operation
Service Operation Goals:
- To coordinate and carry out the activities and processes required to deliver and manage services at agreed levels to business users and customers.
- Service Operation is also responsible for the ongoing management of the technology that is used to deliver and support services.
Service Operation Objectives:
- Day-to-day operation of processes:
- Conduct
- Control
- Manage
- Systemically:
- Monitor performance
- Assess metrics
- Gather data
Service Operation Business Value:
Each stage in the ITIL Service Lifecycle provides value to business.
- Service value is modeled in Service Strategy.
- Cost of the service is designed, predicted and validated in Service Design and Service Transition.
- Measures for optimization are identified in Continual Service Improvement.
- Service Operation is where these plans, designs and optimizations are executed and measured.
- From a customer viewpoint, Service Operation is where actual value is seen.
Continual Service Improvement
Continual Service Improvement Goals:
- To continually align and realign IT services to the changing business needs by identifying and implementing improvements to IT services that support business processes.
To continually look for ways to improve process effectiveness, efficiency as well as cost effectiveness.
Continual Service Improvement Objectives:
- Review, analyze and make recommendations on improvement opportunities
- Review, analyze and make recommendations on Service Level Achievement results
- Identify and implement individual activities to improve
- Improve cost effectiveness of delivering services without sacrificing customer satisfaction
- Ensure applicable quality management methods are used
Continual Service Improvement Business Value:
- Tangible:
- Improvements
- Benefits
- ROI (Return on Investment)
- VOI (Value on Investment)
- Intangible:
- Increased organizational competency
- Integration between people and processes
- Reduction of redundancy increases business throughput
- Minimized lost opportunities
- Assured regulatory compliance that will minimize costs and reduce risk
- Ability to react to change rapidly
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office.
Sunday, May 16, 2010
IT GOVERNANCE: Battle of Giants
Battle of Giants
Preface
Yeah, it’s time for yet another article. I’ve just consumed my daily doses of caffeine and somewhere in the background the wonderful harp music of Andreas Vollenweider is doing its magic. Magic, a curious thing – I wonder how that applies to something like service management (and “yes” I’m still dropping the IT). Can magic be found in frameworks, standards and methods? I believe the answer to be positive; it all depends on how one observes the world. I ‘recently’ stumbled upon (which is also a fantastic tool: stumble upon) the world of IT governance (feel free to drop the IT again), and jeepers creepers I felt like walking into Ali Babi’s cave filled with unspeakable treasures. Join me; enter the cave and who knows we might even find some magic lamps.
Introduction
The reason this article is called “Battle of Giants” is twofold. Firstly it sounds pretty groovy and hopefully visualises battles like the ones you find in “Return of the King” where the good guys are fighting the bad guys with enormous battle-axes, lances, and catapults. Secondly, because I’m thinking a bloody battle between the following giants: OGC and ISACA/PMI. Yeah, call me weird and join the crowd. For those that still don’t have a clue: OGC owns ITIL and Prince2, ISACA owns CobiT and Val IT, and PMI owns PMBOK. OGC is based in the UK, and both ISACA and PMI are based in the US. Did I just see you raise your eyebrows, or at least one, like Mr. Spock?
Yes, Father, I have sinned, as I no longer believe ITIL and Prince2 are the only truth, and feel tempted to join these other religions called ISACA and PMI, as they have more structure and seem to make a Hell lot of more sense as frameworks. Please guide me, for I have lost my way and need your advice.
Well, in this article we won’t be assessing all these frameworks, but will be focusing on ISACA’s cave of treasures. Surely, I need to give myself some space for sequels, prequels, and those that fall somewhere in between (the sneaquels, as they seem to sneak in between episodes).
ISACA’s Cave of Credits
I used to be a member of the itSMF for many years, but recently decided to swap my membership to some other organisations including ISACA and PMI. Sure, the itSMF can claim until the end of time that they’re not fully ITIL and OGC aligned, but “hey presto” they’re doing a lot of ITIL, seem to backup a lot of OGC and aren’t really doing so much of the other stuff, and hence I felt it was necessary to step into the dark side’s territory and explore some new forces firsthand. To be honest I’m glad I did and not a moment too soon!
Admitted both ISACA’s and PMI’s websites are pretty crappy, although ISACA is about to launch their revamped website. They’re both ugly ducklings from the outside, but it’s funny because once you’re on the inside you get immediate access to all the prices, and the ugly duckling turns into a beautiful swan (like the lake Geneva (CH) swans). It’s like looking at a Citroën 2CV (deux chevaux) with a Ferrari engine under the bonnet. Everything you can’t find with (or would expect to come from) the itSMF or OGC you can find with ISACA and PMI and most importantly at a reasonable and affordable price, meaning you don’t have to pay ridiculous amounts like £5,000 per annum for something that’s basically all based on using your common sense and a teaspoon of yin-yang and logic. ISACA and PMI are not offering crappy 2-page newsletters (sorry itSMF) that are filled with advertisements of overpriced consultancy agencies and delivering-no-quality-whatsoever training organisations, but are offering real journals (magazines) with articles that provide sincere value and are actually interesting reading material too. I’m sure itSMF will become aware of this article at some time any maybe it will open their eyes, and maybe, just maybe, they will follow ISACA/PMI’s example and start publishing a real IT Service Management Journal without all those crappy advertisements. Ah well, it’s just a lone ranger’s thought! It’s funny as it’s all about providing value to customers – or isn’t it?
So, should you become a member of ISACA (IT Governance) and PMI (Project Management Institute)? I believe you should, and rather sooner than later, and hey I don’t have anything to gain by saying this, and merely am trying to share my experience with you my loyal readers out there.
Entering the Cave
ISACA offers a number of accessibility options to their materials. The easiest one is to hop on their website (http://www.isaca.org), register for absolutely zilch, nada, nothing and immediately get access to a number of their most important publications being CobiT v4.1 and Val IT 2nd edition – this is known as “basic subscriber” membership. The CobiT v4.1 and Val IT 2nd edition documents become available as downloadable PDFs, and it feels like downloading ITIL v3 for free. If you don’t like ITIL’s somewhat unorganised structure, then you’ll be most happily surprised with ISACA’s documents. I can safely and confidently say that CobiT v4.1 has exactly 34 processes that allow you to put more control and governance in place in those areas of IT where it is most needed. If you ask me how many processes ITIL v3 has, then honestly I can’t give you a clear answer, and that doesn’t make any sense as I’m allowed to call myself an ITIL v3 Expert, which at that moment seems to lose a lot of its intrinsic value. So, to make a long story short, there are heaps of ISACA resources available to those who take a couple of minutes filling out a form with their name and address, and Bob will be your uncle in no time at all.
ISACA also offers a “baseline” access model, which means you don’t’ even have to fill out a form and still get access to some documents, including CobiT v4.1. I guess for those taking the effort of typing in ISACA’s full URL in a browser, filling out a simple form to become a “basic subscriber” is probably valuable considering all the extras you get access to. For me, personally, I wouldn’t even consider the “baseline” access model, unless you don’t want your full name in their database, but in that case you probably shouldn’t be working in IT al all. Surely you’re aware that Big Brother is watching your every step.
So, at the lowest level we’ve got “baseline” access (casual website visitor), the next level up is known as “basic subscriber” access (filling out a form with your name), and the most complete type of access is granted when you become a “full subscriber” (paying an annual subscription fee). As a full subscriber you’ll get access to the full ISACA cave, except one small crevice that’s labelled “CobiT Online”, but by the time you decide to become a full member you’ll most likely also tick this box.
Here’s a small list you get access to when you become a “full subscriber”:
The list of files that can be downloaded just goes on, and on, and on. I can’t tell you how surprised I was when I compared this to “all” the resources made available by organisations like the itSMF and OGC, which is literally close to nothing – even if you’re a paying member. Ah well, one lesson learned for me; don’t judge on organisation by its appearances (website) only.
Exploring the Cave
Funny isn’t it – you walk into a cave, holding your flickering torch high in front of you, expecting to find nothing, as this is what happened to me on countless explorations before, and all of a sudden you start to see the shimmering reflections of rubies, emeralds, sapphires, and diamonds. Where do I start, and how much weight (treasures) can I carry, or am I allowed to carry with me?
Well, we’ll start by mentioning that ISACA and ITGI (IT Governance Institute) have a lot in common (and that’s a grand understatement) as they’re both about IT governance which is defined by them as:
“IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and processes that the enterprise’s IT sustains and extends the organisation’s strategies and objectives.”
You start wondering why all these organisations come up with these wonderfully artificially constructed sentences that in all reality no-one uses. They probably have a secret well hidden room where people (nope, I don’t want to go into stereotypes right now) spent most of their lives creating cryptic definitions, so we have something to decipher. I guess what I’m reading between the lines is this:
“IT Governance means that people need to be held accountable and responsible for their actions, need to understand why they are doing (IT) things the way they are doing them, and foremost keep doing the right (IT) things (now and in the future).”
Did that help? Probably not! Yeah, I’m laughing out loud! So, it’s roughly about ensuring that the right people are doing the right things for the right seasons (typically creating some type of value to the business) and whilst doing so managing risks adequately. No, it’s not always about minimising risks, because not all risks are negative, and some residual risk may well be accepted by the business. Some risks represent opportunities and can be extremely positive. Come on, those Google guys took some risk leaving University a bit too early, but no one is blaming or pointing the finger at them now!
Okay, I think we’re going a bit off track here and that’s something you don’t want to do when you’re wandering through the “IT governance” cave, as this cave is all about putting control in place, so you know exactly where you are and where you’re heading towards at every single moment in time. IT governance is the set of “minimum” internal and external rules, standards, policies, and guidelines you apply to the management of your IT (yeah, that too). IT is getting incredibly significant and business critical to an ever increasing number of organisations around this tiny blue planet, and without the right set of controls in place it will be virtually impossible to reap the full benefits of IT and its supporting infrastructure. Worse, without proper controls in place, IT may actually damage the business beyond repair, which reminds me of a list of credit-card numbers that was publicly published on the Internet not so long ago.
The Val IT Crevasse
It’s funny as many of ISACA’s resources seem to be in orbit (at least in my opinion) around CobiT, whereas maybe, just maybe, they should actually be in orbit around Val IT. I guess orbit and CobiT seem more related, in characters only, than orbit and Val IT. Nope, that can’t be right and it isn’t hence some things are about to get changed bit time (see Area 51).
Val IT is all about creating, monitoring and optimising value from IT investments with an acceptable level of risk. Val IT sets good practices for the ends: “This is what we need to achieve as a business – if we don’t then we’re in deep sh#@”! Well, please tell me, are we doing the right things and are we reaping the needed and expected benefits? Again, this is Val IT space! Its whole focus is aimed at strategic management levels so strategic value can be harvested.
Val IT covers three key domains:
Val IT is also about ensuring that any governance as applied to IT (wherever, whenever, whoever) is properly aligned with the broader Enterprise governance of IT (wherever, whenever, whoever). Val IT’s focus is on selecting and driving the right programmes that create value to the business. It provides three domains (see above), 22 processes and a whopping 69 management practices to help management get on their way and hit the ground running. Personally I absolutely adore this framework as it tells me exactly what needs to done in order to be able to answer the following two key questions:
This framework doesn’t leave any ambiguity as where and how to start unlike the ITIL framework. Yeah, this needs to be said: ISACA answers the “what needs to be done!” question, whereas frameworks like ITIL, MOF and their brethren are more about filling in some of the “how to do” things. As such ISACA’s Val IT framework needs to be visualised as sitting on top of these other frameworks (and driving them), and I believe it makes sense to look at Val IT and CobiT before looking at frameworks like ITIL and MOF. We need to understand what needs to be controlled and protected, before we start to run around like headless chickens controlling and protecting the wrong stuff!
Figure 1 - Val IT and CobiT
The CobiT Crevasse
So, yeah, most of ISACA’s documents and resources seem to be in orbit around CobiT (I somehow seem to like using these two words close together: “CobiT Orbit”). So, what’s this CobiT thing all about? It’s probably easiest when you compare CobiT to Val IT. Whereas Val IT revolves around “strategy” and “value”, CobiT revolves around “architecture” and “delivery”. So basically CobiT sits one level below Val IT, and frameworks like ITIL and MOF are positioned below CobiT. I know, ITIL is trying to raise the bar into strategic spheres, but it’s not there as yet, and the current ITIL v3 volume “Service Strategy” needs a major rewrite before it even comes close to Val IT’s potential.
CobiT is basically about putting program results (as selected by Val IT) into the live environment so they (read the individual projects) start to deliver value and keep delivering value.
CobiT covers four key domains:
CobiT’s focus is twofold, but can be summarised as providing a business focus (linking business goals to IT goals) and process focus (being able to plan, build, run and monitor IT). CobiT fulfils the business need for assurance about the value of IT, the management of IT-related risks and increased requirements for control over information. Please realise that value, risk and control constitute the very core of IT governance.
CobiT provides four domains (see above), 34 processes and a whopping 210 control objectives. Please notice the subtle difference in terminology used here: Val IT refers to management practices, whereas CobiT refers to control objectives. In all reality both tell you what needs to be done, or reading between the lines: “get your lazy bum of the chair and start to take some action!”
CobiT rocks, as it tells me exactly what needs to done in order to be able to answer the following two key questions:
It’s not easy, not easy at all, to write a final paragraph on this section that covers CobiT, as it merely provides you with a glimpse of its enormous potential.
Ask yourself the following questions:
After studying CobiT and Val IT for some time now, I’ve come to the conclusion that CobiT can actively assist you in answering the above mentioned questions, and that’s just scraping the tip of the iceberg!
Area 51
Anyone that knows me a little bit, knows I’m a huge fan of anything science fiction, and hence my interest for Area 51. Come on, who wouldn’t want to meet some three-headed green aliens, or an alien like Alf (I’m sure Alf’s producer didn’t like cats very much)? ISACA is a bit like Area 51, and those caves of Ali Baba, with all its treasures about to be unearthed. Oh, and yes, there’s another reason why I’ve called this section Area 51. At this moment of writing ISACA has announced that it will start working on the next release of CobiT – my guess is that it’s going to be called CobiT v5.0 (or ValCobiT v5.0). As CobiT v4.0 quickly got an update to CobiT v4.1, I assume the same will happen to CobiT v5.0, and voila we’ve landed in Area 5.1. It’s my understanding that the merger of CobiT and Val IT into one integrated framework will be a key feature of this new release. Maybe it’s time to apply some SOA (Service Oriented Architecture) principles to frameworks, and make them more flexible, modular and extensible. I recommend anyone to keep a close eye on the movements of this update, as with some of the how-s answered, this framework has all potential to make the gap with its competing brethren a lot wider, and you’d better make sure you’re on the right side!
Epilogue
The positive effects of my daily doses of caffeine are slowly but surely diminishing, so now is as good a time as ever to leave Area 51 and Ali Baba’s caves behind us. I hope some of my passion for CobiT and Val IT has come across to you. I believe these two frameworks have an enormous potential as yet undiscovered by many boards and senior executives who not unlike most other lemmings follow the ITIL scent. Make sure you understand and use the full potential of all these available frameworks. To those senior executives who may be reading this article I recommend having a look at the “CobiT Related Publications - Board Briefing on IT Governance, 2nd Edition” document as downloadable PDF from ISACA’s website. May the force be with you, and CobiT guard you on your path to extreme success and happiness.
Glossary of Terms
References
http://www.itgi.org
http://www.isaca.org
http://www.itsmfi.org
http://www.pmi.org
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
Preface
Yeah, it’s time for yet another article. I’ve just consumed my daily doses of caffeine and somewhere in the background the wonderful harp music of Andreas Vollenweider is doing its magic. Magic, a curious thing – I wonder how that applies to something like service management (and “yes” I’m still dropping the IT). Can magic be found in frameworks, standards and methods? I believe the answer to be positive; it all depends on how one observes the world. I ‘recently’ stumbled upon (which is also a fantastic tool: stumble upon) the world of IT governance (feel free to drop the IT again), and jeepers creepers I felt like walking into Ali Babi’s cave filled with unspeakable treasures. Join me; enter the cave and who knows we might even find some magic lamps.
Introduction
The reason this article is called “Battle of Giants” is twofold. Firstly it sounds pretty groovy and hopefully visualises battles like the ones you find in “Return of the King” where the good guys are fighting the bad guys with enormous battle-axes, lances, and catapults. Secondly, because I’m thinking a bloody battle between the following giants: OGC and ISACA/PMI. Yeah, call me weird and join the crowd. For those that still don’t have a clue: OGC owns ITIL and Prince2, ISACA owns CobiT and Val IT, and PMI owns PMBOK. OGC is based in the UK, and both ISACA and PMI are based in the US. Did I just see you raise your eyebrows, or at least one, like Mr. Spock?
- OGC, ITIL and Prince2
- ISACA, CobiT and Val IT
- PMI, PMBOK
Yes, Father, I have sinned, as I no longer believe ITIL and Prince2 are the only truth, and feel tempted to join these other religions called ISACA and PMI, as they have more structure and seem to make a Hell lot of more sense as frameworks. Please guide me, for I have lost my way and need your advice.
Well, in this article we won’t be assessing all these frameworks, but will be focusing on ISACA’s cave of treasures. Surely, I need to give myself some space for sequels, prequels, and those that fall somewhere in between (the sneaquels, as they seem to sneak in between episodes).
ISACA’s Cave of Credits
I used to be a member of the itSMF for many years, but recently decided to swap my membership to some other organisations including ISACA and PMI. Sure, the itSMF can claim until the end of time that they’re not fully ITIL and OGC aligned, but “hey presto” they’re doing a lot of ITIL, seem to backup a lot of OGC and aren’t really doing so much of the other stuff, and hence I felt it was necessary to step into the dark side’s territory and explore some new forces firsthand. To be honest I’m glad I did and not a moment too soon!
Admitted both ISACA’s and PMI’s websites are pretty crappy, although ISACA is about to launch their revamped website. They’re both ugly ducklings from the outside, but it’s funny because once you’re on the inside you get immediate access to all the prices, and the ugly duckling turns into a beautiful swan (like the lake Geneva (CH) swans). It’s like looking at a Citroën 2CV (deux chevaux) with a Ferrari engine under the bonnet. Everything you can’t find with (or would expect to come from) the itSMF or OGC you can find with ISACA and PMI and most importantly at a reasonable and affordable price, meaning you don’t have to pay ridiculous amounts like £5,000 per annum for something that’s basically all based on using your common sense and a teaspoon of yin-yang and logic. ISACA and PMI are not offering crappy 2-page newsletters (sorry itSMF) that are filled with advertisements of overpriced consultancy agencies and delivering-no-quality-whatsoever training organisations, but are offering real journals (magazines) with articles that provide sincere value and are actually interesting reading material too. I’m sure itSMF will become aware of this article at some time any maybe it will open their eyes, and maybe, just maybe, they will follow ISACA/PMI’s example and start publishing a real IT Service Management Journal without all those crappy advertisements. Ah well, it’s just a lone ranger’s thought! It’s funny as it’s all about providing value to customers – or isn’t it?
So, should you become a member of ISACA (IT Governance) and PMI (Project Management Institute)? I believe you should, and rather sooner than later, and hey I don’t have anything to gain by saying this, and merely am trying to share my experience with you my loyal readers out there.
Entering the Cave
ISACA offers a number of accessibility options to their materials. The easiest one is to hop on their website (http://www.isaca.org), register for absolutely zilch, nada, nothing and immediately get access to a number of their most important publications being CobiT v4.1 and Val IT 2nd edition – this is known as “basic subscriber” membership. The CobiT v4.1 and Val IT 2nd edition documents become available as downloadable PDFs, and it feels like downloading ITIL v3 for free. If you don’t like ITIL’s somewhat unorganised structure, then you’ll be most happily surprised with ISACA’s documents. I can safely and confidently say that CobiT v4.1 has exactly 34 processes that allow you to put more control and governance in place in those areas of IT where it is most needed. If you ask me how many processes ITIL v3 has, then honestly I can’t give you a clear answer, and that doesn’t make any sense as I’m allowed to call myself an ITIL v3 Expert, which at that moment seems to lose a lot of its intrinsic value. So, to make a long story short, there are heaps of ISACA resources available to those who take a couple of minutes filling out a form with their name and address, and Bob will be your uncle in no time at all.
ISACA also offers a “baseline” access model, which means you don’t’ even have to fill out a form and still get access to some documents, including CobiT v4.1. I guess for those taking the effort of typing in ISACA’s full URL in a browser, filling out a simple form to become a “basic subscriber” is probably valuable considering all the extras you get access to. For me, personally, I wouldn’t even consider the “baseline” access model, unless you don’t want your full name in their database, but in that case you probably shouldn’t be working in IT al all. Surely you’re aware that Big Brother is watching your every step.
So, at the lowest level we’ve got “baseline” access (casual website visitor), the next level up is known as “basic subscriber” access (filling out a form with your name), and the most complete type of access is granted when you become a “full subscriber” (paying an annual subscription fee). As a full subscriber you’ll get access to the full ISACA cave, except one small crevice that’s labelled “CobiT Online”, but by the time you decide to become a full member you’ll most likely also tick this box.
Here’s a small list you get access to when you become a “full subscriber”:
- invitations to local seminars, conferences, and chapters
- ISACA Journal (magazine both mailed to you, but also available electronically)
- benchmarking capability
- browse CobiT, including Control Practices and Quickstart entries
- download all PDFs
- CobiT Quickstart
- CobiT v4.1
- CobiT toolset (slides, maturity assessments, the works!)
- CobiT Mappings
- Search and create MyCobiT
- Val IT 2nd edition
- Board Briefing on IT Governance
- IT Governance Implementation Guide
- IT Assurance Guide
- Access the discussion area
The list of files that can be downloaded just goes on, and on, and on. I can’t tell you how surprised I was when I compared this to “all” the resources made available by organisations like the itSMF and OGC, which is literally close to nothing – even if you’re a paying member. Ah well, one lesson learned for me; don’t judge on organisation by its appearances (website) only.
Exploring the Cave
Funny isn’t it – you walk into a cave, holding your flickering torch high in front of you, expecting to find nothing, as this is what happened to me on countless explorations before, and all of a sudden you start to see the shimmering reflections of rubies, emeralds, sapphires, and diamonds. Where do I start, and how much weight (treasures) can I carry, or am I allowed to carry with me?
Well, we’ll start by mentioning that ISACA and ITGI (IT Governance Institute) have a lot in common (and that’s a grand understatement) as they’re both about IT governance which is defined by them as:
“IT governance is the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and processes that the enterprise’s IT sustains and extends the organisation’s strategies and objectives.”
You start wondering why all these organisations come up with these wonderfully artificially constructed sentences that in all reality no-one uses. They probably have a secret well hidden room where people (nope, I don’t want to go into stereotypes right now) spent most of their lives creating cryptic definitions, so we have something to decipher. I guess what I’m reading between the lines is this:
“IT Governance means that people need to be held accountable and responsible for their actions, need to understand why they are doing (IT) things the way they are doing them, and foremost keep doing the right (IT) things (now and in the future).”
Did that help? Probably not! Yeah, I’m laughing out loud! So, it’s roughly about ensuring that the right people are doing the right things for the right seasons (typically creating some type of value to the business) and whilst doing so managing risks adequately. No, it’s not always about minimising risks, because not all risks are negative, and some residual risk may well be accepted by the business. Some risks represent opportunities and can be extremely positive. Come on, those Google guys took some risk leaving University a bit too early, but no one is blaming or pointing the finger at them now!
Okay, I think we’re going a bit off track here and that’s something you don’t want to do when you’re wandering through the “IT governance” cave, as this cave is all about putting control in place, so you know exactly where you are and where you’re heading towards at every single moment in time. IT governance is the set of “minimum” internal and external rules, standards, policies, and guidelines you apply to the management of your IT (yeah, that too). IT is getting incredibly significant and business critical to an ever increasing number of organisations around this tiny blue planet, and without the right set of controls in place it will be virtually impossible to reap the full benefits of IT and its supporting infrastructure. Worse, without proper controls in place, IT may actually damage the business beyond repair, which reminds me of a list of credit-card numbers that was publicly published on the Internet not so long ago.
The Val IT Crevasse
It’s funny as many of ISACA’s resources seem to be in orbit (at least in my opinion) around CobiT, whereas maybe, just maybe, they should actually be in orbit around Val IT. I guess orbit and CobiT seem more related, in characters only, than orbit and Val IT. Nope, that can’t be right and it isn’t hence some things are about to get changed bit time (see Area 51).
Val IT is all about creating, monitoring and optimising value from IT investments with an acceptable level of risk. Val IT sets good practices for the ends: “This is what we need to achieve as a business – if we don’t then we’re in deep sh#@”! Well, please tell me, are we doing the right things and are we reaping the needed and expected benefits? Again, this is Val IT space! Its whole focus is aimed at strategic management levels so strategic value can be harvested.
Val IT covers three key domains:
- Value Governance [VG] (embeds the governance framework into the organisation)
- Portfolio Management [PM] (ensures the right programmes are selected to be added to the portfolio of products and services)
- Investment Management [IM] (ensures that selected programmes are funded, implemented and able to provide bang-for-the-buck)
Val IT is also about ensuring that any governance as applied to IT (wherever, whenever, whoever) is properly aligned with the broader Enterprise governance of IT (wherever, whenever, whoever). Val IT’s focus is on selecting and driving the right programmes that create value to the business. It provides three domains (see above), 22 processes and a whopping 69 management practices to help management get on their way and hit the ground running. Personally I absolutely adore this framework as it tells me exactly what needs to done in order to be able to answer the following two key questions:
- Are we doing the right things?
- Are we getting the benefits?
This framework doesn’t leave any ambiguity as where and how to start unlike the ITIL framework. Yeah, this needs to be said: ISACA answers the “what needs to be done!” question, whereas frameworks like ITIL, MOF and their brethren are more about filling in some of the “how to do” things. As such ISACA’s Val IT framework needs to be visualised as sitting on top of these other frameworks (and driving them), and I believe it makes sense to look at Val IT and CobiT before looking at frameworks like ITIL and MOF. We need to understand what needs to be controlled and protected, before we start to run around like headless chickens controlling and protecting the wrong stuff!
Figure 1 - Val IT and CobiT
The CobiT Crevasse
So, yeah, most of ISACA’s documents and resources seem to be in orbit around CobiT (I somehow seem to like using these two words close together: “CobiT Orbit”). So, what’s this CobiT thing all about? It’s probably easiest when you compare CobiT to Val IT. Whereas Val IT revolves around “strategy” and “value”, CobiT revolves around “architecture” and “delivery”. So basically CobiT sits one level below Val IT, and frameworks like ITIL and MOF are positioned below CobiT. I know, ITIL is trying to raise the bar into strategic spheres, but it’s not there as yet, and the current ITIL v3 volume “Service Strategy” needs a major rewrite before it even comes close to Val IT’s potential.
CobiT is basically about putting program results (as selected by Val IT) into the live environment so they (read the individual projects) start to deliver value and keep delivering value.
CobiT covers four key domains:
- Plan and Organise [PO] (Ensuring IT contributes to the achievement of business objectives by planning and organising the right solutions/projects)
- Acquire and Implement [AI] (Identifying, implementing and integrating solutions/projects)
- Deliver and Support [DS] (Delivering and supporting IT services)
- Monitor and Evaluate [ME] (Managing and monitoring performance, compliance and governance)
CobiT’s focus is twofold, but can be summarised as providing a business focus (linking business goals to IT goals) and process focus (being able to plan, build, run and monitor IT). CobiT fulfils the business need for assurance about the value of IT, the management of IT-related risks and increased requirements for control over information. Please realise that value, risk and control constitute the very core of IT governance.
CobiT provides four domains (see above), 34 processes and a whopping 210 control objectives. Please notice the subtle difference in terminology used here: Val IT refers to management practices, whereas CobiT refers to control objectives. In all reality both tell you what needs to be done, or reading between the lines: “get your lazy bum of the chair and start to take some action!”
CobiT rocks, as it tells me exactly what needs to done in order to be able to answer the following two key questions:
- Are we doing them (the right things) the right way?
- Are we getting them (the right things) done well?
It’s not easy, not easy at all, to write a final paragraph on this section that covers CobiT, as it merely provides you with a glimpse of its enormous potential.
Ask yourself the following questions:
- Do I really understand where I can gain optimal value from IT?
- Do I understand the financial impact and the risks that are inherently associated with IT changes?
- Am I able to deliver and support IT to a level that satisfies the business?
- Am I able to measure how, where and when IT adds value to the business and business strategy?
- Do I know how our business performs compared to similar organisations in my industry, and is that performance good enough?
After studying CobiT and Val IT for some time now, I’ve come to the conclusion that CobiT can actively assist you in answering the above mentioned questions, and that’s just scraping the tip of the iceberg!
Area 51
Anyone that knows me a little bit, knows I’m a huge fan of anything science fiction, and hence my interest for Area 51. Come on, who wouldn’t want to meet some three-headed green aliens, or an alien like Alf (I’m sure Alf’s producer didn’t like cats very much)? ISACA is a bit like Area 51, and those caves of Ali Baba, with all its treasures about to be unearthed. Oh, and yes, there’s another reason why I’ve called this section Area 51. At this moment of writing ISACA has announced that it will start working on the next release of CobiT – my guess is that it’s going to be called CobiT v5.0 (or ValCobiT v5.0). As CobiT v4.0 quickly got an update to CobiT v4.1, I assume the same will happen to CobiT v5.0, and voila we’ve landed in Area 5.1. It’s my understanding that the merger of CobiT and Val IT into one integrated framework will be a key feature of this new release. Maybe it’s time to apply some SOA (Service Oriented Architecture) principles to frameworks, and make them more flexible, modular and extensible. I recommend anyone to keep a close eye on the movements of this update, as with some of the how-s answered, this framework has all potential to make the gap with its competing brethren a lot wider, and you’d better make sure you’re on the right side!
Epilogue
The positive effects of my daily doses of caffeine are slowly but surely diminishing, so now is as good a time as ever to leave Area 51 and Ali Baba’s caves behind us. I hope some of my passion for CobiT and Val IT has come across to you. I believe these two frameworks have an enormous potential as yet undiscovered by many boards and senior executives who not unlike most other lemmings follow the ITIL scent. Make sure you understand and use the full potential of all these available frameworks. To those senior executives who may be reading this article I recommend having a look at the “CobiT Related Publications - Board Briefing on IT Governance, 2nd Edition” document as downloadable PDF from ISACA’s website. May the force be with you, and CobiT guard you on your path to extreme success and happiness.
Glossary of Terms
| OGC | Office of Government Commerce |
| PMI | Project Management Institute |
| PMBOK | Project Management Body Of Knowledge |
| PRINCE2 | PRojects IN Controlled Environments 2 |
| ITIL | Information Technology Infrastructure Library |
| VAL IT | Enterprise Value Governance of IT Investments |
| MOF | Microsoft Operations Framework |
| ITGI | Information Technology Governance Institute |
| CobiT | Control Objectives for Information and related Technology |
References
http://www.itgi.org
http://www.isaca.org
http://www.itsmfi.org
http://www.pmi.org
Live long and prosper
Nanoo... Nanoo...
IsleBeeBach
Subscribe to:
Posts (Atom)