The goal of this white paper is to help you understand ITIL in the right spirit without getting lost in the buzzwords. Just to keep you on your feet, I'll start with ITIL basics however focus more on ITIL implementation. Don't worry if you are just getting started with ITIL, it is written simple enough for anyone with a basic understanding of IT.
Most ITIL solutions in the market are too complicated. Let's take an example where a customer wants to implement an ITIL solution. First, customers have to get ITIL consulting to define ITIL processes and align it with business goals. The next task is to buy ITIL software; most ITIL solutions offer incident, problem, and change management as different modules. Even after choosing the software it takes months for product consultants to implement the process. The cost and time factor to implement an ITIL solution drives SMBs (Small and Medium Businesses) away.
ManageEngine's mission is to make ITIL simple so that every business can benefit from it. ManageEngine automates ITIL Service Support, without expensive consultants or shelling out on customization. When you install the products, you will get the ITIL Service Support framework with Incident, Problem, Change and Release Management framework built over a Configuration Management Database (CMDB). You can get started from day one, with minimal configurations to suit your needs.
A little history is essential here. ITIL is a framework of best practices to manage IT operations and services defined in the mid-1980s by the Government of Commerce, UK. ITIL's main objective is to align business and Information Technology, allowing organizations to implement what is relevant to their business. ITIL is just a documented common sense from years of learning from helpdesk managers around the world.
Here is what you really need to know
|Quick Facts||Let Me Explain|
|ITIL is not a standard||Consider it a good advice from IT Managers who have been there. It is up to you to take it or leave it. You can implement ITIL the way it works best for you|
|You cannot get your company ITIL-certified||If you are targeting certification, you must get ISO 20000 and BS 15000 standards, based on ITIL.|
|There are no ITIL-compliant products||No one can certify products as ITIL-compliant. It is common for people to refer to PinkElephant's certification. Please read the fine print. www.pinkelephant.com/en-GB/ResourceCenter/ PinkVerify/CompatibilityCompliance.html|
|ITIL is for small, medium and large companies||It's true! anyone can implement ITIL. However, it makes sense when the size of your helpdesk team is more than 5.|
|ITIL is not from a single company or a person||ITIL is not backed by a single company or a person. There is no profit motive or personal promotion.|
ITIL is not about complicated strict process maps. You should not follow someone else's process or the processes defined in some book. When you learn ITIL, don't start drawing detailed process maps for all the modules, taking it to consultants to ask whether they are in line with the ITIL specifications. The Truth is that consultants cannot help you without understanding how your support works.
Today, IT Helpdesk is the lifeline of any business from small to large, and most IT managers and helpdesk managers are struggling to have an efficient and productive helpdesk. We will focus on this problem here. As ITIL Service Support offers the best practices framework for IT helpdesk, let us see how ITIL can help helpdesk managers and IT managers. ITIL's IT Service Support Module offers best practices to make sure IT Services are highly available. ManageEngine ServiceDesk Plus Enterprise Edition implements these IT Service Support modules.
An incident is an event that is not part of the standard operation; it is an event that you don't want to happen, however it eventually happens. In simple words, Incident Management is a process to manage disruptions in critical IT services and restore them ASAP.
It may sound like a sugar-coated sophisticated trouble ticketing system. However, Incident Management tells you how to implement an IT Helpdesk that understands and works to meet business priorities.
Incident Management outlines the need to have a process to restore services. ServiceDesk function is the glue that binds the Service Support modules together with a Single Point of Contact to the user and ensures that IT Services stay focused on business.
Here's a sample Incident Management workflow. Consider this as a basic format and make changes wherever required.
Problem management brings strategy to your helpdesk; it helps you move from your firefighting mode to a proactive mode. In simple words, the disruptions faced by users are mostly different instances of a problem. When you find and eliminate the root cause of all the Incidents, you also prevent future incidents.
A problem can be raised directly or by combining one or more Incidents. Once the problem is recorded, the problem technicians will check if it has been reported before and if there is a known workaround or solution.
If the reported problem has a workaround or solution, it is a Known Error. The Helpdesk technician can get back to the user with the workaround/solution. The technician needs to note that the problem has occurred and increase the problem count to measure the frequency of the problem.
It is important to classify the problem with
The classification helps technicians determine the priority of the problem.
When the problem is classified, it gives a clear picture to the problem technicians as to where they should start. Depending on whether the problem is in the users' machine, or in the proxy server or in the firewall, technicians may use various tools to diagnose and resolve it. The technician records all symptoms and the root causes along with a workaround or a solution.
Technicians can get back to users if there is a resolution readily available. If the problem requires a few changes in the system, they can provide a workaround and initiate a Request for Change.
Eg: A group of users are not able to access the Internet, the root cause of which is the firewall. Technicians can provide users with a workaround to access the Internet and initiate a Change Request to replace the firewall to prevent Internet unavailability in the future.
Although the Problem technicians close the problem, it is the responsibility of helpdesk engineers or frontline support staff to update users about all the activities. When users have a single point of contact, they don't have to repeat themselves to different technicians. Also, the frontline staff who have logged the call ensure that the solution meets the users' needs exactly.
Most small businesses feel that Change Management is too controlling and that it is not possible to implement change quickly when you have a long-drawn process. Change Management will not be complicated unless you plan to complicate it. It is about having a simple plan and organizing yourself so that you don't have surprises downtime.
In my opinion, every organization needs change management. It helps IT Managers and IT staff to keep executives and stake holders informed when important changes happen. When everyone from executives to IT staff is involved from decision-making to implementation it leaves no space for unwanted surprises.
Our recruitment process for a fresher includes two parts: aptitude tests and personal interviews. Users have to log on to our testing platform -Zoho Challenge. Zoho Challenge was hosted on a Windows server. The candidates were all seated and going through the regular test preparation brief. Everything was supposed to go as planned. Boom, the server crashed and our testing application went down with it. After all the pep talk about the productivity and efficiency, it was a real embarassment to go back and say that the server crashed and everyone had to wait till we resolved the situation.
When we checked, we found that our helpdesk staff had applied the latest security patch in the system and it failed to start. It turned out that it was not completely their fault as they had a policy to ensure that the latest security patch was applied on all servers.
It was a simple communication gap, but a big loss of face.
We did not have a method to communicate to the HR department about the system update. If informed, they could have scheduled the test later and if it was an important test, the upgrade could have done later that night.
Result: We got Change Management in place.
Implement a Change Management System without complications, get a meaningful system in place that helps people.
Here's a simple and effective change management process that maps a common sense plan to ITIL.
|Common Sense Plan||ITIL Plan|
|| Request for Change
Change Plan should contain
|Identify and obtain approval from stake holders who might be affected by the change||Change Advisory Board|
|Prioritize and schedule the change||Send Out Schedule of Changes|
|Test the change in a sandbox and implement it||Release Management|
|How did the change go? Catch all the glitches. Improve your plan next time.||Post Implementation Review|
For large businesses looking at controlled Change Management with projects, I recommend you to look at www.PRINCE2.com
A simple workflow based on these questions will help you design an effective change management process
Release Management works closely with Change Management. Change Management is responsible for planning and Release Management for execution/implementation.
Let's take an example from our daily lives. Whenever there is an important sewage pipe repair on a busy road, traffic cannot be stopped immediately. City officials inform commuters through news paper ads and local TV news that the road will be closed on a particular day and alternative routes are given. Commuters are able to plan things in advance so that there is no disappointment and changes are done smoothly.
That's Release Management in action.
From the perspective of IT, Release Management helps you smoothly roll out changes to your IT without any disruptions.
The main idea behind CMDB is to build an asset repository that can be uniquely identified, controlled and managed.
CMDB should contain information on all the critical components of the business.
The assets and components in the CMDB are known and Configured Items (CIs).
The FedEx quote is so true for CMDB
"Information about a package is as important as the package itself " - Mike Glenn, Fedex.
The first thing you need to implement a CMDB is a plan. Here are a few process guidelines that can help you draft a good plan.
|Plan|| Have a clear idea of
|Identify||Assets/CIs have to be uniquely identified; so,
you should have a system to
|Control||Maintain a controlled environment of CIs so that only CIs are added, modified or removed through a specific procedure. All your assets need not be in the CMDB; you can choose to have the ones that really matter to your business.|
|Asset Life Cycle Management Status||It is important to track assets throughout their life cycle. Assets can be in maintenance, in repair or in a live environment. Asset Life cycle reports can be useful for determining maintainability and dependability of the assets.|
|Audit and Verify||CMDB is not a one-time set-up. Conduct timely audits to ensure that the CMDB reflects live environments. If you fail on a periodic update, CMDB will be only a myth.|
Also, remember that the goal of CMDB is to build an asset repository with all the information about the assets. An asset repository can be logical and distributed. Building a CMDB does not mean trying to have everything in one big physical database.
With software releases every quarter and security patches every week, it is important to include the copies of software in a live environment. If one of your important servers crashes and you have the version number of the software, but not a copy of the exact same version with you, you could land yourself in a big problem.
Baseline configuration is a snapshot of CMDB. In every IT environment there are so many systems with different configurations, software, memory, processors and what not. When you have so many variables, you have to make sure that any change you make supports all versions. Otherwise, it is simply inviting trouble. IT managers have to plan and reduce the number of variables so that you have them under control.
You could standardize on a stable operating system and version of browser, and ensure that everyone is on the optimum configuration baseline.
Eg: You can define a baseline with the following parameters to ensure that all business applications run normally
Now you can generate the list of users who meet the standards and fall below the standard and you have a program to move users below the baseline to meet the baseline so that issues and fixes can be applicable to all.
Now that you have understood ITIL Service Support, it is time for you to choose the right ITIL solution that helps you to realize the value to ITIL. Never go with yesterday's leader because someone flew in to give you a fantastic sales presentation. Remember: marketing and sales presentations are bound to be impressive, and sales guys will be gone once you buy. Try to evaluate at least four or five different products from the leader to the new players. Run it in your environment, check out how easy it is to deploy, customize, and maintain. Work out how much you are going to pay and leave no room for surprises. Put it through the test of fire, in every way
Before you make your decision, do your homework!
Let me help you take the first step forward.
|ZohoCorp||ManageEngine ServiceDesk Plus||https://www.servicedeskplus.com|
|BMC||BMC Incident and Problem Management BMC Change Management BMC Atrium (CMDB)||http://www.bmc.com/|
|Service Now||IT Service Management on demand||http://www.service-now.com/|
|Symantec (formerly Altiris)||Altiris IT Lifecycle Management||http://www2.altiris.com/itil/|
|Marval||ITIL Products and Consulting ( login required )||http://www.marval.co.uk/|
You + ITIL Processes + ServiceDesk Plus - Get It Right
ServiceDesk Plus gives you the complete ITIL Service Support Framework with Incident, Problem, Change Management, and Release Management with CMDB. You will see all the modules as soon as you install ServiceDesk Plus.
ServiceDesk Plus Installation is simple and straightforward. You can install on any Windows Server / workstation or Linux Server/ workstation. There is no web server or database configuration required. It packs a MySQL database and an Apache Tomcat server that will be configured automatically when you install. Follow the installation wizard When you click Finish, you are done.
To understand how easy it is to get started, you have to run it.
Download a 30 day trial version from the website
After you install and start your web client you will see it in action. Tada!
To quickly help you understand how ServiceDesk Plus maps to the ITIL Service Support process, we need Users, Requests and Assets. Let's see how fast we can get them into the system.
1. Get your Users in
Import Users from Active Directory
ServiceDesk Plus integrates with your Active Directory helping you to connect and import users. To make the demo easier, select only one Organization Unit (OU) and import users.
Admin > Users > Active Directory
Don't have an active Directory?
If you don't have an Active Directory, it's ok, you can import users from a CSV file or key a few requestors in manually
Configure Email to get requests In
To make sure that you don't mess with the production system, I would recommend that you run this whole setup in a test environment.
After you are done with this, send an email or ask requestors to send email, you will see that it will be fetched and converted to a request.
Please keep in mind that when mails are fetched in ServiceDesk Plus it will be deleted from the mail server. You have been warned!
ServiceDesk Plus helps you to get all your IT and Non-It assets in.
IT Assets: You will be able to scan
Use the Windows Domain Scan to discover all windows workstations and Servers and use the Network Scan to discover Linux Servers, Linux workstations, Apple Macs and all network devices. There are no agents to be installed to scan assets. The windows scan uses WMI to connect to the workstations / Server. The Network Scan uses SSH to scan Linux and Apple Macs and SNMP for all network devices.
Incident Workflow in ServiceDesk Plus
Step 1: Incident Detection:
When a request comes in, ServiceDesk Plus helps you to define the Request Type. When the request reports about an outage or a drop in the Quality of Service, the request is classified as an Incident. When the request requires a New Service to be setup, it is classified as a New Service Request.
Step 2: Record Incident Details
When a new Incident is detected, it is important for the helpdesk technician to qualify the incident. Helpdesk technicians can qualify the incident by asking the right questions that will help Level 2 technicians to resolve the Problem faster. ServiceDesk Plus helps you record all the incident details.
Define Priority Matrix
The Priority Matrix helps you determine the right priority based on the given values of Business impact and urgency. Helpdesk Managers can configure this one time and ServiceDesk Plus will assign the right priority. This is one of the ITIL Incident Management best practices. However, it is designed to be flexible enough for you to ignore the Priority Matrix and allow technicians and users to define priorities (I wouldn't recommend that)
Admin > Helpdesk Customizer > Priority Matrix
Step 3: Classify the Incident
Helpdesk technicians can classify the incident while creating a new incident or update Category > Sub Category > Item in an incident raised by the user. Incident classification is very important to understand the source of all your incidents.
Step 4: Provide Workaround or Solution
Helpdesk Technicians can search for existing workarounds or solutions from the request and get back to users immediately
Step 5: File a new problem or associate to an existing problem
Helpdesk technicians have to group similar incidents together that point to the same Category > Sub Category > Item and file a new problem or associate to an existing problem. Once a Problem is created Level 2 technicians or problem technicians can take control.
Step 6: Incident Closure
An incident must be closed only when the user confirms that the solution has helped the user. Helpdesk technicians need to be the Single Point of Contact and keep the users informed by tracking the status and making sure that all incidents are responded to and closed. It is really a painful process to make sure that all users are to confirm on incident closure.
Create and Educate users about your closure policies
You can define that helpdesk will resolve issues and get back to you. Users must confirm if the Incident has been resolved if users don't respond within 10 days. We'll assume that you agree on the incident closure.
ServiceDesk Plus helps you with Incident Closure
Your Helpdesk Technicians can resolve incidents and change the status of the request to resolved state. ServiceDesk Plus will send an email to the requester asking if the resolution helped. If the users do not respond within 10 days the request will be automatically closed.
Step 1: Problem Detection & Classification
Problem Technicians can look into source of all the incidents based on the classification in the (Category > Sub Category > Item). Reports about top 10 repeated incidents in a category give a clear picture on what needs to be fixed first.
Step 2: Problem Priority
Depending on the Urgency and Impact level of the problem, the priority can be set for the problem. This prioritization will help the technicians to assess the various problems and take necessary actions, focusing on the critical problems first.
Step 3: Problem Analysis
The technicians can analyze the root cause and impact of the problems and attach the same in SDP as part of the problem. This helps in giving a one-stop understanding of what may be cause of the problem and solutions or a workaround that can be given.
Step 4: Solutions, Workarounds and Known Error Records
Solutions are permanent fixes to the problems raised. Workarounds are temporary solutions that can be used by the technician till actual solution is ready. Optionally, you can also add Tasks that need to be done to clear the Incident.
Step 5: Problem Closure
Technicians tend to rush to close the problem, but managers need clear reports to analyze patterns of the problem. The problem closure rules allow technicians to close the problem only if they provide all the mandatory fields. You can set rules for problem closure in Admin > Problem/Change Management > Problem Closure Rules. Only if the mandatory fields are completed can a problem be closed.
Initiate Change Request
You can initiate New Change Request or initiate a change from one or more Problems. The Request for Change is considered based on the Business Impact, Urgency and Priority. The Change plan is formulated to get started with a the change process.
The Change Plan needs to have complete details about the reasons for considering the change, such as how this change can impact business. The Change Planning stage needs to have the following information so that Change Managers and CAB have all the details to make informed decisions.
Change Plans and CAB (Change Advisory Board)
ServiceDesk Plus allows you to define and configure your own Change Types with color codes to denote severity
Standard Changes are pre-approved changes authorized by the Change Manager based on Management policies. Frequent changes such as permitted RAM upgrade to users' PCs or list of allowed software applications can be pre-approved by the Change Manager so that the changes are fulfilled faster.
A Minor change is defined as a change that has low impact on business and does not consume a lot of resources. The Change Manager approves the Minor Changes.
Major and Significant Changes
Major and Significant Changes need the approvals from all the members of the Change Advisory Board and the Change Manager. The members of the CAB (Change Advisory Board) are determined based on stakeholders who will be affected by the change. Based on the change plans and risk involved the CAB members will vote and recommend to Accept or Decline a change plan.
Change Advisory Board
ServiceDesk Plus enables you to create CABs. Based on the defined change type, you can choose to send the change plan for approval to CAB members. You can create different CABs such as Emergency CAB, Technical CAB and so on.
Approval from CAB Members
The CAB Members meet once in two weeks or once in a month to discuss the changes that are submitted for approval. Based on the change plan and the risk analysis, the CAB Members take a unanimous decision to Accept or Reject a Change Plan.
Coordinate Change Implementation
All approved changes have to be implemented with minimal service downtime. ServiceDesk Plus gives you built-in reports based on Priority, Urgency, by Incident, and Problem counts that helps Change Managers to prioritize and schedule changes.
Based on the changes considered for the next implementation, the changes are scheduled and published. The Change Calendar keeps everyone informed when a particular service will be down for maintenance and when it will be restored.
ServiceDesk Plus helps you keep track of important tasks involved in implementing an approved change. The Change Request can be broken down into multiple tasks with different owners. The Change Manager can delegate tasks to technicians, schedule and track status of the task completion. Tasks give Change Managers more fine-grained control while implementing a change.
Post Implementation Review
The Post Implementation Review helps Change Manager to keep track of the rolled out change to
Keep Track of the Change History:
As Change Management involves key business, it is important to maintain clear documentation about the change. ServiceDesk Plus keeps track of the complete change History. This helps to audit changes and get all the information such as, when the change plan was edited, when it was approved, who approved it and what time. The Property View helps you keep a record of all changes for auditing purposes.
ServiceDesk Plus helps you discover all your IT assets such as workstations (windows, Linux and Apple Mac), printers,
routers, switches, and access points and get all the asset and asset details in one place. ServiceDesk Plus helps you assign asset id and asset name to uniquely identify assets.
Detailed Asset Inventory
The detailed discovery provides detailed information such as model number, asset state, and detailed asset configuration and inventory.
ServiceDesk Plus discovers all software installed in your organization and builds a software library to track licenses. It allows you to get quick reports on purchased versus installed software and rarely used licensed software that helps you streamline software license management.
When an IT Service goes down, do you need to know how many users will be affected?
ServiceDesk Plus helps you define and manage relationships between assets. ServiceDesk Plus offers three types of relationship that you can use to denote relationship between assets.
ITIL Heroes Handbook - View PDF.