SI-710 IT Management

Professors: Eng. Ronald Mejía

Eng. Julio Quispe
ITIL 4 Practices: Service Desk

A practice is a set of organizational resources designed to get a job done or

accomplish a goal. These resources are grouped into the four dimensions of
service management.

2
Incident Management

• Incident: Unplanned interruption or reduction in quality of Service.

• The purpose of incident management practices is to minimize the negative impact of

incidents in order to restore normal service operation as quickly as possible.
 Incident Management

• Purpose of Incident Management:

o Restore the affected service, as soon as possible and according to the priority for
the business and the respective agreed service levels.
o Keep the user informed about the status of an incident: estimated solution
times, escalations, etc.
o Minimize the impact of an incident on the business.
o Ensure compliance with service levels: quality, times, availability.
o Identify service improvements proactively.
o Collect service management information.
 Incident Management (Restore the Service) - Resources (4P’s)

PROCESS PEOPLE
1. Reception and registration 1. Soft skills: effective communication,
2. Prioritize and Classify empathy, willingness to serve, negotiation
3. Diagnosis and solution by the first level with users, etc.
4. If not resolved, escalate to responsible 2. Technical knowledge: technologies snd
Support team. information systems used in the company,
5. Order Tracking analytical capability, etc.
6. Provide temporary or definitive solution to 3. Permanent training.
restore service 4. Roles: BD’s OS’s, support teams,
7. Inform the user of the status of their order. Networks, Security, Applications, etc.
8. Inform the solution and confirm user’s
satisfaction. SUPPLIER/PROVIDERS
9. Close the incident 1. Contracts with Providers of technology
10.Service survey used in the company
2. Service level agreements SLA's.
PRODUCT 3. formal contract
1. Request attention system 4. Budget
2. Specialized SW for diagnosis and
management of technologies:BDs,
Networks, Security,etc
3. Knowledge DB.
4. monitoring software
 Incident Management

Life cycle of an incident:

1. Detection and Registration
o User notification can be done in several ways.
o The proper recording of incident information can greatly help the efficiency of the incident
solution process: data to speed up the solution, attention process, data for service
statistics, etc.

2. Classification and Initial Support

o The service desk determines the priority based on the impact and urgency of the
incident. The incident is handled according to the corresponding SLA.
o Categorization: hardware, software, networking, etc.
o Consult knowledge base: known problems, details of setup item (CI), change history, etc.
o If possible, direct a temporary or permanent solution.
o Notify Problem Management of new problems.
o If it is a service request, route it according to the appropriate procedure.
 Incident Management

Life cycle of an incident:

3. Research and Diagnosis

o If necessary, other support groups initiate the analysis of the incident to find a permanent
solution or a workaround. Includes involved providers.
o Unclosed incidents are escalated to the following support levels.
o Resolved incidents go to service desk for your closure.
4. Resolution and Recovery.
o The temporary or definitive solution is provided.
o If necessary, recovery actions are executed by the service desk or by other support levels.
o If necessary, a request for change (RFC) is sent.
5. Incident Closure
o Once the corrective measures have been applied and the service restored, the group that
has applied the solution informs the Service Desk.
o The Service Desk confirms user compliance and closes the incident.

Throughout its life cycle, an incident is owned by a person in charge of the Service
Desk (ServiceManager), which monitors the solution process, supports coordination
with other support groups, escalation and keeps the user informed about the
service process.
 Incident Management

• Incident Prioritization:
o It is evaluated together with the user and determined based on the impact and
urgency of the incident.
o Impact: effect of the incident on business activities.
o Urgency: Speed ​with which the incident needs to be resolved.

o Consider:
o Cost of no solution
o Risk or damage to the user
o legal implications
o Customer Interrupt

o Depending on the priority, the dedication of the support groups required for the
solution, money and time spent are determined. Lower priority incidents may
need to be delayed or dropped.

8
 Incident Management

• Incident Escalation:
o Horizontal: for specialized knowledge support
o Vertical: at any time, so that the respective authority helps as required (serious
problems or when the SLA will not be met)

9
 Incident Management

• Example Fields of an incident record:

o Unique identifier.
o Classification
o Incidence date.
o User who reports
o Contact details.
o Symptoms
o Impact, urgency and priority.
o Configuration items afectados.
o Assigned support staff
o Related known issue or bug.
o Date of resolution
o Details of user interactions: queries and responses.
o Response dates.

10
 Incident Management

• Contribution of Incident Management in the service value chain:

o Improve: The incident log is an important input for continuous improvement and they
are prioritized both in terms of frequency and severity of the incident.
o Engage: Incidents are visible to the user and significant incidents are visible to the
customer. Good incident management requires adequate communication to understand
the issues, set expectations, provide status updates, and dispute resolution agreements
issues for incident closure.
o Design and transition: Many incidents occur in test environments as well as in
Service release/deployment.
o Obtain/build: Many incidents occur in development environment. Incident
management ensures that incidents are resolved in a timely and controlled manner.
o Deployment and support: The management of incidents makes a significant
contribution to support. These value chain activities include incident and problem
resolution.
Solving Incidents and Problems
Incident Management (Restore
Service)
printer printer Printer 1. Receive and register
2. Classify and prioritize
3. Give support
Alternatives to restore Service:
pc pc pc A. Send technician to repair equipment.
(40 min, high impact)
B. Replace by backup unit. (25 min,
medium impact)
C. Share neighbor printer. (10 min, low
impact)
APPLY A TEMPORARY SOLUTION THAT
RESTORES SERVICE BUT DOES NOT IDENTIFY
OR FIX THE CAUSES OF THE INCIDENT →
WORKAROUND
HIDDEN CAUSE THAT CAUSES ONE OR
MORE INCIDENTS--→ PROBLEM
PROBLEM MANAGEMENT: To identify
and solve unknown causes of one o more
incidents.
Problem Management

• Problem: A cause or potential cause of one or more incidents.

• Known error: A problem that has been analyzed but is not resolved.
• The purpose of problem management practice is to reduce the probability and impact
of incidents, through the identification of actual or potential causes of incidents, and
managing workarounds and known errors.
Problem Management

workaround: Solution that reduces or eliminates the impact of an incident or problem

because a definitive solution is not yet feasible. Some workaround reduce the
probability of an incident.
Problem Management

Incident Management Problem Management Change management

Restore service as soon as possible Identify and correct causes Implement changes to eliminate
problems and known errors

Reactive

Problem
Control

permanent RFC
Incident solution Error Control Change
Management Management
Change
Implementation
Proactive
problem
management

proactive
Situation: Socrates hangs every end of the month.

Service Desk + Incident Management

1. Receive and record incident (SDESK)
2. Classify and prioritize (SDESK)
3. initial support
4. Escalate to the database pool.
5. Diagnosis
6. Apply work around
7. They close the incident after confirm user satisfaction

Problem Management
8. Register a Problem
9. Identify root cause of the incident(problem control): Tests,debugging, review
logs,dump, resource monitoring, etc. It is identified that in moments of high
transactionality, the database's RAM memory is saturated due to a bug in the
Socrates code. (Known Bug)
10. Identify the best solution to the known error(Error checking): a) fix Socrates code
(1 week, $0, medium risk); b) UpgradeDB server HW (30 days, 10K, low risk);
c)Upgrade to the DB version (15 days, 0 dollars, low risk)---→Enter an RFC (Request
for Change)-→ change control
Problem Management

1. ID: major incidents that have been closed,

Problem Control incident trend analysis, potential problem
reports, incidents closed with a workaround.
2. Classification: collect data to classify and
prioritize the problem. (symptoms, causes,
related incidents, CI’s, workaround, SLA’s that
apply, impact and affected users, estimated
solution time, urgency.
3. Assign resources: categorize and prioritize the
problem to allocate the required resources. It
allows to have these with the greatest positive
impact on the business.
4. Research and diagnosis: to detect the root
cause of the incident. To review workaround
used, changes to the affected CI, etc.
5. Set known error: once the root cause is
identified, the known error is logged and
escalated to error control.

Problem Manager monitors the process.

Problem Management

Logs and manages known errors until the

Error Control change that resolves the root cause is
implemented:

1. Identification and registration: known

error status is assigned when the root cause
of the problem is detected.
2. Error evaluation: determination of the
solution of the error with specialist staff. The
evaluation process, the symptoms and the
solution found must be log to be consulted
in future problems and investigations.
3. Registration of the solution: registration
of solution is completed, a RFC is prepared
for the change control process and this is
loged in the Problems DB. The following
activities to implement the solution are in
charge of Change Control.
4. Error Closure: After implementation of
change and verification that error is gone,
error, problem, and related incident are
closed.
 Problem Management

Proactive Problem
Management

It is responsible for identifying and solving problems before these originate incidents:

• Trend analysis: review of incidents and problems that have occurred can provide
information to improve the service (occurrences after a change, repeated incidents with a
given CI, user training, etc.).
• Preventive support actions: trend analysis can identify CI’s for which it is required to
direct resources from support staff to make improvements.
• Inform the organization:problem management allows you to inform the organization
about the health of IT services and make decisions about it. (ex. SLA’s)

By redirecting the IT organization's effort from handling large numbers of incidents to incident
prevention, you will improve service quality and more efficient use of IT resources.
 Problem Management

• Contribution of Problem Management in the service value chain:

o Improve: This is the greatest attention of problem management, effective problem

management understands the need to reduce the number of incidents and impacts of
incidents that cannot be avoided.
o Engage: Issues that have a significant impact will be visible to customers and users. In
some cases, the customer would like to be involved in problem prioritization, status and
problem management. Plans should be communicated.
o Design and transition: Problem management provides information that helps improve
testing and knowledge transfer.
o Obtain and build: Defective products must be identified in problem management.
They are then managed as part of the activities of this value chain.
o Deliver and support: Problem management makes a significant contribution to the
prevention of repeat incidents and supports the timely resolution of incidents.
Service Request

• Service Request: request from a user or an authorized representative of the users to initiate a
service action that has been agreed as a normal part of the provision of the Service

• The purpose of service request management is to support the agreed quality of a service by handling
all predefined and user-initiated service requests in an effective and user-friendly manner.
 Service Request

• Each service request may include one or more of the following:

o Request for provision of service, for example: providing a report or replacing a

cartridge in a printer.
o Request for information: how to create a document or what are the hours of some
offices.
o Request to provide a resource or service, example: provide a phone, laptop or some
virtual server for a development team.
o Request for access to a resource or service: provide access to a route or folder.
o Feedback: complaint about a new interface or acknowledgment to a support team.

• Unlike an incident, which is unplanned in nature, a request for services can often
be planned into your care:
o Requirements to meet
o Responsible staff
o Standard attention times
o Escalation levels
 Service Request

• Service requests should be grouped into predefined categories with a standard

service procedure:
• Available through a catalog of requests: installation of additional SW, movement of equipment, change
of passwords, etc
• Pre-established costs.
• Required Authorization Levels
• Purchasing procedure / implementation

• Considerations:
• The types of requests available, costs, approval levels and attention times must be formalized.
• They must be accessible as part of the catalog of IT services
• Standardized procedure for attention.
• Single point for your request, usually through the Service Desk

23
 Service Request

• Contribution of Service Requirement Practice in the service value chain:

o Improve:It provides a channel for improvement initiatives, compliments and complaints
from users. This contributes to improvement by providing trends, quality and feedback
of requests.
o Engage: includes regular communication to gather specific user requirements, service
expectations, and provide status.
o Design and transition:The components Service standards can be passed to the
production environment through service request fulfillment.
o Obtain/build:The acquisition of pre-approved service components can be done
through a request for services.
o Deliver and support:The service request has a significant contribution to the normal
service of the deployment. This activity within the value chainit is granted primarily to
ensure that users remain productive, and is sometimes highly dependent on the
fulfillment of your request
 Monitoring and Event

Main office Branch 3

yesBranch 2
Branch 1
C company x
Bank A
1ch voice LAN
1ch voice 1ch voice
Cisco Branch 4
128Kbps
1750
LAN Cisco
Cisco 1 BRI 1750 1 BRI 1ch voice
1 BRI 1750 64Kbps Cisco
LAN
DigiRed 64Kbps
CAR GOLD: 16 Kbps
SILVER CAR: 48 Kbps
64Kbps
CAR GOLD: 16 Kbps
1750
CAR GOLD: 16 Kbps SILVER CAR: 48 Kbps
SILVER CAR: 48 Kbps 1 BRI
128Kbps
PBX LAN
64Kbps
RS232 CAR GOLD: 16 Kbps
SILVER CAR: 48 Kbps

30Ch voice
2Mbps
CAR GOLD: 512 Kbps
SILVER CAR: 1554 Kbps Branch 5

Cisco
converter
vpn-ip 2ch voice
Cisco
4 LBW 3640
1750
Optical Mux 128Kbps
16X2 1 BRI
CAR GOLD: 32 Kbps
CAR SILVER: 96 Kbps LAN
SWITCH 128Kbps
512Kbps
CATALYST CAR GOLD: 32 Kbps 128Kbps
CAR SILVER: 96 Kbps
4006 CAR GOLD: 32 Kbps
INTERNET CAR SILVER: 96 Kbps 2Mbps SWITCH
CAR GOLD: 512 Kbps ATM
SILVER CAR: 1024 Kbps
Cisco
2620 LAN
firewall 2ch voice LAN mux 30Ch
Cisco converter Cisco
PIX 2ch voice Optical voice
1 BRI 1750 Cisco 1 BRI 3640
525 4x2
1 BRI 1750
Inter-LAN
64Kbps
TACNA
Apeseg TRUJILLO PBX
64Kbps Lead Agency

25
Monitoring and Event

• Event: Any change of state that is important for the management of a service or another
configuration item. Events are typically identified through notifications created by an IT service, CI,
or monitoring tool.

• The purpose of event monitoring and management is to systematically observe service components
and record and report state changes identified by events.

• This practice must identify and prioritize infrastructure events, services, business processes and
information security.
• It also establishes an appropriate response to them, including those that may cause an incident.
 Monitoring and Event

• The events are classified:

o Informative: events that do not require action at the time they are identified
but analyzing the data collected from them at a later date, allows take actions to
improve the service
o Warning: They allow action to be taken before a negative impact on the business is
experienced.
o Exception: Indicates that a violation of an established standard has been identified.
This event requires action even though the business impact has not yet materialized.

• Event Management is applied to a series of aspects:

• state of the Configuration items: on/off, active/inactive, etc.
• Environmental conditions: temperature, fire, smoke.
• Use of SW licenses
• Security (intrusion detection)
• Activity level: response times, transactions/sec, etc.

• It is implemented through monitoring tasks and automated control tools.

 Monitoring and Event

• Activities:
o To identify: services, systems, CI's, etc. should be monitored and how.
o Implement and maintain: monitoring procedures.
o Establish and maintain: thresholds and other criteria whose changes must be
treated as events and their respective classification.
• Establish and maintain: policies to apply to each type of detected event, related to
ensure an adequate response.
• Automate: thresholds, criteria and monitoring policies

• Event Management considers:

• Clearly defined and communicated roles and responsibilities are critical. .
• Automation is key to the effectiveness of this practice.
• Providers involved must be included.

• It is implemented through monitoring tasks and automated control tools, own or third
parties.
 Monitoring and Event

• Contribution of Monitoring and Event Management in the service value chain:

o Improve: It is essential to perform a close observation of the environment to assess
and improve the health and stability of the service.
o Engage: It can be the source of internal commitment to take action.
o Design and transition: Monitored data contributes to design decisions. Monitoring is
an essential component of transition, providing feedback on successful transitions
throughout the environment.
o Obtain/build: Supports the development environment, ensuring its transparency and
manageability.
o Deliver and support: provide a practice guie of how the organization manages the
internal support of events, initiates other practices appropriately.
Summary

• Incident Management: reactive

• Problem Management: reactive
• Service Request: reactive
• Monitoring and Event: proactive
 ACTIVITY #03: Diagnose and Improve IT Services (45 min.)

• Work in groups, follow instructions in the activity document. Enter the document
you have worked on in the respective Blackboard activity.

31
Thanks for your
attention

32