ITIL Foundations V4

Crazy people

• 60 Minutes
• 40 questions, each worth 1 point
• 65% (23 / 40 ) correct to pass
• multiple choice questions with 4 possible answers.  

To provide canditates wtih an overall understanding of IT service management conepts.  

Enabling customers to reach a desired outcome without having ownership of the whole process, its costs and risks.  e.g. a network management service.  Services are often made up of one or more products.   

1. A product is tangible, like the .exe file you install or the tech that responds to alerts  

 What the service does, its function as it pertains to the needs of the consumer.  If you USE it, it does what the consumer wants it to do.   E.G a cloud storage provider will provide the storage space, accessibility, security and scalability, that fits the function the consumer needs  

• The service is "Fit for Purpose" 

How the service performs, that it does what was stated it will do, will meet the agreed upon requirements.  E.G a cloud provider has SLAs on uptime, data integrity warranty, security assurance, backup warranty, etc.   

1. Warranties provide trust that the service will work as planned and the provider stands behind the product.  
2. The service is "Fit for Use"

Specifies what service they need and if what is offered meets their need.  E.G. a department head that pilots the software with a team and communicates with the service providers concerning how well the service meets their needs.  Has a clear understanding of what the biz need is and if the service meets that need  

The people that use the service on a regular basis, directly interact with it to complete a task.  Their feedback is important when looking at service improvements   

 A set of specific / unique capabilities the organization offers that provides value to customers in the form of a service.   E.G a Cell phone providers, ISP providers.  Service management is about the collaborative value creation between providers and consumers through a service relationship.   

1. The nature of value: a particular group of customers finds the service beneficial to them (a perceived benefit) 
2. The nature and scope of Stakeholders: how the final product should look and what it encompass 
3. How the service provides value: understanding what the customer perceives as valuable about the service  

  Thee person or team that approves the financial cost of the service.  May not use the service themselves.  E.G a PMO office that purchases software   

 An organization’s activities both direct and indirect should generate value for itself, its customers and stakeholders 

1. Focus on Value creation: mostly about creating value for the service consumers (that use the service regularly) , but also other stakeholders as well.  Can adapt it for different stake holder groups  
2. Identify the consumers of the service: need to know who is using the service and how they are using.  ID key stakeholders. 
3. Consumers perspective of value: need to understand value from the customers viewpoint, how and why a customer uses the service, the costs and risks associated with using service.   
4. Customer Experience (CX) / User Experience (UX): the customer’s experience with the service and the provider, all the interactions a customer would have with the organization and its products.  Some parts are measurable, like SLA or price some are subjective, like layout design.   
5. Understand what outcomes the customer wants to use the service for, how they use the service, how they perceive the service provider 

 When looking to replace outdated or ineffective services with new ones, don’t discard everything.  Carefully analyze what the current landscape is and what can be reused.  Use direct observation along with good data to quantify what is good (processes, services, products, etc) and what’s not. 

1. Goodhart’s Law – when a measure becomes a target, it ceases to be a good measure.  Basically people are good at adapting behavior to meet a metric, but in so doing, that can distort the outcome.  eg. Prioritizing service desk call times which leads to rushing and not fixing the issue.  The key is to measure metrics that correlate directly with the intended outcomes. 
2. How to ‘Start where you are’:  
3. Take an objective look at current state and focus on parts that bring value to customer /desired outcome.  Are the current elements ‘fit for purpose’ (utility) and ‘fit for use?’ (warranty) 
4. Leverage successful practices: what services or practices are providing value, how can they be replicated or expanded to achieve the desired state. The focus is on learning why the practice is successful, not just ramping it up a ton. 
5. Apply Risk Management principals: think about the risks embedded in the service and reduced / new risks with a new solution 
6. Sometimes fresh start is best, but rarely. 

Don't do it all at once, divide the project into smaller, more easy to handle segments.  Each iteration should be timely, provide a tangible result and lay the groundwork for future enhancements.  Keep a constant focus on value creation.  Keys to this guiding principal:  

1. Balance understanding with making progress: don’t get so lost in analysis you don’t make any changes, a broad view is important, but acting and moving forward is essential 
2. Continual feedback is key, make sure to incorporate feedback at all levels 
3. Each iteration should produce a minimum viable product (MVP) -- a basic, yet functional version of the product.   Don’t try to go so fast that you don’t have a functional product to work from. 
4. The main idea is to carefully plan out each module and it product and use feedback to refine the product and remove defects from moving down the value stream 

 Getting the stakeholders involved and collaborating in an open and fair way yields better results.  Genuine collaboration, not silos or hidden projects is essential.  The more informed people are about what is happening and why it is happening, the more involved they will be and contribute productively.  Not providing visibility and keeping a project hidden leads to speculation and a more negative reception.   

1. Need to engage with all relevant stakeholder groups (anyone with an interest in the outcomes and activities of the organization. Customers are primary stakeholders to collaborate with.  They are using the services to achieve business outcomes, you need to engage with them.  
2. e.g. supplier works with organization to find a solution to a common customer request or need.  
3. Stakeholders level of involvement varies as does their role during the process.  They may just approve a purchase order or be deeply involved in the details; you need to know their level of involvement an illicit the right kind of collaboration with them. 
4. Provide regular updates about the project, provide visibility on what is happening.  tailor your communications to the different types of stakeholders and focus on collaboration not 100% consensus.   

 There are so services that work in isolation, the quality of an organizations outputs is contingent on how well all of the parts work together in a cohesive manner.  To have a comprehensive approach, you need to see all the components and how they fit together.   

1. Realize that systems are complex and vary in their complexity.  What works in a simpler system may not work in a complex system where  
2. Set up timely and effective collaboration mechanisms between all stakeholders  
3. Look for patterns and persistent system needs to anticipate need and get a comprehensive perspective 

 You want to achieve the objectives with the fewest possible steps.  Remove any process or service that doesn’t add value.  Don’t try to anticipate every scenario or situation when designing a service, instead create general rules that can address exceptions more generally 

1. When evaluating a service, practice, process, the key question is to ask is if it aids in creating value. Break it into parts and ask if the parts drive value or not. 
2. Only add controls or metrics when they are necessary, don’t add just to add something.  Simplicity is better than sophistication and leverage quick wins, like removing an unnecessary step or metric that just wastes time 
3. Identify objectives that may conflict and find compromise, often in a complex system different parts won’t agree, identify those early and address them.   
4. Overall, the goal is to focus on what is creating value and why it is, simplify where you can.  

Optimization is refining something to its most effective and functional state.  

Optimization involves: 

1. Evaluate the current condition of what you want to optimize and areas for enhancements and improvement.   
2. Determine the desired future state you are trying to achieve, with an emphasis on simplification and creating value 
3. Ensure stakeholders are engaged  
4. Do iterative steps and get feed back.  Have clear metrics to determine progress. 
5. Continually assess and look for other areas of improvement 
6. Automation is leveraging technology to complete one or more steps accurately and consistently with little or now human input.  Best for simple and repetitive tasks.  
7. An example would be resource optimization where available resources are aligned with org needs, considering cost, scope and quality  

This pertains to the SVS as a whole and for each service that is provided, a way to look at the organization as a whole.  They are subject to outside forces, that are outside the organizations control.    

Focus on the organizational structure, its people, roles, systems of authority and communication.  Often complex and overlapping.  Need to clearly define the structure and how it aligns with overall strategy and objectives. 

1. Think about the customers, employees, suppliers and other stakeholders, their competencies. Look at leadership styles.  Look at how different part of the organization interact.   
2. Each individual should see their role in value creation for the organization use that as what unites each business unit toward a common goal.   
3. Encompasses roles, responsibilities, organizational structure, culture and staffing competencies 
4. If looking at the whole SVS, the organization is the service provider 

 In the scope of a service, this involves the info that is produced, used and managed by the service and the technologies that facilitate and support the service.  For most businesses customers, information is the principal output.  An HR service, for example, manages and keeps secure all kinds of data on employees.   

1. Think about what type of info is the service handling 
2. Is there additional info and knowledge required to deliver and manage the service? 
3. What processes are in place / need to be put in place to manage, archive, secure, dispose of information produced 
4. How do the services / service components fit together?  What is the architecture of info as it flows from one service to another?   
5. Optimize factors like availability, reliability, accessibility, the relevance of what is being shared, can that be tweaked?  
6. Regulatory compliance: many services use data that has legal rules, like GDPR (general data protection regulation) and HIPAA 
7. When planning for a service, an improvement to a service, think about: 
8. Compatibility with existing architecture 
9. Regulatory and compliance  
10. Future viability 
11. Alignment with strategies and goals  
12. Skills and support – are new skills or support needed to use the service? 
13. Automation capabilities 
14. New risk / constraints or costs 
15. Other things to consider in this dimension is the culture and nature of the business. A sector that is regulated vs one that is not, or a company that is heavy into AI, while another is not.   

 The service the organization provides is dependent on services from other businesses; we can’t offer our product without outside services and vendors.   

1. Contractual and other forms of agreements between partner orgs, suppliers 
2. Relationships between orgs can be very complex to very simple.  Could be ordering supplies (printer paper),  to highly involved and working in a partnership to provide a service (manage printers for a company, they lease only) 
3. Factors in choosing suppliers and partners: 
4. Strategic focus – Org can focus on it’s core products and purchase services for secondary functions or want to control most in house 
5. Culture – past partnerships and agreements often have a strong impact on future contracts 
6. Resource scarcity: if the organization doesn’t have the resources it needs, can purchase them 
7. Cost concerns: weight the cost of internally managing all parts of the service or outsource it and what the vendor chanrges  

 Focus on the activities, workflows, controls and procedures that are used to reach objective(s).  How the different organizational segments work together to create value.   

1. A value stream is the sequential steps that an organization uses to deliver products and services.  Uses parts of the service value chain.  Need to define the value streams for each product and service.   
2. Map out the value streams in the organization, look for non-value producing activities 
3. A process is a structured set of activities designed to accomplish a specific objective.  Processes take one or more inputs and creates the defined outputs.  Processes must be measurable  
4. For specific services, look at the overall delivery model and value stream.  Who / what performs the actions.  What is essential to deliver the service? 

Political, Economic, Social, Technological, Legal and Enviromental – a model used to analyze how external forces may affect a service or product  

The purpose of this practice is to protect the information needed by the organization to conduct its business.  Need to understand and manage risks to confidentiality, integrity, and availability of info (CIA).  The goal is to make sure that the organization's information is protected to a level that is consistent with values and minimizes business risk.  This practice includes: 

1. Identifying assets that need to be protected (hardware, software, wireless, workstations, etc.) 
2. Identify the risks that could impact these resources and what steps can be taken to manage/minimize these risks.   
3. Monitoring and continual improvements to ensure security and meet emerging threats.  

Key concepts of Info security practice: 

• CIA: confidentiality, availability, integrity 
• Confidentiality – only people or systems that should see the information can see it, it is available to authorized entities only. 
• Integrity – the information is accurate and can only be modified by authorized people or system 
• Availability – the info is available when needed and where it is needed.  
• Authentication – the person or system is who they say they are, verification that what is stated is true.  Can use MFA, biometrics etc 
• Non-repudiation – can determine who and what did a certain action, the ability to audit and have proof of what was done and by who.   
• Assets, threats, threat actors, vulnerabilities: 
• Assets – anything of value, hardware, people, processes, websites, etc 
• Threat – a possible event that could harm an asset 
• Threat actor – a person or group that poses a threat to assets 
• Vulnerability -- a weakness that could be exploited against an asset.  

 The goal is to build and maintain relationships between internal/external customers, stakeholders, suppliers, partners etc.  Need to understand the expectations of the customer and consumers of the service and meet those needs, as well as  ascommunicateg and fostering productive interactions.  This practice is designed to establish and nurture to links between an organization and its stakeholders.  Ensure that all parties have clear expectations and needs, and goals are aligned with what the service provides.  

1. Need to engage with the stakeholders throughout the service lifecycle, essential to make sure the services are aligned with business objectives and meet customer requirements.  
2. This practice builds trust and satisfaction with customers and stakeholders 
3. Can make a stakeholder map based on their level of influence and interest.  This can change over time, for different services 

The focus is on careful selection, management and evaluation of suppliers to ensure they are delivering value to the organization.  Need to develop good, strong and mutually beneficial relationships between org and suppliers.  Need to examine the whole lifecycle of the service and how to leverage the suppliers capabilities to drive value.  Good supplier management practices allow an organization to manage their supply chain, ensuring that the right services are delivered at the right time, at the right cost and within the expected cost and warranty.  

1. The supplier's responsibility is to provide services to the organization.  The first step is to identify available suppliers and reaching out for info: 
2. RFI – request for information – the initial, often informal request to get info about the product and the supplier. 
3. RFP -- Request for Proposal – this is a detailed document that lays out the objectives, scope, timeline, cost, and expected outcomes that the org produces.  Suppliers then submit a comprehensive proposal.  Usually for more complex projects 
4. RFQ – request for quote – request a pricing quote for specified products or services.  More for straightforward purchases  
5. RFB -- Request for Bid – request for suppliers to submit a competitive bid.  More elaborate than a Request for Quote  
6. RFD -- Request for Demonstration – request a live demo or presentation, outlines the demo requirements, integrations, features etc.   
7. Contractual agreements: details the service level agreements, utility, warranty, terms and conditions, payment terms.    

Comming soon

Comming soon

Comming soon

The goal is successfully move a service or feature to a live, production environment.  Need to ensure the delivery is controlled and predictable with minimal impact on the business.  Transitioning from development to operational use.  The scope is covers the whole life cycle, from planning, scheduling, testing, and deploying.  This practice is crucial to balance the need for speed of delivery with impacting the business.  

Key terms: 

• The Deployment management practice is used to transition service components and services from planning and development to production environments:  
• Development / integration environment – for software creation and integration with other software development 
• Test environment – assess the software and components 
• Stage environment – for evaluation in an environment that mirror production, test with other applications 
• Live / production environment – the environment where users interact with and consume the service  
• Continuous integration – incorporating the creation and testing in the production environment 
• Continuous delivery – having continuous releases to production with frequent and selective deployments 
• Continuous deployment – automating deployments for almost instant deployments, multiple releases a day.  
• Definitive media libraries: detailed info about the services and components, used when planning a deployment  

**See below for lots more info**

 The purpose of the continual improvements practice is to align the services, practices and processes with changing business needs through ongoing improvements.  The improvements are planned and implemented in stages with evaluation between iterations.  

 Also known as change management / change control, is focused on ensuring that changes to the environment are done in a controlled and efficient manner.  The goal is to maximize value and benefits to the organization while minimizing downtime and disruption of service.  You need a structured approach to change that includes documentation, review and approval processes.  Need a clear understanding of the potential impacts of the change on existing services and business operations.  Need to account for planned and unplanned changes (in response to an incident or problem).   

Key terms: 

1. Change: addition / removing or modifying a component that would directly or indirectly affect a service.   
2. A standard change – low risk, preauthorized, routine types of changes that are well documented.  Examples are: fulfilling a service request, standard incident response changes, infrastructure maintenance and updates, software patching and updates. 
3. Normal change: medium, high or unknown risk, authorization needed.  Begins with a Request for Change (RFC)  
4. RFC – kicks off the change enablement process.  Usually internally developed, but can be from supplier or partner, based on changes they are making. 
5. Emergency changes: need to be done immediately, but still done in a controlled fashion.  Can be standardized and automated  
6. Change model: a repeatable model for managing the different kinds of changes.   
7. Change Advisor board (CAB): formalized team to approve changes, not as prevalent in an agile framework.   

Comming soon

Comming soon

Comming soon

Comming soon

Comming soon

Comming soon