IT Infrastructure Library

Transcript

1. IT INFRASTRUCTURE LIBRARY A Presentation By Venu Gopal K for

   BITS UC 412 (Practice School II)

2. Contents  Introduction – What is ITIL?  Overview of

   ITIL  Implementing ITIL  ITIL Service Management  ITIL Incident Management  ITIL Information Security

3. Information Technology Infrastructure Library http://www.securityfocus.com/infocus/1815 “ITIL is a set of

   best practices and guidelines that define an integrated, process-based approach for managing information technology services.”

4. Overview Of ITIL  Began as an effort to develop

   efficient and cost- effective use of IT resources.  ITIL outlines what processes to be implemented; but not how to implement it http://www.tso.co.uk/pism/app/content/pism_7.htm

5. The ITIL Framework

6. Overview Of ITIL  Service Delivery Management  Service Level

   Management  SLA – Service Level Agreement  OLA – Operational Level Agreement  Financial Management  Capacity Management  Infrastructure resources  Availability Management  Application resources  Service Continuity Management  Disaster recovery

7. Overview Of ITIL  Service Support Management  Configuration Management

    Managing hardware, documentation, personnel etc.  Change Management  Managing changes to Configuration items  Release Management  Software and Hardware license control  Problem/Incident Management  Service Desk

8. Process Categorization In ITIL  In ITIL,IT processes are divided

   into 3 levels:  Strategic: Objectives and methods to achieve them are defined.  Tactical: Converting strategies into plans and setting target outcomes.  Operational: Executing tactical plans and achieving targets within specified time. Statergic (Policy) Tactical (Procedure) Operational (Execution)

9. Implementing ITIL  Some considerations for successful ITIL implementation include:

    ITIL implementations need to be managed as a formal project.  It takes resources including time and money.  A strong Communication Plan will need to be executed.  It takes Management commitment and participation.  Certifications

10. BENEFITS OF ITIL  IT services become more customer- focused

     The quality and cost of IT services are better managed  The IT organization develops a clearer structure and becomes more efficient  There is a uniform frame of reference for internal communication about IT

11. ITIL SERVICE MANAGEMENT

12. INTRODUCTION  Linking Businesses to IT solutions  Provide comprehensive

    and available application codes  Planning, realization and IT support services  Business practices  IT –support to business links  In-House  External Customers  Supplier-Relations  Automated business procedure  Specify service life cycle to provide clear references to business demands.
13. None

14. Service Delivery Management  Service Strategy  Service Design 

    Service Transition  Service Operation  Continual Service Improvement

15. Service Strategy  Service life cycle  General strategy 

    Service provider types  Organizational design and development  Competition and Market space  Service management  Finance management

16. Service Design  Design of processes, architecture, policies, documentation 

    Service Design Package (DSP)  Service Catalog Management  Service Level Management  Capacity management  IT service continuity  Information security  Key roles  Supplier management  Responsibilities of staff in service design.

17. Service Transition  Delivery of services to the businesses for

    operational use  Changing the BAU environment.  Change management  Service asset  Configuration management.  Release and deployment management  Knowledge management  Transition planning and support.  Staffs engaged in transition of service.

18. Service Operation  Practice of achieving delivery of agreed levels

    of services  Beneficial to both end users and customers  Customers – who negotiate on SLAs  Direct delivery of both services and values to the customers  Balancing of service reliability and costs  Event management, incident management, service desk and application management, event fulfillment, asset management.

19. Continual service improvement (CSI)  Align and realign IT services

    for the changing business needs  Improvement of businesses  Business perspective of service quality  Effectiveness, efficiency, cost importance of services.  Deciding on the total services being provided  Managing ITSM (Service Management) for enabling the services  Organizational methods for measuring, reporting and using the data to improve the processes and services being provided.  Adopting CSI with well defined goals, document procedures, input, output, identified roles and responsibilities

20. Service Support Management  Services for better execution of businesses

     Customers and users are the major sources to plan the processes  Incident management  Service request management  Change management  Configuration management

21. Problem management  Goal- to identify the root cause for

    all incidents  Optimize the recurrence of incidents by resolving incidents with back up.  Provide strong support for IT infrastructure, availability of servers, application environment.  Virus protection server maintenance, Anti-Virus protection measures.

22. Change management  Ensure the standards and specifications on procedures

    and methods implemented to handle incidents  To minimize the change-related problems  Improve day -to- day activities  Definition- event that results in new statuses that contains one or more new configuration items. (CIs)  Minimal disruption of service  Reduce the back out of IT activities  Economizing the resources involved in changes.

23. Release Management  For automated distribution of software and hardware.

     Access control for the entire IT infrastructure  The design and implementation of procedures for the distribution and installation of changes in the IT systems.  Ensuring safety and security of the live IT environment being conscious of customer expectations through formal procedure and checks.

24. Configuration Management  Ensures the standards and specifications of all

    configurations installed in the entire IT infrastructure.  Checking the CIs.  Adopt quality control measures to correct and rectify the items to the required standards for better operations.  Efficient business practice management through better configuration, equipment features.

25. ITIL INCIDENT MANAGEMENT

26. ITIL Incident Management Need  Clear definition of services 

    Single point of contact  Cost Reduction

27. ITIL Incident Management Role of Service Desk  Provide a

    single contact point  Restoration of services with minimal business impact

28. ITIL INCIDENT MANAGEMENT PROCESS FLOW

29. ITIL Incident Management Results  Service objectives and goals are

    defined  Business needs are understood  Customer requirements are understood

30. ITIL Incident Management Benefits  Increased accessibility through single contact

    point  Quicker resolution of customer requests  Improved usage of IT support services  Increased productivity of service desk personnel

31. ITIL Incident Management Benefits  Reduced negative business impact 

    Assist decision making by providing important management information  Staff resource usage  Service deficiencies  Service performance and target achievement

32. ITIL INFORMATION SECURITY

33. ITIL SECURITY MANAGEMENT  Security Management ITIL is a relatively

    new process  Key concept of Availability Management  The ITIL Security Management process describes the structured fitting of security in the management organization.  Based on the Code of practice for information security management also known as ISO/IEC 17799.  A basic concept of Security Management is the information security. Primary goal of information security is to guarantee safety of information.

34. ITIL INFORMATION SECURITY  Information security means protecting information and

    information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.  Information security, computer security and information assurance are frequently used interchangeably.  Information security is concerned with the confidentiality, integrity and availability of data

35. INFORMATION SECURITY BASIC PRINCIPLES  Confidentiality  Integrity  Availability

     Authenticity  Non-repudiation  Risk management

36. INFORMATION SECURITY ITIL breaks Information security into:  Policies -

    overall objectives an organization is attempting to achieve  Processes - what has to happen to achieve the objectives  Procedures - who does what and when to achieve the objectives  Work instructions - instructions for taking specific actions

37. INFORMATION SECURITY Information Security Process is a seven step process:

    1. Using risk analysis, IT customers identify their security requirements. 2. The IT department determines the feasibility of the requirements, compares them to the organization's baseline. 3. The customer and IT organization negotiate and define a service level agreement (SLA). 4. Operational level agreements (OLAs), which provide descriptions of services provided. 5. The SLA and OLAs are implemented and monitored. 6. Customers receive reports about the effectiveness and status of security services. 7. The SLA and OLAs are modified as necessary.
38. None

39. INFORMATION SECURITY o ITIL seeks to ensure that effective information

    security measures are taken at  strategic levels  tactical levels  operational levels o A complete cyclical process with continuous review and improvement

40. CONCLUSION  Information security is the ongoing process of exercising

    due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution.  Process of Information security involves  Ongoing training  Assessment  Protection  Monitoring  Detection  Incident response  Repair  Documentation  Review
41. None