This housing led recession has multiple negative impacts on IT operations: over leveraged financials, falling asset prices, frozen credit markets, customer spend falls, foreclosures, to name a few.
But like everything, recession has also positive aspects.
So, like my StartUpCFO friend would say, let's "look on the bright side".
In terms of product, you'll focus on what is absolutely essential.
In terms of marketing, you'll have to figure out and cut what's not working.
In terms of cashburn, you'll have to rethink about the efficiency of everything you are doing.
On this one, ITIL is the tool you need!
In your IT department, ITIL will help you performing a situation analysis, make cuts where necessary, and will tell where to spend your dollars.
ITIL Service Management is all about delivering services to the business that the business needs, now and in the future, at a level that the business requires and is willing to pay for. This aspect was not a big strength of ITIL v2, but is the centerpiece of v3.
It's high time to spend for to save.
12.07.2008
11.02.2008
Complexity...
I've seen a lot of articles trying to compare ITIL v3 and COBIT, CMMI, ISO/IEC 20000, ISO/IEC 27001... and describing ITIL as sometimes more, and sometimes less complex than others.
How to measure complexity?
I'm not sure I want to try to answer this question, I'm not even sure the question makes sense.
What is complex for me, in my context, might be simple for you, in your context.
Many factors such as background, experience, organization... contribute to perceived complexity.
Anyway, when you look for a method, you're actually looking for an enabler. If your perceived complexity of a method is high, then it's not an enabler.
How to measure complexity?
I'm not sure I want to try to answer this question, I'm not even sure the question makes sense.
What is complex for me, in my context, might be simple for you, in your context.
Many factors such as background, experience, organization... contribute to perceived complexity.
Anyway, when you look for a method, you're actually looking for an enabler. If your perceived complexity of a method is high, then it's not an enabler.
10.29.2008
The future of ITIL V2 certification
Currently EXIN offers exams for both ITIL V2 and ITIL V3 but the discontinuation of ITIL V2 is now being considered by the ITIL Qualification Board.
The Board would very much value your opinion about this matter.
The survey is here. It is anonymous and will take only a minute.
Here is an opportunity to have your say on the future of ITIL V2.
The Board would very much value your opinion about this matter.
The survey is here. It is anonymous and will take only a minute.
Here is an opportunity to have your say on the future of ITIL V2.
10.19.2008
ITIL and Agile methods
Agile is about "individuals and interactions over processes and tools". Could agile methods an ITIL coexists?
It really depends on the way you decide to implement ITIL.
Whatever the agile method you are using (Scrum, eXtreme Programing, Unified Process, Evo...), you can't take and apply what you like and leave what you dislike.
With ITIL, before anything else, you *have to* do assessment and define what is making sense and what is not for your organization.
ITIL is not a method and will never be. Even if, in its 3rd version, ITIL is offering a much better cover on design and development, ITIL will remain a set of best practices.
ITIL and a non-waterfall method like Agile ones are not necessarily incompatible but you'll have to review your ITIL Release management and Change management quite deeply.
To keep it simple: ITILify agile but do not Agilify ITIL!
It really depends on the way you decide to implement ITIL.
Whatever the agile method you are using (Scrum, eXtreme Programing, Unified Process, Evo...), you can't take and apply what you like and leave what you dislike.
With ITIL, before anything else, you *have to* do assessment and define what is making sense and what is not for your organization.
ITIL is not a method and will never be. Even if, in its 3rd version, ITIL is offering a much better cover on design and development, ITIL will remain a set of best practices.
ITIL and a non-waterfall method like Agile ones are not necessarily incompatible but you'll have to review your ITIL Release management and Change management quite deeply.
To keep it simple: ITILify agile but do not Agilify ITIL!
10.13.2008
Events Alerts Incidents and Problems
ITIL v3 introduced Event & Alert management which goal is to set appropriate alert levels such that events can be acted upon before they become incidents, while at the same time avoiding alerts from insignificant activities.
Before going deeper, let's revise the vocabulary:
An event is a detectable or discernible occurrence that has significance for the management of the IT infrastructure.
An alert is triggered by specific events and needs immediate attention.
An incident is an event which is not part of the standard operation of a service and which causes or may cause disruption to or a reduction in the quality of services and customer productivity.
A problem is a cause of one or more existing or potential incidents.
So when the hard drive of a server reach 50% usage, an event will record the information for trend analysis. When it reaches 80% usage, an alert might be triggered. Once at 100% usage, chances are you have an incident and potentially a problem to be investigated.
Before going deeper, let's revise the vocabulary:
An event is a detectable or discernible occurrence that has significance for the management of the IT infrastructure.
An alert is triggered by specific events and needs immediate attention.
An incident is an event which is not part of the standard operation of a service and which causes or may cause disruption to or a reduction in the quality of services and customer productivity.
A problem is a cause of one or more existing or potential incidents.
So when the hard drive of a server reach 50% usage, an event will record the information for trend analysis. When it reaches 80% usage, an alert might be triggered. Once at 100% usage, chances are you have an incident and potentially a problem to be investigated.
10.10.2008
What ITIL software do you use?
Recently, someone asked on LinkedIn "What ITIL software tool do you use" and got 24 answers.
Let me sum-up the tools that came up in the answers.
Mentioned more than once:
Let me sum-up the tools that came up in the answers.
Mentioned more than once:
- BMC suite (and Remedy in particular)
- ServiceDesk plus
- Service-now.com
- Topdesk
- serverware.com
- Altiris
- Heat
- Track IT
- HP's assetcenter
- Assyst
- Axios
- Numarasoftware
10.07.2008
Let's also talk about Mobivox
ITIL is not all my life, and, I hope, not all yours.
From time to time we need to breathe some fresh air, meet other people, see other's challenges and bring back new ideas, contacts and sometimes business opportunities...
I use LinkedIn Q&A almost every day to learn from other companies, other environments, other industries and other Worlds.
I would like to mention an event in Montreal on November 27th that is also a great place to meet/discuss with people from other planets: the Startup Camp 3.
Among the keynote speakers, 2 dangerous serial entrepreneurs: Austin Hill from Akoha and Patrick Lor.
I'm not on the panel but I'll be happy to introduce you to Mobivox and Mobivox|PL, our platform, or talk about ITIL...
Just find me in the crowd (or email me prior to the event if you don't want to hunt).
10.05.2008
ITIL and your career
Until recently, ITIL was about understanding the basics of Operational IT support and delivery processes. ITIL v3 is now providing a broader view on services lifecycles: Services Design, Services Transition, Services Operations.
If the foundation qualification is only a high-level overview that gives a basic understanding and appreciation of the ITIL best practices principles, it's slowly moving from a "nice-to-have" to a "must-have".
It is indeed a competitive advantage in your job search. In certain companies, ITIL can open doors that otherwise would have remained closed.
Remember that companies don't get ITIL certified... employees do!
Once time and money have been invested in certifying a department, and ITIL benefits start to show, it's very likely that new hires will be required to be ITIL-ready.
To me, no doubt that the demand will continue to rise in the coming years.
Here, in Canada, even IT recruiters are ITIL certified, which gives you a very smart way to start an interview...
9.28.2008
v3 foundation exam
Recently asked on LinkedIn: "How to prepare for the ITIL Foundation Certification v.3?".
My recommendations follows.
To increase your chances, I would not recommend a preparation before the training but:
My recommendations follows.
To increase your chances, I would not recommend a preparation before the training but:
- before the training: find/buy ITIL practice tests,
- during the training: take notes, build a glossary, sum-up each chapter in your own words,
- before the exam, do as many practice tests as possible while making sure your sum-ups are covering all the questions,
- the day before the exam: forget the books/manuals, just make sure you have your glossary and your sum-ups in min,
- during the exam: relax, quickly answer the easy question first, take some time on the remaining questions, keep 5 minutes to review the easy questions.
9.27.2008
Talking about power consumption...
As an IT manager, you have many different reasons to monitor the power consumption of your equipments, individually, and as a whole:
- ecological: reduce the environmental impact of the activity
- financial: drive down energy cost
- availability: make sure a power circuit is not about to trip
- scalability: know how many servers you can add on a circuit, in a rack or a datacenter
- troubleshooting: detect incident like A/C issues
Some basic rules I always recommend:
Even if you have a team on site 24/7, always use manageable power bars, that will allow you to track the power consumption of your equipments and power then up and down remotely.
Configure your bars so that all the servers are not powered up at the same time if the power happen to go down and up. A "boot surge" could trip the circuit even if you are far from the limit when the systems are operating. You can also use this delay between the servers startups to handle servers/services dependencies (boot a file storage first for example).
Never exceed 70% of the amperage of a circuit. Even if the power consumption appear very stable, servers needs much more juice to cool down when the A/C fails.
Understand how your servers behave on an energy standpoint when booting, when rebuilding a RAID container, when the CPU load is high, when the temperature raises...
Recently, I have discovered a $29.90 tool that helped me a lot: Kill-A-Watt.
Connect a server to this device and stresstest it. You'll immediately see the Volts, Amps, Watts, Hz and VA.
9.25.2008
How green is ITIL?
Today, I have discovered the world's first social reality game with Akoha and one of the mission I have been assigned is "Give a compact fluorescent bulb to somebody".
Earlier in the day, our web designer at MOBIVOX stopped by my desk, watched our printer, to tell me that this model consumes 80 Watts, not while operating, 80 Watts when it's in a stand by/sleep mode.
So what's my contribution to protecting our environment if I replace an incandescent bulbs by a fluorescent bulbs but don't bother checking the power consumption of office or production equipments? Will ITIL help/educate me?
Well, you won't find any explicit support for green issues in ITIL. If you host your datacenter, your power bill is probably at the top of your recurring costs. How come you're on your own?
ITIL's ultimate goal is to deliver best value IT services while driving down costs and reducing power consumtion, increasing recycling and reuse provide clear opportunities for financial gain.
It is, therefore, unfortunate that the version 3 fails to address the environmental impact question.
ITIL v3 will provide you better tools than v2 to achieve your environemental goals, but tools only, not guidelines.
IT director will be under increasing pressure to incorporate the environmental impact into any decision making, so I hope v4 will be much greener. Too bad that we have to wait a couple of years.
Earlier in the day, our web designer at MOBIVOX stopped by my desk, watched our printer, to tell me that this model consumes 80 Watts, not while operating, 80 Watts when it's in a stand by/sleep mode.
So what's my contribution to protecting our environment if I replace an incandescent bulbs by a fluorescent bulbs but don't bother checking the power consumption of office or production equipments? Will ITIL help/educate me?
Well, you won't find any explicit support for green issues in ITIL. If you host your datacenter, your power bill is probably at the top of your recurring costs. How come you're on your own?
ITIL's ultimate goal is to deliver best value IT services while driving down costs and reducing power consumtion, increasing recycling and reuse provide clear opportunities for financial gain.
It is, therefore, unfortunate that the version 3 fails to address the environmental impact question.
ITIL v3 will provide you better tools than v2 to achieve your environemental goals, but tools only, not guidelines.
IT director will be under increasing pressure to incorporate the environmental impact into any decision making, so I hope v4 will be much greener. Too bad that we have to wait a couple of years.
9.17.2008
Step 7: implementing corrective action
Last episode so it's time to use the knowledge gained to optimize, improve and apply corrective actions.
You have identified many area of improvement, however you can't implement them all.
Priority is to be decided not only based on goals and objectives but also on regulatory requirements, competition moves or political decisions.
Corrective action if too often done in reaction to a single event that caused a severe outage and Continual Service Improvement is too often brought back up only once someone's complaining too loudly.
CSI requires ongoing attention, a well-thought-out plan, consistent attention to monitoring, analysing and reporting results with an eye toward improvement.
And all the 7 steps needs attention.
You have identified many area of improvement, however you can't implement them all.
Priority is to be decided not only based on goals and objectives but also on regulatory requirements, competition moves or political decisions.
Corrective action if too often done in reaction to a single event that caused a severe outage and Continual Service Improvement is too often brought back up only once someone's complaining too loudly.
CSI requires ongoing attention, a well-thought-out plan, consistent attention to monitoring, analysing and reporting results with an eye toward improvement.
And all the 7 steps needs attention.
9.15.2008
Step 6: presenting and using the information
Our sixth episode is about creating reports and presenting information, which is an activity that is done in most organizations to some extent or another.
There is no value in the work done so far if we don't take our knowledge and present it, that is, turn it into wisdom by utilizing reports, monitors, action plans, reviews, evaluations and opportunities.
First, carefully think about the target audience and its needs/expectations. Format the collected data into knowledge that all levels can appreciate.
Then, keep in mind that managers at all levels are bombarded with too many e-mails, too many meetings, too many reports. So be concise and effective.
Some of the common problems associated with the presenting and reporting
activity:
There is no value in the work done so far if we don't take our knowledge and present it, that is, turn it into wisdom by utilizing reports, monitors, action plans, reviews, evaluations and opportunities.
First, carefully think about the target audience and its needs/expectations. Format the collected data into knowledge that all levels can appreciate.
Then, keep in mind that managers at all levels are bombarded with too many e-mails, too many meetings, too many reports. So be concise and effective.
Some of the common problems associated with the presenting and reporting
activity:
- everyone gets the same report (where business, senior management and IT managers are 3 very different audiences with different needs/expectations)
- lack of an executive summary
- too much over-killing supporting data
- data presented in terms that are not understandable by the target audience (for example, availability is reported in percentages when the business often is interested in knowing the number, duration and impact of outages)
8.29.2008
Step 5: analysing the data
We're making progress... It's time for some self gratification.
Data analysis is where the information is transformed into knowledge of the events that are affecting your organization. It takes more skills and experience to perform data analysis than data gathering. It's not only a matter a reporting and producing graphs but also to document observations and conclusions.
Questions that will drive this analysis exercise:
Data analysis is where the information is transformed into knowledge of the events that are affecting your organization. It takes more skills and experience to perform data analysis than data gathering. It's not only a matter a reporting and producing graphs but also to document observations and conclusions.
Questions that will drive this analysis exercise:
- Are we operating according to plan?
- Are we meeting targets?
- Are corrective actions required?
- What is the cost of the service gap?
- Are operations running according to plan?
- Are targets defined in SLAs or the Service Catalogue being met?
- Are there underlying structural problems that can be identified?
- Are corrective actions required?
- Are there any trends? If so then what are the trends showing? Are they positive trends or negative trends?
- What is leading to or causing the trends?
8.27.2008
Step 4: processing the data
The main goal now is to convert the data from step 3 to an appropriate format for the required audience.
Report-generating technologies are typically used at this stage as various amounts of data are condensed into information for use in the analysis activity.
Usually the best approach is to report the data into logical groupings, keeping in mind that what's important to show is the overall performance of a service.
Indeed, while monitoring and collecting data on a single component is important, it is key to understand the component’s impact on the larger infrastructure.
If you are hosting a merchant site, having 5 nines on your database availability (over a reasonable amount of time) is an accomplishment. But this really makes sense from a customer's perspective if the other components of the infrastructure have reached the same availability (web servers, DNS...).
Report-generating technologies are typically used at this stage as various amounts of data are condensed into information for use in the analysis activity.
Usually the best approach is to report the data into logical groupings, keeping in mind that what's important to show is the overall performance of a service.
Indeed, while monitoring and collecting data on a single component is important, it is key to understand the component’s impact on the larger infrastructure.
If you are hosting a merchant site, having 5 nines on your database availability (over a reasonable amount of time) is an accomplishment. But this really makes sense from a customer's perspective if the other components of the infrastructure have reached the same availability (web servers, DNS...).
8.25.2008
Step 3: gathering data
Gathering data requires having some form of monitoring that keeps quality as the key objective.
The emphasis is not on assuring realtime service performance, rather it is on identifying where improvements can be made.
This been said, the Continual Service Improvement process is unlikely to need, or be able to cope with, the vast quantities of data that are produced by all monitoring tools and you'll have to focus on a specific subset of monitoring at any given time.
Keep your monitoring plan dynamic and pointing to priorities, you may need to investigate an activity one quarter and a completely different one the quarter.
Let's differentiate 3 categories of metrics:
• Technology metrics: these metrics are often associated with component
and application based metrics such as performance, availability etc.
• Process metrics: these metrics are captured in the form of CSFs, KPIs
and activity metrics for the service management processes. These metrics
can help determine the overall health of a process.
• Service metrics: these metrics are the results of the end-to-end service.
Exceptions and alerts need to be considered during the monitoring activity as they can serve as early warning indicators that services are breaking down.
Inputs to this step:
• New business requirements
• Existing SLAs
• Existing monitoring and data capture capability
• Availability and Capacity Plans
• Service improvement plans
• Previous trend analysis reports
• List of what you should measure
• List of what you can measure
• Gap analysis report
• List of what to measure
• Customer satisfaction surveys
Outputs from this step:
• Updated Availability and Capacity Plans
• Monitoring procedures
• Identified tools to use
• Monitoring plan
• Input on IT capability
• Collection of data
• Agreement on the integrity of the data
The emphasis is not on assuring realtime service performance, rather it is on identifying where improvements can be made.
This been said, the Continual Service Improvement process is unlikely to need, or be able to cope with, the vast quantities of data that are produced by all monitoring tools and you'll have to focus on a specific subset of monitoring at any given time.
Keep your monitoring plan dynamic and pointing to priorities, you may need to investigate an activity one quarter and a completely different one the quarter.
Let's differentiate 3 categories of metrics:
• Technology metrics: these metrics are often associated with component
and application based metrics such as performance, availability etc.
• Process metrics: these metrics are captured in the form of CSFs, KPIs
and activity metrics for the service management processes. These metrics
can help determine the overall health of a process.
• Service metrics: these metrics are the results of the end-to-end service.
Exceptions and alerts need to be considered during the monitoring activity as they can serve as early warning indicators that services are breaking down.
Inputs to this step:
• New business requirements
• Existing SLAs
• Existing monitoring and data capture capability
• Availability and Capacity Plans
• Service improvement plans
• Previous trend analysis reports
• List of what you should measure
• List of what you can measure
• Gap analysis report
• List of what to measure
• Customer satisfaction surveys
Outputs from this step:
• Updated Availability and Capacity Plans
• Monitoring procedures
• Identified tools to use
• Monitoring plan
• Input on IT capability
• Collection of data
• Agreement on the integrity of the data
8.11.2008
Step 2: define what you can measure
In a perfect world, measure everything you should.
In the real world, you won't necessarily measure everything (because of staff, technical, time or even legal... limitations).
Golden rule: what cannot be measured should not be in an SLA.
After assessing the tools you currently have in place, compile of list of what can currently be measured without any tool customization.
Then look at existing reports, databases, any existing documentation and you'll be able complete your list.
A gap analysis (must have versus currently have) will tell you what set of data and what tools are missing.
Your inputs for this step:
- list of what you should measure from previous step
- process flow
- procedure
- work instructions
- technical and user manuals from existing tools
- existing reports
In the real world, you won't necessarily measure everything (because of staff, technical, time or even legal... limitations).
Golden rule: what cannot be measured should not be in an SLA.
After assessing the tools you currently have in place, compile of list of what can currently be measured without any tool customization.
Then look at existing reports, databases, any existing documentation and you'll be able complete your list.
A gap analysis (must have versus currently have) will tell you what set of data and what tools are missing.
Your inputs for this step:
- list of what you should measure from previous step
- process flow
- procedure
- work instructions
- technical and user manuals from existing tools
- existing reports
8.08.2008
Step 1: define what you should measure
Day one in your new job: what should you measure? what is important to the business?
There are 2 approaches that you can combined:
1 - start with a prep work: define the VBF (Vital Business Functions) and then identify services underpinning VBF
2 - utilize the existing Service Level Agreements
Don't underestimate the measurements implementation effort and don't go into too much details. Keep it simple to start with.
Other input sources:
This being said, a complete service catalogue is a must-have / must-build.
There are 2 approaches that you can combined:
1 - start with a prep work: define the VBF (Vital Business Functions) and then identify services underpinning VBF
2 - utilize the existing Service Level Agreements
Don't underestimate the measurements implementation effort and don't go into too much details. Keep it simple to start with.
Other input sources:
- Service catalogue
- Mission statement
- Department goals and objectives
- Legislative requirements
- Budget cycle
- Balanced scorecard
This being said, a complete service catalogue is a must-have / must-build.
8.06.2008
Heptalogy to come
Today my friends, we are learning a new word together (my bad and congrats if you already knew it): heptalogy.
It has nothing to do with ITIL, it is a set of seven works that are connected by a common storyline.
No Harry Potter here, in the next 7 posts (heptapostology???), we'll talk about the 7 steps of Continual Service Improvements:
Enough teasing!
It has nothing to do with ITIL, it is a set of seven works that are connected by a common storyline.
No Harry Potter here, in the next 7 posts (heptapostology???), we'll talk about the 7 steps of Continual Service Improvements:
- 1/ define what you should measure
- 2/ define what you can measure
- 3/ gathering the data
- 4/ processing the data
- 5/ analyzing the data
- 6/ presenting and using the information
- 7/ implementing corrective action
Enough teasing!
8.03.2008
Building the Service Desk
Today le'ts talk about CMDB and ticket tracking systems solutions.
A CMDB is the first stone of a complex structure you are building, so don't look at it as a standalone piece, but as the keystone all your future processes will rely on.
Some leads to choose an ITIL ready, or evolutive, or open-source CMDB :
A CMDB is the first stone of a complex structure you are building, so don't look at it as a standalone piece, but as the keystone all your future processes will rely on.
Some leads to choose an ITIL ready, or evolutive, or open-source CMDB :
- OTRS (the number one is this list had to be an opensource)
- EverDream (a DELL product)
- SiteHelpDesk-IT (with some 17799 compliance)
- Tracker Suite for IT
- Parature Help Desk
- Computer Associates Unicenter ServiceDesk
- Symantec Altiris Asset Management & CMBD
7.31.2008
v2 and V3 certifications
Now, you want (or your smart boss wants you) to become certified.
Don't worry! the process is simpler than it may appear.
ITIL Foundation in service management is the entry level, it is now available in v3 (and still available in v2 if you really want/need). For those who already have a v2, a 4 hours bridge course/exam can bring you to a foundation v3.
With ITIL Foundation, you'll see ITIL's most pragmatic aspects. To me, it's a must-have for each and every IT staff member.
You'll find 3 to 5 days courses to bring you to the certificate but you can also DoItYouself with a good ITIL book (and some self-discipline).
Note that ITIL is a dangerous substance. For me, my first ITIL book has been like the first time I flew a plane, a very disturbing and addictive experience that I'll never forget. Severe psychological disorders may occur, you have been warned!
Once you're addicted, what's next? Today's ITIL Holy Grail is the "v3 expert" certification.
It is modules and credits based and you'll have 2 main options since v3 is still kind of new on the market and some courses/exam are not yet available:
- go though a v2 ITIL manager certification and wait for the V3 manager bridge to be available (in 2009 I guess), or go though a V2 practitioner that you'll complete with v3 modules to have the 22 required credits for the "v3 expert".
- Complete v3 modules when they become available, and then the "Managing though the lifecycle"
Your choice will depend on why and how quick you need to be certified, and, as always, on your budget.
Don't worry! the process is simpler than it may appear.
ITIL Foundation in service management is the entry level, it is now available in v3 (and still available in v2 if you really want/need). For those who already have a v2, a 4 hours bridge course/exam can bring you to a foundation v3.
With ITIL Foundation, you'll see ITIL's most pragmatic aspects. To me, it's a must-have for each and every IT staff member.
You'll find 3 to 5 days courses to bring you to the certificate but you can also DoItYouself with a good ITIL book (and some self-discipline).
Note that ITIL is a dangerous substance. For me, my first ITIL book has been like the first time I flew a plane, a very disturbing and addictive experience that I'll never forget. Severe psychological disorders may occur, you have been warned!
Once you're addicted, what's next? Today's ITIL Holy Grail is the "v3 expert" certification.
It is modules and credits based and you'll have 2 main options since v3 is still kind of new on the market and some courses/exam are not yet available:
- go though a v2 ITIL manager certification and wait for the V3 manager bridge to be available (in 2009 I guess), or go though a V2 practitioner that you'll complete with v3 modules to have the 22 required credits for the "v3 expert".
- Complete v3 modules when they become available, and then the "Managing though the lifecycle"
Your choice will depend on why and how quick you need to be certified, and, as always, on your budget.
7.27.2008
Know your limits!
I'm currently working on my basement that I'd like to turn into a home theater by the end of the year.
A project is a project and my Debbie Travis's renovations can't be too far away from an ITIL implementation.
In both cases you have 3 different approaches: DIY (Do It Yourself), hire a designer but implement yourself, outsource the whole project.
Usually, the size of the project, budget and when you need the project to be completed, are driving the decision. But the most important key factor remains...
... your skills set.
So know you limits, don't overestimate your availability, know what you are not good at, and get some help.
If your budget is limited and doesn't allow external resources, descope your ITIL project. Do less but do it right, ITIL's Deeming wheel will help you setting up the future milestones.
7.26.2008
ITIL and open source
Your first step to put ITIL in practice will probably be looking for a tool that will fit your organization. And if your organization is more comfortable with free or Open Source, you'll probably look for an open source ITIL tool, right?
Wrong way my friends, wrong way! There is no gnuTIL, no broad spectrum open source software (don't feel bad, there is no proprietary tool covering completely ITIL either).
This been said, you can find hundreds of open source tools that can be used as part of your ITIL processes on availability management, capacity planning, incident management...
Like for all open source projects, some are reliable and function rich, and some are just embryonal projects.
With ITIL v3 that is now offering a better cover of your company's activities (especially design and development), I'd recommend to use ITIL on your ITIL implementation: create a portfolio of open source tools and enhance them with an ITIL approach.
This way, you can experiment ITIL on an internal project, create personalized tools to support your upcoming ITIL processes, and last but not least, contribute to the open source community.
Good Karma guaranteed!
7.21.2008
High Availability dollars
According to BMC, for every $1 spent buying infrastructure, their customers say it costs another $3 to manage it.
They also say that 80 percent of downtime is caused by mis-configuration or operator mistakes.
Think about it. Let's assume that scheduled downtime is not included and let's do some math!
How much money do you spend each year on the 20 percents? on building and maintaining High Availability, redundant and resilient systems to maintain your uptime and comply with your SLAs?
Now multiply this dollar amount by 5 and you get (in an uptime driven World and purely mathematical approach) what you should spend on improving change and release management.
They also say that 80 percent of downtime is caused by mis-configuration or operator mistakes.
Think about it. Let's assume that scheduled downtime is not included and let's do some math!
How much money do you spend each year on the 20 percents? on building and maintaining High Availability, redundant and resilient systems to maintain your uptime and comply with your SLAs?
Now multiply this dollar amount by 5 and you get (in an uptime driven World and purely mathematical approach) what you should spend on improving change and release management.
7.16.2008
Take off!
I see a lot of discussions around v2 versus v3. My 2 cents, starting with V1....
In aviation, V1 is the maximum speed during takeoff at which a pilot can safely stop the aircraft without leaving the runway. V2 is the takeoff safety speed and V3 is the flap retraction speed.
In the ITIL World, V1 was not necessarily providing you all it takes to take off.
If V2 is a real framework you can fly with, it is only providing you tools to get to destination, you still need to have a map and define your itinerary.
Finally, V3 is a offering more structured and iterative approach.
As you know, physically, ITIL is a library.
V1 is a set of 31 books published between 1989 and 1995.
To me, at that stage, ITIL had no "core" and was not a best practices framework yet, just a set of recommendations.
V2, released between 2000 and 2004, is a more closely connected and consistant set of 7 books. I have always seen v2 as a CMDB centric framework. Most processes orbit around the configuration database.
V3 is a different bird. Even if you'll find pretty much all the V2 processes in V3, as well as your beloved CMDB, the framework itself is articulated differently, around services. Service lifecycle is the secret sauce that structure all the best practices together.
V3 tells you exactly where to look at, you won't leave the runway!
In aviation, V1 is the maximum speed during takeoff at which a pilot can safely stop the aircraft without leaving the runway. V2 is the takeoff safety speed and V3 is the flap retraction speed.
In the ITIL World, V1 was not necessarily providing you all it takes to take off.
If V2 is a real framework you can fly with, it is only providing you tools to get to destination, you still need to have a map and define your itinerary.
Finally, V3 is a offering more structured and iterative approach.
As you know, physically, ITIL is a library.
V1 is a set of 31 books published between 1989 and 1995.
To me, at that stage, ITIL had no "core" and was not a best practices framework yet, just a set of recommendations.
V2, released between 2000 and 2004, is a more closely connected and consistant set of 7 books. I have always seen v2 as a CMDB centric framework. Most processes orbit around the configuration database.
V3 is a different bird. Even if you'll find pretty much all the V2 processes in V3, as well as your beloved CMDB, the framework itself is articulated differently, around services. Service lifecycle is the secret sauce that structure all the best practices together.
V3 tells you exactly where to look at, you won't leave the runway!
7.12.2008
ITIL and security
Ordering the ITIL v3 publication suite this week made me realize (one more time) how weak ITIL can be on security.
Even if security coverage has improved between v2 and v3, it's still sad to see that the itSMF (or itSMF.ca if you want to order in Canada) doesn't eat its dog food and does not encrypt online purchases credit card information.
Continual Service Improvement they say... :)
Even if security coverage has improved between v2 and v3, it's still sad to see that the itSMF (or itSMF.ca if you want to order in Canada) doesn't eat its dog food and does not encrypt online purchases credit card information.
Continual Service Improvement they say... :)
7.09.2008
ITIL for small organization and statups
Ok, you're running a startup, or the IT of a small company and wonder what ITIL can do for you...
Chances are you'll find ITIL too bureaucratic but keep in mind that a/ ITIL is based on common sense and b/ you don't have to implement all the ITIL processes to be on tracks to success.
In a small company, time and money are rarely available to implement a large scale project such as a full ITIL implementation.
Anyway, successful startups knows how to eat an elephant: one bite at a time.
What's most important for you? Choose what you need, define a core set of ITIL best practices and get started.
Of course it is still important to have a vision about "where you want to be" over time and always keep the deming wheel approach in mind, but bet on first small steps that will earn you quick wins, and the confidence of your team.
Even if I've not read it, I'd like to mention this book: ITIL small scale implementation.
Chances are you'll find ITIL too bureaucratic but keep in mind that a/ ITIL is based on common sense and b/ you don't have to implement all the ITIL processes to be on tracks to success.
In a small company, time and money are rarely available to implement a large scale project such as a full ITIL implementation.
Anyway, successful startups knows how to eat an elephant: one bite at a time.
What's most important for you? Choose what you need, define a core set of ITIL best practices and get started.
Of course it is still important to have a vision about "where you want to be" over time and always keep the deming wheel approach in mind, but bet on first small steps that will earn you quick wins, and the confidence of your team.
Even if I've not read it, I'd like to mention this book: ITIL small scale implementation.
7.06.2008
Where NOT to start?
ITIL is a tool to make your life easier. This been said, every ITIL implementation starts with a nightmare question: where to start?
If there is no universal order (it all depends on your organization), to me, every ITIL implementation should start by reading (or re-reading) The Method Discourse from René Descartes.
Identify the most urgent need (aka the bleeding) and implement Decartes 400 years old's approach.
Now, where not to start:
- Problem Management: Incident Management is a prerequisite.
- Release Management: hard to start without Change Management.
- Service Level Management: Can't really be started without Change Management, Incident Management and Availability Management.
In an ideal World, if discovering an organization, here's the order I'd suggest:
availability mgt, incident mgt, problem mgt, configuration mgt, change mgt, helpdesk, service level mgt, capacity mgt, continuity mgt, IT financial mgt.
I always like starting with availability management because it helps you understanding the technical architecture and all its moving parts, it's a prep work for building your CMDB and puts you on the tracks for incident/problem management.
In an ideal World only!
7.04.2008
How many nines?
In the last few years, many system vendors have begun to offer contractual uptime guarantees.
Service Level Agreements often refer to monthly downtime to calculate credits.
In many cases, "scheduled maintenance" is not included within the availability calculation.
Calculations and metrics are great. This being said, what's the nines model does not take into account is timing!
It assumes that all time is worth exactly the same amount to the customers or organization that has deployed the highly available critical system.
Would 1 hour of downtime hurt CNN.com the same way if occurring in the evening of the US election date versus at 4am on a Sunday in July?
Service Level Agreements often refer to monthly downtime to calculate credits.
In many cases, "scheduled maintenance" is not included within the availability calculation.
| Availability | Downtime per year | Downtime per month | Downtime per week | Downtime per day |
|---|---|---|---|---|
| 90% | 36.5 days | 72 hours | 16.8 hours | 141 minutes |
| 99% | 3.6 days | 7.2 hours | 1.68 hours | 14.4 min |
| 99.9% | 8.8 hours | 43.2 min | 10.1 min | 86 s |
| 99.99% | 52.6 min | 4.3 min | 1.01 min | 8.6 s |
| 99.999% | 5.3 min | 25.9 s | 6.1 s | 0.86 s |
| 99.9999% | 31.5 s | 2.6 s | 0.61 s | 0.086 s |
Calculations and metrics are great. This being said, what's the nines model does not take into account is timing!
It assumes that all time is worth exactly the same amount to the customers or organization that has deployed the highly available critical system.
Would 1 hour of downtime hurt CNN.com the same way if occurring in the evening of the US election date versus at 4am on a Sunday in July?
7.01.2008
Measuring Availability
This first post has to deal with what initially brought me to ITIL a couple of years ago: Availability.You have defined your Vital Business Functions, your Availability plan has been finalized, your SLAs are signed: now is showtime for some maths!
Let's start easy with the basics:
- AST = Agreed Service Time
- DT = Downtime
- TAM = Total Available Minutes for all services delivered
- TNI = Total Number of Incidents
- TNIIC = Total Number of Incidents Impacting Customers
- TUM = Total Unavailable Minutes for all services delivered
availability = (AST - DT) / AST * 100
resilience = 1 - (TNIIC / TNI)
reliability = 1 - (TUM / TAM)
Other metrics to track:
- how much unplanned costs you spent of maintaining needed availability?
- how much of your SW/HW infrastructure is supported by external vendors?
- how vulnerable are you you to security threats?
(from Incident Management:)
- what is your average response time on a customer impacting incident?
- what is your average resolution on a customer impacting incident?
Note that a lot of metrics are not related to systems uptime but to services uptime, which measurement is a challenge by itself!
Subscribe to:
Posts (Atom)
Posts
