Infrastructure management is undergoing a transformation. ITIL can help manage conflicting demands like – “low cost but high service quality”, “ubiquitous access but enhanced security”?

« September 2007 | Main | November 2007 »

October 23, 2007

Web 2.0 and ITSM: Long & Winding Roads?

Does web 2.0 hold any meaning from an IT Service Management (ITSM) perspective? RSS feeds, wikis, blogs - do they hold any promise of transforming ITSM as we know it?

Over the last couple of years, there has been an explosive increase in the adoption of web 2.0 concepts fuelled by the internet community. But how much of this has trickled to the ITSM space? Web 2.0 aspects including this blog have largely focused on commenting about ITSM and not really in the actual service delivery.

So are these two huge phenomena going to give each other a skip? Or are their paths destined to cross somewhere? And if so, what does that really mean?

Web2.0 - Hype, Transformational or somewhere in between?

But first, for those who came in late - here's what wikipedia has to say about Web 2.0 - "... refers to a perceived second generation of web-based communities and hosted services — such as social-networking sites, wikis and folksonomies — which aim to facilitate collaboration and sharing between users."

I thought Kris, the CEO of Infosys, summarized the importance of web 2.0 quite well in his WEF blog where he said - "There is a quiet change happening. The blogging phenomenon is becoming as important as TV."

So if it is indeed a quiet revolution, has it perhaps been a little too quiet for ITSM to have noticed it? I believe not.

RSS Feeds in ITIL Change Management: The Approval Push & Notification Pull

A while back, as part of a large scale ITIL Change Management implementation, I was in discussions with a large ITSM product vendor. As we set out finalizing the process nitty-gritties, we headed into the issue of notifications and approvals. Within the existing environment, support groups were made change approvers in two scenarios -

  1. If the support group needs to explicitly approve a change i.e. there is an impact on the system being managed by that group
  2. If there is an outage on a dependent application / component that this group needs to be aware of, although there is no explicit action expected from them

The inclusion of the second instance essentially bloated the number of "real" change approvers on any change and on average we found 70 approvers for any change request! Now, that is a huge number by any stretch of imagination however large and complex the organization.

So, where does the Web 2.0 thingy fit in?

Now suppose for a moment, we are in the Web 2.0 world and I am the team lead of one such support group. Wouldn't it be nice if there was a -

  1. Push mechanism for approvals - For all changes requiring my explicit approval based on impact assessment, I continue to get notified (e.g. through email).
  2. Pull mechanism for notifications - And since I still want to be aware of outages / changes happening on an outlying dependent system / component but don't need to take an explicit action, all I do is subscribe to the RSS feed for specific tags that include that component.

So all I do is just action my approvals and be informed of outages.

A small productivity increase in terms of time and effort saved - say a very conservative 3 minutes to open that email, go to the Change tool, read up the change and do a very initial evaluation. And when you multiply those 3 minutes by the average number of changes (say 4000 per month) and numbers of approvers/notifiers (reduced to say 15 - still a conservative estimate) - that works out to at least 3000 person-hours each month!

So, are we there yet?

Not any time soon if we look at the roadmap of some of the large players. Perhaps even a couple of years away. But meanwhile, what we are starting to see now is the continuing growth of web 2.0 enabled and subscription based service desks.

How this space matures is something I am keenly watching!

Posted by Arvind Raman at 01:08 PM | | Comments (2) | TrackBacks (0)

October 18, 2007

Have you built the right foundation for your ITSM tool? - Part 1

I was recently watching a re-run of Apollo 13, arguably one of the most successful space expedition movies based on an actual event. One sequence that caught my attention was when Tom Hanks and his crew are faced with the challenge of fitting square CO2 filters from one module into the round hole of the other module in order to bring the CO2 level down in the space craft. To everyone’s relief the ingenious NASA engineers find a solution to the incompatibility problem and save our Heroes. What is the relevance of this story to an ITSM blog….read on.

 

Most organizations start their ITIL implementation with a sub-set of the complete ITIL process framework. While which specific processes to start with is a topic of discussion on several online forums and advice from experts like Brian Johnson from CA; there is no doubt that the best way to start your implementation is by narrowing the scope down to a few processes. This brings the magnitude of change to a more manageable level. However starting your implementation with a few processes also increases the challenges in building a long term integrated solution.

Taking cue from the integrations between processes as recommended by ITIL, leading IT Service Management tool vendors today offer an integrated product suite covering most of the ITIL processes. And though it is possible to start the implementation with one or two modules, the important thing to remember is that the foundation for all the modules is common. With this background there exists an even greater need to build a solution where you have thought through the requirements from all the relevant processes some of which may not even be on your radar currently. After all you don’t want to be stuck in a situation like the Apollo 13 crew was! Based on my experience, three areas that are most prone to short sightedness and mistakes when starting the ITIL implementation with few processes are:
  • Foundation Data: The data that is common to and used by more than one ITIL Process. A good example is Classification schema used to categorize Incident, Problems, Changes or CIs. Other examples are People data and Organizational Hierarchy.
  • Solution Architecture: The way you have architected your ITSM solution. Most people consider User and Transaction load but there is more to consider while designing the solution architecture for an ITSM tool from a long term perspective.
  • Customizations: The changes that you do to the base functionality offered by the tool in order to meet a current requirement. You may not realize but the changes that you do today may come and bite you at a later time.
More details into each one of these areas in the next blog. And those of you who are wondering what did the NASA solution for the square filter, round hole problem look like - see the picture here.

     

     

Posted by Adarsh Kumar at 07:25 PM | | Comments (0) | TrackBacks (0)

October 16, 2007

Rockstar ITSM Celebrity - Anyone? Anyone?

"... Digital Business is littered with success stories. But a supplementary question concerning a lack of celebrity IT presenters on television sent me away thinking about IT’s image." A while back Financial Times Digital Business supplement carried a rather interesting editorial from Peter Whitehead on celebrities in IT - or rather the lack of them.

Think about the internet and there are a host of celebrity names that spring to your mind. The first wave dot com celebrities had a substantial number of celebrities - Jeff Bezos of amazon, Pierre Omidyar of ebay, Sabeer Bhatia of hotmail fame. The story becomes even more spectacular with the web 2.0 wave - Mark Zuckerberg of facebook, Larry Page & Sergey Brin who co-founded google, oh well I could go on all day.

Think about IT Service Management. Now think about ITSM celebrities. Whose name springs to your mind? Any one? Any one at all? Sigh ...

But do we really need an ITSM celebrity?

Ask a bunch of kinds what they want to be when they grow older - honestly, wouldn't you be shocked if someone says - I want to become an ITSM Change Manager or a Database Administrator! Not that I want kids to become dreamy-eyed when they talk of a career in ITSM. But still, that would be nice Smile 

Alright. So, who's an ITSM celebrity?

Here's who Wikipedia lists as a celebrity - A celebrity is a widely-recognized or famous person who commands a high degree of public and media attention. The word stems from the Latin verb "celebrere" but they may not become a celebrity unless public and mass media interest is peaked.

So what does that tell me?

  1. There are no celebrities in the ITSM world. Or,
  2. There are ITSM celebrities. But they are so far away from the public and media attention that they are not well recognized or famous.

Perhaps both. But I think the real reason lies in the latter - the focus of the public and media attention. ITSM is one space that sees more incremental changes than most others - and, that is not really front-page material is it? Even within an IT organization, how prominent is the ITSM strategy? A while back I had blogged about the new CIO - Chief ITIL Officer. How true is that? Or are we still far far away from seeing ITSM take a more prominent stage within the organization?

Is there really an ITSM celebrity?

Posted by Arvind Raman at 09:43 PM | | Comments (4) | TrackBacks (0)

October 09, 2007

Relationships – Part 1

Did someone say Relationships define life? Well in the context of Information Risk Management (IRM) it would. Do you agree? Let’s see.

We have all seen the extensive IT policies that companies come up with. Some of them are very point - eg- Clean Desk policy while others are broad in nature - eg - Privacy policy. For starting points on what policies should be, SANS institute has a very useful section in the resources area

Most of these policies (especially the external facing ones) have passed through an array of reviews by legal and other internal folks.

Yet they do have to be refreshed. Certain organizations have become good at modifying and updating these policies on a frequent basis. Others continue to live in the old world - last updated in 2004! - Yes it’s true. It exists.

Here's a radical thought! - Do we really need all these policies?

Apart from serving the real world tasks of "educating" the population with guidelines, policies serve as anchors that hold the organization at a uniform level. For example - 2 companies in different industries, having a similar policy around 'encryption of data' for communications that go over partner networks.

So overall the answer would still be yes we need policies- however lets pause and think about another point.

What good is a policy if there isn't any way to determine that the policy is actually being followed throughout the organization?

Is there any reporting on the effectiveness of the policy? The real question is this "Is there a control or a set of controls that guarantees the effectiveness of the policy? Also doesn't policy reporting depend on the reporting from these built in controls? 

Simply put - What is the Relationship between the Policy and the stated control? 

Also are there controls that have nothing to do with policies? Would surely like to know about those.

More in Part 2!

Posted by Ramshankar Ramdattan at 08:53 PM | | Comments (0) | TrackBacks (0)