Bonus Lesson in a Ten Part Series
By Chad Greenslade
Given the points made in the ten lessons learned, you may be wondering what my strategy recommendation would be for launching a new ITSM platform. Well, as I mentioned, each organization is different and will have differing levels of ITSM knowledge within it. Similarly, you may have IT executives who don’t see the value of defining services and CIs prior to launching the platform. ITSM platforms can be expensive and executives are eager to show value for money as quickly as possible. This will most likely translate in a directive to get “Incident”, “Problem”, and “Change” launched ASAP. There may be no change management system currently in place and the organization’s viability depends on getting a handle on changes in the IT environment. You’ll need to tailor your approach to the organizational dynamics at play, but give deference to the items I’ve mentioned above. If you’re being forced into the market without a properly defined service catalog or configuration management database (CMDB), setup your service management processes to allow for the eventual introduction of these pieces. Keep in mind that a new ITSM platform can be relegated to simply a “ticketing” system if services and configuration items are not defined. The true power of the ITSM platform is “Service” management, not Incident or Change Management.
If you’re allowed the time and the money to “do it right” from the beginning, here’s my recommendation:
- Phase 1: Discovery, CMDB, & Asset Management. Many ITSM platforms will perform a network scan of your environment and automatically discover configuration items (CIs). When you first turn this on, it will be like drinking from a fire hose. There will be a lot of data that will need to be sifted through. Many data points of a CI will be pre-populated, but these will need to be reviewed for accuracy against underpinning contracts. You may see duplicate CI entries. For example, duplicate entries may be the result of scanning a Windows domain controller that may not be properly configured or up-to-date. There will most likely be components that cannot be scanned, or components that can only be scanned upon completion of appropriate troubleshooting. Some scanning will require credentials whereas others may be discoverable without them. There may be add-on components that you can purchase to make discovery easier. You’ll want regular scanning to be enabled so that when new devices are found, appropriate action can be taken. Using the underpinning contracts, you’ll want to populate warranty, maintenance, and depreciation information. A properly setup CMDB and asset management practice will serve as a solid foundation from which to build your service catalog.
- Phase 2: Service Catalog, Self-Service Request Fulfillment. Once you have all of your IT assets properly defined, you’re now able to use them in the construction of services to be consumed by your customers. The “menu” by which a customer can order a service is the “Service Catalog”. Some services are running all the time and need not be ordered, and some may need to be ordered only once. The key thing to keep in mind is that IT assets are used in delivering services, so the underlying principle to developing a service is the mapping of configuration items to business outcomes. For example, a service could be “Messaging”, which could entail email, mobile phone, desktop telephone, and instant messaging. A number of configuration items are responsible for delivering the “Messaging” service. Development of the Service Catalog involves mapping these CIs to the “Messaging” service. Keep in mind that a single CI can be mapped to more than one service. Once the service is defined, Request Fulfillment entails the definition of one or many service requests that can be logged against the defined service. A Service Requests differs from an Incident in that a Service Request is a request from a customer to run a service as it’s designed, versus an Incident entails a service being degraded or broken. An example of a service request for the “Messaging” service would be creation of a new user mailbox.
- Phase 3: Incident, Problem, Change, and Release. Only after Services & CIs are properly defined can true service management occur. As mentioned, you may experience pressure from executive to skip straight to this step in the deployment of your ITSM tool. If this is the case, you’ll want to make room in your process for the eventual introduction of the items in phases 1 and 2. The proper configuration of Category, Sub-Category, & Item as discussed in Lessons 2 & 6 becomes even more important if you’re not allowed to complete phases 1 & 2 first. Again, the goal of this exercise is to implement “service” management and not simply a “ticketing” system. You’ll want to ensure that you have process models created for Incident, Problem, Change, and Release. ITIL foundations will provide you with basic models that can be tailored to your organization.
- Phase 4: Project Management (Waterfall & Agile). With a solid ITIL operating platform established via the first three phases of your rollout, you are now ready to “bolt-on” project management modules. In most organizations, the management of an IT project will culminate in the raising of one or more Requests for Change (RFCs) to implement one or more releases into the production environment. Project management modules will assist you in managing these efforts. Having project management as a part of your ITSM platform will also facilitate integrated resource management across all work types within IT. The ideal situation is one in which an IT resource can access a single application (e.g. the ITSM tool) and see all of their work items. Whether it’s a trouble ticket (Incident), a Service Request, a Problem, a task associated with a Change or Release, or a task associated with a project, your ITSM platform is intended to be the one-stop-shop for all work within IT. Integrated time tracking will also facilitate labor capitalization for qualifying work.
- Subsequent Phases: Service Level Management, Reporting, Governance, Risk, Compliance, Cost Management, Knowledge & Content Management, and User Survey. With each of the subsequent phases, you are “tightening the screws” on your ITSM platform. Increasing service availability and IT operational efficiency are the overarching themes while managing risk, enforcing compliance, collecting knowledge, publishing content, and polling users for satisfaction.
The approach above is intended to be comprehensive and is the ideal scenario. Rarely do we get to implement exactly how we want. Don’t let perfection get in the way of being good enough. In general, modules are flexible and your implementation can be tailored to your specific organization’s dynamics.
Tenth in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the tenth in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #10: Pilot your new ITSM platform in parallel with your old “ticketing” system. There is no better way to understand how your new car will operate than taking it for a test drive. ITSM platforms are no different. You’ll want to run at least part of your new ITSM platform in parallel, in a test environment, prior to a production cutover. This will undoubtedly cause increased burden on Service Desk and technical staff as they now have to log and work Incidents in two (2) systems. Unfortunately, this is a necessary evil whose risk management rewards far outweigh the one-time additional effort.
Ninth in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the ninth in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #9: Have a good CAB. ITIL will tell you that the “Change Manager” is the only person that needs to approve a Request for Change (RFC). While this is literally true, the “Change Manager” must be advised by someone. That “someone” is the Change Approval Board (CAB). In reality, however, most ITSM platforms and organizational practices require the actual approval (recorded in the ITSM) system of many different stakeholders. What you want to avoid is folks who provide “rubber-stamp” approvals. You want approvals to be meaningful and reflective of a person’s true position of authority in the organization. Similar to the way some organizations skip the step of defining services or a service catalog, many organizations will take shortcuts in defining who should approve an RFC. As I mentioned in Lesson #5, every service and CI should have an owner. When an RFC is raised and the requestor of that RFC selects the services and CIs that are impacted by the RFC, the owners should be notified by the ITSM tool that a new RFC has been raised against their service or CI and that their approval is required. In my professional opinion, these are the only three (3) persons that should approve an RFC; the service owners, the CI owners, and the Change Manager. I fully endorse the concept of the CAB advising the Change Manager, but approvals from CAB members are not necessary.
Eighth in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the eighth in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #8: Resist Customization. Everyone thinks that their organization is unique, has a unique use case, and has a valid reason why a tool should be customized to fit their use case. While I am not denying that there are some valid reasons for customization, implementing an ITSM strategy should largely be based on ITIL. If your organization is doing something that doesn’t conform to ITIL, it’s probably worth examining the non-conforming activity and attempting to discontinue it. Anyone that has been in IT long enough knows that customizing commercial off-the-shelf (COTS) software will undoubtedly introduce unknown complexity in the future. The software manufacturer and the integrator may warn you against customization while simultaneously advising that the customization you are requesting is both doable and won’t cause a headache later. Again, beware; they are attempting to sell you a product. Think long and hard about any potential customization. It will cost you in the future in terms of additional custom development in order to implement upgrades, as well as subsequent pre and post release testing.
Seventh in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the seventh in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #7: Review ALL existing ITSM systems, organization charts, and IT contracts when developing the strategy for your new ITSM platform. If you’re going to deploy a new, single, unified ITSM platform to replace all others in the organization, you’ll need to gain read-only administrator access to each of these existing systems and thoroughly interrogate them. This includes project management systems. Any application that is used to manage IT assets (assets are hardware, software, and people) should be reviewed and a thorough analysis conducted to determine exactly how use cases will translate from existing systems to the new one. Similarly, you’ll need the organizational structure context that only organizational charts can provide. While the transition is under analysis and execution, a concerted effort must be made by the organization to keep reporting relationships and functional teams largely intact. In other words, it becomes increasingly difficult to implement an effective ITSM strategy if the organization is in a constant state of flux. Lastly, you’ll need to gain access to all of the active asset (underpinning) contracts within IT. When implementing asset management and service level modules, the information contained within the contracts will be required. Some of this information may be sensitive so be prepared to have these conversations with the keepers of these documents.
Sixth in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the sixth in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #6: Have Diligence Relative to Category, Sub-Category, and Item. As I mentioned in Lesson #2, don’t take shortcuts or be short-sighted in the proper definition of your meta-data. I realize that it may be impossible to know all the permutations that will ultimately exist for Category, Sub-Category, and Item when the ITSM platform is initially launched. For this reason, you must make these fields not required for the user / customer, but required for the Service Desk prior to closing the service record. The user will generally know if its hardware or software that is impacted, but they may not, or they may choose incorrectly. Ultimately, it’s up to Service Operation to correctly append Category, Sub-Category, and Item to the service record and they must be empowered (authorized) to create new entries as needed in order to properly record the service record.
Fifth in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the fifth in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #5: Have Service & Configuration Item (CI) Owners. The concept here is simple; there is a single person listed in the ITSM platform that is responsible for the availability and working operation of the service and the configuration item. When a new service record is logged against a service and a CI in the ITSM platform, the appropriate owners are automatically notified. Similarly, if a request for change (RFC) is raised against a service or a CI, the ITSM platform knows to automatically append these persons as approvers of the RFC.
Fourth in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the fourth in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #4: Log Incidents, Service Requests, Problems, Change, and Releases against Services AND Configuration Items. As I’ve mentioned in the previous lessons, when a new service record comes into the Service Desk, you’ll want to ensure that accurate meta-data relative to the Service and Configuration Items impacted are accurately associated to the service record. Now, it’s not necessary that the customer correctly identify the Service or Configuration Item, only that they submit as much information as they have to the Service Desk. It’s the responsibility of Service Operations to ensure that the data ultimately appended to the service record is accurate. Without the Service and Configuration Items being appended to the service record, it’s impossible to report on a variety of key performance indicators (KPIs) relative to the service and / or the configuration items. For example, if a major incident record does not identify the service impacted, how can you accurately report on the availability of that service? As I mentioned in point #3 above, if you make development of the Service Catalog prerequisite to launching your ITSM platform, logging the Service & CI impacted by the service record will be easy. If you don’t, your ITSM platform will simply be just another “ticketing” application.
Third in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the third in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #3: Have a Service Catalog. The Service Catalog is the foundation of any ITIL-based IT environment. If you don’t have a Service Catalog, then you don’t have true Service Management. Developing a Service Catalog is not easy and its something that should be undertaken before any discussion of a potential ITSM tool should take place.
There is much literature relative to developing an IT Service Catalog, but a few key points to keep in mind are:
(a) It should be done in conjunction with the business (customers)
(b) It serves as the “menu” for what IT’s customers can order
(c) “Services” deliver business outcomes and are NOT applications or configuration items
(d) An IT organization’s assets (applications & configuration items) align to deliver services
(e) When a customer raises a request for service (an Incident, Problem, Service Request, Change, or Release), the “Service” that the customer is requesting assistance for, should be clearly identified.
Keep in mind that a customer doesn’t care that an application or network is down, they only care that their business outcome is not able to be achieved. Having services defined in a catalog, and then reporting on the availability of them, is the true first step towards IT service management.
Second in a Ten Part Series
By Chad Greenslade
I have often been asked about my lessons learned in implementing an IT Service Management (ITSM) tool. Below is the second in a ten part series examining my ITSM lessons learned. I hope that these lessons help you on your journey to ITSM nirvana.
Lesson #2: Avoid “Other”. When you’re going down the path of configuring your ITSM modules (e.g. Incident, Problem, Service Request, Change, Release), there are various meta-data elements you’ll be asked to configure. When a user creates a new Incident record, for example, they will usually be prompted to select the Service being impacted, and possibly the Configuration Items (CIs). In some deployments, the user may also be prompted to select the Category, Sub-Category, and Item values to be appended to the service record. In some ITSM deployments, these meta-data can be uniform across all record types. In others, separate and distinct meta-data may be able to be applied to the different ITSM records.
In any case, you’ll want to avoid giving anyone in the organization the ability to select “Other” as a valid value. If you allow users and technicians to append “Other” to a service record, invariably this will eventually become abused will result in reporting discrepancies in your tool.
The advent of “Other” in the reporting tool arises from a short-sighted or incomplete strategy, so instead of allowing the user to select “Other”, do your homework and determine what the user is really attempting to accomplish. If you allow a user to select the Service being impacted by the Incident, there should be no “Other” service listed in your Service Catalog. Likewise, if you allow the user to select the Configuration Item (CI) being impacted by the Incident, there should be no “Other” CI listed in your CMDB.
Removing “Other” from Category, Sub-Category, and Item drop-down lists can be a little more daunting, but not insurmountable. Most configurations of Category, Sub-Category, and Item that I have witnessed in production have been ad-hoc, short-sighted, and not valuable. Further, I have seen reporting built on top of this flawed implementation approach. My professional opinion is that the combination of Category, Sub-Category, and Item should distinctly identify the configuration item, and the aspect of that CI that is being impacted.
We can all agree that the only service items that exist in an IT environment are hardware and software. Let “Hardware” and “Software” be the only choices for “Category”. Sub-categories under the “Hardware” category would be entries such as, “Data Network”, “Desktop PC”, “Laptop PC”, “Messaging”, “Printers”, “Scanners / Imaging Devices”, “Server – Intel”, “Server – Unix”, “Telephone Network”, and “UPS”. Sub-categories under “Software” would be entries such as, “Antivirus”, “Business Applications”, “Data Files”, “Data Network”, “Database”, “Desktop PC”, “Desktop Publishing”, “Development Tools”, “Infrastructure Tools”, “Laptop PC”, “Messaging”, “Middleware”, “Operating System”, “Printers”, “Reports”, “Scanners / Imaging Devices”, “Security Applications”, “Server – Intel”, “Server – Unix”, “Telephone Network”, “UPS”, “User ID Administration”, and “Web Browsing”.
Now you may have noticed that some of the sub-categories that I listed for “Hardware” are duplicated in “Software”. Take “Printers” for example. There is both hardware and software that goes into a printer, and each could potentially fail and / or require service. You want to be able to report on each of these items separately. Lastly, the “Item” choices would most closely mirror the actual CI setup in your CMDB. Now you may be asking yourself, “Why do I need to have an “Item” entry if I already have a CI entry?” The answer is simple; it’s so that you can more granularly report on exactly what is affected by the ITSM record. For example, if I just choose “Dell Color Laser 5110cn” as the CI affected by the Incident record, I don’t know if its hardware or software that’s the problem. By applying the appropriate Category, Sub-Category, Item, CI, and Service I can accurately report the true nature of all ITSM records across the environment.
Chad Greenslade studied Information Systems at the University of Texas at Arlington and graduated Magna Cum Laude.