ITIL v3 Foundation Certification Notes: Service Operation [3]
[ITIL® v3 Foundation Notes] More processes of the Service Operation phase for the ITIL® 4 Foundation Certification exam are briefly examined here, including: Event Management Process, Request Fulfillment Process and Access Management Process. In addition, the definitions for Event, Alert and Service Request are provided.
Article Highlights
Event Management Process
- Modern systems make use of event monitoring tools to monitor configuration items for signals and irregularities
- active monitoring tools – actively seek responses to confirm correctness (e.g. ping)
- passive monitoring tools – detect events generated by CIs
- [definition] An event can be defined as any change of state that has significance for the management of a configuration item (CI) or IT service or an alert/notification created by the IT service
- the changes are not limited to failure or faults
- alerts are events that are faults or breaches of thresholds
- An exception can either be an incident, problem or RFC
- Better to detect proactively than waiting users to report errors
- Purpose
- to detect events, understand what they mean, and take any necessary action (the basis on operational monitoring and control)
- in case of failure, an incident would be logged
- to detect events, understand what they mean, and take any necessary action (the basis on operational monitoring and control)
- Objectives
- detect events and carry out correct response (including automated processes or notification to staff I/C)
- provide information for assessment against SLA target and service reporting (for improvement)
- provide trigger for execution of processes and operations management
- Scope
- any aspects of service management that need to be controlled / automated
- CIs are monitored for availability and automated updates
- license use
- monitor environmental conditions (e.g. smoke detection)
- security
- any aspects of service management that need to be controlled / automated
- Monitoring vs Event Management
- Monitoring – detect notifications from event management and check status actively
- Event Management – generating and detecting events (for monitoring) for IT services and infrastructure
Request Fulfillment Process
- The process for handling service requests for standard services, equipment, or information raised by users through the service desk
- e.g. “Is the service available at weekends?”, “How do I get training on this application?”, “We have a new member of staff starting. Can you set them up on the system?”
- [definition] A Service Request is a formal request from a user for something to be provided
- Purpose
- to manage the lifecycle of all service requests from the users
- Objectives
- provide efficient fulfillment of simple requests to meet the requirements of the business, often through standard procedures (request models)
- maintain user satisfaction through effective handling of standard requests
- Scope
- any requests or just standard IT requests (vary from organization to organization)
- some organizations may use incident management process to handle requests
- may provide a self-help support capability to users to improve quality and reduce costs
- any requests or just standard IT requests (vary from organization to organization)
Access Management Process
- The process of granting authorized users the right to use a service while preventing access to unauthorized users
- aka Rights Management or Identity Management
- Purpose
- to implement parts of the security policies defined in Information Security Management
- to keep the access privileges up-to-date
- Objectives
- manage access rights to services
- ensure all requests for access are verified and authorized and dealt with efficiently
- Scope
- efficient execution of information security management policies to protect the confidentiality, availability (made available) and integrity (CIA) of data and intellectual property
- Steps
- Request Access
- Request Verification / Authorization
- Grant Access
- Monitor – identity status, logging and tracking access, removing or restricting rights
- Concepts/Definition
- Access refers to the level and extent of a service’s functionality or data that a user is entitled to use.
- Identity refers to the information about the user that distinguishes them as an individual, and which verifies their status within the organization. By definition, the Identity of a user is unique to that user.
- Rights (also called privileges) refer to the actual settings whereby a user is provided access to a service or group of services. Typical rights or levels of access include read, write, execute, change, delete.
- Services or Service groups. Most users do not only use one service, and users performing a similar set of activities will use a similar set of services. Instead of providing access to each service for each user separately, it is more efficient to be able to grant each user – or group of users – access to the whole set of services that they are entitled to use at the same time.
- Directory Services refers to a specific type of tool that is used to manage access and rights.
Conclusion: ITIL® v3 Foundation Service Operation
This ITIL® v3 Foundation study note touches upon the definition, purpose, objectives and scope of more processes of Service Operation, namely the Event Management Process, Request Fulfillment Process and Access Management Process. Key ITIL® concepts are examined, including: event, alert and service request.
This concludes ITIL® Service Operation knowledge that are required for the ITIL® Foundation Exam. We will briefly discuss Continual Service Improvement in the next study notes.
