The identity of a user is the information that distinguishes him as an individual and verifies his status in the organization. The following data may be used, for instance:
- Name
- Contact details such as phone number and (e-mail) address
- Physical documentation, such as driver's license and passport
- Numbers referring to a document or entry in a database, such as social security number and driver's license number
- Biometric information, such as fingerprints, DNA and voice recognition patterns
Interface
- Access management is triggered by a user's request for access to a service
- Such a request may originate with:
- An RFC
- A service request
- A request from the Human Resources (HR department)
- A request from a manager or department fulfilling an HR role or who has make decision to use a service for the first time
- Access management has relationships with various other processes:
- Change management: Every access request are controlling the access request
- Service level management: Monitors the agreement concerning access to each service
- Configuration management: Used for data storage and be studied to determine the current access details
Metrics
Metrics used to measure the effectiveness and efficiency of access management are:
- The number of access request (service request and RFCs)
- The number of times access has been granted by a service, user or department
- The number of incidents required to reset access rights
- The number of incidents caused by incorrect access settings
Implementation
The conditions for successful access management include:
- The possibility to verify a user's identity
- The possibility to verify the identity of the person or entity granting permission
- The possibility to grant several access rights to an individual
user - A database of all users and the rights they have been granted
Monitoring and control
Three terms play a leading role in monitoring and
control:
- Monitoring
- Reporting
- Control
Monitoring
Refer to observation of a situation to discover changes that occur over time
Reporting
Refers to the analysis, production and distribution of the output of the activity that is being monitored
Control
Refers to the management of the usefulness or behavior of a device, system or service. There are 3 conditions for control:
- The action must ensure that the behavior conforms to a defined standard or norm
- The conditions leading to the action must be defined, understood and confirmed
- The action must be defined, approved and suitable for these conditions
Activities, Method and Techniques
- The monitoring/control cycle is the best-known model for the description of control is the monitoring/control cycle
- This cycle measure an activity and its benefits by means of a pre-defined norm or standard to determine whether the results are within the target value for performance or quality
Monitoring/Control cycle
Type of monitoring/control cycles
There are two type of monitoring/control cycles:
- Open cycle systems
- Are designed for a specific activity, irrespectivive of the environmental conditions
- Making a backup, for instance, can be initiate
- Closed cycle system
- Monitoring of an environment and responding to changes in this environment; if, in a network, the network transactions exceed a certain number, the control system will redirect the “traffic” via a backup circuit in order to regulate the network transactions
Complex monitoring/control cycle
- A process that consists of three important activities
- Each activity has an input and output and in turn this output is the input for the next activity
- Every activity is controlled by its own monitoring/control cycle with the aid of a series of norms for that specific activity
Monitoring/Control cycle Concept
The monitoring/control cycle concept can be used to manage:
- The performance activities in a process or procedure; in theory every activity and its related output can be measured to ensure that problems in the process are identified before the process is completed
- The
effectiveness of the process or procedure as a whole - The performance of a device or series of devices
IT service management monitoring/control cycle
There are two levels of monitoring and control:
- Internal monitoring and control
- Focuses on activities and items that take place within a team or department, for instance a service desk manager who monitors the number of calls to determine how many members of staff are needed to answer the telephones
- External monitoring and control
- The servicer management team monitors (on behalf of other groups) the CPU performance on important servers and keeps the workload under control; this allow essential application to perform within the target values set by the application management
- In order for organization to determine what it wants to monitor, therefore, it must first define the desired outcome: Monitoring and Control objective
- This process should start with the definition of Service Level Requirements. These specify how the customers and users measure the quality of the service
Tools
These are different type of monitoring tools, whereby the situation determines which type of monitoring is used:
- Active versus passive monitoring
- Active monitoring refers to continuous “interrogation” of a device or system in order to determine its status
- Passive monitoring is more commonly known and refers to gathering and passing on events to a device or monitoring agent
- Reactive versus proactive monitoring
- Reactive monitoring is designed to request an action after a certain type of event or disruption
- Proactive monitoring is used to trace patterns of events that indicate that a system or device may break down. Proactive monitoring is generally used in more mature environments where these patterns can be detected earlier
- Continuous measuring versus exception-based measuring
- Continuous measuring is aimed at the real-time monitoring of a service to ensure that it complies with a certain performance norm
- Exception-based measuring does not measure the current perform of a service or system, but discovers and reports exceptions
- Performance versus output
- There is an important distinction between reporting on the performance of components, teams or a department (performance) and reporting that shows that the service quality objectives (output) have been achieved
- Service operation carries out both types of monitoring, but ITIL focus mainly on performance monitoring
Metrics
It is important that organizations have robust measuring techniques and values that support their objectives. In this context, the following concepts are relevant:
- Measuring
- Metrics
- Key Performance Indicator (KPIs)
- Measuring – refers to all techniques that evaluate the scope, dimension or capacity of an item in relation to a stand or unit
- Measuring is only useful when it is possible to measure the actual output of a system, function or processing a minimum of 100 standard transactions per minute
- Metrics – concern the quantitative, periodic evaluation of a process, system or function , together with the procedures and tools that are used for this evaluation, and the procedures for interpreting them
- This definition is important because it not only specifies what must be measured, but also how the measuring must be done, what the acceptable lower and upper performance limits are and what actions are necessary in the case of normal performance or an exception
- Key Performance Indicators (KPIs) - refer to a specific, agreed performance level to measure the effectiveness of an organization or process
- KPIs are unique to each organization and are related to specific input, output and activities
IT Operations
To deliver the services as agreed with the customer, the service provider will first have to manage the technical infrastructure that is used to deliver the services
Operations bridge
The operations bridge is a central point of coordination that manages various events and routine operational activities , and reports on the status or performance of technological components
Source: OGC
No comments:
Post a Comment