Functions and Processes In Service Design P3

Service Asset and Configuration Management
Introduction

• The purpose of Service Asset and Configuration Management (SACM) is to provide
  
  a logical model of the IT infrastructure.

• The objective is: to define service and infrastructure components and maintain
  
  accurate configuration records.

• It is important that:.

• The integrity of the services assets and Configuration Items (CIs) are
  
  protected.

• All assets and CIs are located in configuration management system.

• The operational and service management processes are supported
  
  effectively.

• Scope

• All assets that are used during the Service Lifecycle fall within the scope of
  
  asset management.

• The process offers a complete overview of all assets, and shows who is
  
  responsible for the control and maintenance of these assets.

• Configuration management ensures that all components (CIs) that form part of the
  
  service or product are identified, baselined(the configuration) and
  
  maintained.

• Scope

• It ensures that releases into controlled environments and operational use are on
  
  the basis of formal approvals.

• The process also provides a logical model of all service, assets, the physical
  
  infrastructure and the mutual relations.

• Scope

• SACM also relates to non-IT assets and CIs, such as work products used to develop
  
  the services and configuration items required to support the service that are not formally
  
  classified as assets.

• The scope of the process also includes assets and CIs of other suppliers (“shared
  
  assets”), to the extent that they are relevant to the service.

• Value for the business

• SACM increases the visibility and performance of the service, release or
  
  environment. Among other things this results in:

• Better forecasting and planning of changes.

• Changes and releases to be assessed, planned and successfully
  
  delivered.

• Incidents and problems to be resolved within the service level
  
  targets.

• Better adherence to standards, legal and regulatory obligations (less non-
  
  conformances).

• Ability to identify the costs for a service.

• Policies

• First step is to develop and maintain the SACM policies that set the objectives,
  
  scope and principles and critical success factors for what is to be achieved by the
  
  process.

• There are significant costs and resource implications to implementing SACM and
  
  therefore strategic decisions need to be made about the priorities to be
  
  addressed.

• Basic concepts

• ITIL defined a configuration item as follows:

• A configuration itemis an asset, service component or other item that is (or
  
  will be) under the control of configuration management.

• Types of CIs:

• Service lifecycle CIS –CIs for the support of the Service Lifecycle
  
  activities, such as the business case and release and change plans.

• Service CIs, such as service capability assets, service resource assets,
  
  service model, service package, release package, service acceptance
  
  criteria.

• Basic concepts

• Types of CIs:

• Organizational CIs, such as the documentation relating to the strategy of the
  
  organization.

• Internal CIs, for instance those associated with individual
  
  projects.

• External CIs, such as specifications of external customer requirements and
  
  agreements.

• Interface CIs that are required to deliver the end to end service across a
  
  Service Provider Interface (SPI).

• Basic concepts

• Configuration Management System

• In order to manage large and complex IT services and infrastructures SACM
  
  needs to use a supporting system.

• A CMS generally consists of four layers:

• A presentation layer with different “views” for the different target
  
  groups.

• A knowledge processing layer for, for instance, producing reports and
  
  queries.

• An information integration layer that collates and structures the
  
  data.

• A data layer with the data and information from different sources such as
  
  configuration management database (CMDBs), discovery and inventory tools, project
  
  information, etc.

• Basic concepts

• A configuration baseline is a configuration of a service, product or
  
  infrastructure that has been formally reviewed and agree on that thereafter serves as the
  
  basis for further activities, and that can be changed only through formal change
  
  procedures.

• Baseline is used:

• To make a milestone in the development of a service (e.g. Service Design
  
  baseline).

• To build a service component from a defined set of
  
  inputs.

• Basic concepts

• Baseline is used:

• To change pr rebuild a specific version at a later stage.

• To assemble all relevant components in readiness for a change or
  
  release.

• As a fall-back in the case of problems with new configurations (after
  
  changes).

• Baseline configurations are included in the CMS.

• A snapshot(moment in time) is the most recent status of a CI or
  
  environment.

• A snapshot is stored in the CMS and is kept as a read-only historical record
  
  (i.e. it cannot be changed).

Activities, methods and techniques

• The basic SACM process activities consist of:

• Management and planning.

• Configuration identification.

• Configuration control.

• Status accounting and reporting.

• Verification and audit.

• 1.Management and planning

• The management team and configuration management decide what level of
  
  configuration management is needed and how this level will be achieved.

• Documented in a configuration management plan.

• Contents of a configuration management plan include:

• Context and objective.

• Scope.

• Objectives.

• Applicable policies and standards.

• 1.Management and planning

• Contents of a configuration management plan include:

• Organization for configuration management including roles and
  
  responsibilities.

• SACM systems and tools.

• Selection and application of processes and procedures to implement SACM
  
  activities including configuration identification, version management, build management, etc.
• Reference implementation plan.
• 1.Management and planning


• Contents of a configuration management plan include:


• Relationship management and interface controls e.g. with financial asset
  
  management, with projects, with development and customers, etc.


• Relationship management and control of service providers and sub-
  
  contractors.
• 2.Configuration management


• Focuses on determining and maintaining the naming and version numbering of assets
  
  and CIs, the mutual relations and the relevant attributes.


• Most important activities of configuration identification are:


• Defining and documenting criteria for the selection of CIs and the components
  
  within them.


• Selecting the CIs on the basis of the defined criteria.


• Giving all CIs unique numbers for identification
  
  purposes.


• Specifying the attributes of each CI.
• 2.Configuration management


• The lowest CI level is determined by
• The available information.


• The necessary level of control.


• The necessary resources required to maintain that CI
  
  level
• Only useful to include a certain CI if it supports the other service management
  
  processe
• Document naming conventions and apply them in the identification of CIs,
  
  documents and changes, but also, for instance, in basic configurations, releases and
  
  compilations.


• 2.Configuration management


• Each CI must be uniquely identifiable by means of a version number, as there may
  
  be several versions of the same CI.


• When planning naming conventions allow for future growth.


• The names must also be short but meaningful, and correspond with the existing
  
  conventions as much as possible.


• Provide all physical CIs, such as hardware, with labels, so that they are easy to
  
  identify.


• 2.Configuration management


• The labels must be easy to read and accessible, so that a user can pass the
  
  information on the label on to the service desk.


• Labels with a barcode are very efficient for physical audits of the
  
  CIs.


• With the aid of attributesinformation is stored that is relevant for the CI in
  
  question


• 2.Configuration management


• When structuring the CMDB the following attributes, among others, can be
  
  used:


• CI number/label or barcode number –unique identifier.


• CI type.


• Name/description.


• Version.


• Location.


• Supply date.


• License details e.g. expiry date.


• Owner.


• Status.


• Supplier/source.


• 2.Configuration management


• When structuring the CMDB the following attributes, among others, can be
  
  used:


• Related documents.


• Related software.


• Historical data e.g. audit trail.


• Relationship type.


• Applicable SLA.


• Purchase date.


• Acceptance date.


• Current status.


• Planned status.









• 2.Configuration management


• Relationshipsdescribe how CIs work together to provide a service.


• The CMDB maintains these relations to demonstrate the interdependencies between
  
  CIs, for instance:


• A CI is part of another CI –a software module is part of an application
  
  (parent-child relation).


• A CI is connected to –a PC that is connected to the LAN.


• A CI usesanother CI –a business service uses a server.


• A CI is installed on another CI –MS Word is installed on a
  
  PC.


• 2.Configuration management


• CIs are classed by means of a classification, for instance: service, hardware,
  
  software, documentation, personnel.


• A release unitis the portion of the service or infrastructure, that is normally
  
  released together, in accordance with an organizations release policy.


• Releases are documented in the CMS for the support of the release and deployment
  
  process.


• 2.Configuration management


• Releases can be classified into the following release categories:


• Major releases –important deployment of new hardware and software
  
  with.


• Minor releases –usually contain a number of smaller
  
  improvement.


• Emergency releases –usually implemented as a temporary solution for a problem
  
  or known error.


• 3.Configuration control


• Ensures that the CIs are adequately managed. No CIs can be added, modified,
  
  replaced or removed without following agreed procedure.


• Establish guidelines and procedures for, among others:


• License management.


• Change management.


• Version management.


• Access control.


• Build control.


• Promotion.


• Deployment.


• Installation.


• Baseline configurations integrity management.


• 4.Status accounting and reporting


• The lifecycle of a component is classified into different stages and the stages
  
  that different types of CI go through must be properly documented. For instance, a release
  
  goes through the following stages: registered, accepted, installed, withdrawn.


• Status reports give an insight into the current and historical data of each CI
  
  and the status changes that have occurred.


• Different type of service asset and configuration reports are needed for
  
  configuration management.


• 4.Status accounting and reporting


• Such reports may consist of:


• A list of CIs and their baseline.


• Details on the current status and change history.


• A list of unauthorized CIs detected.


• Reports on the unauthorized use of hardware and software.


• 5.Verification and audit


• SACM conducts audits to ensure that:


• There are no discrepancies between the documented baselines and the actual
  
  business environment to which they refer.


• CIs physically exist in the organization or DML and spares stores, the
  
  functional and operational characteristics of CIs can be verified and checks can be made that
  
  records in the CM match the physical infrastructure.


• Release and configuration documentation is present before the release is
  
  rolled out.


• 5.Verification and audit


• Audits are conducted at the following times:


• Shortly after changes to the CMS.


• Before and after changes to IT services or
  
  infrastructure.


• At random and planned intervals.


• Before a release to ensure the environment is as
  
  expected.


• In response to the detection of unauthorized CIs.


• Following recovery from disasters.


• Audit tools can perform checks at regular intervals, for instance
  
  weekly.

Interfaces

• The most notable of these are:


• IT service continuity management : to make the organization aware of the
  assets the business depends on, and for the control of key spares and
  software.


• Incident management : for the diagnosis of problems and
  incidents.


• Availability management : for the detection of “points or
  failure”.


• SACM also has many interactions with release and deployment management.

Metrics

• The following measures are used to evaluate the performance of the SACM
  process:


• Increased quality and accuracy of information about assets and
  CIs.


• Fewer errors as a result of outdated information.


• Shorter audits because the information is more accessible.


• Shorter diagnosis and resolution times for problems and incidents.


• Fewer discrepancies between the actual situation and that in the CMS.

Implementation

• The challenges in the SACM process are:


• Convincing staff that they cannot circumvent the SACM process.


• Finding and justifying financial resources for SACM.


• Collecting too much data simply because it is available.


• Lack of management acceptance and support.


• Critical success factorsof the SACM process are:


• Determining the right level of detail and depth.


• Implementing a top-down approach for the configuration structure.


• Achieving the right level of accuracy.


• Using technology to automate the CMS and to enforce SACM
  guidelines.


• The following risks are acknowledged:


• Too much technical focus as opposed to operational and service
  focus.


• The CMS becomes outdated because, for instance, unauthorized personnel move hardware assets.

Source: OGC