Chapter 6 – The Other Service Design Processes

Understand the format of the service catalog as a database or structured document, forming one of the three service portfolio elements.
Be able to describe its contents and information about all live IT services, including those available for deployment. Understand the purpose of the service catalog as a single source of consistent information to authorized individuals on all current and forthcoming operational services and the importance of this information being kept accurate and current. There are two types of services included in the catalog: customer-facing services that are visible to the business and supporting services required by the service provider to deliver customer-facing services. Understand that the customer and the service provider will therefore have different views of each service. Understand also that different customer types such as wholesale or retail customers may have different views.
Understand the type of information held in the service catalog for individual services such as service details, status, interfaces, and dependencies and the way in which this information is used by other processes, such as service level management.
The scope of the service catalog includes only those services that have been or will be transitioned to the operational environment. Remember that these may be listed individually or in the form of service packages.
Understand what is meant by availability and how it is calculated.
Remember that the user is concerned with end-to-end availability, and the failure of one component can make the whole service unavailable to that user. Measurement of availability takes into account only agreed service time so that agreed downtime and out-of-hours availability are not included in the calculation. Identifying vital business functions helps availability management target its activities to the best effect.
Be able to describe the availability concepts of reliability, resilience, maintainability, and serviceability. Reliability concerns how long a service, component, or CI can function without an interruption and the impact of this on overall availability. Understand what is meant by mean time between failure and how it is calculated. A resilient service design may suffer component failures without the service being affected.
Understand the role of redundant equipment in providing resilience. Maintainability concerns how quickly a service, component, or CI can be restored to normal working status following a failure, as well as the impact of this on overall availability. Understand what is meant by mean time to restore service and how it is calculated. Serviceability is how well a third party is able to provide the response and fix times required in its contract following a failure, as well as the impact of this on overall availability.
Understand the purpose and importance of the information security policy.
The level of security required is a business decision, and it is the responsibility of the information security manager to then ensure the required level of protection is provided. Understand the purpose of related policies such as password and Internet use policies and how they contribute to the overall protection of the organization’s data. Understand the concepts of confidentiality (restricting access to data to authorized users), integrity (maintaining data free of any corruption or unauthorized change), and availability (able to be accessed when required) of data. Security rules must be clearly communicated so that all staff members are aware of them and senior management is enforcing them. SLAs, OLAs, and underpinning contracts play a central role in documenting and agreeing on responsibilities in this area. All security breaches must be documented and responded to appropriately and should be considered opportunities to improve security.
Understand the importance of suppliers to ensuring the quality of the overall service and the need to ensure that suppliers deliver value for money.
Understand the link between underpinning contracts as part of service level management and the management of suppliers. Understand the lifecycle of supplier management, from the signing of the contract through the management of the delivery by the supplier against that contract to its renewal or termination. Be able to explain the importance of the supplier management policy and the role of the supplier and contract management information system. Understand the different categories of suppliers (strategic, tactical, operational, and commodity) and how suppliers are assessed in terms of value, importance, risk, and impact to determine which category is appropriate.
Understand the role of capacity management in providing the current and future capacity and performance that the business requires, when it requires it, and at a cost it can afford.
Understand the use of demand management to affect this requirement. Be able to explain the subprocesses of business, service, and component capacity management and the role each plays in delivering what is required. Understand the involvement of the different functions in assessing and providing sufficient capacity. Understand the purpose and contents of the capacity plan and the requirement for it to be revised as requirements change. Understand the purpose and contents of the capacity management information system.
Understand how IT service continuity management (ITSCM) is responsible for providing an agreed level of service in the event of a major disruption to normal working conditions.
Be able to differentiate between the responsibilities of business continuity management and ITSCM. Be able to explain the concept of business impact analysis and the requirement for the participation of the business in this exercise. The two stages of risk management are identification of risks and cost-justifiable risk mitigation. ITSCM is not entirely about recovering from a catastrophic event; it also addresses the need to prevent or reduce the impact of such an event. Understand the importance of keeping the plan up-to-date and the need to assess changes for possible impact on it. Remember that the plan needs to be rehearsed to ensure that it works as designed.
Understand the role of design coordination in providing a single point of coordination and control for all service design activities and processes.
Understand the role of design coordination in managing resources and capabilities and its responsibility for compiling the service design package. It has a key role in ensuring quality and consistency across designs and ensuring the conformance of designs to governance requirements. Design coordination ensures the successful handoff of a service first from strategy to design and then to transition. The coordination process helps control cost, ensure adherence to warranty and utility requirements, and ensure activities are appropriately scheduled. A central coordinating role is able to learn from each design stage and implement improvements to all the service design activities.
Which of the following is the correct definition of the service catalog?

A. A document that describes the IT service, service level targets, and responsibilities of the IT service provider and the customer

B. The complete set of services managed by a service provider, used to manage the entire lifecycle of all services

C. A database or document with information about all live IT services

D. Justification for a particular item of expenditure, including information about costs, benefits, options, and risks

C. Option A refers to an SLA, option B refers to the service portfolio, and option D refers to a business case. Option C is the ITIL definition of the service catalog.
Which of the following is included in a service catalog?

1. Customer-facing services

2. Strategic services

3. Supporting services

4. Retired services

A. 1 and 2

B. 1, 2, 3, and 4

C. 1 and 3

D. 2 and 3

C. Retired services are part of the portfolio, not the catalog. ITIL does not define strategic services.
Which of the following statements about the service catalog is true?

1. The service catalog forms part of the service portfolio.

2. The service portfolio forms part of the service catalog.

3. There is no relationship between the service catalog and the service portfolio.

4. Customer-facing services appear in the service catalog, and supporting services appear in the service portfolio.

A. 1 and 3

B. 1 only

C. 2 and 4

D. 4 only

B. The service catalog contains customer-facing and supporting services and forms part of the service portfolio.
Availability is calculated using the formula AST-DT/AST × 100. What do the terms AST and DT refer to?

A. AST = assumed service target, DT = delivery time

B. AST = availability service target, DT = downtime

C. AST = agreed service time, DT = downtime

D. AST = agreed service time, DT = delivery time

C. Option C is the ITIL definition. Agreed service time is the time a service should be available as agreed on within an SLA or underpinning contract, and downtime is an unplanned interruption to service.
Availability management considers VBFs. What does VBF stand for?

A. Viable business factors

B. Vital business functions

C. Visibility, benefits, functionality

D. Vital business facilities

B. This is the ITIL definition. It refers to part of a business process that is critical to the success of the business.
Which of these statements is not correct?

A. MTBF measures uptime—the time from the failure to service restoration.

B. MTRS measures downtime.

C. MTBSI stands for maximum time before service interruption.

D. MTBSI measures the time from one failure until the next failure.

C. MTBSI stands for mean time between service incidents.
Which of the following are terms used in availability management?

1. Reliability

2. Resilience

3. Resistance

4. Attainability

5. Serviceability

6. Maintainability

7. Detectability

A. 1, 2, 6, 7

B. 2, 3, 5, 6

C. 1, 4, 6, 7

D. 1, 2, 5, 6

D. These are all terms that are part of the availability management process. The others are not ITIL terms.
Which of the following are responsibilities of information security management?

1. Defining the protection required for systems and data

2. Undertaking risk assessments

3. Producing the Information security policy

4. Implementing security measures to new systems during service transition

A. 1 and 2 only

B. All of the above

C. 1, 2, and 3

D. 2, 3, and 4

C. Items 1, 2, and 3 are all responsibilities of ISM. Implementing is one of the responsibilities of release and deployment management; no other ITIL process has a responsibility for implementation.
Information security management keeps information about security in what?

A. SMIS

B. IMSS

C. KEDB

D. ISDB

A. The SMIS is the security management information system. The KEDB is the known error database that is used by problem management. The other terms are not ITIL terms.
Which of the following are responsibilities of supplier management?

1. Negotiating with internal suppliers

2. Negotiating with external suppliers

3. Monitoring delivery against the contract

4. Ensuring value for money

A. 1 and 2 only

B. All of the above

C. 1, 2, and 3

D. 2, 3, and 4

D. Supplier management does not deal with internal suppliers; it manages all aspects of contract management with third parties to ensure value for money.
Which of the following are categories of supplier described in ITIL?

1. Strategic

2. Operational

3. Trusted

4. Commodity

A. 1 and 2 only

B. All of the above

C. 1, 2, and 4

D. 2, 3, and 4

C. Trusted is not a supplier type described in ITIL.
Which of the following are responsibilities of capacity management?

1. Negotiating capacity requirements to be included in the SLA

2. Monitoring capacity

3. Forecasting capacity requirements

4. Dealing with capacity issues

A. 2, 3, and 4

B. 1 and 2 only

C. All of the above

D. 1, 2, and 4

A. It is service level management that is responsible for negotiating the SLA contents (although the service level manager would consult with capacity management before agreeing on capacity requirements). The other three are core responsibilities of capacity management.
Capacity management considers three subprocesses. What are they?

A. Service capacity, business capacity, component capacity

B. System capacity, business capacity, component capacity

C. Service capacity, business capacity, configuration capacity

D. System capacity, business capacity, infrastructure capacity

A. This is the ITIL definition of the three subprocesses of capacity management.
Capacity management considers PBAs. What does PBA stand for?

A. Proactive business assurance

B. Patterns of business availability

C. Patterns of business activity

D. Proactive business assessment

C. This is the ITIL definition.
Which of the following are responsibilities of IT service continuity management?

1. Ensuring IT services can continue in the event of a disaster

2. Carrying out risk assessments

3. Ensuring the business has contingency plans in place in case of a disaster

4. Ensuring all IT staff know their role in the event of a disaster

A. 2, 3, and 4

B. 1, 2, and 4

C. 1 and 2 only

D. All of the above

C. It is not the job of ITSCM to ensure that the business has contingency plans; this is the role of business continuity management. ITSCM is concerned with the IT services only.
IT service continuity management carries out a BIA in conjunction with the business. What does BIA stand for?

A. Business integrity appraisal

B. Business information alternatives

C. Benefit integration assessment

D. Business impact analysis

D. This is the ITIL definition.
Which of the following statements about design coordination responsibilities is incorrect?

A. To ensure that the goals and objectives of the design stage are met

B. To design the solution

C. To provide a single coordination point

D. To ensure the design meets the requirements

B. Design coordination does not design the solution; it coordinates activities and resources.
Outputs from design coordination include what?

1. The service design package

2. The CMS

3. The governance requirements

4. Suggestions for improvements to be made to the design stage

A. 2, 3, and 4

B. 1 and 2 only

C. All of the above

D. 1 and 4 only

D. The configuration management system (CMS) and governance requirements are not outputs of this process. They are actually inputs to it.
Which of the following statements about the service catalogue is TRUE?

A. The service catalog contains information on customer-facing services only

B. The service catalog contains information on supporting services only

C. The service catalog shows which IT service supports each business process

D. The service catalog shows details of services under development.

C. The service catalog shows how each operational service supports particular business processes – this is useful to customers. The technical view of the catalog shows the supporting services which make up the service.
Which of the following statements about IT Service Continuity Management (ITSCM) is TRUE?

A. ITSCM defines the service that can be provided in the event of a major disruption. The business can then plan how it will use the service.

B. ITSCM and Business Continuity Management (BCM) have no impact on each other.

C. BCM defines the level of IT service that will be required in the event of a major disruption. ITSCM is responsible for delivering this level of service.

D. It is the responsibility of ITSCM to deliver a single continuity plan, that will fit all situations.

C. It is the responsibility of the business to plan for business continuity in the event of major disruption, based on business priorities. This will define what level of IT service will be required in that eventuality, and ITSCM is then responsible for planning how this could be provided.