it infrastructure library (itil) part 4 – availability– capacity- it continuity connecting...

IT Infrastructure Library (ITIL) Part 4 – Availability– Capacity- IT Continuity

CONNECTING BUSINESS & TECHNOLOGY

04/19/231

C O N N E C T I N G B U S I N E S S & T E C H N O L O G Y

Agenda

Service Delivery Model

Availability Management

Capacity Management

IT Continuity Management

2


Service Delivery

Service Level ManagementThe process of defining, agreeing, documenting and managing the levels of customer IT

service, that are required and cost justified.Capacity Management

Capacity Management is responsible for ensuring that the Capacity of the IT Infrastructure matches the evolving demands of the business in the most cost-effective and timely manner

IT Service Continuity ManagementThe goal for ITSCM is to support the overall Business Continuity Management process by

ensuring that the required IT technical and services facilities (computer systems, networks, applications…) can be recovered within required, and agreed, business timescales

Availability Managementto optimise the capability of the IT Infrastructure, services and supporting organisation to deliver

a cost effective and sustained level of Availability that enables the business to satisfy its business objectives

Cost Management (Finantial Management for IT services)All the procedures, tasks and deliverables that are needed to fulfil an organisation's costing and

charging requirements.


Service delivery process model


Agenda



Capacity Management


5

Capacity Management is responsible for ensuring that the Capacity of the IT Infrastructure matches the evolving demands of the business in the most cost-effective and timely manner.


Availability – Introduction

Objective ensure IT Services are designed to deliver the levels of Availability required by the business provide a range of IT Availability reporting to ensure that agreed levels of Availability,

reliability and maintainability are measured and monitored on an ongoing basis optimise the Availability of the IT Infrastructure to deliver cost effective improvements that

deliver tangible benefits achieve over a period of time a reduction in the frequency and duration of Incidents that

impact IT Availability ensure shortfalls in IT Availability are recognised and appropriate corrective actions are

identified and progressed create and maintain a forward looking Availability Plan

Scope Availability Management is concerned with the design, implementation, measurement and

management of IT Infrastructure Availability to ensure the stated business requirements for Availability are consistently met


Availability – Concepts (1)

IT infrastructure and IT support organisation



Guiding principles

Guiding Principle #1 - 'Availability is at the core of business and User satisfaction'

Guiding Principle #2 - 'Recognising that when things go wrong, it is still possible to achieve business and User satisfaction'

Guiding Principle #3 - 'Improving Availability can only begin after understanding how the IT Services support the business'



Terminologies Availability

Availability is the ability of an IT Service or component to perform its required function at a stated instant or over a stated period of time.

Reliability The reliability of an IT Service can be qualitatively stated as freedom from operational

failure.

Maintainability Maintainability relates to the ability of an IT Infrastructure component to be retained

in, or restored to, an operational state

Security The Confidentiality, Integrity and Availability of the data associated with a service; an

aspect of overall Availability

Serviceability Serviceability describes the contractual arrangements made with Third Party IT

service providers. This is to assure the Availability, reliability and maintainability of IT Services and components under their care



Terminologies Vital Business Function

The term Vital Business Function (VBF) is used to reflect the business critical elements of the Business Process supported by an IT Service

User The term User is used to describe the consumer of an IT Service

IT support organisation The term IT support organisation is used to describe the IT functions

necessary to support, maintain and manage the IT Infrastructure to enable an IT Service to meet the level of Availability defined within the SLA

Availability Management (the activity) The term 'Availability Management' is used to indicate the execution of

activities within the process.


Availability – Process (1)

the Availability, reliability and maintainability requirements for the IT Infrastructure components that underpin the IT Service(s)

information on IT Service and component failure(s), usually in the form of Incident and Problem records

a wide range of configuration and monitoring data pertaining to each IT Service and component

service level achievements against agreed targets for each IT Service that has an agreed SLA

• Inputs– the Availability requirements of the Availability requirements of

the business for a new or the business for a new or enhanced IT Serviceenhanced IT Service

– a business Impact assessment a business Impact assessment for each vital Business function for each vital Business function underpinned by the IT underpinned by the IT Infrastructure Infrastructure



• Ouputs– Availability and recovery design criteria for each new or Availability and recovery design criteria for each new or

enhanced IT Service enhanced IT Service – details of the Availability techniques that will be deployed to details of the Availability techniques that will be deployed to

provide additional Infrastructure resilience to prevent or provide additional Infrastructure resilience to prevent or minimise the impact of component failure to the IT Service minimise the impact of component failure to the IT Service

– agreed targets of Availability, reliability and maintainability for agreed targets of Availability, reliability and maintainability for the IT Infrastructure components that underpin the IT the IT Infrastructure components that underpin the IT Service(s) Service(s)

– Availability reporting of Availability, reliability and Availability reporting of Availability, reliability and maintainability to reflect the business, User and IT support maintainability to reflect the business, User and IT support organisation perspectives organisation perspectives

– the monitoring requirements for IT components to ensure that the monitoring requirements for IT components to ensure that deviations in Availability, reliability and maintainability are deviations in Availability, reliability and maintainability are detected and reported detected and reported

– Availability Plan for the proactive improvement of the IT Availability Plan for the proactive improvement of the IT InfrastructureInfrastructure



• Activities– determining the Availability requirements from the business for an IT determining the Availability requirements from the business for an IT

Service and formulating the Availability and recovery design criteria Service and formulating the Availability and recovery design criteria for the IT Infrastructure for the IT Infrastructure

– in conjunction with ITSCM determining the vital business functions and in conjunction with ITSCM determining the vital business functions and impact arising from IT component failure. impact arising from IT component failure.

– defining the targets for Availability, reliability and maintainability defining the targets for Availability, reliability and maintainability (documented and agreed within SLAs, OLAs and contracts)(documented and agreed within SLAs, OLAs and contracts)

– establishing measures and reporting of Availability, Reliability and establishing measures and reporting of Availability, Reliability and Maintainability (business, User and IT perspectives)Maintainability (business, User and IT perspectives)

– monitoring and trend analysis of the Availability, Reliability and monitoring and trend analysis of the Availability, Reliability and Maintainability of IT components Maintainability of IT components

– reviewing IT Service and component Availability and identifying reviewing IT Service and component Availability and identifying unacceptable levels; investigating the underlying reasons for unacceptable levels; investigating the underlying reasons for unacceptable Availability. unacceptable Availability.

– producing and maintaining an Availability Plan which prioritises and producing and maintaining an Availability Plan which prioritises and plans IT Availability improvements.plans IT Availability improvements.



• Relationschip with other IT service management disciplines– All IT Service Management disciplines have an influence on IT All IT Service Management disciplines have an influence on IT

AvailabilityAvailability– Availability Management, by implication, interfaces with all disciplinesAvailability Management, by implication, interfaces with all disciplines

• Benefits– a single point of accountability for Availability (process owner)a single point of accountability for Availability (process owner)– IT Services are designed to meet the IT Availability requirements IT Services are designed to meet the IT Availability requirements

determined from the business determined from the business – the levels of IT Availability provided are cost justified the levels of IT Availability provided are cost justified – the levels of Availability required are agreed, measured and the levels of Availability required are agreed, measured and

monitored to fully support Service Level Management monitored to fully support Service Level Management – shortfalls in the provision of the required levels of Availability are shortfalls in the provision of the required levels of Availability are

recognised and appropriate corrective actions identified and recognised and appropriate corrective actions identified and implemented implemented

– the frequency and duration of IT Service failures is reduced over time the frequency and duration of IT Service failures is reduced over time



• Costs– the staff costs associated with the process owner Role for Availability

Management which include salary, training, recruitment costs and if needed the cost of initial consultancy

– accommodation costs – process deployment costs to define and implement the necessary

process, procedures and techniques – support tools for monitoring and reporting

• Possible problems– to not justify the costs of appointing a Availability manager

(responsibility of all senior managers) – difficulty understanding how Availability Management can make a

difference particularly where the existing disciplines are already deployed (Incident, Problem and Change)

– the current levels of Availability as good so see no compelling reason for the creation of a new role within the organisation

– fail to delegate the appropriate authority and empowerment to influence all areas of the IT support organisation.


Availability – (Un)availability (1)

Cost / Availability

New IT service provides indication of the costs (/ Availability requirement) where costs are seen as too high, enables alternative options with their associated costs

and consequences to be presented to the business higher levels of Availability can be achieved when Availability is designed in, rather than

added on avoids the costs and delays of late design Changes to meet the required levels of

Availability ensures the IT Infrastructure design will deliver the required levels of Availability.



Existing IT services Where high levels of Availability are already being delivered it may take

considerable effort and incur significant cost to achieve a small incremental Availability improvement

A key activity for Availability Management is to continually look at opportunities to optimise the Availability of the IT Infrastructure. The benefits of this approach being that enhanced levels of Availability may be achievable but with much lower costs

• Scope should not be restricted Scope should not be restricted to the IT Infrastructure, but also to the IT Infrastructure, but also include a review of the Business include a review of the Business process and other end-to-end process and other end-to-end business owned responsibilitiesbusiness owned responsibilities



The cost of Unavailability Impact on vital business functions

expls : number of business or IT transactions impacted provide an obvious indication of the consequence of failure

The monetary impact express the cost of failure arising from system, application or function loss to the business as a monetary

'value' Tangible costs

Lost user or IT staff productivity lost revenue overtime payments wasted goods and material imposed fines or penalties.

Intangible costs loss of customer goodwill (Customer dissatisfaction) loss of Customers loss of business opportunity (to sell, gain new Customers etc) damage to business reputation loss of confidence in IT service provider damage to staff morale



actual available time • %availability = --------------------------------------- x 100%

agreed time


Availability Management – measurements

• Mean Time To Repair (MTTR) : average downtime• Mean Time Between Failures (MTBF) : average elapsed time between failures • Mean Time Between System Incidents (MTBSI) : the average elapsed time from

the occurrence of an Incident to resolution of the Incident.

Time

Time between incidents

UptimeDowntime

Time

Detection

Repair time

Time Time Time

reaction diagnose repair

Incident IncidentRecovery


Availability Management – Key Indicators

• Traditional measures :

• % Available

• % Unavailable

• Duration

• Frequency of failure

• Impact of failure• User Availability :

• Impact by User minutes lost.

• Impact by business transaction.


Agenda



Capacity Management


22

The goal of the Availability Management process is to optimise the capability of the IT Infrastructure, services and supporting organisation to deliver a cost effective and sustained level of Availability that enables the business to satisfy its business objectives.


Capacity Management – Introduction (1)

Capacity Management : A balance act

The capacity Management answer to Which components to upgrade ? When to upgrade ? How much the upgrade will cost ?

KEY MESSAGE « Good Capacity Management ensures NO SURPRISES! »



The two law of capacity management : Moore's Law

In 1965 Gordon Moore, one of the founders of Intel, observed that each new memory chip produced contained about twice as much processing Capacity as its predecessor, and that new chips were released every 18 - 24 months. This trend has continued ever since, leading to an exponential increase in processing power.

Parkinson's Law of Data We all know that work expands to fill the time available to complete it, but a variation on that law is that 'data expands to fill the space

available for storage'.

While these two laws hold true then effective Capacity Management is even more important as supply and demand grow exponentially.

The Capacity Management process’s goal is to ensure the cost justifiable IT Capacity always exists and that it is matched to the current and future identified needs of the business.



The Capacity Management process should be the focal point for all IT performance and Capacity issues : hardware, networking equipments, peripherals, softwares, human ressources…

The driving force for

Capacity Management

should be the business

requirements of the

organisation


Capacity Management – Process (1)

– Capacity Management sub-processesCapacity Management sub-processes• Business Capacity Management : compare fure requirements (from Business Capacity Management : compare fure requirements (from

Business Plan) with current ressource utilisation modelBusiness Plan) with current ressource utilisation model• Service Capacity Management : management of the performance of the Service Capacity Management : management of the performance of the

livelive• Resource Capacity management : management of the iduividuals Resource Capacity management : management of the iduividuals

components of the IT infrastructurecomponents of the IT infrastructure



Business Capacity Management Identify and agree Service Level Requirements Design, procure or amend configuration Update CMDB et CDB Verify SLA Sign SLA



Service Capacity Management to identify and understand the IT Services, their use of resource,

working patterns, peaks and troughs to ensure that the services can and do meet their SLA targets To monitore collected data form service preformances

Resource Capacity Management to identify and understand the Capacity and utilisation of each of the

component parts in the IT Infrastructure To understand new technology and how it can be used to support the

business to identify the impact on the available resources of particular failures,

and the potential for running the most important services on the remaining resources


Capacity Management – Activities (1)

activities are undertaken when carrying out any of the sub-processes of Capacity Management and these activities can be done reactively or proactively

major difference between the sub-processes is in the data that is being monitored and collected, and the perspective from which it is analysed

number of the activities need to be carried out iteratively



Monitoring Objective

the utilisation of each resource and service is monitored on an on-going basis to ensure the optimum use of the hardware and software resources, that all agreed service levels can be achieved, and that business volumes are as expected

Examples of monitored data (for capacity or performance) : CPU utilisation, Memory utilisation Number of logon and concurrent users Tarnsaction response time

Set thresholds, baslines, profilesAnalysis Objective

The data should be analysed to identify trends from which the normal utilisation and service level, or baseline, can be established. By regular monitoring and comparison with this baseline, exception conditions in the utilisation of individual components or service thresholds can be defined. Also the data can be used to predict future resource usage.



Tuning Objective

The analysis of the monitored data may identify areas of the configuration that could be tuned to better utilise the system resource or improve the performance of the particular service.

Must be tested or validatedImplementation Objective

The objective of this activity is to introduce to the live operation service, any Changes that have been identified by the monitoring, analysis and tuning activities.

Must be undertaken throught a formal change management process Compare monitoring after and before the change (not to regress)



Storage of capacity management data CDB is the cornerstone of a successful Capacity Management Process Type of data

Business Data : number of web site business transactions Service Data : transaction response time Technical Data : CPU, network utilisation, disk Financial Data : IT element cost, budgets Utilisation Data : I/O, Memory

Ouputs from the CDB Service and components based reports Exception reporting Capacity forecasts



Demand management Objective

The prime objective of Demand Management is to influence the demand for computing resource and the use of that resource

Needs understand which services are utilising the resource and to what level know the schedule of when services must be run

Modelling Objective

A prime objective of Capacity Management is to predict the behaviour of IT Services under a given volume and variety of work. Modelling is an activity that can be used to beneficial effect in any of the sub-processes of Capacity Management

Types of modelling Trend analysis Analytical modelling Simulation modelling Baselines models



Application sizing Objective

The primary objective of application sizing is to estimate the resource requirements to support a proposed application Change or new application, to ensure that it meets its required service levels. To achieve this application sizing has to be an integral part of the applications lifecycle

Description Specify required service levels (application design) Specify resilience aspects Use modelling (resources could be shared…)

Production of the capacity plan Objective

The prime objective is to produce a plan that documents the current levels of resource utilisation and service performance, and after consideration of the business strategy and plans, forecasts the future requirements for resource to support the IT Services that underpin the business activities.


Capacity Management – Implementation

Review what exists already

Planning the process Structure of the capacity management process Monitoring The CDB Integration into the other planning processes Production of the capacity plan

Implementation of the process Train staff Establish monitoring and the CDB Business Capacity Management Service Capacity Management Resource Capacity Management


Capacity Management – Process Review

Metrics utilisation of all components / services recorded in theCDB correct amount of utilisation data collected in the CDB - SLM process is informed of any potential or actual breaches of the targets in

the SLAs constraints that are imposed on demand occur with the understanding of the

Customers the annual Capacity Plan is produced on time and is accepted by the senior IT

management Critical success factors accurate business forecasts knowledge of IT strategy and plans an understanding of current and future technologies an ability to demonstrate cost effectiveness interaction with other effectiveService Management processes an ability to plan and implement the appropriate IT Capacity to match business

need


Capacity Management – Interfaces with other SM processes (1)

Incident Management IM informs CM of incidents related to capacity CM resolves and documents capacity related incidents

Problem Management CM provides a specialist support to PM related to capacity Procative role of CM throught the analysis of performance and capacity

informationChange Management CM is represented on the Change Management Board (CAB) Effects of changes muts be monitored by Capacity Management

Release Management CM helps to determine the roll out strategy CM provides information on resources

Configuration Management CDB is a subset of CMDB


Capacity Management – Interfaces with other SM processes (2)

Service Level Management CM supports SLM to ensure that capacity targets an be achieved CM assists SLM in drafting and reviewing OLAs and contracts CM monitors and reports on performance

Financial Management for IT services Financial management determines the cost justification When IT charging, CM provides information on usage profiles

IT Service Continuity Management CM determines the capacity required for recovery Capacity Plan includes IT Service continuity requirements

Availability Management Performance and capacity problems results in unavailability Avalability and Capacity management should be aligned (same goals, shared

tools…)


Agenda



Capacity Management


39

The goal for ITSCM is to support the overall Business Continuity Management process by ensuring that the required IT technical and services facilities (including computer systems, networks, applications, telecommunications, technical support and Service Desk) can be recovered within required, and agreed, business timescales.


ITSCM – Introduction (1)

Scope ITSCM focuses on the IT Services required to support the critical business processes.

Benefits for managing the risk Potential lower insurance premiums Regulatory requirements Business relationship Positive marketing of contingency capabilities Organisational credibility Competitive advantage

Business Continuity Management (BCM) BCM is concerned with managing risks to ensure that at all times an organisation can

continue operating to, at least, a pre-determined minimum level. The BCM process involves reducing the risk to an acceptable level and planning for the recovery of business processes should a risk materialise and a disruption to the business occur.


ITSCM – Introduction (2)

Management commitment The implementation of ITSCM mechanisms, identified through the BCM

process, must be based on business requirements in order to reduce the risk from interruption or failure of critical business processes and ensure business benefit (Top management issue)

Key objective in a business manager’s job description Business-as-usual pressures must not being used as an excuse for the non

delivery of the recovery facilities ITSCM is a directive of the business strategy

Relationschip with other IT services SLM : uderstanding the obligatiopns IT service delivery Availability Management : delivering risk reduction measures to maintain

« business-as-usual » Configuration management : defining the core Infrastructure Capacity Management Change Management Service Desk/Incident Management


ITSCM – Scope

Risk in scope Identify the frequency, types and nature of regular service

disruptions major service disruptions, from terrorist activities to natural

disasters and Infrastructure Problems

Risk out of scope Changes in business direction Restructuring Minor technical faults


ITSCM – Business Continuity Lifecycle (1)

BCM Process Model

4 stages Initiation Requirements and

strategy Implementation Operational

Management



Stage 1 – Initiation

Policy setting management intention and objectives

Specify terms of reference and scope roles and responsabilities Risk assessment scope Business impact analysis scop

Allocate resources Define the project organisation and control structure

Use a project management methodology

Agree project and quality plans



Stage 2 – Requirements

analysis and strategy definition

Business Impact Analysis – Identify : Critical business processes Potential damage or loss as a result of a disruption to critical business

processes Form od dampage or loss (income, reputation, costs…) Staffing, skills, facilities, services necessary to enable critical business

processes to continue operating at a minimum level The time within which minimum should be recovered The time within all required business processes should be recovered



Stage 2 – Requirements analysis and strategy definition

Risk assessment Identify risks to particular IT

service component Asses threat and vulnerability levels Asses the levels of risk

a high threat and high vulnerability implies a high probability of occurrence



Stage 2 – Requirements analysis and strategy definition

Business Continuity Strategy Risk reduction measures Recovery options (people and accommodation) Recovery Options (critcal services : phone, post, water…) Recovery Options (critical assets : erefrence material…) IT Recovery Options

Do nothing Manula work arounds Reciprocal arrangement Gradual recovery (‘cold standby’) Itermediate recovery (‘warm standby’) Immediate recovery (‘hot standby’)



Stage 3 – Implementation Organisation planning (3 levels : executice, co-ordination, recovery

teams) Implementation planning Implement risk reduction measures : UPS, fault tolerant systems,

RAID, mirror disks, spare… Implement stand-by

arrangements Develop ITSCM plans Develop procedures(replacement, restoration…)

Initial testing



Stage 4 – Operational Management Education and awareness Training (IT and non IT

teams) Review (ongoing review

programme) Testing Change control Assurance



Invocation Decision by a crisis management team Factires to take account :

the extent of the damage and scope of the potential invocation the likely length of the disruption and Unavailability of premises and/or

services the time of day/month/year and the potential business impact. At year end

the need to invoke may be more pressing to ensure that year-end processing is completed on time

specific requirements of the business depending on work being undertaken at the time

Need to communication within the organisation Record all activities Maintain security and data protection


ITSCM – Management Structure (1)

Ojectives allow responsibilities for ongoingITSM to be clearly defined and

allocated integrate into existing management structures, hierarchies and

responsibilities avoid concentrating responsibility in an isolated centre of excellence allocate responsibilities to functions or individuals that have the

necessary presence, credibility, skills, knowledge and expertise within the IT organisation

ensure that the management structure to manage ITSC on an ongoing basis, closely resembles the structure that will control and facilitate Continuity or recovery should the ITSCM mechanisms have to be invoked

ensure the ITSCM strategy and requirements are integrated with the business and IT strategies.


ITSCM – Management Structure (2)

Roles and responsabilities (normal opertations and invocation)


ITSCM – Generating awareness

Of the need of ITSCM the range of risks and vulnerabilities the potential business impacts the likelihood of each of the risks materialising personal responsibilities and liabilities (directors) external pressures (regulators, shareholders or clients)

Initial awareness Initial briefing sessions

On going awareness briefings to all staff on the need for vigilance, on emergency procedures and

security guidelines and procedures demonstration of stand-by facilities to staff use of an organisation's newsletter, notice boards, or an intranet inclusion of an overview of the organisation's business and ITSCM

mechanisms in the staff induction process regular progress reports to the Board and regular agenda items on other

management and IT committees


Author

Date

FurtherInformation

Contact

Contact…Devoteam – Jean-Marc Chevereau

Phone …+33 1 41 48 48 48 / +33 6 64 48 96 99

Email ……[email protected]

Country …France

www.devoteam.com

Algeria

Austria

Belgium

Czech Republic

Denmark

France

Germany

Italy

Jordan

Luxembourg

Morocco

Netherlands

Norway

Poland

Russia

Saudi Arabia

Spain

Sweden

Switzerland

Tunisia

Turkey

United Arab Emirates

United Kingdom

© Devoteam GroupThis document is not to be copied or reproduced in any way without Devoteam express permission. Copies of this document must be accompanied by title, date and this copyright notice.

Jean-Marc Chevereau

Janvier 2010

it infrastructure library (itil) part 4 – availability– capacity- it continuity connecting...

Documents

o g y availability concepts

infrastructure availability

availability capacity

availability reporting

agreed levels of availability

core of business

stated business requirements

infrastructure library