service_catalogue_fully-managed services
TRANSCRIPT
P a g e 0
1
Fully-Managed Services Catalogue Table of Contents
Fully-Managed Services Introduction ...................................................................... 2
Service Offerings ....................................................................................................... 4
Bronze Fully-Managed Service .......................................................................................... 4
Silver Fully-Managed Service ............................................................................................ 6
Gold Fully-Managed Service .............................................................................................. 8
Service Elements ....................................................................................................... 9
24/7 Incident Support ......................................................................................................... 9
24/7 Critical Incident Management ................................................................................... 10
24/7 Infrastructure Monitoring .......................................................................................... 11
24/7 Network Monitoring .................................................................................................. 12
24/7 Security Monitoring - Advanced Threat Detection .................................................... 13
Operational Essentials ..................................................................................................... 15
Service Management - Bronze ......................................................................................... 16
Service Management – Silver & Gold .............................................................................. 18
ServiceNow Service Desk ................................................................................................ 19
Security Patching & System Updates ............................................................................... 25
Proactive System Maintenance (Watchpoints) ................................................................. 26
Reporting ......................................................................................................................... 27
Business Continuity Planning and Disaster Recovery ...................................................... 28
Governance, Risk and Compliance .................................................................................. 29
Value Added Options .............................................................................................. 30
On-Site Customer Support Engineer ................................................................................ 30
Support and Consultancy Pack ........................................................................................ 31
Document Control ................................................................................................... 32
2
Fully-Managed Services Introduction
Blue Chip offer a comprehensive Fully-Managed Service package to enable customers to outsource the activities required to monitor, repair and maintain their IT infrastructure. Blue Chip have over 20 years’ experience and over 140 technical professionals, enabling us to provide an effective and cost-efficient service round-the-clock. All Fully-Managed Services are delivered for a fixed monthly price and are based upon a 3-year initial term.
Our Fully-Managed Services are packaged in three tiers to meet the needs of each individual customer:
Bronze: Providing an all-inclusive 24/7 package of unlimited incidents and service requests, monitoring (including security), remote service management and essential proactive patching and maintenance. A Service Desk platform is also provided for your internal use including a service portal for your end users. Everything that is needed for an effective and low cost service.
Silver: In addition to our Bronze service, security patching and system updates are provided whilst our extensive catalogue of service Watchpoints ensures increased uptime and reduced incidents through the completion of repeated, systematic activities that prevent known failures. The Silver service is also enhanced with detailed reporting and on-site service delivery management meetings to drive forward the progress of your IT.
Gold: In addition to the features in our Bronze and Silver packages, Gold customers benefit from extensive Disaster Recovery and Business Continuity activities whilst our governance, risk, and compliance management minimises risk by the development, deployment and monitoring of policies around security, data protection, web usage, email and BYOD.
As standard, all of our Fully-Managed Services include the support and maintenance of the IT Infrastructure and the support for your end users, 24/7. Bespoke packages are available to enable our customers to segregate this and to take the support of the end users in-house whilst Blue Chip support and maintain the IT Infrastructure. If this option has been chosen, this will be stated in your proposal document.
In all cases, specific projects to implement new or upgraded technology will be charged in addition to the Managed Service for a fixed price, based upon a detailed schedule of work.
3
The core services, subject to the tier of service adopted include:
24/7 Incidents and Service Requests
24/7 Critical Incident Management
24/7 Proactive Monitoring
24/7 Advanced Security Monitoring
Operational Essentials
Service Management
Proactive Watchpoints
Reporting
ServiceNow Service Desk
Business Continuity Planning and Disaster Recovery
Governance, Risk and Compliance Management
4
Service Offerings
Bronze Fully-Managed Service
Our Bronze Fully-Managed Service provides an unlimited, all-inclusive, fixed price service for the support, maintenance and management of your IT. The service is predominantly delivered on a telephone and remote basis with engineers dispatched to site as required, leveraging a team of 140-strong technical professionals with round-the-clock operation to service your users on a true 24/7 basis. Unlike traditional managed services or on-site IT teams which generally offer a 9-5 service with “on call” support at best, our Managed Service adapts to the needs of our customers. This approach to service delivery is designed for the modern world of flexible working and to cope with the fluctuation in demand that is now commonplace within any IT function.
The service introduces an extensive monitoring toolset, observing all of your key service-delivering assets such as servers, switches and routers. This toolset captures errors and information - such as capacity thresholds and predictive failure notifications - and automatically generates a ticket in our Service Desk system. Our 24/7 team then act on this ticket, reducing downtime by preventing failures before they happen. Our ability to act on these alerts out-of-hours can reduce downtime in business hours through action before the users arrive at work and realise a key business system has failed overnight.
The Bronze Service incorporates all the essential maintenance that is often missed by in-house teams and Service providers, and includes regular server patching, antivirus updates, and the review, verification and testing of backup jobs.
Should you still encounter a security breach despite the improvements achieved through essential maintenance, our Security Monitoring Service included within the Bronze package significantly reduces the impact by quickly identifying the threat and automatically creating a ticket for our 24/7 team to act upon (severity dependant).
From a service management perspective, Bronze customers benefit from a remote Service Delivery Manager (SDM). Your SDM will communicate with you regularly with regards to exceptional incidents such as system outages and problem tickets (items such as repeat issues). A monthly remote service management meeting is completed to brief you on the month’s activities and agree actions that are required in response to the activities (such as preventative tasks in response to an outage).
In the event that a customer has internal resources covering areas such as line of business application support, a ServiceNow Service Desk Platform is provided for up to 5 operators. This allows these operators to work collaboratively with Blue Chip, providing efficient operational processes and a single system for logging, managing and reporting on all IT incidents, service requests and change requests.
24/7 Service Desk providing unlimited incident support and service requests
24/7 Monitoring of your infrastructure
24/7 Security Monitoring and remediation, reducing the risk posed by cyber threats
Fixed price for 3 years with monthly billing
Regular patching and basic maintenance keeping your systems healthy
Remote Service Management
ServiceNow Service Desk Platform for 5 operators (with unlimited portal users)
5
The Bronze service includes the following service elements as described within this document:
24/7 Incident Support
24/7 Critical Incident Management
24/7 Proactive Monitoring
24/7 Advanced Network Monitoring
24/7 Advanced Security Monitoring – Advanced Threat Protection
Operational Essentials
Remote Service Management
ServiceNow Service Desk Platform
6
Silver Fully-Managed Service
Our Silver Managed Service includes all of the features described within the Bronze Fully-Managed Service and adds a range of additional proactive activities to enhance the reliability and performance of your systems. This is achieved through two main features.
Firstly, our Security Patching and System Update feature builds upon the basic patching and maintenance activity that we complete within Operational Essentials which focuses on basic patching and updates such as Windows updates and antivirus. With this service, regular tasks are scheduled to install the latest patches and firmware updates to all of your infrastructure assets. In addition, these are captured into an asset management database with details such as operating system version and patch level, empowering us to implement additional emergency security updates in the event of a new threat being released.
Secondly, we carry out an extensive schedule of pre-defined proactive maintenance tasks (known as Watchpoints) across all of your infrastructure assets. These tasks are scheduled in our Service Desk system and automatically created on a repeated basis, ensuring consistency in execution. Many of these tasks are well understood within the industry as needing to be done however our systematic process means that they do not get pushed to one side whilst break fix incidents or projects take the priority.
These tasks are broken down into three core areas:
System Health: The system health Watchpoints involve the review of the event logs both at a hardware and software operating level, looking for potential issues and patterns. Devices and software platforms are also reviewed to ensure they are fit for purpose by assessing their warranty status and ensuring they are still in mainstream support by the related vendors.
Vendor Best Practice: The best practice Watchpoints involve reviewing all of the hardware and software platforms within your infrastructure and benchmarking them against our vendor best practice runbooks. Any gaps against the best practice standard are identified, logged and remediated, ensuring best practice is achieved within your environment.
System Performance & Capacity: The system performance & capacity Watchpoints involve reviewing the spare capacity within all of the hardware and software platforms in your infrastructure. It also involves assessing the performance of the various systems, including local and wide area networks. All opportunities for improvement that are identified are logged and executed, making the best of your investments in IT infrastructure
From a service management perspective, Silver customers enjoy a much more extensive service. This includes the adoption of a Change Management process; reducing the impact and risk associated with change through close management of the activities, including an assessment of the technical detail, completion of an impact analysis and definition of a roll back plan.
24/7 Service Desk providing unlimited incident support and service requests
24/7 Monitoring of your infrastructure
24/7 Security Monitoring and remediation reducing the risk posed by cyber threats
Fixed price for 3 years with monthly billing
Extensive patching and system updates
Proactive Watchpoints increase system performance and uptime by carrying out preventative maintenance tasks
Enhanced Service Management including a Change Management process
Extensive reporting with monthly on-site review meeting
ServiceNow Service Desk Platform for 5 operators (with unlimited portal users)
7
Silver customers also enjoy a monthly on-site service delivery meeting with a senior Service Delivery Manager (SDM). The on-site SDM will get to know you and your business, and go above and beyond standard reporting in services offered generally by SDMs. The senior SDM will be there for you as required to discuss areas such as IT strategy, business change, IT projects, and application challenges and developments.
The Silver service includes the following service elements as described within this document:
24/7 Incident Support
24/7 Critical Incident Management
24/7 Proactive Monitoring
24/7 Advanced Network Monitoring
24/7 Advanced Security Monitoring – Advanced Threat Protection
Operational Essentials
Remote Service Management
ServiceNow Service Desk Platform
Proactive Watchpoints
Service Delivery Manager
Reporting
8
Gold Fully-Managed Service
Our Gold Fully-Managed Service includes all of the features described within the Bronze and Silver Fully-Managed Services and adds two specific features for customers wishing for the ultimate Managed Service. These two services increase peace of mind for customers through enhancement of your Business Continuity and management of key usage policies through our Governance, Risk and Compliance service.
In relation to Business Continuity, our service involves gaining a deep understanding of your core business systems and the business impact in the event of these systems being unavailable. We will then agree appropriate Recovery Time and Recovery Point Objectives for each business system, and provide consultation and advice in the event that systems require modification in order to meet these business requirements. Once any system changes have been made, DR “runbooks” are created in order to document the recovery process in detail. This runbook is then regularly tested to ensure that you can rest easy knowing that should the worse happen, your systems can be recovered within a timescale that meets the needs of the business.
With regards to governance, risk and compliance, we work alongside you in order to support you in defining your IT usage policies for areas such as web browsing, email, BYOD, data protection and security. Once these policies are defined, we agree a schedule of tasks with you whereby we review your operational reality against these policies. Exceptions are documented in a risk register whereby we work with you to agree actions to remedy these non-conformances.
The Gold service includes the following service elements as described within this document:
24/7 Incident Support
24/7 Critical Incident Management
24/7 Proactive Monitoring
24/7 Advanced Network Monitoring
24/7 Advanced Security Monitoring – Advanced Threat Protection
Operational Essentials
Remote Service Management
ServiceNow Service Desk Platform
Proactive Watchpoints
Service Delivery Manager
Reporting
Business Continuity Planning and Disaster Recovery
Governance, Risk and Compliance Management
24/7 Service Desk providing unlimited incident support and service requests
24/7 Monitoring of your infrastructure
24/7 Security Monitoring and remediation reducing the impact of cyber threats
Fixed price for 3 years with monthly billing
Extensive Patching and system updates
Proactive Watchpoints increase system performance and uptime by carrying out preventative maintenance tasks
Enhanced Service Management
Extensive reporting with monthly on-site review meeting
Business Continuity Planning and Disaster Recovery
Governance, Risk and Compliance Management
ServiceNow Service Desk Platform for 5 operators (with unlimited portal users)
9
Service Elements
24/7 Incident Support
Our Service Desk is a multi-channel single point of contact for all your IT support needs. The Service Desk
co-ordinates and manages the resolution of all incidents 24 hours a day, 7 days a week. With our Fully-
Manged Service, your call is directed directly to a Service Engineer who will work with you to resolve your
issue. Over 86% of our incidents are resolved during this first contact by leveraging our remote support
toolset, significantly reducing the scenarios whereby you have to wait for a response back in order to
resolve your issue. At all times we are fully aware of incidents, when they happen and when they are
resolved, our performance against SLA, and of the value our service delivers to your business.
Our Service Desk will:
1. Handle all IT-related service issues, including
incidents, problems, service requests and general
queries
2. Monitor, forward and/or escalate all incidents
3. Keep end users informed on status and progress
until the incident is resolved
4. Manage warranty issues through to resolution
The Blue Chip Service Desk will take ownership of each
incident from initial recording to closure following the
escalation paths agreed at service initiation.
As part of our standard support offering we provide all of our customers access to the web-based Portal to our Service Management System (ServiceNow), enabling customers to log new support tickets and service requests, as well as to review and interact with our Support Team on existing tickets.
Benefits of the Portal for End Users
For a “View only” end user:
Users can see their ticket updates as soon as they happen, any time of day. For a “Default” end user:
Create tickets directly in our system.
Add documents to a ticket at any time throughout its life.
Review progress and call an early halt if it is no longer required or important.
Benefits of Portal Management Access
A view across all calls logged by your organisation.
Service Desk
3rd Parties
Your Users
Your Mgmt
Team
Your Account Manager
Service Delivery Manager
10
24/7 Critical Incident Management
Critical Incidents are categorised as those for which the degree of impact on the business/organisation is extreme. Incidents for which the timescale of disruption – to even a relatively small percentage of users – becomes excessive should also be regarded as Critical Incidents. Blue Chip has a separate procedure for incidents which have shorter timescales and a greater urgency. Critical Incidents are identified and acted on within strict SLAs
In case of a Critical Incident occurring, a separate technical team under the direct leadership of the Critical
Incident Manager will take over and will make sure adequate resources and focus is in place to provide
the fastest resolution or workaround. The Critical Incident Manager will provide constant communication
updates (as per the customers’ individual communication plan) to the key stakeholders within Blue Chip
and the Customer. Communication will be provided by at least one (but not necessarily all) of the following
means:
SMS updates
Phone
Conference Bridge
Once the Critical Incident has been resolved, the Critical Incident Manager will create a full Route Cause
Analysis (RCA) of the incident. This will be unbiased of blame or actions that caused the incident.
The RCA will comprise the following contents:
Statement of the timeline of the Incident
Corrective actions taken
Preventative actions taken
Incident analysis
Lessons learnt
Recommendations
Service Managers own Critical Incidents 24/7 and provide clear non-technical updates at key incident milestones
Issues are triaged 24/7 until resolved
Effective workarounds are implemented where appropriate to reduce business impact
3rd party engineering teams are tightly managed where they are key to resolution
On-site prescience provided where appropriate
Extensive report provided, including corrective and preventative actions
11
24/7 Infrastructure Monitoring
The 24/7 Infrastructure Monitoring Service is a monitoring and alerting service for selected IT
infrastructure, including servers, SANs and storage devices. A monitoring client is installed on a suitable
networked device (workstation or server with internet access) on the customer’s LAN and configured to
monitor and record specific information in real time. These values and conditions are compared to
thresholds set during configuration to alert when they are met or exceeded. Encrypted data is then relayed
over the internet to the remote application server located at Blue Chip’s Head Office, where it is stored for
reporting purposes and processed by the monitoring team.
The service provides:
Monitoring, alerting and updating services
Site up/down
Capacity (Hard Disk utilisation)
Server performance monitoring; CPU usage, RAM usage
Windows operating system event log monitoring
SNMP monitoring
Application monitoring (where applications permit)
24/7 real-time monitoring and alerting of all production infrastructure
Event and performance counters
E-commerce website monitoring
Remote server/user control and remote systems tools & management
Alerts that require action are automatically logged as Service Desk Incidents and resolved 24/7
Alerts that do not require action are collated and communicated
12
24/7 Network Monitoring
24/7 Network Monitoring is a proactive monitoring and alerting service for selected network devices,
including routers, firewalls and other networked devices. A SolarWinds collector is installed on a suitable
networked device (workstation or server with internet access). Once configured the collector will record
specific information in real time. This information will be encrypted and relayed to our application server,
located at Blue Chip’s Head Office. The data values will then be reviewed and compared to the thresholds
set during configuration. If the information does not match or exceeds these thresholds, the system will
create an alert and an automatic ticket will be raised in our ServiceNow Service Desk system. The
information gathered from the collector will be stored for reporting purposes.
The service provides:
Monitoring, alerting and updating services
Site up/down
CPU usage, RAM usage
Network event log monitoring
Top Ten traffic by bandwidth
24/7 real-time monitoring and alerting of the network environment
Traffic light status of each network asset
Alerts that require action are automatically logged as Service Desk Incidents and resolved 24/7
Real-time customer dashboards
Top Ten traffic by bandwidth
Memory/CPU health
13
24/7 Security Monitoring - Advanced Threat Detection
The 24/7 Security Monitoring Service is an Advanced Threat Detection, proactive monitoring and alerting
service that reduces the impact of security events by identifying, logging, scoring and acting upon security
events in real time, around-the-clock.
A security monitoring sensor is installed on the customer’s site and configured to receive security and
event management information from service-providing IT infrastructure assets, such as perimeter firewalls
and servers. The security sensor then connects to a remote application server located at Blue Chip’s Head
Office via VPN where encrypted data is correlated against over 2000 security directives and best practice
security policies.
The security sensor monitors network behaviour and creates security incidents. These incidents are
broken into the following categories:
System Compromise
Exploitation and Installation
Delivery and Attack
Reconnaissance and Probing
Environmental Awareness
Each incident is logged with an incident priority depending on its severity. These priorities are graded as
Low (P5), Medium (P4) and High (P1). The incident priority is pre-defined and based upon the category
and the risk level defined for the incident by the AlienVault toolset.
Once a security incident has been logged and prioritised, the appropriate actions are taken as below:
High Priority (P1): These incidents represent a significant risk to the business and therefore require urgent
action. Our systematic process ensures that these are automatically logged as Service Desk Incidents
within Service Now and actioned against a pre-defined security escalation matrix with remedial work
completed on your behalf.
Medium Priority (P4): These incidents do represent a risk to the business but are of the nature whereby
they do not need immediate action on a 24/7 basis. As with High Priority incidents, they are automatically
logged within our Service Now ticketing system. They are however put into a queue for our security
specialists to review on your behalf during the next working day. Our security experts will examine the
detail of the incident and liaise with you, explaining the detail and making recommendations to remediate
the risk.
Minimise your risk of data theft, data loss and system downtime as a result of security threats and malware
Service powered by market-leading AlienVault toolset
High risk security incidents are automatically logged and progressed 24/7
Immediate shut down for specific known risks
Systematic logging of all security incidents in Service Now Service Desk platform
Best practice global security policies are implemented at Go-Live
14
Low Priority (P5): These incidents represent a very minimal risk to the business, but to ensure security
best practice is achieved they do need to be acted upon as appropriate. All low priority incidents are logged
within our Service Now ticketing system and categorised as Low Priority. Our security specialists will
review on your behalf, examine the incident and liaise with you, explaining the detail and making
recommendations to remediate the risk.
Please note that Blue Chip assumes that the customer enters the service at a reasonable security baseline
(for example, that their service delivering assets are regularly patched).
Hardware Requirements: The AlienVault security sensor is installed on the customer’s infrastructure in order to facilitate the operation of the service. Most customers will install the service as a virtual appliance; the minimum specification for this as follows:
VMware ESXi 5.5 or 6.x Host environment
4 x CPU Cores (Hyper Threading Desirable)
8GB RAM
2x Network Interfaces
250GB Disk Drive
Should you not have a virtual environment or sufficient spare capacity to accommodate the virtual appliance, Blue Chip can supply a low cost, pre-built server at a minimal cost. Please contact your account manager for a quotation. Given the rapidly-changing nature of security threats and the breadth of potential attack vectors, Blue Chip are unable to offer any absolute guarantees with respect to threat detection and system compromise. Security monitoring should always be used alongside a well-defined security policy and other complimentary security technologies. It should also be noted that Blue Chip are reliant on AlienVault to categorise the risks it identifies correctly to ensure the correct prioritisation of each security incident. Blue Chip cannot be held liable in the event of a miscategorisation and therefore an inappropriate priority being assigned to any given incident.
15
Operational Essentials
Operational Essentials are critical reoccurring tasks that are absolutely essential to the customer’s IT
operation. Blue Chip have devised a schedule of essential activities (known as Watchpoints) that are
automatically created and distributed to Blue Chip Service Desk engineers for action.
The type operational tasks we complete (but not exclusive) are:
Backup
o Verification of the scheduled backup job completion
o Resolution of any issues with failed backups
o Review and management of issues with data logs
Antivirus
o Verification that the latest virus definition files and engine update have been downloaded
o Maintenance and management of the antivirus server status
o Maintenance and management of the workstation antivirus status
Server Patching
o Review of open proactive alerts for essential system health issues
o Resolution of any longstanding essential system health issues
o Review of current patching levels against Microsoft patching library
o Arranging change control and system scheduled maintenance (if applicable) to update
current patch levels
Citrix essential scheduled reboots and maintenance
o Regularly schedule automatic reboots of any Citrix XenApp environments
o Regularly schedule a purge of the user logged on profiles
Reduce the risk of data loss through backup management
Reduce the risk of a security breach through antivirus management and regular patching
Reduce incidents caused by known issues with regular Microsoft Server patching
Improve the performance and reliability of your Citrix XenApp environment through scheduled reboots and maintenance
16
Service Management - Bronze
The Service Management Service is included within all of our Fully-Managed Service offerings and
provides ongoing management of the day-to-day technical activities. All customers are allocated a remote
Service Delivery Manager (SDM) who will become your main point of contact for the Service Desk.
The objectives of your SDM are to:
Reduce your overhead of managing your IT - we manage it so you don't have to
Make day-to-day IT decisions to ensure smooth running of your IT systems
Ensure that your IT systems keep pace with technological and business change
Communicate with your stakeholders the value that IT is making to the business
Get the best IT service from your technology, people and processes
Your SDM will complete a monthly remote meeting with you to report in the activity and exceptions from
the previous month, to include:
Problem tickets: reporting and agreeing actions on any open tickets
Proactive Watchpoints: reporting completed tasks and planned maintenance for the following
month
P1 Incidents: reporting and review of all incidents and agreeing preventative actions
Risk register: reviewing current register and agreeing remediation actions
Resource management: agreeing specific scheduling for the following month
The day-to-day activities completed by your SDM will include the following:
Trouble Ticket Management
o Incident management at key escalation milestones
o Aged ticket management (incidents over 7 days)
o Review of incidents that have been reassigned 3 times or more o Problem management
3rd Party Incident Management
o Liaising with 3rd parties in the event of a P1 incident to minimise business impact
o Establishing whether effective workarounds can be implemented to reduce business impact
o Driving 3rd party engineering teams to implement aggressive recovery plans
o Liaising with 3rd parties when planned maintenance impacts IT Service
Trouble ticket management
3rd party incident management
Resource management
Proactive Watchpoint management
Systems management
Remote service meetings
Non-technical communication
Detailed analysis of work completed and helps continually develop IT
17
Systems Management
o Ongoing management of ServiceNow and management tools, to include:
Company details, sites, contacts and users
VIP users
Escalation profile creation and maintenance
Automated reporting changes
Alerting notifications & end user experience surveys
Watchpoints Management
o Defining proactive maintenance tasks
o Creating daily, weekly and monthly proactive tickets and despatching to an engineer
o Managing and maintaining reoccurring proactive maintenance tasks
o Validating that proactive maintenance is being completed successfully
o Providing a proactive maintenance monthly report
18
Service Management – Silver & Gold
Our Silver and Gold Fully-Managed Services are enhanced by the introduction of a more extensive Service Delivery offering. A Senior Service Delivery Manager (SDM) is allocated to all applicable customers who takes a significant role in engaging with the customer through monthly on-site meetings and regular communication. Silver and Gold customers enjoy all of the features described within the Bronze Service Management element, regular on-site meetings and two specific added services: Change Management A formal change management process is introduced to provide a structured set of processes, controlling any changes made to your systems. The SDM will establish a change approval board whereby all changes will be logged and signed off by the approval board before any work starts. The SDM will manage the end-to-end change process, to include:
Management of the change approval board
Management of the technical approval of all changes
Performing an Impact Analysis of all changes before work starts
Providing business notifications if the change interrupts service
Creating roll out and roll back plans Asset Management An asset database is established at service Go-Live and is intelligently managed though our ServiceNow Service Desk platform. Assets are tracked to include their identification information and their software patch levels, enabling us to establish patch baselines and manage the consistency within your estate in relation to areas such as patch management.
The SDM will manage the Asset database to include:
3rd party contracts and any changes to the services
Asset hardware and software warranty contracts
Software and Licence Key management
Media library management
Monthly on-site visits
Create and manage a formal Change Management process
Asset Management including a dynamic change management database
Balances the commercial restrictions that may be in place and ensures investment is made wisely
19
ServiceNow Service Desk
Blue Chip uses ServiceNow as its Service Management System. ServiceNow (www.service-now.com) is an industry-leading SaaS-based, highly-configurable Service Management System, known as a “single system of record” that provides the opportunity to move your support team towards a service-oriented model. In ServiceNow the flow of work is defined, structured and even automated removing email and spreadsheets, allowing us to streamline the delivery and management of your services.
Blue Chip have been managing IT services for over 20 years and have fine-tuned the information we need to record against tickets to give us a comprehensive history of events as well as SLA management, reporting and team management. We have configured a standard template in our ServiceNow system which we can offer to you as your own service management system, called ServiceNow Service Desk. Using Blue Chip’s Service Desk application, you too can improve your service delivery processes through automation of issue handling and notification management. The Service Desk can assist your team by providing the following:
A centralised area for logging, updating and managing incidents, service requests, problems and
changes
A common set of processes across your team
Structured distribution of workload
Reduction on the reliance on email to manage your work
Repository for sharing information and knowledge
Reduced risk of information being lost
Drill-down reporting for analysis of ticket details and resources
A systematic process to collaborate with Blue Chip on tickets for a swift resolution
Access to security alert where you have opted to receive them
Blue Chip’s Service Desk is built in ServiceNow around the core ITIL processes of incident, problem and change control, and comprises of the modules:
The ServiceNow Service Desk platform
An end user portal
Incident management, including service requests and small projects
Problem management
Change management (including approvals)
The Service Desk gives you the ability to manage your tickets under SLAs and includes automated email notifications to your team and end users. Additionally, the Service Portal allows your end users to log and view tickets for you to manage.
Your Service Desk is a separate, secure data table within our system. It allows you to log, update and close tickets for each of the services.
Industry-leading Service Management System
No infrastructure costs (SaaS-based)
Inclusive, templated solution available (Bronze)
Co-manage tickets with Blue Chip
Branded for your business
Options which leverage Blue Chip’s volume licencing pricing
20
Blue Chip’s Service Desk is configured at two levels; Bronze and Silver. Both the Bronze and Silver Service Desks are a licensable addition to your service, leveraging our volume-based licence arrangement with ServiceNow. All licences provided are co-termed with Blue Chip’s ServiceNow licence agreement. Blue Chip’s ServiceNow contract runs until August 2019. All configuration and support to the Service Desk is provided by Blue Chip who may liaise with ServiceNow.
The Service Desk is provided to you using the Third Party Service ITSM engine from ServiceNow under their Managed Services Provider Master Ordering Agreement, which includes the General Terms and Conditions available here: http://www.servicenow.com/schedules.do. In particular, you must comply with Sections 3.2 ServiceNow Platform, 3.8 Restrictions, 3.10 Customer Conduct.
This service is a “Subscription Service” using Blue Chip’s configuration of ServiceNow. ServiceNow is the owner of all intellectual property in the Subscription Service.
21
Feature Comparison Table
The following table details the features included with both Bronze and Silver offerings:
22
Bronze Service Desk
The Bronze Service offers a templated setup to get you up and running as quickly as possible with your own Service Desk system.
The Bronze Service Desk Platform provides:
ITIL-based processes for incidents, service requests, problems and changes (collectively known as a ticket)
Prioritisation and categorisation of tickets
Management of tickets under Service Levels
Routine notifications and escalation processes for tickets created, updated and closed
Ability for time management with individual ticket time entries to record effort spent on each task within an incident, change or problem, plus timesheet reports
A ticket escalation process which allows Blue Chip to act as your First Line team and be involved in your ticket resolution process as overflow or expert engineers
Self-administration of users (creating, updating and disabling), ticket categories and sub-categories
Standard live reports in lists, pie charts or bar charts. Configurable report filters. Pie and bar charts can be drilled into
The opportunity to define Assignment Groups, i.e. work management teams
Your logo on the standard user page
Dashboard Welcome screen showing users work and team’s work
Service Desk user handbook
Go-Live remote training
The Portal provides:
A non-branded end user Portal for logging, reviewing and updating the end-user’s own incidents.
Incidents may be directed to your team or to Blue Chip
Manager level of access in the Portal for viewing and reporting incidents across the company.
Portal user handbook.
In the Bronze Service Desk, the system is configured to use Blue Chip’s standard Dashboard, SLAs, notifications, reports and Portal setup.
Features in the Incident module:
Fixed SLA measured on first response with Email Notification at 50%, 75% & 100% of elapsed time
Fixed priorities P1 - P5
Category and sub-category classifications with ongoing administrative ability to create new categories and sub-categories
Co-manage incidents - incident assignment to/from Blue Chip (requires Service Desk Entity for Blue Chip to assist with incidents)
23
Features in the Problem module:
Create and update problems and problem tasks
Link incidents & changes to problems
Record known issues
Pre-defined category and sub-category classifications with ongoing administrative ability to create new categories and sub-categories
Issue workarounds and permanent fixes to linked incidents
Features in the Change module are:
Create and update changes
Link incidents and problems to changes
Create a change plan for approval
Schedule changes
Pre-defined category and sub-category classifications with ongoing administrative ability to create new categories and sub-categories
Change approval via system or email
We use a ServiceNow Service Desk Quick Start project, which is a templated consultancy project in order to get your Service Desk Bronze service up and running at a minimal cost and within a short timeframe.
The Quick Start process involves 3 stages:
1. Deployment of ServiceNow: Creation of your Bronze Service Desk including:
Set up of Assignment Groups for separating work management teams
Import of end users if they are not already in Blue Chip’s ServiceNow system
Set up of your Service Desk licenced users
Define your escalation process recipients
2. ServiceNow Service Desk User Training: Consultant led on-line training to get you up to speed using the system
3. User Documentation:
Service Desk user handbook
End User handbook if it is required
4. ServiceNow Go-Live Acceptance: Functionality testing and Go-Live handover
The Service Desk is configured on Blue Chip’s ServiceNow instance which is currently built on the Geneva platform. ServiceNow is upgraded twice a year and Blue Chip normally adopt these on an annual basis. System upgrades implemented to Blue Chip’s system may lead to improved features within the Service Desk which will either become available to your users under their licence or by upgrading your licence package.
Service Desk system upgrades are mandatory. The annual upgrade to your Bronze Service Desk instance will be completed on your behalf at a fixed charge of 7 hours from your Support and Consultancy Pack. As part of the upgrade you will be required to perform acceptance tests on your Service Desk in our test environment to ensure that your system’s configuration is not detrimentally affected by the upgrade.
24
Silver Service Desk
The Silver level offers all of the Bronze Service with additional configurable options which are:
Customised SLA(s)
Additional or customised notifications
Additional or customised live, drill-down reports
Bespoke categories
Additional or customised dashboards
Customised branding on the Portal and the Service Desk Dashboard Welcome screen
Whilst the Silver Service includes these features, their configuration and deployment will be charged separately and carried out under the Application Support and Consultancy Service Element.
The setup of the service is led by our ServiceNow consultants and requires you to define user details along with some configuration information to allow us to setup teams and notifications. This includes an online demo, an online training session and handbook in PDF form.
In addition to the implementation project we can also offer:
On-site consultancy
On-site training
Project Management if your implementation is complex
The Service Desk is configured on Blue Chip’s ServiceNow instance which is currently built on the Geneva platform. ServiceNow is upgraded twice a year and Blue Chip normally adopt these on an annual basis. System upgrades implemented to Blue Chip’s system may lead to improved features within the Service Desk which will either become available to your users under their licence or by upgrading your licence package.
Service Desk system upgrades are mandatory. The annual upgrade to your Silver Service Desk instance will be completed on your behalf and deducted from your Support and Consultancy Pack. The total time required to complete your annual upgrade will be variable and will depend on the level of complexity and customisation within your particular installation of the platform. Your Account Manager will provide details on an annual basis with regards to the scope and cost of this work. As part of the upgrade you will be required to perform acceptance tests on your Service Desk in our test environment to ensure that your system’s configuration is not detrimentally affected by the upgrade.
25
Security Patching & System Updates
Blue Chip’s Security Patching & System Updates Service has been designed to reduce downtime by regularly updating infrastructure systems in line with vendor best practice.
Proactive Security Patching
Blue Chip will schedule tasks to check for critical security patch updates whilst regularly updating your
systems to the latest incremental recommended firmware and software. This service incorporates the
following:
• New features
• Fixes to firmware or software bugs
• Improvements to performance
• Security updates
As part of the Blue Chip Security Patching Service Blue Chip will also complete the following:
• Patch systems against new security issues and threats
• Analyse risk and impact
• Create advisory statement for upgrade requirements
• Update Risk Register
• Create new security baseline
• Create action tickets/change requests for any remedial work
• Patch devices
Minimise security risks through Proactive Security Patching
Improve system uptime and reduce incidents
26
Proactive System Maintenance (Watchpoints)
Blue Chip’s Watchpoints have been designed to reduce downtime by regularly maintaining infrastructure systems in line with vendor best practice. It is imperative that your infrastructure is optimizing all the system resources so that you get the best out of your systems 100% of the time. Proactive Watchpoints have been created to make sure that your systems are always optimal, achieved via regular System Maintenance tasks.
Proactive System Maintenance:
To help reduce system downtime and outages Blue Chip will complete health checks and best practice
reviews on all your contracted systems and infrastructure, incorporating the following:
System Health
o Review of hardware error logs
o Review of operating systems system logs
o Review of system time, licensing issues, warranty status and Infrastructure End of Life
reporting
Vendor Best Practice Maintenance
o Preform maintenance tasks against the vendor best practice runbooks
o Resolution of issues identified during the maintenance tasks
System Performance/Capacity
o Review of current performance and capacity for potential issues
o Review of current configuration against the vendors’ recommendations
Improve system uptime and reduce incidents
27
Reporting
A detailed report is provided to every customer each month, providing both management and detailed technical information on the month’s activity.
The report provides a graphical analysis of:
• SLA Performance • Average Response Time • Total Incidents logged (incl.12 months’ view) • Incidents by priority • Top 10 issues • Top 20 users • Support Pack usage by month
In addition to the regular monthly report, all major incidents (P1’s) have a dedicated report to provide:
• Management and technical review of the incident • Executive Summary to feed back to the business • Detailed activity information from start to finish • Root Cause information • Corrective action • Preventative action • Best practice recommendations
Monthly reporting on all work completed
Monthly statement on Support and Consultancy Pack
Management view with key SLAs every month, including response times
Per ticket detail included
Individual P1 Reports for major incidents
28
Business Continuity Planning and Disaster Recovery
Blue Chip’s BCDR service provides you with the insight of IT Business Continuity planning to create and manage a Disaster Recovery plan. Blue Chip will work with you to define your DR plan using their Business impact analysis process (BIA).
The BIA process will help you identify mission-critical services and the level of importance, as well as helping to define the correct RPO and RTO of each service.
Blue Chip will work with you to create DR runbooks which will help simplify the failover of systems and services in an event of a disaster. This is an essential component for addressing a disaster scenario where extracting the relevant detail and information at the time may not be possible; time is easily lost, and the high pressure of a catastrophic incident can undo all but the best of planning. Once created, Blue Chip will manage these and be on-hand to calmly restore your service.
Plans, procedures and runbooks are only part of the solution. How do you know they will work when you need them, and how do you gain confidence that you can restore your service within the timescales you want? Combined with DR Service testing, DR Management from Blue Chip will take the unknown out of your DR planning, providing end-to-end delivery of the DR testing.
Blue Chip will manage the testing process to include arranging appropriate resources and notification to the key contacts within your business. After the testing is complete, Blue Chip will review, document and recommend any changes to the plan that will improve its effectiveness. We will look at the RPO and RTO times achieved and make recommendations as appropriate to ensure that your DR plan meets the business objectives that are defined within the Business Impact Analysis process.
There are 2 options when testing the DR plans - Service Failover Testing and Full Site Failover. Below are the types of test that can be carried out for each option:
Disaster Recovery Service Testing
• Test WAN/site link failovers • Test Critical Service failovers • Test Critical Infrastructure Device failovers • Test Critical Service Backup and Restore functionality
Disaster Recovery Site Failover Testing
• Complete site failover of all (or select) site services • Complete DR universal acceptance testing • Test external line of business services such as E-commerce or Mail Order systems
Business Impact Analysis (BIA)
Manage and Maintain DR runbooks
DR Management
DR Service Testing
Full Site to Site Failover Testing
29
Governance, Risk and Compliance
IT governance (ITG) is defined as the processes that ensures the effective and efficient use of your IT in enabling an organization to achieve its goals. The objective is to drive best practice across company IT objectives, policies and process.
Blue Chip’s GRC module is designed with your business needs in mind and will help guide you through IT policies and Risk Management. The compliance part of this module is focused on reporting against your policies, breaches of those policies, security issues, and audit information.
Governance
Blue Chip will help you define and maintain your IT policies which your staff will adhere too. A framework will be specifically designed for you so that you can bring governance to your business and make sure that your business needs come first. The type of policies that would be in scope are:
• Security • Email • Web usage • BYOD • Data protection
Risk
Risk is a big part or your IT operation, and without Risk Management and controls you risk breaches and failures to your IT operation and infrastructure.
Risk Management is there to help identify, analyse, action, monitor and control your IT governance, and working together we can produce a Risk Register which can be governed by a risk meeting where we can action and mitigate known risks, as well as identifying new risks.
Compliance
If Governance manages the overall GRC and Risk Management problems and issues, Compliance is the glue that holds it all together. Compliance works across all streams of GRC applying the monitoring and reporting of Risk Management, as well as reporting on breaches to your Governance policies. A major part of Compliance is to help manage data gathering from your 3rd parties for your audits to support you in conforming to business accreditations such as PCI, ISO27001 and ISO9001.
Governance and IT policies
Risk management
Compliance
30
Value Added Options
On-Site Customer Support Engineer
The On-Site Customer Support Engineer supplements the service provided by the remote Service Desk
through a regular on-site visit, whereby end users can engage in person and receive any help they may
need. This service is not typically used for standard day-to-day support issues and tends to involve floor
walking, where users can have general queries answered and be provided with ad hoc training as required.
This service is often used by customers to complete on-site service requests that are not included within
the base service. This includes items such a new PC and laptop builds, meeting room setup, desk moves
etc.
Our technical team are highly regarded by our clients for their technical expertise, reliability and ability to
communicate. Their expertise comes from years in the field working with businesses both small and large,
encountering different systems, different issues and different corporate cultures. This experience means
that you get an open-minded technical professional, able to explain in plain English what they are doing
and what is happening.
Provides end users with the comfort factor offered by a regular engineer visit
Floor walking activities, capturing issues and requirements proactively whilst providing ad hoc training
Available from just one day per month through to full time
Complete on-site service requests such as desk moves and new PC & laptop rollouts
31
Support and Consultancy Pack
The Support and Consultancy Pack is a discounted, pre-paid block of hours that can be purchased alongside a Fully-Managed Service to provide additional services and flexibility for the customer, enabling Blue Chip to complete specific work the customer may request from time to time.
The pack is often used by customers who wish to receive specific Service Elements that are above and beyond the level of service to which they are contracted. For example, a Bronze customer may request a Business Continuity Planning Service as a one-off activity. Customers who wish to have an On-Site Customer Support Engineer visit on request rather than to a pre-defined schedule will typically deduct these visits from their pack.
There are also some specific elements which are outside of the scope of all Fully-Managed Services, which the pack provides for. These are as follows:
• Remote Service requests that exceed 7 hours of effort • On-site Service requests (typical examples being new workstation/laptop deployments and office
moves) • Change requests – system changes to service-providing assets which affect multiple users • Extended incidents caused by 3rd parties • Extended support for End of Life hardware and software
Project-based activity is outside of the scope of all Fully-Managed Services, which the pack provides for. These are as follows:
• Project work: Defined as any piece of work that requires a scope of work and or a project plan • Consultancy: Any piece of work that requires a consultant or architect • Application Version updates • High Risk Work: Any piece of work that is defined as high risk and therefore needs to be treated
as a project • Project Management: Any piece of work that needs to be managed by a project manager
Out-of-hours on-site work is deducted at double time. Therefore, 2 hours will be deducted from your Support and Consultancy pack for each hour of on-site work carried out.
Pre-paid block of days used in conjunction with a Fully-Managed Service
No expiry during the contract term
Called off in 15 minute increments remotely
Called off in half day increments on-site
Can be used to complete specific Service Elements over and above the level of service contracted (i.e. Bronze, Silver or Gold)
Provides for ad hoc on-site Customer Support Engineer visits and on-site service requests
Provides for project work
32
Document Control
This document is maintained under change control with pre-planned review dates:
Change Control
Document Title Fully-Managed Services Catalogue
Original Issue Date 02 September 2016
Date of Issue 06 December 2016
Author Eric Lindsay / Paul Cashmore / Anthony Green
Filename Service_Catalogue_Fully-Managed_Services
Document History
Date of Revision Brief description of change Version
September 2016 First Issue 1.0