Internal Service Operation
Manage all non-customer-facing activities relating to IT service operation — for example service request fulfilment, incident/problem management, and service level management.
Improvement Planning
Practices-Outcomes-Metrics (POM)
Representative POMs are described for Internal Service Operation at each level of maturity.
- 1Initial
- Practice
- Start to define a process to access services.
- Outcome
- A very basic process is defined to manage the physical and logical access to services.
- Metric
- The % of services with a defined process for access management.
- Practice
- Start to define the interface to other processes.
- Outcome
- The relationship between related processes are identified and documented.
- Metric
- The % of identified related processes with an interface defined.
- Practice
- Start to report and track incidents.
- Outcome
- Basic incident data is available.
- Metric
- The % of support time covered by trouble-tickets.
- Practice
- Begin to define an incident monitoring process.
- Outcome
- Incidents being to be tracked.
- Metric
- The % of services which are monitored.
- Practice
- Start to define the processes required for service measurement.
- Outcome
- Basic service measurement process definitions start to be made available.
- Metric
- The % of services with supporting measurement process defined.
- 2Basic
- Practice
- Establish Access Management for most services, even if they are based on manual processes.
- Outcome
- A manual process is defined to manage the physical and logical access to services.
- Metric
- The % of services with a defined process for access management.
- Practice
- Define basic, one-way interfaces to key processes and use these to respond to events.
- Outcome
- Key related processes are identified and, when required, relevant messages are pushed to them.
- Metric
- The % of identified related processes that have an interface defined.
- Practice
- Ensure that incidents are tracked, recorded and reported in a satisfactory manner.
- Outcome
- Current and historical incident data is available.
- Metric
- The % of support time that is covered by trouble-tickets.
- Practice
- Establish basic monitoring of all key events.
- Outcome
- Events can be tracked.
- Metric
- The % of services that are monitored.
- Practice
- Establish service measurement for key services.
- Outcome
- Service measurement process definitions are available.
- Metric
- The % of services that have a supporting measurement process defined.
- 3Intermediate
- Practice
- Establish mixed (manual/automated) access management with key surrounding capabilities (e.g. asset management, funding and budgeting, and people management).
- Outcome
- The time required for access management decreases.
- Metrics
- The % of tool-supported access management processes.
- Total man hours required to support access management activities.
- Practices
- Establish bi-directional interfaces to relevant key capabilities (e.g. EAM, TIM, DSM, CFP and SUM).
- Ensure that there are clear rules for operating established interfaces (e.g. on fixed schedule, event-driven, etc.).
- Outcome
- Interfaces and operation between key capabilities are defined.
- Metric
- The % of key capabilities that have formally defined interfaces.
- Practices
- Track, record and report incidents effectively.
- Incidents should be prioritized and managed based on urgency to restore services as defined by SLAs.
- Outcome
- SLA violations decrease.
- Metrics
- The % of incidents with SLA assignment.
- The % of SLA violations.
- Practices
- Put in place automated monitoring of events.
- Ensure that events monitoring is prioritized and filtered according to importance.
- Outcome
- Key processes are passed data on relevant events.
- Metric
- The % of key processes that automatically receive data on relevant events.
- Practices
- Establish defined processes for service measurement and monitoring.
- Actively monitor results and take the relevant actions.
- Outcome
- Decisions are made based on the current state of the service.
- Metric
- Incident resolution time/Mean Time Between Failures (MTBF)/Mean Time To Recovery (MTTR).
- 4Advanced
- Practices
- Put in place tool-supported access management for all services.
- Automate the notification process to revoke the physical/logical access, based information provided by the surrounding processes.
- Outcomes
- Manual time required for access management decreases.
- Decreased risk.
- Metrics
- The % of tool-supported access management processes.
- Total man hours required to support access management activities.
- Practices
- Establish tool-supported interfaces to key processes.
- Ensure interfaces between processes are unified and standards-based.
- Outcome
- Increased process efficiency and predictability.
- Metric
- The % of interfaces to key processes that are tool-supported.
- Practice
- Address recurring incidents through problem management that is based on Root Cause Analysis (RCA).
- Outcome
- The root causes of recurring incidents are identified.
- Metric
- The % of incidents solved with RCA.
- Practice
- Address all incidents, both proactively and reactively based on event-monitoring data.
- Outcome
- Service availability/reliability is increased.
- Metric
- The % of tool-supported service restorations.
- Practice
- Establish tool-supported monitoring and process improvement.
- Outcome
- Increased monitoring and process improvement.
- Metric
- Incident resolution time/Mean Time Between Failures (MTBF)/Mean Time To Recovery (MTTR).
- 5Optimized
- Practices
- Put in place automated access control that is based on user profile, including all required security and configuration settings.
- Continually monitor and improve, access control, based on feedback from across the business ecosystem.
- Outcome
- Users have seamless access to the services which they are permitted to use.
- Metric
- The % of services that support automated access control and configuration.
- Practices
- Define and automate the interfaces to key processes across the business ecosystem.
- Allow bi-directional monitoring/messaging to be triggered by any process at any time.
- Outcome
- The SRP function is fully integrated with other processes throughout the organization.
- Metric
- The % of interfaces to related key processes that are automated.
- Practices
- Ensure the business ecosystem works proactively to avoid incidents occurring.
- Establish automated incident prediction systems.
- Outcome
- The majority of potential incidents are averted.
- Metric
- The % of incidents that are non-predicted.
- Practices
- Complement the existing proactive and reactive incident management by an effective self-healing processes.
- Put in place an effective automated interface to surrounding key capabilities (e.g. Technical Infrastructure Management) are established.
- Outcomes
- The majority of potential incidents are averted.
- Those incidents which do occur are handled automatically with the relevant Critical Capabilities (CCs).
- Metrics
- The % of non-predicted incidents.
- Mean time to achieve incident resolution.
- Practices
- Establish interfaces to the relevant capabilities (e.g. Service Analytics and Intelligence, Technical Infrastructure Management, Financing and Budgeting, and Demand and Supply Management).
- Put in place a continual improvement process that incorporate the inputs from all key processes.
- Outcome
- SRP is fully integrated with the surrounding Critical Capabilities (CCs).
- Metric
- The # of surrounding CCs that are represented at SRP process reviews.