SLM Table of Contents | ||||
| ||||
Introduction to Service Level Management
Service Level Management is a process under Service Design in the ITIL Version 3 concept.
The most overlooked process, the Cinderella of all Processes, is the Service Level Management (SLM). Service Level Management is the process of planning, coordinating, drafting, agreeing, monitoring and reporting on Service Level Agreements (SLAs), and the ongoing review of actual service achievement to ensure that the required and cost-justifiable quality of service is maintained and improved.
Darreck Lisle, The Overlooked Process - SLM, Beter Management.com |
In an ideal setting, the levels and kinds of IT service provided are perfectly aligned with business requirements. Few organizations, however, have the organizational capabilities to perfectly align all aspect of the organization's operations - IT included - with strategic goals and intentsN. As such the organization should carefully construct and institutionalize structures and processes to facilitate alignment.
This exercise will never be undertaken in the absence of existing governance and communication structures. Consequently, most organizations will start by understanding their AS-IS situation with regards to service offerings. Developing the Service Catalogue is an important first step in promoting widespread understanding of service offerings.
The TO-BE model is then determined in negotiation with business leaders, and, the SLA is then developed on the basis of these requirements and priorities. Service variations and nuances are determined and performance measured established and agreed upon. Services are monitored and measured according to the agreed-on SLA criteria in order to ensure compliance with it. Service level monitoring entails continual measurement of mutually agreed–upon service-level thresholds and the initiation of corrective actions if the thresholds are breached.
Service Level Management allows the IT department to meet business expectations and opens a dialog to confirm these expectations.
Objectives | Coverage | Policies | Scaling | Concepts | Roles | Measuring | Processes | Appendix |
Proactive service level management is a combination of structuring the right organization, ensuring that the staff have appropriate skills, defining and implementing the right methodology and procedures, and using an appropriate management solution to monitor and improve service quality.
Sturm, Morris, Jander, Foundations of Service Level Management, SAMS, 2000, ISBN: 0672317435, p.182 |
Many organizations have embraced ITIL as a framework for improving IT Service Management processes. These organizations traditionally start by listing a number of 'gaps' between current and ITIL best practices and recommend improvements to close these gaps.
Key to closing those gaps are the following kinds of measures:
While each of the above ITIL processes will permit the achievement of modest benefits, greater rewards can be sought by integrating the separate processes into an overall service management concept with service level management (SLM) as the integrating concept. SLM highlights the point that the level at which services are provided is geared to the business' need for them. SLM puts the relationship between providers and consumer of IT services on a more professional basis - describing service offering, their costs and continuing performance in negotiated agreements which are continually monitored for compliance. Accurately defining the relationship between IT Service Provider and its' line of business (LOB) partners allows the LOB IT Provider to better describe their IT service provisioning to their customers - the ultimate payer of products and services.
Relationship to Other Processes
In efforts for an organization to determine the requirements that it may need to address in a service continuity effort, it must first understand the business impact if a process, person, or technology fails, what will happen. This examination is called a business impact analysis. From this analysis, closer attention is then applied to identify impact points, and a business impact assessment is done. This assessment identifies the actual risks that a specific process may face. The results of both these reports are then utilized to mitigate the risk with sound strategies.
A key driver in determining the requirements is how much the company stands to lose as a result of a disaster or other incident and the speed of escalation of these losses. The purpose of a business impact analysis is to assess this through identifying:
The last three items provide drivers for the level of mechanisms that need to be considered or deployed. Once presented with these options, the organization may decide that lower levels of service or increased delays are more acceptable based upon a cost/benefit analysis. The level needed is recorded and agreed upon within an SLA. These definitions and their components enable the mapping of critical service, application, and infrastructure components, thus helping to identify the elements that a organization needs to provide. The requirements are ranked and the associated elements confirmed and priorized in terms of risk assessment/reduction and recovery planning. Impacts are measured against particular scenarios for each customer such as an inability to receive raw material or deliver products or services.
This process enables a company to understand at what point the unavailability of a service would become unacceptable.
How the Process Scales
To be developed
Service Level Management is the name given to the processes of planning, co-ordinating, drafting, agreeing, monitoring and reporting on SLAs, and the on-going review of service achievements to ensure that the required and cost-justifiable service quality is maintained and gradually improved. SLAs provide the basis for managing the relationship between the provider and the Customer.
IT Service Delivery, Section 4.1.4 |
Key elements in this definition are:
An Operational Level Agreement (OLA) is an agreement between participants in the provision of that service. It details the characteristics of the service "hand-offs" between participants. While an IT service provider will have direct customers as represented by the corporate service personnel to whom it provides IT services, its' primary customer base is to business lines who provide IT services to a client base (ie. their customers). In this relationship, an SLA would define the provision of services between the business product IT provider and the end user of the product. The primary IT provider supplies specific corporate services to any LOB IT provider. This relationship is defined by an Operational Level Agreement (OLA). The definition of these individual relationships can be defined in a standard OLA with each LOB being a signatory.
The focused emphasis on performance reporting distinguishes SLM from other ITIL processes. It implies "quantitative management" of service provision - a level 4 activity as described by Capability Maturity Model Integration (CMMI). Most ITIL processes are described for implementation somewhere between levels 2 (repeatable) and 3 (defined) processes. Therefore, fully implementing SLM practices requires more mature supporting processes than do other ITIL areas such as incident, change, problem and release. Key to providing SLM to primary service providers are Operational Level Objectives (OLOs). OLOs cite the agreed upon levels of service which IT Service Provider would promise its' LOB customers.
Given the difficulty of adopting level 4 maturity practices without supporting practices at the same level of maturity, a reasonable direction would be to adopt a phased approach to SLM implementation. The strategy should be to internalize a mentality and organizational pre-disposition for developing and reporting upon customer-centric performance metrics (see section on Service Culture) in order to develop momentum to continue the effort - to provide a predictable, acceptable service to the customers of the service by,
"IT departments don't really have customers; they have clients. The dictionary definition of customer is "one who purchases a commodity or service." People striving for customer satisfaction tend to think of a customer as someone who's involved in a transaction, someone standing in a checkout line making a discrete purchase. But IT customers, even if they are paying ones, aren't involved in a short-term deal. They're involved in a long-term relationship with a group of highly skilled professionals. They're really clients, which the dictionary defines as "people who engage the professional advice or services of others." And the dynamics of a professional partnership are quite different from those of a commodity transaction. " Paul Glen, Satisfying IT Customers May Be a Bad Idea, June 28, 2006, HDI article |
Hence, services are funded at "good enough" levels.
Or consider how how Microsoft defines customers and client when outlining Microsoft Solution Framework.
"the customer is the person or organization that
commissions the project, provides funding, and who expects to get business value from
the solution. Users are the people who interact with the solution in their work. For
example, a team is building a corporate expense reporting system that allows employees
to submit their expense reports using the company intranet. The users are the
employees, while the customer is a member of management charged with establishing
the new system." MSF Process Model v. 3.1, White Paper, June 2002, p. 8, at MS Technet |
All too often the rationale for funding at a particular level is not properly communicated to the organization or end users. As a result, the consumers of the service - the end users - will expect service perfection. They do not understand the performance constraints placed on the service provider by business leaders making funding decisions. These leaders often fail to make the connection between funding and performance constraints and the end users develop the perception that the internal provider is delivering low value rather than agreed-upon service according to business requirements. R
Why then do educated, savvy business professionals, well aware of the laws of economics and fully willing in their private lives to pay for the level of service they desire, expect that these principles do not exist for corporate IT services? For some reason, a myth has grown up in many companies that unlimited funds are available for IT and that people can always ask for "more" and "better" without having to pay for the additional costs.
Mark D Lutcheon, managing IT as a business, John Wiley & Sons, 2004, ISBN: 0-471-47104-6, p.134 |
By always trying to please everyone and minimize complaints, IT organizations are, perhaps, partly to blame for the above misconception. However, as Lutcheon comments - "the days of the IT free ride are over" R. Simply put, most IT Providers have learned the lessons resulting from continuing, escalating user demands without compensating funding.
The table below illustrates how different drivers work together to increase the costs associated with service provision.
It is incumbent upon prudent IT leadership to make sure everyone in the company understands the impact of IT decisions on the total IT budget allocation. Typically, this is done by creating "classes" of use/service categories. These classes are usually driven by the complexity or volume of the service or use required and are identified are periodically verified by identifying and re-visiting service level requirements. There are three primary considerations when devising classes of service:
Business units that can live with "standard service levels" at "normal speeds" (eg., a mature business unit with well-developed processes and little change in its business model over time) may choose to pay the least per unit of volume or per head. Other business units, which may require customized or unique types of service and very fast delivery of these services at any time (eg., a fast growing business unit with a highly mobile workforce) may pay may additional amounts per volume or head count. For these latter business units, revenues must fully support their needs or to cover their costs, they must find increased investment funds or obtain a corporate subsidy.
This approach allows business units and corporate departments to share in basic, standard, commodity-type services at the same unit cost, the driver being either the number of users or the volume of use by class of use or service. Business units requiring higher levels of more specialized services and/or faster speed or greater availability can identify the premium services they want from the It organization "by the pound" in increments above the standard services.
Startup and Maintenance
Unlike many ITIL processes which have a lifecycle measured in days or weeks, the service management lifecycle can be measured in years. The task of negotiating SLAs is so extensive that its' review and re-negotiation may not be warranted even on an annual basis. Many IT organizations operate on a charge-back and break-even basis where the costs of providing services, while apportioned annually according to formulae, are not subject to intense annual review and operational assessment.
This lifecycle is academic until the process is implemented sufficiently well that it is subject to an initial iteration. The tasks in implementing a sustainable process have often proven insurmountable to organization's which will abandon SLM principles as being too time-consuming with unclear or unachievable benefits.
Service Level Management implementation should, therefore, be subject to Project Control with a Project Charter and detailed Work Breakdown Structure. That WBS should include tasks which:
"An IT organization that does not have Service Level Agreements in place sends a strong message to its customer community that it is able to provide any type of service, unconditionally, under any terms that the customer demands, at any time of the day ….. The most positive thing an IT service provider can tell his customers is: I understand your business needs and your business impact and these are the terms by which I shall do my job, to ensure that you can do yours.
Char LaBounty, Managing Partner, Renaissance Partners |
Many organizations will have only a few SLAs. They may are most likely product-focused and outline the delivery of a specific application to a specific Customer base. Given that each application has a unique set of customers this strategy often results in undue duplication amongst SLAs in use. The SLAs are administered by Line of Business technology providers which provide technology service for which the application is the major supported feature. A typical agreement architecture might look like that presented below.
This diagram highlights the following relationships and the agreement which is used to describe obligations and performance expectations. The description has the following organizational assumptions:
Organizations should develop an agreement architecture as a preliminary framework for developing SLAs and SLM in general. The various agreements involved in this are:
Agreement | Between | Content |
Service Catalogue | Corporate IT service providers describing their service offering | Types of service per cost, performance expectations, obligations of participants, including customer |
SLA | service Level Agreements: Corporate IT Provider and Line(s) of Business | one standard SLA itemizing standard services, specialized SLAs describing specific agreements or deviations from standard agreement. References service catalogue and itemizes deviations from standard offerings. contains signatures, length of agreement, how to amend agreements. |
OLA | Operation Level Agreements: IT Corporate Services and Corporate Senior Management | Obligations and performance expectations required to meet SLA and Service Catalogue service descriptions. |
UC | underpinning Contracts: IT Corporate Services or a line of business and external vendor providing service(s) | Obligations and performance expectations described in exacting legal terminology and containing penalty descriptions for breeches of performance |
EUA | End User Agreement: Between users of specific applications and the line of business (might be Corporate IT Services) responsible for delivering the application | Contains disclaimers, tools and offering restrictions, minimum access requirements, security obligations, etc |
The ultimate service expression is described by an SLA between the LOB product provider and the Customer of the business' product. A major enabler of this relationship will be defined in the OLA between the primary corporate IT service provider and a LOB IT provider (the primary signatory of the SLA). This OLA will be a composite of all the service commitments inherent in the provision of services by corporate IT provider to the LOB IT provider. These obligations will, in turn, be expressed in OLAs between the corporate departments' offering services and the corporate IT provider's senior leadership acting as the focal point for the expression of commitments.
Services are expressions of benefits bundled in a way to best satisfy Customer wishes. This bundling happens many times and in different ways. A IT service provider department is a representation of this multiple bundling and, the way the organization is setup should render the multiple delivery of these services efficient and effective. This will most often follow technology product lines or workforce specializations. There is seldom an exact match between an organization and the services it delivers.
Each service will have one or more service objectives which establish targets to be met. When a defined service involves multiple departments there are "hand-off" in terms of the technologies and/or specializations involved. Each hand-off raises a commitment by one department to another to efficiently perform their obligations in the total service offering. Those commitments are expressed in Operational Level Agreements.
OLAs need to serve as a benchmark any time Service Level Agreements need to flex to meet business requirements. If a specific service is required faster or differently by a business unit, the OLAs will show exactly which groups need to be consulted, and which services provided by those groups will ultimately affect the delivery of the desired service. If the providing group can agree to change how their service is delivered, then the SLA can be changed, and the OLA will be altered accordingly.
Implementing Service Level Management, White Paper, Char LaBounty |
There are two perspectives on which to focus initial attention on - SLA or OLA/UC development. In mature organizations, customer requirements will dictate what levels of performance are required. SLOs will be the operational expression of these requirements and provide high level guidelines for how service providers in the service chain should perform in order to meet the SLO on a consistent basis.
However, many organizations which are implementing SLM will have some existing characterization of their services, though performance expectations may not be well formulated. Service execution will be established by the performance of the various service chain participants. Codifying these characteristics will be a useful organizational exercise and one that is more accomplishable because it avoids (for the time being) the more difficult task of ensuring performance is sensitive to end-customer specifications. Also, establishing workable service objectives based upon current practices and reporting on them will establish the value and integrity of the process before undertaking more serious, time-consuming and conflictual negotiation processes.
Some organizations believe they can implement customer Service Level Agreements without first having established their own internal IS support Service Level Agreements. This can be uncomfortable for all participants if the entire IS organization is not closely aligned prior to beginning the process with your customers. In fact, it can be down right embarrassing!
Implementing Service Level Management, White Paper, Char LaBounty |
Establishing OLAs for the many combinations of hand-offs which occur in service provisioning would be excessively complicated to administer on an ongoing basis. Instead, the relationships are accounted for in a single OLA between the unit and IS management. This simplifies the retention of these agreements and facilitates their comparison with the agreements which are used to describe the relationship with LOB technology partners and Corporate service customers.
Using the catalogue as an aid, SLM must plan the most appropriate SLA - OLA structure to ensure that all services and all Customers are covered in a manner best suited to the organization's needs. It is recommended that the architecture be adopted which establishes:
“Service catalogs are the cornerstone of service delivery and automation, and the starting point for any company interested in saving money and improving relationships with the business.”
Forrester Research |
"The availability of a ‘Service Catalog’ describing the current and proposed IT service offerings is vital to the success of an IT Service Management strategy targeting service excellence. In the same way a restaurant menu sets initial expectations for a customer and provides the basis for personalized service, the Service Catalogue enables IT organizations to market and commit to achievable levels of service at a predictable cost (or planned price). A well designed and suitably worded catalogue will dramatically improve the business perception of the value of IT services and is a mandatory element for enterprises seeking the alignment of business requirements and IT service capabilities." |
Or, this commentary from Centrata...
... "a service catalogue becomes a centerpiece within IT, through which business commitments, customer demands,
infrastructure performance and operational workflow all come together as a central point of real-time action,
as well as historical and business planning. Such a service catalogue would also promote standardization of
services and service components, for greater efficiency and flexibility, as well as reducing human error and
minimizing ad hoc requests. The benefits of such a robust, if demanding, service catalog approach are manifold. A service catalogue in this evolved sense becomes the core of the IT intelligence and “self awareness” as it coordinates provisioning, delivery, assurance, accountability and optimization of the infrastructure for a changing array of business services. It can enable significant benefits in terms of operational savings, infrastructure optimization, asset investments based on use and performance, SLA costs and requirements for outsourced services, and of course promote significantly more positive customer satisfaction, and ultimately, business impact and revenue growth. The service catalogue can also help to manage user behavior, when, for instance, individual idiosyncracies are impacting business performance, as well as validate and document business value." THE SERVICE CATALOG: AN ESSENTIAL BUILDING BLOCK FOR ITIL |
A service is: 'One or more IT systems which enable a business process'.
The purpose of the Service Catalogue is to:
"By mapping IT services more explicitly to business needs, the IT organization can better understand how to add even more value. This aspect of the Service Catalog helps address three of the most emotional words in the IT vocabulary; 'IT-Business Alignment'." Rodrigo Fernando Flores, September 12, 2005, IT Service Catalog - Common Pitfalls, ITSMWatch |
To avoid confusion, it may be a good idea to define a hierarchy of services within the Service Catalogue, by qualifying exactly what type of service is meant e.g. business service (that which is seen by the Customer), Infrastructure services, network service, application service (all invisible to the Customer - but essential to the delivery of Customer services).
The catalogue is maintained as part of the Configuration Management Database (CMDB). By defining each service as a Configuration Item (CI) and, where appropriate, relating these to form a service hierarchy, the IT provider will be able to relate events such as Incidents and RfCs to the services affected, thus providing the basis for service monitoring via an integrated tool (e.g. 'list or give the number of Incidents affecting this particular service').
The Service Catalogue can also be used for other Service Management purposes (e.g. for performing a Business Impact Analysis (BIA) as part of IT Service Continuity Planning, or as a starting place for Workload Management, part of Capacity Management). The cost and effort of producing the catalogue is therefore easily justifiable. If done in conjunction with prioritization of the BIA, then it is possible to ensure that the most important services are covered first.
At its' basic definitional level a service catalogue is a simple concept. Webster defines it as "a complete enumeration of items arranged systematically with descriptive details". There are three key elements in this definition:
A Service Catalogue should have easily-understandable descriptions and an intuitive interface for browsing service offerings. Effective Service Catalogs should also segment the customers they serve – whether end users, business unit executives, or other IT managers – and may provide different content based on role and needs.
The Service Catalogue should be transaction-based. A consumer viewing it should assume that if they see something they reqiure in the catalogue that it can be ordered directly. This direct relationship expedites processing and enlists the customers attention and ultimate usage of the catalogue.
Lastly, a Service Catalogue can provide a system of record for data that you need to manage the IT organization. The Service Catalogue can provide the means to manage customer demand, map fulfillment processes for each service, track service levels, drive process efficiencies, govern vendor performance, and determine costs. No service-oriented business can run effectively without such operational and financial data readily and easily available. R
"not everything that can be counted counts and not everything that counts can be counted."
Albert Einstein, quoted in Service Level Management for Enterprise Networks, Lundy Lewis, Artech House, 1999, ISBN: 1-58053-016-8, p.13 |
IT metrics must measure and communicate IT performance in the context of the business value IT provides.
Mark D. Lutcheon, managing IT as a business, John Wiley & Sons, 2004, ISBN: 0-471-47106-6, p. 157 |
Because many parts of the organization are involved in answering these questions each requires different sets of metrics for their unique reasons. Lutcheon identifies different sets of users:
IT Value Area/Metric & Examples | Application and Use | ||
Enterprise | Business Unit Specific | Functional Area Specific | |
Alignment
| Attributable IT spending per direct employee (budget & actual) | ||
Support
| Growth rate of total IT employees per growth rate of total employees (budget & actual) | ||
Operations
| Growth rate of attributable IT spending per growth rate of direct total spending (budget & actual) | ||
Resiliency
| |||
Leverage
| |||
Futures
| |||
Mark D. Lutcheon, managing IT as a business, John Wiley & Sons, 2004, ISBN: 0-471-47106-6, p. 162 |
Understanding how IT provides business value requires categorizing IT investments. Lutcheon outlines the business value considerations, typical business value outcome and presents key metrics for each of these areas. R.
IT Investment category | Value Characteristics | Value Outcomes | Value Metrics |
Mission Critical Technology investment to gain competitive advantage or to position the organization in the marketplace to increase market share or sales |
|
| Business Value Financial:
|
Business Critical Technology investment for managing and controlling the organization at the business unit level N |
|
| Business Unit Operational:
|
Management Control Technology investment to process basic repetitive transactions of the company. Focus is on high-volume transactions and cost reduction |
|
| Business Unit IT Application:
|
Infrastructure Technology investment to construct foundation IT capability N |
|
| Enterprise-wide IT infrastructure:
|
Infrastructure availability, for example, is measured at the Users screen, not at some intermediate component. The challenge is in integrating all intermediate components into the end-to-end metric. The result, in all cases, is that a much higher availability is now required from each subcomponent (since individual component availabilities are multiplicative to the overall measure).
"Its here that service providers and customers often find themselves with entirely different motivations in service performance measurement. The service provider wants to measure the quality of the network itself. Normally this would relate the measurement of a transit path, commencing when a packet enters the provider's network, and taking the measurement outcome as the packet leaves the provider's network. The customer, on the other hand has less of an interest in the performance of the network, and more of an interest in the performance of the application itself, spanning the entire path from the client to the server and back again. In the context of the Internet, such paths may transit a number of provider's networks, and its the cumulative picture rather than the profile of any individual network that is of interest to the customer. The service provider also measures different aspects of performance. As we've noted already, the service provider is interested in the per packet transit latency and the stability of the latency readings, the packet drop probability and the jitter profile. The end user has a somewhat different, and perhaps more fundamental set of interests: Will this voice over IP call have acceptable quality? How long should this download take?" |
To meet this overall requirement requires the stating and operational readiness of the individual components in the service chain. These metrics are stated as Operational Level Objectives (OLOs) amongst internal service partners and in Underpinning Contracts (UCs) when the service is provided by an external providers (eg. ISP, ASP).
Other measures which support the IT Provider in obtaining resources to delivery services include workload volumes, service desk responsiveness, implementation times for configuration changes and new services, as well as overall customer satisfaction.
A recent study by EMC advances a slightly different view of performance. It advances Quality of Experience as a key concept in measurement - "Quality of Experience is the ultimate “quality” metric because it is directed at real customer/consumer experience versus an array of technical objectives that may be measurable, but which as an aggregate may often have little or nothing to do with actual business impactR".
EMA has defined the following key areas as useful in establishing QoE:
Applications with response times recorded above a pre-defined threshold are considered unavailable. A combination of the above method usually provides the best overall result though considerations of cost, reliability and intrusiveness may preclude some approaches.
These collection techniques fall into one of two primary categories:
The process of acquiring meaningful performance data is broken. We can report on "five nines" for all of our network components; we can dump database extracts into Excel and figure out what percentage of our calls related to a specific incident; we can dig into our ERP system and calculate transaction times. What we can't seem to do, however, is to pull these numbers together into business indicators that show whether or not we're successful: not successful in keeping all of our servers online, or successful in closing all of our open calls, but successful in terms of our company's vision and business objectives.
Char LaBounty, The Art of Service Management, p.5 |
Measured as the percentage of the time that a service is available for use, can be a controversial subject since it can involve a number of different measurement mechanisms. The variability of measurement is a result of differing perspectives of service goals, which vary primarily by the job function of the individual doing the measuring. For example, the network manager typically sees the service as network connectivity; the system manager views the service as the server remaining operational; the database administrator sees the service as available access to data held in the database. Hence, quoted availability usually relates to individual components and do not match the IT user's perception of availability. The end user or LOB wants to know that they can access the application and data required to perform their duties.
The first step in measuring and managing service levels is to define each service and map out the service from end-to-end.
There are three primary methods for capturing type 6 - the end-to-end measurement:
Stating the goal as percent Unavailability has a different impact. In this case the goal was .4% unavailability and the Provider had 1% unavailability. Here the percentage is (1.0-.4)/.4 = 150% variation from expected. An entirely different perspective ensues. Even quoting unavailability does not provide the whole picture. From the Customer's perspective an outage of 2 hours may be more palatable than 6 outages of 20 minutes each (or it may not - depending on the application). The difference would certainly lead to the perception of greater instability in the second instance.
The purest and most useful measure is to relate unavailability to costs to the business. To capture this requires that the Service Desk accurately record the number of people affected and that this gets multiplied by an amount per unit time of outage. This latter number must be established ahead of time. Frequently, this cost may have been devised as part of a Business Impact Analysis (BIA) in developing Disaster Recovery Plans (DRPs) for major applications.
"It is important that all levels within the organization understand the value of implementing a Service Level Management culture. Without this commitment throughout the organization, it will be difficult for the line staff to understand it, and want to participate in it."
Management Alert: The Sarbanes-Oxley Act Will Affect Your Enterprise, by Gartner Research, April 2, 2003 |
The impact of culture on an organization is easily underestimated. Yet, to a great extent it influences the way employees function within the organization. Employees' attitudes toward leadership, for example, have a large impact on the effective style of that leadership within an organization. And, the primary businesses engaged in will establish many elements of how people interact with each other, achieve recognition and reward. The organizational culture also determines how people react to change and thus how successful a certain change strategy will be. To cope with cultural differences when implementing processes, change moderators should adopt a leadership style, which is most effective depending on the situation they face.
Cultural elements to be taken into account when implementing or improving processes in an organization:
These items are the mechanisms of organizational culture. However there are other, more ephemeral aspects of culture in the way people interact with each other, and with customers - and, many staff both are served by, and provide service to, someone else. Almost all organizations understand the value of customer service: after all, without customers there is no service - no service, no performance, no work, no jobs. However, what is less clear is the value of servicing those who provide service to paying customers - ie. those who provide indirect or "support" services. To most enterprises all of IT is usually in this class (although e-business has the tendency to alter this relationship as end customers increasingly interact directly with the technology). These are the service chains which comprise "end-to-end" service provision. Each interaction or "hand-off" needs to be treated as if it was the end customer that was the recipient of the service.
"I'm sure many of you have heard that internal service quality drives external service quality. I like to believe that that means if we treat each other internally like customers, those individuals in your organizations that service the company's customers will do a better job."
Char LaBounty, Service Level Management - The Value of Establishing Baselines |
Every time customers do business with the IT provider, they are, without fully realizing it, scoring the organization on how well it is doing, not only at giving them what they want (hopefully established in agreements), but at fulfilling six basic customer needs:
"Marketing is essentially the process of understanding, anticipating, shaping, and satisfying the customer's perception of value. For an IT organization, marketing entails knowing the primary internal markets; enterprise executives, operation and line managers, work-area managers, and production end users investigating and predicting their requirements, developing feedback mechanisms for performance, and articulating service relevant to the interval group's ideas of value."
D Turick, Marketing the IS Organization: Questions and Answers, Gartner Group Research Note, Sept 26, 1996 - quoted in Tardugno, Dipasquale, Matthews, ITServices, Costs, Metrics, Benchamrking & Marketing, Prentice-Hall, 2000, ISBN: 0-13-019195-7, p. 48 |
Central to any marketing activities is the service catalogue - 'A "menu" of services - their description, deliverables, availability. limitations, price, and method of accessing them - should be the basis of all marketing communications.' There should be regular communications, using an appropriate mix of 'push' and 'pull' approaches and using existing internet delivery sources, describing changes and introductions and changes should be described as they occur.
Instillation of a service culture is dependent on the communication of performance and communications is the life blood of the organization and fuel for processes. It should flow horizontally, elegantly and spontaneously to support service objectives - "Communication lubricates change; it won't guarantee success - it will guarantee failure."Reference
The Service Desk plays primarily a reactive role. As the Fist Point of Contact (FPOC) for inquiries about services they must be prepared to direct Users to source information and answer service-related questions.
Management assures that communications channels remain open and 'lubricated' for easy access. They will frequently have to intervene when the news to be disseminated is less than positive or popular.
Operations needs to ensure that user satisfaction expressions with their services is received, acted upon and that the remedial actions are communicated back to Customers.
By comparison, a Key Performance Indicator is a measure of "how well" the process is performing. They will often be a measure of a Critical Success Factor and, when monitored and acted upon, will identify opportunities for the improvement of the process. These improvements should positively influence the outcome and, as such, Key Performance Indicators have a cause-effect relationship with the Key Goal Indicators of the process.
Key measurable elements of a service include :
Controls
| |||
Inputs
| Activities | Outputs
| |
Mechanisms
|
Activities Detail
SLM1: Service Catalogue Setup Project
A Service Catalogue describes the Services provided by IT Service Provider to its Customers. Services are intangible products of primary benefit to Hartford businesses in fulfilling their business objectives. To avoid confusion, it is a good idea to define a hierarchy of services within the Service Catalog, by qualifying exactly what type of service is meant e.g. business service (that which is seen by the Customer), Infrastructure services, network service, application service (all invisible to the Customer - but essential to the delivery of Customer services). A Service Catalogue will undergo significant improvement over time. In its' initial state the goal is to firm up the framework and market a basic Catalog. This will consist of a description of the Service, who and how it may be accessed and some fundamental performance goals which can be used by those wishing to access the service to govern expectations of the service delivery. The obligations of Customers should be itemized. The initial development of the Catalogue is coordinated by Service Level Management with the active participation of the Operational Units who will be responsible for its accuracy and integrity.
|
Current services have not evolved in a structured context within IT Service Provider. As such there is no consistent definition of their origin, their expected ROI, performance, etc. This information must be gathered from diverse sources and interviewing of key personnel. A service Catalogue traditionally includes the descriptions itemized in Appendix.
The language should be targeted at the business customer and should arduously avoid technical jargon.
"Successful Service Catalogs are defined from the customer in, rather than from the infrastructure out.
When endeavoring to create a Service Catalogue that speaks in a language familiar to your customer, turn
for guidance to real-life catalogs that your customers use every day. Your internal customers include the
employees, business unit executives, and even other IT managers throughout the company. They are all
consumers, and in today's world, they are intimately familiar with the online sites of companies like
Amazon.com, Dell, and eBay. These familiar Web sites process thousands of transactions every day from
your internal customers – this is the type of catalogue that your customers expect to interact with and use
from their IT service providers." How to Produce an Actionable IT Service Catalog, White paper, February, 2005, Newscale |
SLM2: SLA Project Startup Process
Once the service Catalogue has been produced, the services listed in the Catalogue can be prioritized according to their importance to the business. This importance includes such factors as any direct revenue generated by the service, revenue losses incurred as a result of losing the service, regulatory compliance, and so on. The importance of the service must be weighed against the cost of providing it. The negotiation of cost vs. benefit for each service will produce a set of requirements from the customer for what they want the service to provide. These requirements are expressed as Service/Operational Level Objectives (SLOs/OLOs). These objectives are the agreed upon, measurable service metric "target" between IT and one or more of its customer communities. For example, IT may commit to delivering 99.9% service availability to a particular business unit or returning an application support call, customer "call-back," in 15 minutes, and so on. These measurable parameters are SLOs. The document that formalizes the service level objectives is the service level agreement (SLA). Where IT Service Provider is the provider of corporate services to the direct provider (the LOB provider) these metrics will be expressed in Operational Level Agreements (OLAs). An SLA is an agreement between IT and the customer community served. An OLA is an agreement between IT Service Provider and a LOB IT service provider. Both types of agreements define the responsibilities of participating parties and commit IT Service Provider management to provide and customers to properly use the services of a specific agreed-upon quality and quantity. The services are thus defined as those agreed-upon and defined by the SLA/OLA. These agreements must directly reflect business requirements and IT Service Provider's capabilities. Therefore, IT Service Provider must be rigorous in determining what levels of service it can reasonably agree to deliver within capability and budget. Nothing should be included in a SLA/OLA unless it can be effectively monitored and measured. |
With the introduction of SLM the Catalogue becomes an integral part of the service management picture. It becomes a central focus of "negotiated" service levels with sufficiently accurate financial and performance data to permit sophisticated ROI and performance analyses. It is an important amendment to SLA and OLA negotiations and has a central place in monitoring the overall performance of IS.
This added dimensionality requires explicit accountability in order to make it happen. The Service Level Manager should be a senior IT Service Provider manager with primary responsibility for relationship management with IS's customer base and a direct reporting relationship to IS Corporate Head.
A Memorandum of Understanding (MOU) is a far more limited agreement which can transpose itself into an SLA or OLA at some time. Secondly, the MOU can be initiated for designated services (eg., network) and expanded later to encompass other services in a timed release. Lastly, the agreement can be devised for a specific LOB IT Provider and/or corporate services the choice partly determined by the services selected).
To invoke an agreement IT Service Provider evaluates and decides which services/customers are used for the pilot effort. Criteria for selection of the appropriate MOU are subjective. The following criteria have been cited:
The purpose of the effort is to test the fundamental SLM processes in as non-complex, low risk environment as practical. It is critical that customers be involved. Engage customers that use the service. As with selection of the service itself, the customers involved must meet minimum criteria in that they:
LOB Customers are more interested in issues such as responsiveness, usability, and reliability. All of the appropriate and relevant customer requirements, at all levels, must be identified and incorporated in the MOU in order for the process to be successful. Representatives from the internal IT support partners must also be consulted during the process. Agreement that targets are realistic, achievable, and affordable need to be obtained or modified based on their input. This includes the views of any external IT support partners who should also be consulted and any contractual implications should be accounted for during the negotiation stages of the pilot process.
The MOU used in this effort remains in draft format for the initial pilot period. Before developing a SLA or OLA, all members of both parties who have a stake in, or responsibility for, the success of the agreement should have an opportunity to review the MOU, raise questions, and offer suggestions. Using this feedback, SLM staff can begin more extensive negotiations towards an initial SLA / OLA.
SLM3: IT Corporate Performance Measurement Process Startup
As soon as the importance of a service is known, the requirements for that service can be documented. These requirements are documented in the "service/operational level objectives" section of the SLA/OLA. As noted above, the objectives are the agreed upon, measurable service metric "targets" between IT and one or more of its customer communities. For example, IT may commit to delivering 99.9% service availability to a particular business unit or returning an application support call, customer "call-back," in 15 minutes, and so on. The wording of objectives should be clear and concise and leave no room for ambiguity. Any SLOs should be simply written with minimal complex terminology. OLOs, because their audience is more technical, can be more technically described. An OLO should be internally consistent with any SLO and OLO for which it forms part of a service chain. |
"When you implement Service Level Management (SLM), one of the key activities you need to take the time to do is baseline your system's performance as well as their service support performance, prior to beginning to negotiate the SLAs with the customers. One of the primary reasons we baseline is to understand our ability to provide service within the current limitations of staffing and technology available, as well as the economic impact of the existing state. In other words, a good baseline process will continuously keep us informed on what we are limited to within our approved budgets."
Service Level Management - The Value of Establishing Baselines, By: Char LaBounty |
Most organizations with a history of application and network support have some means of reporting availability and capacity metrics. Many have implemented automated toolsets to provide metrics on a continuing basis.
Rarer are enterprise management systems designed to provide the kind of end-to-end service metrics described in section 5.4. When SLM is implemented a Level 4 or 5 maturity the SLM architecture contains design elements such as:
The best, most encompassing agents may be too costly. However, measures which approximate the performance characteristics of what is being measured may provide satisfactory results at acceptable costs. The organization must make a strategic trade-offs amongst precision, risk and cost. Since integrated tools continue to improve and since many company's internal processes are not ready for quantitative management techniques the best strategy may be "wait and see" with SLM endeavors concentrating on developing ancillary, less costly procedures as a priority.
"No SLM strategy can begin without a baseline of performance… You must know where you are before you can proceed to a better place."
Sturm, Morris, Jander, op cit, p. 143 |
A benchmark is a measurement or standard that services as a point of reference by which IT Service Provider service performance can be measured. Benchmarking is a structured approach for identifying best practices and comparing and adapting them to IT Service Provider's operations. These targets provide goals for achieving intended service results and for directing Service Improvement Initiatives (SIPs).
Benchmarking performance assists IT Service Provider is comparing its' performance with organizations with similar characteristics. The benchmarking then provides a reference point for improvement.
In the absence of meaningful industry comparison IT Service Provider can sometimes find internal benchmarks either from other internal service providers or develop them over time. In the end, the defined Service and Operational Level Objectives (SLO/OLOs) will constitute benchmarks for service improvement. By designing a stretch objective and a commitment objective IT Service Provider can distinguish between what it is committed to meet and what it aspires to meet.
IT Service Provider service commitments as part of an overall service chain should also be internally consistent amongst bundled services that they form a part of. For example, the acquisition of a software product should involve the same timeframe when it is acquired constitutes part of a new employee service as when it is required as part of a remote access service.
The provision of these services should also be in accordance with any SLAs maintains by LOB IT service providers and their Customers in order that they can achieve them. This means that IT Service Provider services should have OLAs consistent with existing SLA by LOB providers, and, conversely, when constructing and/or modifying agreements that LOB IT Providers recognize IT Service Provider OLOs as they are published.
Traditionally, organizations start by reporting on measurements which are readily available. This usually involves the reporting of service availabilities. Subsequently, as capabilities are augmented responsiveness measures are added. As well it is traditionally easier to measure and monitor the availability of various technology components before they can be rationalized to provide end-to-end availability of service from the corporate client or LOB IT provider's perspective.
During implementation of measurement, a stabilization of IS's overall IT-CPM strategy will occur. People viewing measures can determine inconsistencies with the aggregated measures and what is generally expected. This will help to uncover glitches in the collection processes. Determining problems with data collection and connecting them is a necessary evolution that takes place during the measurement stage. Without this weeding out of collection problems, companies cannot successfully move into the latter stages of the cycle because to base analysis and planning on a suspect measurement system makes no sense.
Use scorecards as the "shop window" to CPM, but focus on the overall planning and control cycle for substantial improvements.
The most widespread approach to monitoring applications uses intelligent autonomous agents to gather information on an application and the underlying infrastructure. These agents use a variety of measurement techniques to collect the data that is then used for incident management and problem diagnosis and stored for trend analysis and reporting. Management agents perform a number of functions including scheduling the collection of data, determining event conditions, forwarding this event information to consoles, executing recovery actions and storing metric and event information for historical purposes. However, they should be piloted first in order to measure the extent of the performance "hit" they impose. By estimating the number of events and overhead required to manage those events, the agent's impact on the system can be accurately planned.
SLM4: Service Management Ongoing Process Summary
Once the three basic elements of Service Level Management have been initiated (catalog, agreements, performance measurement), procedures need to be initiated to ensure that these processes are sustainable over time. Many implementations fail to achieve intended benefits due to lack of commitment and sustained effort. Some activities occur on a continuing basis:
Other activities occur on a monthly, quarterly or longer basis in accordance with regular reporting periods. Service Improvement Programs (SIPs) can occur anytime in response to service issues which require addressing. Lastly, SLAs and OLAs should be renewed every two years. In doing so many of the activities which went into the original construction are redone:
|
Once the agreements are in place, it's important to compile and analyze performance data and report it regularly to customers. This should lead to a service improvement program (SIP). The goal is to know where targets were missed and how to fix them -- buy more capacity, for example. By continually improving the tie between IT performance and business goals, IT Service Provider stands a better chance of building an IT organization that truly serves business success.
Periodic review meetings must be held on a regular basis with Customers (or their representatives) to review the service achievement in the last period and to preview any issues for the coming period. It is normal to hold such meetings monthly, or as a minimum, quarterly.
Actions must be placed on the Customer and provider as appropriate to improve weak areas where targets are not being met. All actions must be minuted, and progress should be reviewed at the next meeting to ensure that action items arc being followed up and properly implemented.
Particular attention should be focused on each breach of service levels to determine exactly what caused the loss of service and what can be done to prevent any recurrence. If it is decided that the service level was, or has become, unachievable, it may be necessary to review and re-agree different service targets. If the service break has been caused by a failure of a third-party or internal support group, it may also be necessary to review the underpinning agreement or OLA.
Where analysis of performance data suggests an operational problem it may be necessary to convene special meeting of participants in a service chain to discuss specific operational issues pinpointed by the performance figures. These discussions should result in specific recommendations to address performance bottlenecks.
In addition, new business demands may necessitate changes to existing agreements. It is recommended that such changes be framed as separate agreements or addenda to existing agreements and that agreements be subject to a defined versioning logic.
As with new services introduced into the live environment, the planning and formalization of the support arrangements for any retiring services must be addressed. The specific responsibilities of all involved need to be defined and either added to existing SLAs, OLAs, UCs, or new agreements and contracts established. The resulting documents identify the support requirements for the service. Once created, these documents and associated support arrangement and all escalation routes must be integrated into the CMDB. This facilitates awareness by those support groups affected such as the service desk, availability, change management, release management and capacity management teams. When identified as required, appropriate education and familiarization for these affected groups must be completed before the point in time between when the new service is introduced and support for the new service will be required.
Updating SLRs should have the following deliverables:
These reviews should evaluate performance against all service level requirements to determine which ones have been satisfied and which ones have not. The staff then takes corrective action to address those areas that fail to meet the requirements and/or negotiates changes in the service levels required. In addition, the incident management and problem resolution processes result in important learning about the supported system. This learning drives changes to specific operational processes, tools, and procedures as needed.
Terminology | SLA Architecture | SLA Template | SLA-OLA Comparison | Service Catalogue Layout | SLM Maturity | Toolset Considerations |
Term | Definition |
Actual Release Date | The Actual Release Date is the date on which the approved changes were released to Production. |
Accuracy | Ability to deliver a service free from errors |
Application Response Measurement (ARM) | A standard method of instrumenting applications for management. ARM comprises APIs designed to be built into networked applications, enabling them to be monitored for a range of performance characteristics, including response time. |
Availability | Ability of a component or service to perform its required function at a stated instant or over a stated period of time. It is usually expressed as the availability ratio, i.e. the proportion of time that the service is actually available for use by the Customers within the agreed service hours. |
Auditability | Ability of Customer to audit the service or system as required |
Baseline | The present state of performance, from which changes to services can be reviewed. |
Benchmarking | Measuring products, services, and practices against the best in a field. |
Client | People and/or groups who are the targets of service. To be distinguished from User - the consumer of the target (the degree to which User and Client are the same represents a measure of correct targeting) and the Customer - who pays for the service. |
CMM | Capability Maturity Model - The Software Engineering Institute's model of software engineering that specifies five levels of maturity of the processes of a software organization. CMM offers a framework for evolutionary process improvement. Originally applied to software development (SE-CMM), it has been expanded to cover other areas including Human Resources, Software Acquisition and IT service provisioning. |
COBIT | Control Objectives for Information and Related Technology - a standard for Information technology security and control practices, issued by the IT Governance Institute, which provides a reference framework for management, users, and IS audit, control and security practitioners |
Component Availability | The availability of a particular component of a service offering - defined within standard hours of operation. |
Configuration Item (CI) | Component of an infrastructure - or an item, such as a Request for Change, associated with an infrastructure - that is (or is to be) under the control of Configuration Management.CIs may vary widely in complexity, size and type, from an entire system (including all hardware, software and documentation) to a single module or a minor hardware component. |
Configuration Management Database (CMDB) | A database that contains all relevant details of each CI and details of the important relationships between CIs. |
Critical Success Factor (CSF) | Critical Success Factors - the most important issues or actions for management to achieve control over and within its' IT processes. |
Culture (organizational) | The shared values, beliefs, attitudes and expectations held by the majority of people in an organization |
Customer | Payer of a service; usually theCustomer management has responsibility for the cost of the service, either directly through charging or indirectly in terms of demonstrable business need. |
Data mining | The automated extraction of hidden predictive information from databases. |
End-to-end Measurement | A view of IT service that includes each of the end users of a service and their locations, together with the path they take to access the business application providing the core part of the service. |
End-User's perspective | The performance of a service as it is experienced by the user at the desktop. This perspective is the ultimate measure of service quality. |
Environment | A collection of hardware, software, network and procedures that work together to provide a discrete type of computer service. There may be one or more environments on a physical platform e.g. test, production. An environment has unique features and characteristics that dictate how they are administered in similar, yet diverse, manners. |
Event | An occurrence within the IT environment (usually an incident) detected by an user, monitoring tool or an application that is consistent with predefined threshold values (within, exceeding, or falling below) that is deemed to require some sort of response or, at a minimum, is worth recording for future consideration. |
Gisting | Analyzing complex data and/or reports and distilling them into concise management briefs. |
Incident | Any event that is not part of the standard operation of a service and that causes, or may cause, an interruption to, or a reduction in, the quality of that service. |
Known Error | An Incident or Problem for which the root cause is known and for which a temporary Work-around or a permanent alternative has been identified. If a business case exists, an RFC will be raised, but, in any event, it remains a known error unless it is permanently fixed by a Change. |
KGI | Key Goal Indicator - measures which tell management - after the fact - whether an IT process has achieved its' business requirements, usually expressed in terms of information criteria:
|
KPI | Key Performance Indicator - measures to determine how well the IT process is performing in enabling KGIs to be reached: lead indicators of whether a goal will likely be reached: and are good indicators of capability, practice and skill. |
Latency | The period of time that one component in a system waits for another component. |
Lifecycle | A series of states connected by allowable transitions. The life cycle represents an approval process for Change documents. |
Line(s) of Business (LOB) | The parts of an organization that function as separate business entities when viewed from the highest level. |
Metric | A data element that indicates something about the behavior of a system, subsystem, application or process. |
Memorandum of Understanding (MOU) | An agreement between two contracting parties which describes, in general terms, their respective roles, contacts and expectations but does not obligate the parties to meeting specific objectives or targets. |
Monitoring Tools | Software or hardware that retrieves data about the state of the underlying components driving a service. The data is used to issue alerts about degrading performance but can also be stored in a database and later retrieved and put into consolidated reports. |
Online Analytical Processing (OLAP) | A category of database software which provides an interface such that users can transform or limit raw data according to user-defined or pre-defined functions, and quickly and interactively examine the results in various dimensions of the data. |
OLO - Operating Level Objective | An agreed level of performance in which the products of a service are transferred between participants in a service chain. |
Performance | A measure of the responsiveness of the application to interactive users and the time required to complete a transaction. |
Probe | Standalone hardware devices containing RMON and RMON II agents along with packet parsing and filtering engines. |
Problem | Unknown underlying cause of one or more incidents. |
Process | A connected series of actions, activities, Changes etc. performed by agents with the intent of satisfying a purpose or achieving a goal. |
Process Control | The process of planning and regulating, with the objective of performing a process in an effective and efficient way. |
Recoverability | The ability to resume processing after unplanned outages as rapidly as possible |
RMON | Short for remote monitoring, a network management protocol that allows network information to be gathered at a single workstation. |
Risk | A measure of the exposure to which an organization may be subjected. This is a combination of the likelihood of a business disruption occurring and the possible loss that may result from such business disruption. |
Risk Analysis | The identification and assessment of the level (measure) of the risks calculated from the assessed values of assets and the assessed levels of threats to, and vulnerabilities of, those assets. |
Risk Management | The identification, selection and adoption of countermeasures justified by the identified risks to assets in terms of their potential impact upon services if failure occurs, and the reduction of those risks to an acceptable level. |
Role | A set of responsibilities, activities and authorizations. |
Rule | A predetermined task or set of tasks, either automatic or operator-initiated, that is to be followed when an event occurs. |
Service | An intangible set of benefits provided by one party to another. Services are created by performing certain activities. Services are usually created by a large number of activities that create the benefits together. Each activity contributes directly or indirectly to the set of benefits. Activities that directly create a benefit are called service delivery activities. Activities that indirectly contribute to the delivery of services are called service support activities. |
Service Chain | The provision of a service which involves multiple participants who deliver separate components of the service in a logical order. |
Service Availability | The capability to successfully complete an entire service or business transaction - defined within standard hours of operation. |
Service Catalogue | A description of the services offered by an organization which can be used to order and describe a service in full. |
Service Incident/problem | A fault in the infrastructure attributable to an incorrect expression of a service. |
SLA - Service Level Agreement | A written agreement between a service provider and Customer(s) that documents agreed services and the levels at which they are provided at various costs. |
SLM - Service Level Management | Disciplined, proactive methodology and procedures used to ensure that adequate levels of service are delivered to supported IT users in accordance with business priorities and at acceptable costs. |
SLO - Service Level Objective | An agreed upon level of service which is to be provided by a service provider. For each aspect of the service covered by a Service Level Agreement, there should be one or more target levels defined. |
Simulated (Synthetic) Transaction | An artificially created transaction designed to mimic a standard transaction over an IP network designed to get consistent readings on response time and availability. |
System | An integrated composite that consists of one or more of the processes, hardware, software, facilities and people, that provides a capability to satisfy a stated need or objective. |
Threshold | A configurable value above which something is true and below which it is not. Thresholds are used to denote predetermined levels. When thresholds are exceeded, actions may occur. |
User | The consumer of a service - the person or group who accesses and uses the service - to be distinguished by the Customer, who Pays for the service (though it may be the same person). |
Version | An identified instance of a Configuration Item within a product breakdown structure or configuration structure for the purpose of tracking and auditing change history. Also used for software Configuration Items to define a specific identification released in development for drafting, review or modification, test or production. |
Work Package | A discrete set of activities performed to deliver a service which require resource input to complete expressed in terms of skill sets required, time to complete, etc. |
This may appear fairly straightforward. However, difficulties may arise if the specific requirements of different Customers vary for the same service, or if characteristics of the IT Infrastructure mean that different service levels are inevitable (e.g. head office staff may be connected via a high-speed LAN while local offices may have to use a lower speed leased line). In such cases, separate targets may be needed within the one agreement. Difficulties may also arise in determining who should be the signatories to such an agreement.
Customers often prefer such an agreement, as all of their requirements are covered in a single document. Only one signatory is normally required, which simplifies this issue.
As shown in the figure to the right, such a structure allows SLAs to be kept to a manageable size, avoids unnecessary duplication, and reduces the need for frequent updates.
SLOs should be:
Comparison of SLA and OLA
Re-printed from Microsoft Technet web site for Service Level Management
"Operational Level Agreements establish specific technical, informational, and timeframe requirements needed for each IT group to provide the services that will be delivered to the customer. … Without OLAs in place, SLAs will frequently promise services that are impractical at best or impossible at worst. Clearly defined OLAs will prevent unkept promises to customers. Additionally, OLAs will present (and even create) a more united IT organization to the customer. On many occasions, the exercise of building thorough OLAs can actually iron out long-standing feuds that have been based on misunderstandings. Ultimately, OLAs will hold each group accountable for their service, and also build understanding of each group's contribution to the overall delivery of service. " Implementing Service Level Management, White Paper, Char LaBounty, p. 3 |
SLA | OLA |
Describes the service, terms, and conditions for agreement between IT and one or more customers | Describes service components, requirements, and conditions required from an internal service provider (IT entity) |
The duration of the SLA is specifically defined with a start and end date | Reviewed frequently to capture changes in day-to-day service delivery |
Is business and customer-focused | Is internal-IT focused |
Describes the specific business metrics committed to by IT and the frequency they will be reported | Describes the service component metrics and the frequency they will be measured by the internal service provider (IT entity) |
Describes roles and responsibilities for customer and IT | Describes roles and responsibilities for IT staff and individual contributors |
Describes the business linkages between IT and the customer | Describes the day-to-day linkages between IT service providers and customers |
The "targets" for this service over the near, medium and long term. Targets may be "strategic" (positioning of the service in alignment with I&IT objectives) or metric (measurable performance indicators). Objectives should indicate how well the service is to be delivered now, and in the future and methods to close any performance gaps. Any existing service standards which the organization is expected to strive towards should be discussed here.
How a measure is determined and any assumptions implicit in its' use should be discussed. There should be some discussion as to what would constitute a significant variance which would trigger management attention.
In order to identify resource needs, all components of the IT infrastructure that combine to enable a service need to be considered. In all areas, these costs can be significant.
At some point, it is necessary that a comprehensive ROI analysis be performed on each activity to determine if the expected return to the organization, both directly financial (cost vs. benefit) and indirect effort (cost vs. increased or maintained customer productivity levels) is worthwhile. In cases where the ROI process indicates that the service does add enough value to the enterprise to be worthwhile, the service will not be implemented. In instances where the ROI process has established that the service is of value to the organization, the service will be implemented. In some cases, the service requested may be simple in nature. It does not significantly impact the areas of service provisioning that the cost analysis is designed to evaluate. The service level manager makes a "judgment call" in these cases and may elect to establish the new service without formally executing the financial analysis process.
The cost and methods of financing the service should be expressed. If the service is provided as part of an overall annual appropriation to the IT provider some effort should be devoted to estimating the capital, start-up and operating costs of the service. This permits a comparison of Return on Investment (ROI) from the services offered by the Provider. Where costs are recovered (typically as part of a premium service offering) the costs of various level of premium service should be itemized. Details of any charge-back scheduled and methods should be listed for the service.
COBIT Definition of SLM Maturity Levels - IT-CPM Equivalent
Maturity / Mgmt Commitment | COBIT Description | IT-CPM |
0 non Existent | Management has not recognized the need for a process for defining service levels. Accountabilities and responsibilities for monitoring them are not assigned. | There is little or no measurement undertaken. Performance is anecdotal and based primarily upon registered user complaints. |
1 Ad Hoc (ignored procedures) | There is awareness of the need to manage service levels, but the process is informal and reactive. The responsibility and accountability for monitoring performance is informally defined. Performance measurements are qualitative, with imprecisely defined goals. Performance reporting is infrequent and inconsistent. | Reporting is sporadic and based upon specific requests. Each time data must be collected from available sources (though templates might be used) and analyzed using available tools (eg. spreadsheets). |
2 Repeatable (disciplined procedures) | There are agreed-upon service level agreements, but they are informal and not revisited. Service level reporting is incomplete, irrelevant or misleading and dependent on the skills and initiative of individual managers. A service level coordinator is appointed with defined responsibilities, but not sufficient authority. The service level agreement compliance process is voluntary and not enforced. | Companies report the current and historical status of key metrics used to manage their business. These measures tell a company the "what," i.e., "What is the status or health of my business?" Although most companies know which fundamental indicators to measure, it is not necessarily easy for them to obtain and distribute the status of these measures to the individuals throughout their organization. By employing an effective strategy, an organization can successfully distribute this information to all the people who affect business inside and outside the enterprise. And, an organization can uncover new ratios and metrics that provide even deeper insight and that could potentially modify or enhance what is currently measured. Reporting and information delivery software used widely by IT departments provides the bulk of the functionality at this stage of maturity. |
3 Defined (Standard, consistent, processes) | Responsibilities are well defined, but with discretionary authority. The service level agreement development process is in place with checkpoints for reassessing service levels and customer satisfaction. Service levels criteria are defined and agreed upon with users, with an increased level of standardization. Service level shortfalls are identified, but resolution planning is still informal. The relationship between the funding provided and the expected service levels is being increasingly formalized. Service level is increasingly based on industry benchmarks and may not address organization-specific needs. | Analysts review and measure the data in new and different ways to see whether they can uncover hidden relationships that will help them answer "why," i.e., "Why is this occurring?" Several tools have emerged that simplify the analytical process - ad hoc query, ad hoc reporting, online analytical processing (OLAP), and advanced data visualization tools. |
4 Managed (Predictable processes) | Service levels are increasingly defined in the system requirements definition phase and incorporated into the design of the application and operational environments. Customer satisfaction is routinely measured and assessed. Performance measures are increasingly reflecting end-user needs, rather than only IT goals. User service levels measurement criteria are becoming standardized and reflective of industry norms. Root cause analysis is performed when service levels are not met. The reporting system for monitoring service levels is becoming increasingly automated. Operational and financial risks associated with not meeting agreed-upon service levels are defined and clearly understood. | Companies try to determine the effects on outcomes should they implement changes. They use tools to play "what if" games with their data, i.e., varying scenarios that target the process changes they may need to make to help steer the company in the right direction. Software for this has been categorized as planning and forecasting. Using these kinds of tools, you can perform scenarios and then combine them with historical measures and forecasting algorithms to determine potential future performance given different conditions. You can then vary your inputs to see how different courses of action might affect performance. At this level, management may determine that, based on expected operating parameters, performance will be up or down. Using planning software, you can determine how much more investment is needed to achieve the desired results. Such a planning application enables a company to estimate what additional infrastructure they will need to take to achieved desired resilience, availability and response goals. |
5 Optimized (continuously improved processes) | Service levels are continuously reevaluated to ensure alignment of IT and business objectives, while taking advantage of technology advances and improvements in product price/performance ratios. All service level processes are subject to continuous improvement processes. Criteria for defining service levels are defined based on business criticality and include availability, reliability, performance, growth capacity, user support, continuity planning and security considerations. Customer satisfaction levels are monitored and enforced. Expected service levels are evaluated against industry norms, but also reflect the specific strategic goals of business units. IT management has the resources and accountability needed to meet service level performance targets and the executive compensation is structured to provide incentives for meeting the organization goals. | The "how" phase. At this level, key players within the company discuss outcomes and potential solutions to the problems they have uncovered and then make decisions regarding how to improve them, such as what ROI they can hope to achieve. This is where collaboration becomes crucial. During review, individuals can annotate and comment on reports and analysis that have been produced, or even vote on a course of action. Collaboration functionality simplifies and documents this whole process so each comment, vote, or opinion can be weighed in the final decision. As a result, new areas or dimensions of measurement may be uncovered in order to track the progress of previous decisions. |
Some types of problem tracking or call management systems market themselves as having service level management functionality. In some ways, this is correct: many businesses use standard help desk tools to report on network availability, overall system availability, and customer service levels based on the types of trouble tickets received. This kind of "service level management" is, by nature, purely reactive, relying as it does on after-the-fact information capture of service failures. These tools also provide no mechanism for tying performance to business goals.
Still other types of systems will be a little closer to a mature implementation of SLM by using test transactions to simulate customer/end user activity. Essentially, these systems send a 'synthetic transaction" through standard customer system, timing them and monitoring for difficulties. Obviously, these systems confine themselves to network and application service level management, although they can make some measure of business success by examining employee productivity (or lack thereof, due to system problems) or customer system experience.
Web monitoring systems are becoming more prevalent. These systems examine the service experienced by web site users, and may also use test transactions to measure web site access events. There are also service level management systems that focus on specific technologies, such as VOIP, or on particular industries (telecom, ISPs).
When looking for these types of tools, integration may be the most critical "under-the-hood" factor. A system that can integrate, out-of-the-box, with as many of your current performance measurement tools as possible is highly desirable. As long as existing tools are performing in a satisfactory manner, there is no need to replace them; but rather to harvest their data. In addition, the SLM tool should be able to link to proprietary data sources.
Besides ease of use for the administrator, ease of use for business people is a main consideration. An SLM tool must allow customers to define, in business terms, what service success means. SLAs must be built up from clear SLOs: a business person should be able to create a metric for, say, the cost of providing "Gold" level service to major account customers that's comprised of measurements like average speed of answer, talk time, resource costs, and the specific customer contract terms. The system should also be able to report on this type of metric with a simple dashboard- or cockpit-style interface, and allow business users to drill down to determine the specific measurement that may be threatening the overall service.
Reporting must be flexible and easily customizable. It should be easy to set alarms to indicate when service levels are in danger of being breached, and these alarms should be easily configurable to alert for e-mail, pager, cellular phone, etc. Finally, the system should be smart enough to adjust objectives based on changing conditions. An increase in the number of employees providing a particular service should be reflected in all the metrics associated with that service - without requiring administrator or business unit intervention. Ideally, the system needs to be able to take data from systems or files associated with services, contractual agreements with outsourcers or customers, resources, finance and budgets, and processes (such as change management or knowledge management) and relate it into unified information that speaks directly to the organization's overall business goals and vision. In this way, true Service Level Management is achieved.