ITSM Gap Analysis at XYZ Telecom

An Insight

31st of March 2011 till 30th of April, 2011

Contents
PREAMBLE ASSESSMENT OBJECTIVE ASSESSMENT SUMMARY ASSESSMENT PARTICIPANTS APPROACH ASSUMPTIONS IDENTIFIED STRENGTHS OF XYZ TELECOM IT KEY FINDINGS STATUS OF ITSM IN XYZ TELECOM OVERALL PROCESS ALIGNMENT LEVELS PROCESS AREA WISE GAPS RECOMMENDATIONS ROADMAP THE PDCA MODEL REFERENCES

XYZ Telecom Confidential

Preamble
Background
The IT at XYZ Telecom offers IT Services, namely The IT Service Desk, IT Infrastructure management, and Application management to their customers (various departments within XYZ Telecom) from the facility at Academic City Dubai, UAE.

Approach

Being a quality conscious organization, XYZ Telecom IT thrives to ensure that the IT Services delivered by them are aligned to best practices and global standards in IT Service management.

Deliverables

This report contains the structured representation of the findings from this assessment and the recommendation on the way forward.

XYZ Telecom Confidential

Assessment Objective
The objective of this gap analysis is to assess the current the practices within XYZ Telecom IT Department with respect to: Specified and implied needs of XYZ IT department Global best practices in IT Service Management

The Assessment mainly takes the ITIL framework as the basis for the assessment,
so that this forms the foundation for XYZ Telecom IT for working towards certifying the IT Service Management practices as per the international standard.

XYZ Telecom Confidential

Assessment Summary
Assessment Duration:
The assessment was conducted over a period of 30 calendar days starting from 31st of March 2011 till 30th of April, 2011.

Assessment Location:

All assessment related activities were carried out from the XYZ Telecom IT facility at Academic city Dubai, UAE

All observations made during the assessment were documented,

Assessment Validation:

reviewed and agreed with the project manager of XYZ Telecom IT to ensure there is no mismatch of what the consultant understood from the information gathered.

Assessment Method:

Interviews with relevant stakeholders in XYZ Telecom Review of the Self Assessment questionnaire filled out by the XYZ staff Review of process/procedure documents and plans showing the intent Review of records and other evidences
5
XYZ Telecom Confidential

Assessment - Participants
Assessment Participants: Following are the participants from XYZ Telecom IT who were involved in the assessment Jassim Juma Operations Section Head Osman Farah Application Section Representative Fouad Saleh Project Manager

Ayman Al Sayed Project team member

Yasser Ramadan Representation from Systems Md Aziz Representation from Network Muneer Ahmed Representation from Vendor

Tamer Elahi Representation from DBA

XYZ Telecom Confidential

Approach

XYZ Telecom Confidential

Assumptions
The assessment is based on the information made available to the consultant through interviews and review of documents and records. A full fledged audit of the operations was not the intention of the exercise. It is assumed that all information provided by the various

participants in the assessment exercise are authentic and complete. It is also assumed that XYZ Telecom is going apply for

ISO/IEC 20000 certification at a later stage

XYZ Telecom Confidential

Identified Strengths of XYZ Telecom IT

Help Desk has been established as a SPOC (single point of contact) for XYZ

Telecom IT users The benefits and the need for process improvement has been identified by

XYZ Telecom IT Sr. Management at XYZ Telecom IT is committed on improving it service

delivery
Very low staff attrition rate, hence minimal changes in project core members Comparatively well carried out Incident, Supplier and Financial Management Tools, resources and funds allocated/planned for improving Service

Management

XYZ Telecom Confidential

Key Findings
Service Desk is established as SPOC (single point of contact) for all the users, however this gets bypassed at times

Very limited awareness on IT Service management best practices among XYZ

Telecom staff Polices related to IT are not defined, documented and communicated

Document control procedures are currently unavailable Minutes of any meetings in IT are not consistently recorded and

followed up Documented evidence of IT planning is not available, but planning is

done annually
XYZ Telecom Confidential

10

Status of the ITSM Processes

Status of the ITSM Processes in XYZ Telecom :
Process Existing But Insufficient Documentation
Information Security Management Release Management Change Management Supplier Management Budgeting and Accounting Incident Management

Non- Existent Processes

Configuration Management Problem Management Availability and Continuity Management Capacity Management Service Level Management Business Relationship Management Service Reporting

11

XYZ Telecom Confidential

Overall Process Alignment Levels illustrative

The method of calculation of each level is given below:
Process Area
Incident Management Problem Management Change Management Configuration Management Release Management Business relationship Management
Supplier relationship Management Level 1

Compliance Level Level 2

Level 3

Each process area has specific number of

questions. Based on the information given during the assessment and after reviewing certain evidences, alignment levels are determined. If the alignment level of a process area is less than 50% then it is considered to be at Level-1. If it is equal to or more than 50% and below 90%, then the alignment it is considered to be at Level2. If it is 90% or above then the alignment level is considered to be as Level-3

Service Level Management

Service Reporting Information Security Management

Budgeting and Accounting for IT Capacity Management Availability and Continuity Management
Level 1 Level 2 Level 3 Major Deviation from the standard requirement Some controls in place Minimum Deviation from the standard requirement

12

XYZ Telecom Confidential

Process Area Wise Gaps - illustrative

. Process Area: Incident Management Alignment Percentage: 66.67% (Level-2) Crucial Gaps observed:
Unique identifier and periodic updates not given to users on reported incidents Consistent procedure to handle major incidents not available

Helpdesk is bypassed for Application related calls

Current escalation mechanism in place to resolve incidents is not formal Incidents not prioritized against business impact and urgency Check on user satisfaction and recording of solutions not done, at incident closure

13

XYZ Telecom Confidential

Process Area Wise Gaps - illustrative

Specific Requirements of the framework and alignment details:
Incident Management
ITSM Best Practices
1 2 All incidents shall be recorded Procedures shall be adopted to manage the impact of service incidents Procedures shall define the recording, prioritization, business impact, classification, updating, escalation, resolution and formal closure of all incidents The customer shall be kept informed of the progress of their reported incidents or service request and alerted in advance if their service levels cannot be met and an action agreed All staff involved in incident management shall have access to relevant information such as known errors, problem resolutions and the configuration management database Major incidents shall be classified and managed according to a defined process

Alignment Status
PARTIALLY ALIGNED PARTIALLY ALIGNED

PARTIALLY ALIGNED

PARTIALLY ALIGNED

NOT ALIGNED

NOT ALIGNED

14

XYZ Telecom Confidential

Recommendations
Immediate Actions Recommended Form a steering committee for progress reviews and escalation management of the improvement initiative Document all Services and its details with default levels in a Service Catalogue Identify service owners for each service from XYZ Telecom IT

Identify and document services required by XYZ Telecom IT from other departments
Plan and implement availability, capacity and security monitoring tools Identify appropriate individuals for process ownership and management Document, review and agree on all process documentation needed by the framework Identify all the risks related to the implementation of the Service Management System Develop mitigation plans for risks that have high Risk Priority Number
XYZ Telecom Confidential

15

Recommendations
Recommended Steering Committee Composition and Responsibilities
Project Sponsor IT director

Steering committee composition

Section Heads Application and Operations Project Manager XYZ Telecom Project Manager Consultants Customer representative(s) Drive adherence of set policies and processes through formal communications to all staff

High-level responsibilities of steering committee

Assist in driving activities outside IT department, required by the

standard
Resolve resource and fund issues that cannot be managed by project manager Conduct Service Management Review

16

XYZ Telecom Confidential

Recommendations
Recommended Responsibilities of the Management Representative : Creation, implementation and maintenance of the Service Management Policy

and Service management system for XYZ Telecom IT

Create and implement document control policy, procedures and maintain master list of documents and document storage Ensure availability of appropriate budgets and funds for service management and improvement Definition of Roles and Responsibilities for Process Owners and Process Managers for the processes as per the framework Creation of internal audit procedure, planning, execute audits, create internal audit reports and follow-up till closure
17
XYZ Telecom Confidential

Recommendations
Recommended Process Ownership and Management Groupings
Different roles with specific responsibilities to manage different process areas would be required to ensure effective implementation of the Service Management system. It may not be possible or not required to have different individuals for managing each process areas. Following are the recommended combination that could be :

Service Desk Incident Management

Service Level Management Business relationship Service Reporting Problem Management

Change Management Release Management Configuration Management

Information Security Management

Availability Management Capacity Management Continuity Management

Supplier Management Financial Management

18

XYZ Telecom Confidential

Roadmap

Road Map For ITSM Implementation

19
XYZ Telecom Confidential

The PDCA Model

20

XYZ Telecom Confidential

References

XYZ Telecom IT department policies, processes and procedures Evidences ITIL best practices framework documentation

21

XYZ Telecom Confidential