In conditions market competition All big role the ability of the company to adapt to constantly changing external factors, market conditions, new technologies and services. For modern company the information system is the same as the nervous system for a person: these are information communications that allow you to manage a company and coordinate the interaction of various bodies, as well as connecting it with the outside world. Therefore, the ability of IT departments to adapt to business conditions and provide business units with exactly the services that they need at a given moment, helping to avoid wasted time and reduced productivity due to system failures and downtime, becomes critical.

The task of the IT manager is to create such a mechanism for the functioning of his unit, which would make it possible to meet the changing requirements of employees and company management as much as possible, which would enable all employees to realize the benefits that they receive from using the services of the IT unit. An accurate knowledge of the structure, status, resources, functions and processes of the IT department allows the manager to restructure management, adapting to relocations, consolidation, separation, merging of branches, or, conversely, delegation of authority to subsidiaries or external service providers. Building a system based on a model generally accepted in the IT management environment will give your organization confidence in the reliability of the IT system as the basis of a modern dynamic business, will allow you to face the future with confidence and be ready for rapid and adequate changes in information technology in the interests of business development and growth efficiency. This will also optimize the cost of operating the system.

To build a flexible, adaptable system, it is necessary to automate such areas of IT management as managing network equipment, servers and corporate applications, data storage and security, fleet management personal computers, support service.

But first of all, this requires methods, technologies and means, allowing you to control the current state of the system, perform tasks of operational and long-term planning, analyze the adequacy of changes made to the structure of the system and dynamically calculate the efficiency of the system as a whole. These complex solutions allow you to manage your business and maintain its stability, ensuring complete management of the IT infrastructure and maximum satisfaction of the needs of IP users. Such solutions allow you to raise the IT department to new heights, make it part of the business, make a strategic contribution to the company's activities; allow you to make the results of the work of the IT department obvious to the management and users of the system. They also provide the head of the IT department with a new range of opportunities: he can quickly and adequately assess the quality of the department's work, existing costs, resources, and correctly plan the necessary changes.

Methods

The introduction of advanced information technologies requires all participants to have a clear understanding of the structure and functions of the system, the relationship of its components, the strict distribution of duties and responsibilities, the availability of information about the state of the system as a whole and its components, about the tasks performed by users, and those functions that are for them. the most important.

How to combine so many heterogeneous processes into a single model? How to formulate the functions of the system and employees? How to get information about the current state of the system? What criteria should be used when choosing the direction of system development? How to find the line between the needs of users and the capabilities of the system and IT staff? All these issues should be resolved within the framework of a single paradigm of thinking, a single language with which the IS architecture, functions and responsibilities, information and interfaces will be described. It should be a language that is equally understandable to IT department employees, users, and software and control system manufacturers. In other words, we need a common, accessible and accepted by all methodological basis IT management.

ITIL - Information Technology Infrastructure Library has become such a basis for many Western standards and solutions in the field of IT management. Almost all modern developers of system software and management software draw terms and methods from there. What is ITIL?

Since 1986, the British Government Communications Agency (CCTA) has been working to formalize and standardize how to implement and operate a variety of IT systems in various government departments as part of a non-profit program. The experience accumulated in the course of this work was formulated in the so-called "library of IT infrastructures", but was not available to a wide range of IT specialists. Only 10 years later, the documentation that combines these techniques and turned into a 24-volume work by that time became available to everyone.

ITIL is a thorough description of the life cycle model of an IT organization, implementation examples and expert comments. The ITIL approach is to divide the IT management process into several disciplines. Each discipline is aimed at solving certain functions, but in interaction with the rest. They cover areas such as Change Management, Problem Management, Configuration management, Service Level Management, Capacity Management, Cost Management, and many others. ITIL offers a structured approach to the development, implementation and operation of each discipline. The key concept here is service management; the whole methodology is focused on it and it integrates the remaining components to achieve the goal of fulfilling service agreements with users. Service management includes many procedures that allow you to quickly and efficiently formulate, change and control service levels defined for each user according to predetermined criteria and parameters of the system functioning.

Through a detailed presentation of the principles and description real experience ITIL has become very popular, first in the UK and then around the world. Therefore, building solutions based on the principles described in ITIL allows you to set a single “language” that will be understood by everyone and with which the entire paradigm of IT enterprise management tools will be built.

Technologies

However, ITIL is not a product, not a program, not a system; ITIL is a methodology. It will allow you to bring your systems to a single standard, ensure the efficient functioning of IT services, meet the needs of business users, stable and predictable development of the system. But to implement such a model, it will be necessary to formulate descriptions of the processes occurring in the information system, change existing or create new technologies that meet new, changing requirements for the reliability of IT systems for business. It is very important to introduce technologies that would automate the management processes themselves, simplify their integration and interaction necessary to manage all IS components in an enterprise. Only the implementation of such technologies will make it possible in the future to obtain a guaranteed effect from the reorganization of business processes, the introduction of corporate information systems, enterprise, production, and inventory management systems.

The time when the IT department could afford to spend months testing various software tools, are gone. New, "fast" markets require an immediate response and the introduction of new tools. Time has become too precious to afford to waste. The IT department must quickly select and implement the automation tools that business users need while minimizing the time and resources it takes to learn, configure, and implement them. Ideally, it should be like this: when a change is implemented, data on the state and history of the IT infrastructure, on events that have occurred and problems in the system, and on forecasts are automatically obtained from the databases of configuration management processes, changes, user requests and problems. Based on this data, you can quickly assess what effect a new change might have, which systems it will affect, what it will affect, how much it will cost, and what level of service it can provide users.

To achieve this level of automation will allow a well-functioning mechanism for the interaction of change management systems, configuration, support service, problems and service levels, based on management tools for various system components.

When choosing a technology, it is necessary to formulate requirements for the means that will implement control functions, describe the interaction mechanisms, interfaces. The quality and efficiency of system management within the framework of the model you have formulated depends on the degree of elaboration of this stage.

It should be noted that many software companies system management- have in their portfolio of solutions components and blocks of technologies that implement certain functions formulated in ITIL. However, the greatest results in this area were achieved by Hewlett-Packard, which back in 1997 formulated its concept of IT management, including technologies and tools for their implementation, called IT Service Management (ITSM). This concept considers the implementation of ITIL recommendations using the HP OpenView family of software tools. This solution, based on the ITIL framework, includes software modules for various functional purposes - from a tool for quickly drafting service contracts (SLA Wizard) to a toolkit that monitors the impact of a failed resource on other services (Service Navigator).

Facilities

OpenView solutions can be roughly divided into 3 groups.

• Means of network and system management. First of all, this is the Network Node Manager network management platform, with which numerous network equipment management components (Cisco Works, Optivity) are integrated. This also includes the OmniBack backup management system, server and database performance monitoring elements (Database Pack, Performance Monitor).
• A single IC component management console that covers many components and allows you to centrally monitor a range of IC performance, prevent and analyze failures (Vantage Point).
• Components that perform IT service management processes (ITSM, ServiceDesk).

An important member of the OpenView family is the HP OpenView Service Desk. It focuses on service level management processes and is designed to optimize IT management processes (ITSM), user support processes (Help Desk), for the relationship of IT management with the company's business. Service Desk provides IT staff feedback with users, allows you to understand how business units use IP resources, which resources are more important to them and what they do not like in the current system.

Conclusion

The use and integration of these tools allows you to fully control the state of the information system and actually manage it, having control levers for each component.

Combining all available management tools within a single technology gives you an understanding of the functions and tasks of the IT department, forms a business-oriented approach to IT management.

However, for the successful implementation of such solutions, it is necessary to initially adhere to a single and comprehensive methodology for IT management, which has already allowed many companies to reach new frontiers of business.

MINISTRY OF SPORTS, TOURISM AND YOUTH POLICY OF THE RUSSIAN FEDERATION

Federal State Budgetary Educational Institution

higher vocational education"Volgograd State Academy of Physical Culture"

Orlova Yu.A.

Part 2. INFORMATION TECHNOLOGY MANAGEMENT

LECTURE №2.3

"Management processes information technology»

Volgograd

IT management processes are concerned with their planning, ongoing management and IT project management. In planning for several years ahead, the issues of introducing new information technologies that would correspond to the changing needs of the enterprise are considered.

The objective of current IT management is to provide cost-effective, reliable service to other parts of the enterprise.

IT project management ensures the timely implementation of vital information technologies for the enterprise. The duration of many IT projects can extend beyond a year.

1. ONGOING IT MANAGEMENT

The day-to-day management of IT is carried out on the basis of an annual plan, in

which defines a set of ongoing projects, sets the tasks of upgrading and replenishing equipment and software,

IT capacities and the number of service personnel are determined.

The tasks of an ongoing IT management system are listed below.

Provide motivation and conditions for collaboration between users and IT professionals.

provide effective use IT resources across departments and prepare users to realize the potential of existing and new technologies.

Create conditions for the dissemination of technologies,

corresponding to the strategic needs of the enterprise.

Develop standards for the effectiveness of the use of information technology.

Prepare necessary information to make IT investment decisions.

The following factors should be taken into account when creating an ongoing IT management system:

A modern IT management system must be adapted to information technologies that are qualitatively different from those that existed before.

Current management must distinguish between IT that is in different phases of development. "Mature" technologies should be controlled,

with an emphasis on maximizing their performance, while technologies in the early phase need constant attention and support, like any R&D activity.

The performance of the current IT management system is determined by specific external and internal factors of the enterprise. These factors include:

user qualifications in the field of IT, geographical dispersion of the organization, stability of the management team,

measures and structure of the enterprise, the relationship between different departments.

The organization of the current management system in the enterprise as a whole, as well as the principles underlying its construction, affect the current IT management system.

The current IT management system depends on the strategic decisions in the field of information technology in the enterprise, which is reflected in the portfolio of IT applications used.

Operational matters

The ongoing management of the enterprise's operations stimulates the effective use of IT and its development in the right direction. While the mix of applications in daily use is subject to change, overall transaction costs are relatively constant in the short term. The problem of current management of operating costs is related to their distribution over time.

Growing user influence. The main impetus for the ever-expanding use of IT has been the emergence of users who can solve their many problems with their help. Past experience suggests that it is user requests that generate new ideas for modernizing existing IT, expanding the capabilities of applications. The best result is achieved when the control system is able to evaluate both the potential costs of new applications and their usefulness to the enterprise. Absence effective management IT development can cause their explosive growth (often unprofitable and poorly managed),

leading to unnecessary costs, or, conversely, hinder the introduction of promising technologies, which causes dissatisfaction among users. Both extremes undermine the credibility of the IT management system. In addition, for many types of new user demand, the benefits are much more difficult to determine than the costs. Very often, the current IT management system incorrectly compares the costs of implementing IT with the future results of their effective use.

The effectiveness of IT use is largely related to the human factor. As technologies change, so do the types of applications and requirements for users. However, many users are quite conservative in their habits, find change uncomfortable and resist it. In the same direction, the frequently encountered poor attitude of users towards IT personnel, who are the initiators and

agent of change.

Internal and external factors. Changes in current IT management can also be driven by environmental factors. TO

internal factors include the emergence of new information needs, the expansion of office locations and the modernization of the enterprise itself. A well-organized ongoing IT management system is able to respond appropriately to these types of changes.

geographic factor. Another important aspect of the organization of current management is related to the geographical location of the enterprise and its size. As the number of branches of the enterprise grows and the number of employees increases, significant changes in organizational structures are required. First of all, this applies to the current management system in the enterprise and, in particular, the IT current management system.

The informal oversight and control of staff that is common in small businesses is usually not suitable for larger businesses,

units of which are located in remote locations. Similarly, the evolution of relationships between functional departments and the IT department within an enterprise forces a restructuring of the current IT management system.

An important aspect that must be taken into account when forming a current IT management system is the organizational structure of the enterprise. An enterprise in which information processing is highly centralized may allocate costs to the IT department. AND

on the contrary, a decentralized enterprise that takes into account profit,

received by its departments, can charge costs for departments and for the activities of the central IT department, and even go to the creation of independent information centers who provide their services for a fee.

Linking with the current management system of the enterprise

The current IT management system should be linked to the enterprise management system as a whole. Ideally, there should be a multi-year enterprise development plan that is driven by the overall business strategy, as many large IT projects can take more than a year to complete.

The combination of short-term IT day-to-day management and long-term technical innovation challenges can create conflicts in the day-to-day management of an enterprise. The questions that arise can be divided into two groups:

To what extent should the IT day-to-day management structure be similar to the day-to-day management structure in other parts of the enterprise? How to manage IT if these structures are different? Can this state of affairs last long?

How to strike a balance between solving the problems of current IT management and timely innovation?

Evaluation of the effectiveness of current IT management is usually based on tracking the ratio of costs and real results from the implementation of IT.

Accounting for the characteristics of the implemented IT

When analyzing the relationship between the current IT management system and the ongoing management and planning processes in the enterprise, the nature of the implemented IT should be taken into account. If the developments are of a strategic nature, a close connection of these processes is needed, and any inconsistencies between them can create problems in the activities of the enterprise. Investment proposals for advanced IT should be subject to periodic reviews prepared by the IT department for senior management.

The current IT management system, with the strategic role of these technologies, should encourage innovation, even if only one of the three will give a real result. Often the main problem is the evaluation, comparison and

stimulating proposals that come from different functional units.

With the operational and supportive nature of IT, special attention should be paid to the ongoing management of existing technologies, and in the reinforcing one, close monitoring of promising developments.

The enterprise current management system solves three categories of tasks

Management of results, personnel and processes.

Results management is aimed at optimizing specific performance indicators of the enterprise.

Human resource management focuses on recruitment practices,

methods of training and testing at the workplace, on the procedures for assessing the qualifications of personnel.

Management of the processes taking place in the enterprise,

associated with the creation and monitoring of certain protocols and procedures. This includes the separation of duties in the formation of a specific sequence of tasks, access control to certain processes, etc.

All this needs to be taken into account and discussed when forming the system of current IT management.

2. IT PLANNING

Factors driving the need for IT planning

As the complexity of IT has increased in recent decades and

the scope of their application expanded, the role of information technology planning became more and more important.

Rapid technology changes. Hardware and software continue to evolve at a very fast pace. Therefore, constant interaction between the head of the IT department and the heads of the functional departments of the enterprise is necessary in order to identify

technological changes essential for the development of plans and pilot projects.

Staff shortage. The development and implementation of IT continues to be constrained by a shortage of qualified specialists, including programmers,

as a result, it is necessary to prioritize their use, and

also involve external sources of IT development and support.

Lack of other corporate resources. Limited financial and managerial resources are another argument in favor of IT planning.

Strengthening the role of computer networks and data storage for the creation of corporate information systems. More and more attention has to be paid to the design of networks that provide communication and support applications that are used in different parts of the enterprise. Equally important are the networks that link the enterprise with its customers and suppliers. The role of data warehouses (Data Warehouse) for multidimensional storage of aggregated actual and predicted data is increasing, required by analysts for decision making; data marts (Data Mart) - for data concentration,

relating to individual aspects of the organization's activities and as close as possible to the end user; technologies for analytical data processing (OLAP), containing flexible mechanisms for manipulating data and visualizing them and providing the ability to process requests "in real time" - at the pace of the process of comprehending data by the user.

Addiction various directions enterprise activities from IT.

At many enterprises, the introduction of marketing, logistics and other software products opens new perspectives in their development. And if the existing IT limits the ability of the enterprise to implement its strategies, then this problem becomes the leading one. The development of IT in an enterprise is associated with the development of new technologies, the expansion of the scale of their application and the increase in the efficiency of their use.

Planning requirements at various stages of IT implementation

Section 1.2 identifies four phases of IT implementation, each with its own planning requirements.

1. At the first stage (identification of the required technology and planning of investments), the costs of studying new technologies and investing in promising IT are determined.

2. The effectiveness of planning in the second phase (technological learning and adaptation) can be measured by the support that users will give to pilot projects. The result of the stage is a specified need for the number and qualifications of personnel.

3. In the third phase (rationalization/management control), the goal of IT planning is to determine the optimal boundaries for application deployment in terms of the best balance of efficiency and cost.

4. At the final stage (maturity/ubiquitous transfer of technology) of IT development, a controlled evolution of technology takes place, when user training is completed and a current technology management system is created, long-term trends in its operation are planned.

Typically, an enterprise has different IT in all four phases of implementation, so there is little to no uniformity in IT planning. Instead, IT professionals deal with a portfolio of technologies, each of which creates its own challenges.

In the same way, the approach to planning should be different for different departments within the enterprise, since each of them, as a rule, in

varying degrees of familiarity with a particular technology.

Factors affecting the effectiveness of IT planning

As the development of new information technologies, shifts in competition, changes in enterprise development strategies, the priority of various applications changes. Therefore, in the IT planning process

some specific assumptions regarding the nature and role of technological evolution must be taken into account.

Resource costs for planning. financial and human resources,

involved in IT planning are diverted from other activities

particularly from the development of new systems. To what extent it is advisable to divert resources from other areas of the enterprise is always a question.

IT Planning Compliance organizational culture enterprises . An important aspect of IT planning is that it is implemented within a particular cultural environment within an enterprise. So,

if planning is actively supported by senior management, the same internal climate is established in user units.

The strategic impact of IT. In some enterprises, IT plays a strategic role, while in others it is useful, but still secondary. In this case, it is difficult to expect that senior management will devote a lot of time to IT.

Underestimation of the role of IT. The choice of approach to IT planning is often complicated by the discrepancy between the opinion of the heads of various departments and the real value of IT in the current and, most importantly, in

future activities of the enterprise. In this case, the role of top management for sound strategic decision making is important.

Two problems often arise:

plans and strategies developed for IT are technically justified and meet the needs of users as they understand them today, but can be unproductive and even counterproductive if IT does not correspond to the enterprise development strategy;

plans that are developed "at the top" may be far from realistic approaches to the introduction of new IT. It may

At some point in the development of the company, the IT department management may be faced with a situation where the resolution of incidents takes too long, users are dissatisfied with the services provided, and internal organization work is complete chaos. One of the solutions to these problems is the implementation of ITSM (Information Technology Service Management). As part of this post, with which we decided to open our blog on Habré, we will talk about what ITSM is and consider some of the features of the ServiceNow platform.

What is ITSM?

A full transition to a service basis will allow IT departments of any company not only to turn from a cost unit to a profit center, but also to offer their IT services outside their own organization.

One of the main components of ITSM is the formalization of the processes of the IT department. For each process, the sequence of work, the necessary resources and time, automation and quality control tools are determined. Once a process is defined, its performance can be measured as well as the quality/cost ratio. At the same time, we note that the ITSM approach does not affect the details of technical process management, but is aimed at structuring inner work IT departments.

The implementation of ITSM also includes the formalization of the rules of work for employees, the definition of areas of responsibility and authority of personnel, criteria for the quality of work and the formation of mechanisms for controlling and monitoring the state of processes, which helps to increase information security.

Implementing ITSM - ServiceNow

Behind last years ServiceNow has slightly changed the vector of development of its product, which now goes beyond IT. The service allows you to manage most business areas. The processes that a business uses to manage are very similar to those that take place in an IT department. Only tasks change, but the architecture of interelement relationships and the relationship between the performer and the consumer remain the same. You can see the structure of the ServiceNow solution in this video:

IT Governance and Risk Management (GRC)

The first application is called ServiceNow Risk Management and provides a centralized process for identifying, evaluating, responding to, and continuously monitoring corporate and IT risks that could negatively impact a business. The application has a graphical interface for creating profiles and dependencies in order to compare and model risks.

It also allows you to group risk reports into manageable categories and store all potential risks in a centralized repository, allowing you to view summary information and quickly identify problem areas based on it.

The second application is Policy and Compliance Management and it provides a centralized process for creating and managing policies, standards and procedures. internal control. For example, the Compliance module contains an overview of compliance as well as lists of white papers and company references.

Policies, risks, controls, audits, and other processes are defined in formal documents. Each document is attached to a particular record, and the corresponding lists in the record contain the individual terms of that document.

The third application of the GRC complex is Audit Management. It allows you to plan audit tasks, monitor the implementation and provide reports to responsible persons. Engagement reporting ensures that the organization's risk and compliance management strategy is effective. The audit process includes creating, planning, scoping and conducting audit engagements, and reporting results.

Thus. GRC in ServiceNow, as part of a powerful business automation platform, helps solve a large number of important tasks by integrating with existing processes and sharing data with core management services.

Software Development Management (Agile Development)

The platform makes it possible to hold daily meetings (Daily Scrum) with team members to discuss current projects, planned work and difficulties. It also has the ability to maintain a product backlog, which is a list of user stories ordered by importance. The Product Backlog can be reviewed and updated regularly as new requirements emerge and priorities are redefined.

In addition to the product backlog, the solution provides the ability to work with the release backlog, which contains a list of stories that need to be completed to release the current version of the application under development. Typically, the decision-making process is based on the timeline for releases, the importance of stories in the product backlog, and their complexity.

IT Infrastructure Management (IT Operations Management)

The main objective of implementing ITOM is to achieve visibility and control over the various elements of the company's IT infrastructure for the purpose of easy and flexible management. This allows you to deliver services according to SLAs, use your IT infrastructure in the most efficient way, respond flexibly to external and internal needs, and provide better service and support.

ITOM also allows you to collect information from multiple sources, including all major elements of the IT infrastructure. This data can be analyzed and then reported on IT operations in terms of load, performance and user activity. This makes it easier to identify problems early, diagnose them, and fix them quickly.

The use of ITOM makes the use of IT investments transparent, allows you to flexibly allocate IT resources, quickly identify problems and solve them, and effectively maintain infrastructure.

And these are just a few of the features that the ServiceNow platform implements. In the list of services provided, you can find items such as

Measurement and evaluation of IT processes. Well-ordered theory and design practice

How to provide a comprehensive system for measuring information technology management processes? Who is the consumer of measurement results and what are they used for? Let's try to find answers to these questions by combining a coherent theory with advanced design practice.

IT processes

The current activities of IT departments can be represented as a system of interrelated IT management processes (IT processes). IT processes enable the efficient use of information technology to meet customer needs. "Efficiency" here means that:

• information technologies form value for customers (benefit by increasing the productivity of business processes and / or reducing the restrictions on these processes);
• expenses on information technology rational and controlled;
• risks related to the use of information technology are also controlled and reduced to an acceptable level.

Why and for whom measurement and evaluation is carried out

To ensure maximum efficiency in light of changing requirements, environmental influences, and other factors, IT managers must evaluate processes and adjust their work. This means that managers need to be sure that the processes they are responsible for are functioning optimally, and if necessary, identify deviations in the operation of processes in time and initiate corrective actions.
In turn, managers who oversee the information technology management system from the top management or investors (that is, those interested in the effective use of IT) want to be sure that operating system IT management solves the tasks assigned to it.

Thus, the measurement and evaluation of IT processes are performed in the interests of two main stakeholder groups:

• investors, customers, senior IT management, external regulators are interested in:
  • to what extent the IT management system solves the tasks ( effectiveness);
  • whether and how management mechanisms are provided to ensure the proper level of control and changes in the system in response to new requirements ( conformity);
• IT managers are interested in the current state of processes in terms of:
  • the content and results of activities, as well as the scope of work ( productivity);
  • rational use of resources ( rationality / efficiency).

What and how to measure and evaluate

To meet the needs for measurement and evaluation in the IT management system, necessary tools- Metrics and KPIs are developed, tools for collecting and processing information about processes are implemented, the need to involve auditors and the evaluation criteria that they apply are determined. The content and means of measurement are determined by who they are performed for (the consumer) and the decisions that must be made based on them (the purpose).

The effectiveness of IT processes (effectiveness)

Efficiency shows how a given process (or a group of interrelated processes) meets its purpose, and also achieves its goals. For the development of metrics and controls aimed at measuring performance, it is important to distinguish between the concepts of purpose and goals:

• appointment determines the role of the process in the control system, that is, the answer to the question " why this process is needed, what it is responsible for". The purpose of the process, as a rule, is more or less universal, that is, it changes little from company to company. Purpose statements for IT processes can be found in standards and bodies of knowledge proposing process models (COBIT, ITIL®, ISO/IEC 20000);
• target process defines what the process should provide in some fixed period of time. Goals must meet SMART criteria (specific, measurable, achievable, relevant, time-bound). Unlike assignment, process objectives not only can, but must be regularly verified and reviewed, which is the responsibility of the process owner.

When properly formulated, performance measurement metrics can be directly formulated based on the purpose and goals of the process. Performance can be measured and evaluated at the level certain types activities, processes and management system as a whole.

Example 1 - Incident and User Request Management:
Purpose: to ensure the quality of IT services by resolving incidents as soon as possible and fulfilling service requests in a timely manner.
Goal examples:

• increase in the share of timely resolved incidents up to 95%
• increase in the share of calls resolved on the first line, up to 50%

• percentage of incidents and requests resolved on time [%]
• average incident resolution time by impact level [hour]

• bring the level of customer satisfaction with the quality of IT services to 90%
• ensure the timeliness of generating reports on IT services at the level of 100%

• integral indicator of the quality of IT services (calculated from reports on the provision of IT services for the period) [%]
• level of customer satisfaction with the quality of IT services (calculated based on the results of a customer survey for the period) [%]

The degree of compliance of IT processes with the requirements (compliance)

In addition to the ability of processes to realize their purpose, customers and investors are interested in the ability of processes and the IT management system as a whole to generate stable results in the face of external and internal changes, as well as the ability to develop in response to new requirements. These capabilities are provided by the maturity of the IT management system. Maturity is expressed, first of all, in the levels of formalization and control acting in relation to a particular activity. It is important to note that a certain level of maturity characterizes not the activity itself, but the management practice applied to it:

• process maturity- a characteristic that allows you to assess how carefully and formally the activities included in the process are controlled;
• maturity of the management system or maturity of the organization characterizes the control practices in place in the organization in relation to processes.

Maturity assessment is usually carried out using so-called "maturity models". Maturity models can be independent bodies of knowledge or be part of other bodies of knowledge and standards. The most famous maturity models are:

• Capability Maturity Model (CMM), developed by the Software Engineering Institute of Carnegie Mellon University. This model was taken as the basis for the development of the process maturity model as part of COBIT (up to and including version 4.1);
• ISO/IEC 15504 "Information technology - Process assessment". This model was taken as the basis for the development of the IT management process maturity model, which was included in the new - fifth - version of COBIT.

An example of an ITIL process group maturity assessment is shown in the following figure:

Control of the degree of compliance can be performed both by internal processes of the management system and by external auditors. In practice, it is important to find the right combination of internal and external controls that provides the required objectivity, regularity and level of detail. For example, at one of our clients, a separate IT process was responsible for internal control, which was called "Control and Evaluation", and the effectiveness of internal control was checked by the involvement of external auditors.

Rational use of resources (efficiency)

The effectiveness of the processes is ensured through the use of the organization's resources spent on the execution of processes and ensuring their maturity. Controls—whether specialized or generic—use information, applications, infrastructure, and people. Rationality metrics characterize the number of errors that occur during the execution of the process, as well as the use of certain mechanisms to reduce labor costs.

The basic principle of ensuring and evaluating the rationality of the management system can be formulated as follows: the cost of owning a management system and its control should not exceed the value formed as a result of the functioning of this system, taking into account controlled risks.

Process productivity

Productivity metrics characterize the amount of work on the execution and control of the process. This is very important factor both at the design stage and at the execution stage of the process. For example, when designing a change management process, it is important to understand what kind of change flow is expected before writing into the process schedule " All changes are reviewed by the CAB (Change Advisory Board, change management committee)". At the execution stage, a change in the input stream of a process can affect its performance indicators, the degree of compliance and rationality. For example, an increase in the flow of incidents from 8,000 to 15,000 per month (due to the unsuccessful implementation of a new IT system) can significantly reduce the value of the performance metric " Percentage of incidents and user requests resolved on time". Therefore, productivity indicators should also be included in the consideration when performing operational monitoring and evaluation of processes.

Structure and principles for the implementation of the measurement and evaluation system

The general structure of the measurement and evaluation system is presented below:

Such a structure defines the directions of measurement and evaluation, as well as the consumers of measurement results, which are responsible for conducting the evaluation and making appropriate management decisions.

In practice, when implementing a measurement and evaluation system, it is important to follow a number of rules:

• develop the content and means of implementing the monitoring and evaluation system, focusing on specific consumers and their management decisions;
• combine different areas of monitoring and evaluation, providing a comprehensive view of the management system. Ignoring certain factors can lead to serious distortions in the decisions made. For example, focusing on the degree of process fit without focusing on performance can lead to overdocumentation and "process for the sake of process". And vice versa - focusing only on results (without proper documentation, control, and so on) can lead to the fact that yesterday's high results will be lost tomorrow (due to staff changes, changes in work flow and other factors);
• regularly review the system of measurement and evaluation, ensuring that current management practices are consistent with the tasks and conditions of the environment.

Compliance with these rules helps to plan and implement effective system information technology management, supported by adequate measurement and evaluation tools.

/ Classification of IT processes

In contact with

Classmates

Marina Anshina, President of the FOSTAS Foundation, Chairman of the Standards Committee of the Russian Union of CIOs

Classification of IT processes

Classification is not done out of boredom, not for pleasure or out of sporting interest. And in order to clarify, adapt methods, in this case, IT process management, for each class. After all, the narrower the control object, the more accurate standards and methods can and should be prepared for it and the greater the benefit from their use.

In addition, the classification allows you to build a system model of the subject area, which makes it possible to look at the subject of research more accurately and more broadly. That is why we will look at the possibilities of classifying IT processes and try to discern a number of features that will help us better understand them and manage them more effectively. Of course, the most famous classifications of IT processes are associated with two pillars - with the service approach presented by ITSM and ITIL, and the COBIT IT management and management methodology, which was already discussed in the first article of this series.

Classification of processes in ITSM and ITIL

ITSM proposes five groups of IT processes:

• IT and business alignment. Strategic issues and interaction with users. These processes are managed in close contact with business management and are usually under the direct supervision or at least close supervision of the CIO.
• Operating activities. Troubleshooting and Operations Management. This group of processes is dedicated to the organization of trouble-free service delivery, with incident management and problem management - to reactive methods, and operational management includes proactive components.
• Ensuring the provision of services. Configuration, change and service level management. What is, how we change it, and how we control what we provide to users.
• Service management and design - security, continuity, availability, performance and funding. Ensuring the required quality of services in accordance with business needs.
• Development and implementation of services - creation and testing, installation of releases of services in a productive environment. The name speaks for itself, these processes allow you to develop IT services in accordance with business needs and changes in the external environment.

The corresponding picture of ITSM was given in the first article, but suddenly you did not see it or forgot it. Therefore, the distribution of processes by groups is shown below in fig. 1.

ITIL version 2, the structure of which is shown in Fig. 2, focused on two groups of processes:

Service Support:

• Service Desk.
• Incident management.
• Problem management.
• Configuration management.
• Change management.
• Release management.

Provision of services (Service Delivery):

• Financial management for IT services.
• Accessibility management.
• Service level management.
• IT Service Continuity Management.
• Customer relationship management.

In addition, it includes the following groups:

Business perspective (no one a posteriori aligns anything anymore):

• Business continuity management.
• Partnership and outsourcing.
• Business transformation through change.

Software application management:

• Software development lifecycle management.
• IT service testing.

Information and Communication Technology Infrastructure Management:

• Design and planning processes.
• Implementation processes.
• Operational processes.
• Technical support processes.

Let's take a look at this classification. Some eclecticism and illogicality are obvious, because many processes are broken between groups, which clearly does not benefit them. For example, continuity management is present both in the service delivery group and in the business perspective. Of course, you can argue that these processes can be integrated with each other, but integration in any area is, firstly, costly, secondly, difficult, and thirdly, risky. And if you separately regulate, for example, the processes of continuity of IT services and business continuity processes, then later they may not converge with each other. It is as if the roads were laid separately in each microdistrict. How would you then be able to ride and walk on them? The above remark also captures the full significance of correct classification. Rather, the threat is wrong. Therefore, despite its apparent simplicity, the classification is not at all as harmless as many are accustomed to think.

It can be seen that the last three groups directly refer to the layered model of enterprise architecture: business - software applications - infrastructure. It can even be assumed that the IT services layer, which is also distinguished as a separate one in this model, is represented by the first two groups. But there is absolutely no layer of data and information. Of course, you can argue that it is hidden, for example, in the management of software applications. But after all, we are not discussing how to get out, we want to use the classification as efficiently as possible. There is another consideration: someone will take into account in the most suitable group from his point of view, while someone will completely forget. Therefore, a “leaky” classification is just as dangerous as an excessive one, in which an essentially single process is divided between different groups.

It is interesting to see how, early in the classification, service delivery processes crawled into support, and service delivery almost completely absorbed service design processes. From the latter, software application management processes emerged, and an isolated group of infrastructure management processes emerged. I would venture to suggest that such a classification is related to the current one for the time of its creation. organizational structure IT departments. Edward Deming also pointed out the dangers of functional division in process management. After all, most of the processes are carried out by employees of different departments. And, if you manage these parts of the processes in isolation, you can get a completely different result than you expected. And this is absolutely true for IT processes.

ITIL version 3 identifies five process groups, shown in Figure 1. 3.

Service strategy

Provides leadership in the design, development and implementation of IT service management not only as part of operations, but also considering them as a strategic asset. This group of processes answers the question "why?" and is decisive for the rest of the groups, which to a greater extent answer the question “how?”. During the creation of ITIL version 3, this formulation of the question and the separation of this group of processes undoubtedly expanded the traditional approach to IT as a purely auxiliary activity. How quickly morals and habits are changing, especially those related to IT! Now these are already somewhat outdated views, because IT is quickly becoming the basis for the development of various organizations. This group includes the following processes:

• Financial management.
• Demand management.
• Service portfolio management.

As you can see, the innovative, strategic component of IT, although declared, is not clearly indicated. And the financial management process has taken a strategic position, advancing here from the processes of providing services. And although it has a strategic component, it cannot be said that it has more of it than in other processes.

Service Design

According to ITIL, service design should be able to achieve the strategic goals of IT, with the help of appropriate services and the necessary assets for this. In addition to creating new services, this includes processes that initiate changes to existing ones. The processes of providing services from the previous version of the library were included here in full force. This group includes processes:

• Service level management.
• Service catalog management.
• Performance management.
• Accessibility management.
• Continuity management.
• Security management.
• Supplier management.

The last process is from a business perspective. Obviously, from the consideration that interaction with suppliers has a strong operational component. On the other hand, the same can be said about almost any IT process.

Service Development

These processes enable development and performance improvements for new and changing services within operations, and enable service strategy processes to be translated into day-to-day functionality by sharing control over them between users and service providers. These are the following processes related in the previous version to service support:

• Change management.
• Configuration management.
• Release management.
• Knowledge management.

It should be noted (with fanfare?) the emergence of the latter process, which is quite consistent with the current stage of development of society, when only the lazy do not talk about knowledge management, putting, however, a completely different meaning into this concept.

Service operation

This group of processes is designed to put into practice the goals of strategic processes, achieving the necessary efficiency and effectiveness, and meeting the needs of the business and users. An important criterion for the processes of this group is to support the stability of the provision of services, taking into account ongoing service development processes. Support for new service models and enterprise architectures, such as cloud services, web services, mobile services, is especially noted. It is rightfully worth adding the services of the Internet of Things, which radically change the whole picture. modern enterprise. The processes in this group are:

• Incident management.
• Problem management.
• Service Desk.
• Access control.

I want to draw your attention to the fact that the ITIL v3 classification places access and access control processes in different groups and, accordingly, in different books.

Continuous improvement of services

In accordance with the classical practices of process management, this group of quality management processes appeared in the third version. It is common knowledge that even the best-designed processes lose quality with use if their quality is not specifically addressed. The basis for this activity is the Deming Plan-Do-Check-Act (PDCA) cycle described in the previous article. These are the following processes:

• Services improvement.
• Reporting.
• Service measurement.
• Service level management.

The ITIL classifications divide processes into books, which are logically complete documents that contain, however, links to other books. Therefore, logically, the processes of one group are more closely related to each other than to the processes of other groups. If you build IT work on ITIL, then such a classification is necessary and natural.

Like any tool, it has its advantages and disadvantages. And with skillful and reasonable use, it can bring significant benefits to process management. But we will not limit ourselves even to such a useful tool as ITIL. Let's see what else there is in IT process management.

Classification of processes in COBIT

A feature of COBIT is a clear distinction between the processes of governance (governance) and management (management). In accordance with COBIT version 5, “leadership is to ensure: determining the balance and consistency of stakeholder needs, conditions and opportunities in achieving the goals of the enterprise; setting the direction of development through prioritization and decision making; and tracking performance and alignment with agreed direction and goals.” In turn, "management plans, creates, uses and monitors activities in accordance with the direction set by management to achieve the goals of the enterprise."

The notorious difficulties of translation lie in the fact that both terms (governance and management) are often translated in the same way, and it is possible to understand what was meant only by context. Which in this case, for obvious reasons, is not so simple.

The key areas of governance and management according to COBIT 5 are shown in fig. 4. There are five processes in the management processes, namely assessment, direction and monitoring, and in the management processes, divided into four subgroups (coordination, planning and organization; monitoring, evaluation and analysis; development, acquisition and implementation; provision, maintenance and support ) corresponding to the areas of responsibility of IT departments - 32.

On fig. Figure 5 shows the classification of IT processes according to COBIT 5. Forgive me, ITIL apologists, but from my point of view, this classification is more systematic and logical. Even here, however, there are obvious overlaps. In particular, dough transparency is related to the monitoring process, and risk optimization is related to safety.

Let's look at another classification of IT processes, just to show that alternatives exist. After all, not only on ITIL and COBIT does the world stand.

Classification according to ISO/IEC 38500-2008 "Corporate governance of information technology"

The standard is based on a number of principles from which the classification shown in Fig. 6.

Leadership processes are divided into three groups: strategic planning, development and monitoring, and operational processes, carried out in close interaction, into two large groups: ICT project management and operating activities ICT.

The close relationship between the last two groups is not formalized in the standard. But it must be said that it is more devoted to the formulation of IT governance principles, and not to the classification of processes.

As noted above, life is richer than any standards and tools. Therefore, even using one tool, in our case, the classification of IT processes, it is useful not to lose sight and remember that there are a great many such tools.

Some useful classification options

I want to offer several classification options that can be used both to build a complex matrix and even multidimensional system, and in isolation. Which option to choose depends on what tasks you are facing. This may be, for example, the choice of sequence of reengineering or process automation. In this case, a matrix approach, or even a more complex one, will make it possible to get away from the subjective choice of priority. This may be the formation of a system for reporting and monitoring the process activities of IT, when even a simple classification will allow you to build efficient structure. This may be necessary when forming an IT strategy, when the choice of classification method depends entirely on the level of development of IT and business.

1. architectural classification. This is the simplest and most obvious classification option, the components of which we saw above. Depending on the architectural model, you divide the processes into groups according to the areas of the chosen model, not forgetting about the connection between these layers, which are always formalized in good architectural models.
2. Classification by type of management: strategic and operational; outsourcing and insourcing; project and process activities, basic and supporting processes specific to the business industry and general. Such a classification is present in almost all the types described above. The danger that exists here is the separation of individual areas of the group from each other, so it is better to use it together with other types when building a matrix or multidimensional classification.
3. By type of life cycle: for example, stable, unstable, and medium processes. Such a classification is useful in the formation of a change management methodology.
4. By type of financing, method of distribution of costs. This classification is very useful in financial management IT processes.
5. By maturity level (after the COBIT assessment, for example). Such a classification is suitable for choosing a strategy for the development of processes and building balanced IT.

The choice of a good classification depends on the objectives and should be dictated by the capabilities of the stakeholders for whom it is being made. Like any tool, it can be both useful and harmful, convenient and not convenient, understandable and confusing. Methodologies, frameworks and standards in IT and related fields provide many templates, examples and recommendations based on which you can conduct it in the best way.

In contact with