《ITIL考试-Maturity_Assessment.xls》由会员分享,可在线阅读,更多相关《ITIL考试-Maturity_Assessment.xls(27页珍藏版)》请在三一文库上搜索。
1、ITIL Maturity Assessment What is a Maturity Assessment and why do we need to do it? The ITIL Framework is based upon a number of various Processes. The Framework also include a model to measure how well your current Processes perform towards the ITIL Framework. It is based upon a number of Questions
2、 per process, where depending on the answer given, a weighting is done. Based upon this weighting it is possible to see how close, or far from, the current Processes are compared to the ITIL Framework. The Result of the survey will help you with Scoping and Prioritization when definging your Service
3、 Management project. This supplied Assessment sheet allows for 4 different people to take part in the Questionnaire, however this is easily extended if you so want. This customization has to be carried out by yourself though. Simply start the survey by using the buttons above. Introduction will prov
4、ide you with some more details. The Result of the survey will help you with Scoping and Prioritization when definging your Service Management project. Simply start the survey by using the buttons above. Introduction will provide you with some more details. From the Survey it will be possible to meas
5、ure the current Maturity model of the ITIL Framework. The levels are explained in the table to the right. To start the survey, simply press the Questionnaire button above. Maturity Level Assessed ITIL disciplinesOther ITIL disciplines 1: Ad-Hoc Service SupportPlanning to implement Service Management
6、 2: Repeatable Service DeliveryThe Business Perspective 3: Defined Security ManagementICT Infrastructure Management 4: Managed Application Management 5: Optimized In the ITILToolkit there is a sample Maturity Report that would be created based upon the findings in the Survey. Description - Redundant
7、 activities and manual efforts are prevalent within the process and/or service lifecycle - Agreement on how to achieve consistent process performance is not in place - Documentation is lacking, outdated or non-existent - Stakeholders involved in performing process and/or service activities have been
8、 identified - Some agreement exists relative to a more consistent approach to process activities - Documentation exists relative to the process and/or services - Processes and/or services are documented and standardized - Process has been communicated and is pervasive across the organization - Some
9、automation is in place for process related activities - Process metrics have been identified and are routinely collected - Process measures have been baselined and are routinely collected - Tools / automation is leveraged to add efficiency to process functions - Process is pervasive, consistent and
10、meets all operating and service level requirements - Continuous process improvement is enabled and and is aligned with business objectives - High degree of automation exists within and between processes and/or services In the ITILToolkit there is a sample Maturity Report that would be created based
11、upon the findings in the Survey. 1 2 3 4 5 1 2 3 4 The answer to each question are evaluated accordingly: Dont know Strongly disagree Disagree Agree Strongly agree Please enter the names of the participants here, or if you prefer, keep the names anonymous Name 1/Anon. Name 2/Anon. Name 3/Anon. Name
12、4/Anon. Service Desk Is there a Service Desk in place within your organisation (either formal or informal)? Are new employees to the organisation briefed on the ways to contact the Service Desk and for what type of issues? Is the Service Desk the known contact point for all IT problems? Are calls th
13、at are taken at the Service Desk recorded in an electronic system? Does the Service Desk advise end users of upcoming expected outages? Does the organisation as a whole feel that the Service Desk is a good investment? Are there easily accessible reports on numbers of calls received, types of calls,
14、etc.? Does the Service Desk proactively advise users of the status of their calls, when certain time limits are reached? Is there a user satisfaction survey system in place (either automated for each issue or for instance a quarterly/annual survey)? Do the number of staff working on the Service Desk
15、 change in times of peak load? Do the Service Desk staff receive adequate training in the use of tools, telephone techniques and general customer support skills? Is there an escalation process in place for calls that cannot be resolved at first point of contact with the Service Desk? Is there a regu
16、lar review of Service Desk performance against expected Key Performance Indicators? Do management review Service Desks recommendations for service improvements? Is working on the Service Desk seen as a highly demanding role, requiring expert skills in troubleshooting and people management? Does the
17、Service Desk provide trending information and customer satisfaction rating reports to Management? Security Management Is there a clear understanding in the organisation of who or which department is responsible for IT security? Are there physical barriers in place preventing unauthorized access to c
18、ritical IT equipment? Have the security needs of the business been documented? Is there a commitment within the management team to protect the organisations information? Is there an IT Security Plan in place that is constantly reviewed and updated? Are there preventative systems in place to protect
19、against electronic attacks (e.g Firewalls)? Are there clear steps in place for handling security breaches? Do staff in the organisation appreciate the importance of protecting their information and IT Assets? Is Management provided security reports highlighting areas under attack, with suggested str
20、ategies? Are changes to the security profile of the organisation handled through a formal change management process? Is the cost of providing security known and balanced against the value of the information being protected? Are there procedures in place to ensure that the systems protecting the orga
21、nisation are updated to the latest versions on a known schedule? Are there regular reviews with suppliers to ensure that their security measures are adequate? Are there regular reviews with clients/customers to ensure that your security measures do not hamper the smooth operation of the business? Do
22、 the Security Management team and the IT Service Continuity Management team have excellent communication channels between them? Are contracts/agreements with external security providers reviewed on a regular basis for completeness, reporting and relevance? Incident Management Is there a clear unders
23、tanding by the IT Staff in the organisation of this process? Is there enough information captured about incidents when they are registered? Are incidents assigned a classification code that may point to the likely cause of the incident? Is there a feeling within the business users that reducing the
24、number of incidents will increase overall productivity? Is there a budget for the provision of incident management tracking tools and the overall Incident reduction? When closed are incidents assigned a code that points to the actual cause of the incident? Before effort is put into solving a new inc
25、ident are there checks to see if the same incident was dealt with in the past? Is there sufficient time and budget allowed for training staff in this process area? Are the procedures in place to assess the user satisfaction levels of incident resolution? Are there suitable reports provided to Manage
26、ment that indicate incidents solved at the Service Desk, first level support, etc.? Are there regular reviews on performance of this process area against documented Key Performance Indicators (KPIs)? Are all incidents recorded or is there some informal ways users can bypass the process? Is there a g
27、ood flow of information from Incident Management into the Problem Management process? Is there a list of high priority users that receive preferential treatment when registering incidents? Is there a procedure in place for dealing with high impact incidents? Is each incident given its own unique ide
28、ntifying number? Problem Management Is there a clear understanding by the IT Staff in the organisation of this process? Is it clear who in the organisation should be assigned problems to be dealt with? Is there a list of workarounds maintained and used while more detailed analysis is done? Does the
29、process owner undertake proactive problem management (looking for potential areas of failure, before they occur)? Is there sufficient time and budget allowed for training staff in this process area? Does the Process owner analyze incident information to look for incident trends? Is there management
30、commitment to support staff allocating sufficient time for structural problem solving activities? Is the organisation committed to reducing the total number of problems and the number of incidents that interrupt the conduct of business? Are there suitable reports provided to Management that indicate
31、 numbers of problems outstanding & resolved, etc.? Have the responsibilities for problem management been assigned? Are electronic tools used in this process area well utilized? Is there a procedure by which potential problems are classified, in terms of category, urgency, priority and impact and ass
32、igned for investigation? Does the Problem Management process have a good line of communication with the Change Management process area? Is infrastructure monitored after problem resolution? Are there regular reviews on performance of this process area against documented Key Performance Indicators (K
33、PIs)? Does this process area exchange information with a variety of other process areas? Configuration Management Is there sufficient time and budget allowed for training staff in this process area? Is there a published and accepted list of what is considered to be the highest priority components of
34、 the infrastructure? Is there a known and documented naming convention in place for all Configuration items (CIs)? Are there procedures in place to ensure that the process cannot be bypassed? Is there a clear understanding by the IT Staff in the organisation of this process? Is the level of informat
35、ion held matched to the organizational requirements? Are electronic tools used in this process area well utilized? Is there a Definitive Software Library and a Definitive Hardware Store within the organisation (physical storage locations for software and hardware)? Are all relevant components adequa
36、tely labeled? Does this process area exchange information with a variety of other process areas? Are problem CIs identified automatically highlighted by defining rules in the CMDB? Does the structure of the Configuration Management Database (CMDB) help to prevent duplication of entries? Is there a r
37、egular review of the activities associated with this process? Is there a good flow of information from Configuration Management into the Release Management area? Are there regular reviews on performance of this process area against documented Key Performance Indicators (KPIs)? Is there a schedule of
38、 audit activity that is followed to check CMDB accuracy? Release Management Has a release policy been agreed with the business representatives? Is their a well defined change management process within the organisation? Is the master copy software/applications used in the organisation held in a physi
39、cally secure location (DSL)? Is there sufficient time and budget allowed for training staff in this process area? Are electronic tools used in this process area well utilized? Are test plans and back out plans prepared for each release? Is there a regular review of the activities associated with thi
40、s process? Is the CMDB updated with new details once a release is distributed? Are there standard setups that can be quickly deployed on standard equipment that comes into the organisation? Is there a schedule maintained of expected releases and their expected release date? Is there a clear understa
41、nding by the IT Staff in the organisation of this process? Are the release numbers and naming conventions in place? Is the development environment properly insulated from the production or live environment? Are post release reviews held as part of a continual improvement program? Does this process a
42、rea exchange information with a variety of other process areas? Are there regular reviews on performance of this process area against documented Key Performance Indicators (KPIs)? Change Management Is there a clear understanding by the IT Staff in the organisation of this process? Are change request
43、s check and verified for completeness prior to their submission? Is there sufficient time and budget allowed for training staff in this process area? Are electronic tools used in this process area well utilized? Has the Change Advisory Board (CAB) been established with appropriate terms of reference
44、 (meeting times, authority, etc.)? Are all changes submitted recorded (even ones that are rejected)? Is there a procedure in place to handle Emergency Changes? Does the process area produce a Forward Schedule of Changes (FSC) (expected changes for the future)? Is there a regular review of the activi
45、ties associated with this process? Are business representatives involved with major changes? Is there a clear distinction between a change request (e.g Upgrade application) and a service request (e.g Resetting a password)? Does this process area exchange information with a variety of other process a
46、reas? Are there regular reviews on performance of this process area against documented Key Performance Indicators (KPIs)? Are multiple changes grouped and then properly scheduled to minimize the impact to the business users? Are changes categorized according to their impact and urgency? Are changes
47、assessed on the value they will deliver to the business prior to their approval? Service Level Management Is there a clear understanding by the IT Staff in the organisation of this process? Is there a regular review of the activities associated with this process? Are there Service Level Agreements (
48、SLA) in place that follow a defined structure? Does this process area exchange information with a variety of other process areas? Are agreements with external suppliers (Underpinning contracts) documented and reflected in the SLAs? Is there a Service Catalog that describes the services offered by th
49、e IT organisation? Is there a good communication channel between the IT Service Level Manager and the customer/business representative? Have all SLAs been accepted (signed off) by customers/business representatives? Is there an adequate Service Improvement Plan (SIP) that can be followed when SLAs are seriously breached? Is there sufficient time and budget allowed for training staff in this process area? Are electronic tools used in this process area well utilized? Are there regular reviews on performance of this process area against documented Key Performance Indicators (KPIs)